Privacy Policy GDPR Compliant Privacy Policy

Updated: February 17th, 2021

(Scroll Down to View GDPR Compliance Section)

Our website address is:

Our corporate website address is:

What personal data we collect and why we collect it


When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Failure to remove the EXIF GPS location data means that visitors to the website could potentially download and extract location data from images on the website.

Contact forms

Please us the "Contact Us' tab/link located at the top of the homepage to contact us. Communication between administrators and staff will primarily be through the use of emails.


If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. does not have access or control over third-party websites.

Analytics employs two types of analytics; user behavior is noted using an online analytic system, such as Google analytics. This information helps to understand user interaction with the website content and offerings. Also, utilizes user interaction to help deliver relevant content, including advertisements and promotions, that offer interest potential for the user.

Who we share your data with

Certain information is communicated with the website security system using Wordfence by Defiant to help ensure website integrity and security. Information regarding data required for website security by Defiant can be found by visiting

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.  Your password is encrypted and cannot be retrieved by any human.  If you lose or forget your password, you may reset it using the password reset option on the log in screen. All information uploaded by website membership is freely given by members and becomes property of and Hathmore Technologies, LLC.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Any visitor comments will be checked using an automated spam detection service. User information is considered confidential in nature and is treated as such.

Your contact information

Users have the ability to make their contact information available to others who may wish to utilize the services.

Additional information

How we protect your data

All data transmitted to and from the website utilizes the Secure Socket Layer (SSL) protocol, which means that the data is secured through an encryption system robust enough to allow the electronic transfer of funds. This SSL system is what other websites use that conduct financial transactions and SSL is the universal standard protection mechanism recognized around the world for protecting financial information.

The data breach procedures we have in place takes data protection very seriously and has active accounts with security systems to help keep private data intact. However, data breaches can still be possible due to the fluid nature of the Internet and also the evolving nature of electronic communication devices, including mobile devices. If a data breach is suspected the users of will be notified and the nature of the breach will be forwarded to Wordfence for analysis. If a user suspects a data breach, they are encouraged to contact immediately using the "Contact us" menu option on the website.

What third parties we receive data from

Third party data is subject to change and supporters and advertisers will be listed in the “Media” section of the website.

What automated decision making and/or profiling we do with user data

Users of the platform who become certified are allowed to make their certifications known to third parties of their choosing without limitation.  As you complete courses, the system automatically tracks which units have been successfully completed and compares this to our master list of units required within courses and certifications.  You may be contacted automatically to notify you of additional courses you may be interested in attending or certifications you may be interested in pursuing based on the units you have completed. As some units are applicable to multiple courses and/or certifications, you may have already completed a portion of an additional course or certification and the system may offer you a discount or expedited path to full completion.  You may opt out of automatic communication at any time by updating your preference in your profile.

Industry regulatory disclosure requirements is structuring data management to be compliant with the General Data Protection Notice that went into effect in Europe on May 25th, 2018. (See next GDPR section)

GDPR General Data Protection Notice

The data protection law changed on 25 May 2018 (May 25th, 2018). On that day, the General Data Protection Regulation of 27 April 2016 (hereinafter referred to as "GDPR") came into force. This is why we are providing our website users with this notice that will inform you about the ways in which we process your personal data. Providing the personal data is voluntary on your part, however it is also necessary for us to conclude contracts and perform services.

Data Manager

Hathmore Technologies, LLC is the manager of your personal data; therefore it determines the methods and goals of processing your personal data.

Obtaining information on processing of personal data

You can contact the data manager on matters concerning the protection of your personal data via email using the “Contact” function or by sending a letter to our headquarters. See Doff website for headquarters location and contact information.

Data collection and the purpose of its processing

We process your personal data because it is necessary to perform a contract with you i.e. provide a service (compliant with Article 6 (1) (b) of GDPR) including:

  • registering a user in the ordering system and ensuