Effective 14 September 2022
PADI® and its affiliated companies (“the PADI Companies” and “PADI”) are committed to respecting the privacy of customers – including participants of the PADI Companies’ Experience and Training Programs (“Training Programs”), PADI Club™, PADI Travel and PADI Media persons making inquiries, and visitors to the PADI and PADI Media websites padi.com, travel.padi.com and scubaearth.com.
Additionally, in relation to PADI’s role as a data controller, PADI Individual Professional Members and PADI Dive Retail and Resort Members may act as co-data controllers, as well as data processors on behalf of PADI, especially within the PADI Diver training and certification process. PADI itself also serves as a data processor, such as when one of the PADI Companies processes personal information on behalf of another PADI Company.
Please see also the Terms of Service associated with the various PADI sites, apps and programs for more information about PADI’s general terms and policies.
PADI may also automatically collect information about the devices you use to interact with PADI’s websites. The information automatically collected may include IP address, device identifier, web browser and browsing information collected through cookies, web beacons, pixels, clear gifs and other similar technologies (collectively “Cookies and Other Tracking Technologies” and “Cookies”) on PADI’s sites. PADI may also automatically collect information about how you use the sites, such as what you have searched for and viewed. The information automatically collected will be associated with any personal data you have provided.
The statement in this Policy called "California Residents" contains additional disclosures for California residents. The statement supplements the rest of this Policy, but to the extent it conflicts with other parts of this Policy, the statement governs with respect to California residents.
Summary Of Collection And Use of Information
The personal data PADI collects is used for PADI's commercial, legal and business purposes. Depending on applicable law in your area, that use may be limited to what your specific consent allows, or when PADI has a legitimate interest or other legal basis for processing and using such information. In some situations, the collection of personal data may be required for the operation of the sites or to provide certain services or products. PADI uses your personal data to fulfill your requests for information, process your requests to participate in training programs and other activities, evaluate and improve PADI’s services, distribute safety alerts, newsletters, and diver training-related correspondence and materials to you, analyze the sites’ performance and functionality, prevent fraud, enforce PADI’s various terms of service, comply with all applicable laws and corporate reporting obligations, enforce PADI’s agreements and accomplish other purposes you may initiate or request. PADI may keep any of your personal data on file and use it to contact you.
As is explained following, the information obtained by PADI during various types of interactions may be treated differently. PADI blocks access to account creation and purchases in Russia and Belarus and does not collect or process Personally Identifiable Information data on padi.com or PADI Apps.
This statement makes additional disclosures to California residents (i.e., “consumers”), and describes rights they may have, under the California Consumer Privacy Act of 2018, as amended, effective January 1, 2020 (the “CCPA”).
California’s Attorney General has published proposed implementing regulations for the CCPA, but the regulations have not yet taken effect and remain subject to change. The final regulations may alter how businesses have to comply with the CCPA, and PADI may update this Policy when the regulations take effect.
You can learn more about the CCPA here: https://oag.ca.gov/privacy/ccpa
Collection Of Personal Information
The following table describes which categories of personal information PADI collected about consumers within the past 12 months. For each category, PADI collected one or more of the examples listed.
|Identifiers||Real name, signature, address, telephone number, email address, Internet Protocol address, device identifier, browser cookies, web beacon, pixel tag, mobile ad identifier, other unique personal identifier, online identifier, account name.|
|Financial Information||Credit card number, debit card number or other similar financial information|
|Protected Classification Information||Age (including ages 40 years and older, and for minors, with parental/guardian consent); national origin (under certain legally-required circumstances); dive-related medical history (including pregnancy) and , gender.|
|Commercial Information||Records of products or services purchased, obtained, or considered.|
|Internet Activity||Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.|
|Geolocation Data||Physical location or movements|
Sale Or Disclosure Of Personal Information
PADI does not sell consumers’ personal information.
PADI discloses personal information to some of its vendors for business purposes. Where necessary and appropriate, PADI takes steps to ensure that its agreements with those vendors prohibit them from selling that personal information and from retaining, using or disclosing it for any purpose other than the purposes for which PADI engages them. PADI may otherwise disclose personal information at the consumer’s direction or as might be required by legal due-process.
Within the past 12 months, PADI disclosed for a business purpose the following categories of personal information:
- Identifiers (customer number held in a cookie, Internet Protocol (IP) address, unique device identifier, browser cookies, web beacon, pixel tag)
- Internet activity (User agent, referrer)
Consumers have the right to make the following requests to covered businesses. The requests may be made by a consumer, by a consumer on behalf of the consumer’s minor child, or by a person authorized by the consumer to act on the consumer’s behalf:
Right To Know About Collection, Disclosure or Sale of Personal Information
You have the right to request that a business disclose to you: (i) the categories and specific pieces of personal information the business has collected about you within the past 12 months, (ii) the categories of sources from which the personal information is collected, (iii) the business or commercial purposes for collecting or selling personal information, and (iv) the categories of third parties with whom the business shares personal information.
If a business sells personal information, or discloses it for a business purpose, you also have the right to request that the business disclose the following with respect to the 12-month period preceding your request: (i) the categories of personal information that the business sold about you and the categories of third parties to whom the personal information was sold, and (ii) the categories of personal information that the business disclosed about you for a business purpose.
This type of request may be referred to as a “Request to Know.” Before PADI can honor a Request to Know, PADI needs to verify that the person making it is the consumer whose personal information PADI has. PADI’s method for verifying any particular request weighs information PADI receives as part of the request, the sensitivity of the consumer information at issue, and the risk of harm to the consumer from unauthorized disclosure.
Right to Request Deletion of Personal Information
You have the right to request that a business delete any personal information that the business has collected from you. This type of request may be referred to as a “Request to Delete.”
Before PADI can honor a Request to Delete, PADI needs to verify that the person making the request is the consumer whose personal information PADI has. PADI’s method for verifying any particular request weighs information PADI receives as part of the request, the sensitivity of the consumer information at issue and the risk of harm to the consumer from unauthorized deletion.
PADI is not required to delete personal information if PADI still needs it in order to complete the transaction for which the information was collected, provide a good or service requested by you (or that PADI reasonably anticipates based on the relationship with you), perform a contract with you, comply with legal obligations, or accomplish any other objective recognized as an exception to the right to deletion under applicable law.
Right to Opt-Out of the Sale of Personal Information
You have the right to direct a business that sells personal information to third parties not to sell your personal information. This type of request may be referred to as a “Request to Opt-Out.”
PADI does not sell consumers’ personal information. So, PADI does not provide a mechanism to opt-out of sales of personal information.
Right to Non-Discrimination
You have the right not to receive discriminatory treatment by a business for the exercise of your privacy rights under the CCPA.
How to Submit a Request To “Delete”
You can submit a Request to Delete by sending an email to PADI at [email protected]. Emailed requests must state “CCPA Request to Delete” in the subject line and include:
- your first and last name,
- the California county in which you reside,
- a clear statement that you want PADI to delete your personal information
- the reason(s) you believe PADI has collected personal information from you, specifically (for example, you participated in a PADI program or received a marketing communication from PADI).
If you are emailing a request on behalf of another consumer as his or her authorized representative, you must include the foregoing information about the consumer, and attach to the email a copy of a power of attorney appointing you as a duly authorized representative under California Probate Code sections 4000 to 4465 or written permission from the consumer to make the request.
If you prefer, you can call this toll-free number to submit your request: 800-729-7234.
After confirming receipt of your request, PADI will contact you if PADI needs more information in order to verify it. If PADI can’t verify a request, PADI may deny it.
Collection And Use Of Personal Information For Specific Purposes (Global)
Participants in Training Programs
What information do the PADI Companies obtain?
For participants in Training Programs, PADI may obtain participant name, mail address, telephone number, email address, gender, birth date, certification/participation date, certification level, associated PADI Member name(s) (individual professional and business members) and member number(s).
How is the information used?
PADI will use participant information in the PADI Quality Management process, in which participants may be sent program evaluation forms and related correspondence. The information will also be used to send participants the appropriate Training Program completion materials, as well as for dive safety-related alerts and for research and statistical purposes.
Additionally, participant information may be used by PADI to promote additional training programs and opportunities. Further, from time to time, participant information may be provided to PADI Members and industry partners for the purpose of promoting diving, training and dive-related products and services that PADI feels may be of interest to participants. PADI will not, however, mail to participants who are not PADI professional members for the purpose of directly selling PADI’s educational products or programs in competition with PADI Member Retailers/Resorts. Further, PADI will not sell, trade or lease student names and addresses to any third party for the purpose of selling or promoting any product in competition with PADI Member Retailers/Resorts, except with prior notice and voluntary participation by the individual PADI Member Retailers/Resorts.
Participant information may also be provided to Project AWARE Foundation, a nonprofit organization, for the purpose of its providing environmental information and opportunities.
PADI eLearning® Programs
Digitec Interactive, LLC is the company with which PADI has partnered to manage the digital processes that support PADI eLearning, including registration, secure access, the completion of knowledge reviews, the necessary emails, etc. This Learning Management System (LMS), developed by Digitec Interactive, LLC, is KnowledgeDirect WEB. Domiknow, Adobe Experience Manager and DPS help support the user experience.
The PADI Dive Center/Resort (hereinafter “Facility”) is the facility, and the PADI Instructor (hereinafter “Instructor”) is the instructor, one of which you will have selected to associate with while completing your PADI eLearning program.
What information do the PADI Companies obtain?
When you register with PADI eLearning, your personal information is tracked in a database and is accessible by your chosen Facility and its affiliated PADI Instructor or your chosen Instructor, PADI and Digitec Interactive, LLC. In addition, your scores, completion data and other performance standards are collected. These data are also accessible to these same entities.
The credit card transaction information (mailing address, credit card number, credit card expiration date and phone number) used in for your PADI eLearning is processed on a secured site and is neither accessible nor made available to your facility, instructor, or to Digitec Interactive, LLC. This information is only accessible by PADI.
When you submit personal information via PADI eLearning, you understand and agree that this information may be transferred across national boundaries and may be stored and processed in any of the countries in which the Facility, the Instructor, PADI, Digitec Interactive, LLC, Adobe, DPS and their affiliates and subsidiaries maintain offices, including without limitation, the United States. You also acknowledge that in certain countries or with respect to certain activities, the collection, transferring, storage and processing of your information may be undertaken by trusted third-party vendors.
How is the information used?
In addition, PADI eLearning/KnowledgeDirectWEB allows the facility or instructor to upload content to the site for viewing by PADI eLearning/KnowledgeDirectWEB users. PADI cannot be held accountable for files uploaded by third parties that result in software problems or the transmission of viruses.
Special Considerations Regarding Children Younger Than Thirteen Years of Age/Sixteen Years of Age in the EU
PADI collects participant information regarding children younger than 13 years of age/16 years of age in the EU who participate in Training Programs, with such participation requiring parental approval. Except for the purposes of providing program completion materials and administering the PADI Quality Management process, information from such children is kept private, is not used by PADI and is not provided for use by any third party at any time.
While PADI cannot prevent children younger than 13 years of age/16 years of age in the EU from viewing the PADI websites or PADI Club, such children may not use or register for the services offered on the sites, or on PADI Club. PADI strongly encourages parents and guardians to supervise the activity of all children younger than 18 years of age in their use of the internet. PADI is compliant with the Children’s Online Privacy Protection Act of 1998 (COPPA). For more information on COPPA, visit: http://www.coppa.org.
Emergency First Response Corp. (EFR®) Programs
Persons Making Inquiries to the PADI Companies
What information do the PADI Companies obtain?
From persons making inquiries to PADI, only the information provided by the inquirer is obtained.
How is the information used?
Information obtained from persons making inquiries is used to respond to such inquiries but is not used in any other manner. Such information is stored according to PADI’s normal document retention guidelines and is not provided to third parties.
Visitors to PADI.com and Users of PADI Apps
What information does PADI obtain?
When someone registers on padi.com or uses PADI Apps, the following information may be obtained: email address, name, mail address, phone number, personal demographic information, etc. In some instances, registrants may decide what information they choose to provide. Sometimes, however, complete information is needed for PADI to respond to requests and/or include registrants in contest eligibility, etc.
What does PADI do with the information?
PADI treats the information from visitors to padi.com or the PADI Apps differently than the information gathered from participants who register for Training Programs (as described above). For site/App visitors, PADI may gather information for the sole purposes of identifying visitors and their interests, aggregating demographic data, providing personalized notices and promotions, and improving the site/Apps. PADI will not provide, market, trade or sell the information it obtains from such site/App visitors to third parties, except in the aggregate as part of statistical reports prepared by PADI for industry analysis; such aggregate information does not include identifying information. An exception to this would involve sign-ups for certain promotions, sweepstakes offers, etc. that may include the sharing of certain data with PADI’s industry partners, for the purpose of providing diving-related information and opportunities (such intended uses would be disclosed within the specific program information provided on padi.com/PADI App).
Opting Out of Ad Networks
How to opt out. If you wish to not have this cross-site information used for the purpose of serving you targeted ads, you may opt-out of many ad networks by visiting the DAA WebChoices Tool (or if located in the European Union, by visit Your Online Choices). You will continue to receive ads on the sites you visit, but the ad networks from which you have opted out will no longer target ads to you based upon your activities on other sites.
Please note, however, that these opt-out mechanisms are cookie based, so if you delete cookies, block cookies or use another device, your opt-out will no longer be effective. For more information about Interest Based Advertising, please visit Your Ad Choices.
What does PADI use to track information from users?
PADI uses various standard web-measuring tools to trace padi.com's visitor movements through the site, such as Salesforce, Silverpop and Google Analytics (a web analytics service provided by Google, Inc.).
Visitors to Scubaearth.com
What information does PADI obtain?
When someone registers on ScubaEarth, the following information may be obtained: email address, name, mailing address, phone number, personal demographic information, etc. Additionally, in certain portions of the site, such as the Dive Log, Gear Locker and Show My PADI Certifications Online, visitors may voluntarily decide to provide additional information such as dive, dive training and equipment preferences, dive details, etc. or to post questions and make other inquiries, as relevant to each such function or opportunity within the site. Certain portions of the site will allow visitors to upload photographic and video images.
What does PADI do with the information?
ScubaEarth receives data about visitors whenever they interact with the site, such as when they look at the various sections or features of the site; review a dive destination or equipment description.
ScubaEarth receives data from computers, mobile phones or other devices visitors use to access the site. This may include such information as IP address, location, the type of browser used, time of the visit and the pages visited. Some functions, such as Dive Shop Locator, may also obtain GPS location to determine the nearest PADI Dive Center.
When a visitor posts photos or videos on the site, ScubaEarth may receive additional related data (or metadata), such as the time, date, and place the photo or video was taken.
ScubaEarth compiles data and creates collections of aggregate data from the information gathered from and about visitors to assist PADI and ScubaEarth and their advertising and promotional partners in tailoring content and communications to individual interests. For example, compilations of the equipment planning and preferences indicated by postings to the Gear Locker may be provided to manufacturers offering the types of equipment listed in individual Gear Lockers (individual preferences will not be revealed, unless the information has been marked “Everyone” as described below). Similarly, individual interests shown in Dive Destinations’ content can help ScubaEarth provide visitors with opportunities tailored to their personal dive travel preferences.
Personal Decisions Concerning Privacy
Registered ScubaEarth users will have the ability to designate much of their information as “Everyone,” “Buddies” or “Only Me.” When an individual’s information is designated as “Only Me,” it will be used only within compilations of aggregate information for the purposes of establishing trends, usage patterns and frequency, regional activity, etc. and will not include any individually identifiable data.
ScubaEarth does not share individual visitor information with advertisers. After an ad runs, ScubaEarth may provide advertisers with reports on how their ads performed; for example, reports telling advertisers how many users saw or clicked on their ads. Some advertisers may place Cookies on a visitor’s computer.
Closing Personal Accounts
Registered users may close their accounts at any time. Once the account is closed, the personal information within it is no longer accessible. However, the data will continue to be included within compilations of anonymous information, in which no individual information is identifiable.
Visitors to Travel.padi.com
What information does PADI Travel obtain?
What does PADI Travel do with the information?
People who register on travel.padi.com to access travel and travel package information may receive various communications about PADI Travel and its travel offerings from time to time, but may choose to “unsubscribe” from receiving any further information at any time.
Does PADI Travel Share the personal information it obtains with third parties?
PADI Travel does not share its registrants’ personal information with third parties, except as necessary when a travel package is purchased. In such cases, the necessary information is provided to the chosen travel package provider(s) for the purpose of providing the services included in the package. (See also PADI Travel's user Terms of Service at https://travel.padi.com/terms/)
Participants in PADI Club
You must be at least 13 years of age/16 years of age in the EU to register on PADI Club. In consideration for your use of Club, you agree to provide true and accurate information in your Club registration form and to update your registration information as necessary to keep it accurate and current. If you provide information that is false, inaccurate, not current or incomplete, or if PADI, in its sole discretion, determines that such information may be false, inaccurate, not current or incomplete, PADI has the right to suspend or terminate your account and refuse your present or future use of Club.
PADI Club Considerations Regarding Children Younger Than Thirteen Years of Age/Sixteen Years of Age in the EU
While PADI Club cannot prevent children younger than 13 years of age/16 years of age in the EU from visiting and viewing the public portions of the Club website, in a commitment to safe-guard their online privacy, clear notice is given that children younger than 13 years of age/16 years of age in the EU are not permitted to register on Club. The required birth date field will not allow the registration to continue when a birth date indicating younger than 13 years of age/16 years of age in the EU is entered. Only registered visitors are allowed entry to the interactive portions of the site, which prevents personal information from being collected on children known to be younger than 13 years/16 years in the EU. Club does not knowingly collect personal information from children younger than 13 years of age/16 years of age in the EU. If Club becomes aware that a child younger than 13 years of age/16 years of age in the EU has provided personal information, reasonable steps will be taken to remove such information and terminate the child's account. PADI Club strongly encourages parents and guardians to supervise the activity of all children younger than 18 years of age in the use of the internet.
PADI Club is compliant with the Children’s Online Privacy Protection Act of 1998 (COPPA). For more information on COPPA, visit: http://www.coppa.org.
Participants With PADI Media
Other Important Information
Can I Decide What Information to Receive From or Through PADI (ie Opt-Out)?
Yes. Except for the information that is used to send participants of Training Programs the appropriate completion materials, and materials used in the Quality Management process, in which participants may be sent program evaluation forms and related correspondence, anyone can elect not to receive any information, or to receive only certain types of information. To change your preferences, please contact your PADI Regional Headquarters.
Limits on PADI’s Abilities to Protect Personal Information
Cookies And Other Tracking Technologies
Most browsers are initially set to accept Cookies. You can set your browser to notify you when you receive a Cookie, giving you the chance to decide whether or not to accept it. (For some web pages that require an authorization, Cookies are not optional. Users choosing not to accept Cookies will probably not be able to access those pages, and may be precluded from ordering or from maintaining an account on the site.) If you use padi.com or other PADI sites without changing your browser settings, PADI will assume that you’re happy to receive all Cookies on the website.
What types of Cookies does PADI use?
PADI uses two types of Cookies – persistent and session. A persistent Cookie is set once you’ve logged in to your PADI account. The next time you visit a PADI website using the same device, the persistent Cookie recognizes you as an existing user, so you may not need to log in before using the services of your PADI account.
A session Cookie is used to identify a particular visit to the website. Session Cookies expire after a short time, or when you close your web browser.
When does PADI put Cookies on your device?
Cookies may be set by PADI when you visit a PADI website, or they may be set by other websites or services who run content on the page you’re viewing (known as third-party Cookies).
How are Cookies used on PADI websites?
Cookies can be used to do lots of different things, like recognizing you when you navigate, storing your preferences and improving your experience. Cookies also make your interactions with PADI more secure and faster, and help ensure that your experience is personalized to you and in line with your settings. Additionally, Cookies allow PADI to bring you advertising both on and off padi.com and other sites, and bring customized features to you through PADI plugins such as PADI’s share button.
Most browsers allow you to control Cookies through their settings preferences. Limiting the ability of websites to set Cookies, however, may worsen your overall user experience.
Does PADI track IP addresses?
As part of the statistical tracking of PADI sites, information about visitors’ devices and browsers are collected, such as browser version and type, IP address, website referred from and country of visitor.
When the PADI obtains information concerning an individual’s location through GPS data, such as when certain custom PADI Dive Shop Locator functions that show the nearest PADI Dive Center or Resort are accessed, the information specific to the user is utilized by PADI solely for that purpose and is kept by PADI only long enough to provide the specific service used. Aggregate information, which does not include any individually identifiable data, is compiled, however, for the purpose of establishing trends, search frequency, regional activity, etc.
Use of Information Collected Via Mobile Devices
In connection with its mobile applications, PADI may use third-party service providers to analyze non-personally identifiable user activity to fix errors, monitor usage and improve the performance of the mobile applications. For example, PADI receives reports on some of its mobile applications’ aggregate usage and browsing patterns, including information about the type of device used, articles accessed and other events occurring within PADI apps. PADI also receives reports on certain errors occurring within mobile applications. None of these third party service providers gathers information in a manner intended to identify any particular user personally.
Data Recipients and International Data Transfers
Personal data collected on the PADI sites may be transferred from time to time to PADI subsidiaries and affiliates and their personnel across the global organization, as well as to PADI’s third-party service providers located throughout the world, including in countries where the local law may grant you fewer rights than you have in your own country. Additionally, user data may be viewed and hosted by PADI and its third-party service providers anywhere in the world. Where required by law, PADI has put in place legal mechanisms designed to ensure adequate data protection of your personal data that is processed by PADI subsidiaries, affiliates and third- party service providers, including the transfer of your personal data to countries other than the one in which you reside. If you would like more information about these legal mechanisms, which may include the EU’s Standard Contractual Clauses, please contact your regional PADI office at the addresses below. By using any of the PADI programs, services and sites and providing information to any of them, you voluntarily consent to such trans-border transfer and hosting of such information.
PADI will not intentionally disclose or transfer (and will take reasonable steps to prevent the unauthorized or accidental disclosure of) your personal data to third parties without your consent, whether for such third parties’ own marketing purposes or otherwise, except as follows: PADI may provide access to your personal data to third-party service providers engaged by PADI to provide services related to programs, services and sites, provided that such third- party service providers will first agree to maintain the strict confidentiality of such information and provide the same level of data security as provided by PADI.
PADI may also may share your personal data with third-party service providers who perform services and functions on PADI’s behalf to support interactions with you, including, for example, processing Training Program documents, administering surveys and contests or communicating with you. These third-party service providers are not permitted to use or disclose your personal data except as necessary to perform services on PADI’s behalf or to comply with legal requirements.
In addition, PADI may disclose information about you:
If required to do so by law or legal process;
- To law enforcement authorities or other government officials;
- When PADI believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity;
- If disclosure is necessary to protect the vital interests of a person;
- To protect PADI’s property, services and legal rights;
- To prevent fraud against the PADI Companies and/or business partners;
- To support auditing, compliance and corporate governance functions; or
- To comply with any and all applicable laws.
In addition, PADI may disclose or transfer your personal data in the event of a re-organization, merger, sale, joint venture, assignment or other transfer or disposition of all or any portion of PADI’s business.
You should be aware that whenever you publicly disclose information online, that information could be collected and used by others. PADI is not responsible for any action or policies of any third parties who collect information that users publicly disclose in any such forums on the Sites.
Links to Third-Party Sites
If you would like to disconnect a social media account from PADI, refer to the settings of that social network account and its provider.
Facebook Custom Audience and Google Custom Match
Where legally permissible, PADI may use certain limited personal information about you, such as your email address, to hash it and to share it with social media platforms, such as Facebook Custom Audience and Google Custom Match, to generate leads, drive traffic to PADI’s websites or otherwise promote PADI’s products and services. These processing activities are based on PADI’s legitimate interest in undertaking advertising activities to offer you products or services that may be of your interest.
Your information may be used for these purposes if you have communicated with PADI through PADI websites or apps; have registered on ScubaEarth or joined PADI Club; have completed a PADI Training program and opted-in to receive information about PADI’s programs, products and services and other information from PADI; or have corresponded with PADI requesting such information. Can I decide to opt-out of Facebook Custom Audience and Google Customer Match advertising? You may, at any time, have PADI cease processing your data for these advertising purposes by contacting your local PADI Regional Office.
PADI has implemented generally accepted standards of technology and operational security to protect personal data from loss, misuse, alteration or destruction. Only authorized PADI personnel and third- party service providers are provided access to personal data, and these employees and service providers are required to treat this information as confidential. Despite these precautions however, PADI cannot guarantee that unauthorized persons will not obtain access to your personal data.
When you begin a checkout or redemption process within PADI’s sites, PADI requires that a secure connection between your computer and PADI’s server(s) be established. To do this, PADI’s sites utilize a technology called Secure Socket Layers (SSL). SSL encrypts your personal and credit card information before it travels over the Internet. SSL technology is the industry standard for secure online transactions. Because PADI uses SSL, registering on PADI eLearning/KnowledgeDirectWEB, for example, is just as safe as providing your credit card number over a telephone. SSL is an industry standard with advanced encryption technology that works with current versions of Internet Explorer, Chrome, Firefox, Safari and numerous other web browsers. A secure connection is maintained until the checkout process is either completed or canceled by the user.
Although PADI uses such industry-standard efforts to safeguard the confidentiality of your personally identifiable information, 'perfect security' does not exist on the Internet.
PADI’s Data Retention Policy
Where granted by local law, you may have the right to request access to the personal data that PADI has collected about you for the purposes of reviewing, modifying or requesting deletion of the data. You may also have the right to request a copy of the personal data that we have collected about you and to have any inaccuracies in that data corrected. In certain circumstances, you may also request that we cease processing your personal data.
If you would like to make a request to access, review or correct the personal data we have collected about you, or to discuss how we process your personal data, please contact PADI at [email protected]. To help protect your privacy and security, PADI will take reasonable steps to verify your identity, such as requiring a password and user ID, before granting access to your personal data. PADI will make reasonable attempts to promptly investigate, comply with, or otherwise respond to your requests as may be required by applicable law. Different laws may prevent PADI from providing access to your personal data or otherwise fully complying with your request, depending upon the circumstances and the request, such as for example, where producing your information may reveal the identity of someone else. PADI reserves the right to charge an appropriate fee for complying with your request where allowed by applicable law, and/or deny your requests when they may be manifestly unfounded, and/or excessive, or otherwise objectionable or unwarranted under applicable law.
In addition, and where granted by local law, you have the legal right to lodge a complaint with a competent data protection authority.
PADI’s International Offices
Besides the office in the United States, PADI has regional offices and distribution centers in Australia, Brazil, Canada, China, Japan, Russia and the United Kingdom, each serving a defined territory, plus PADI Travel offices in Switzerland, the United Kingdom and the United States (collectively “PADI Offices”). The laws and regulations concerning data privacy and related rights and responsibilities differ by country. Each of the PADI Offices has the appropriate policies in place to provide compliance with the laws and regulations of the countries it serves, and each is legally bound to uphold PADI’s global policies and procedures. For more information about any regional office’s specific privacy policies, please contact the office using the contact information provided below.
For questions or comments, the contacts are:
- PADI Americas, Canada and Latin America: [email protected]
- PADI Asia Pacific: [email protected]
- Japan Office: [email protected]
- PADI Europe, Middle East and Africa: [email protected]
- ScubaEarth: [email protected]
- PADI Club: [email protected]
Non-Agency Disclosure and Acknowledgment
As a user of PADI’s programs, services and websites, you are informed, understand and agree that PADI Members are licensed to use various PADI Trademarks and to conduct PADI training, but are not agents, employees or franchisees of PADI. You are further informed, understand and agree that the business activities of PADI Members are independent, and are neither owned nor operated by PADI. While PADI establishes the standards for PADI diver training programs, it is not responsible for, nor does it have the right to control, the operation of the PADI Members’ business activities or the day-to-day conduct of PADI Members or the supervision of divers by PADI Members or their associated staff.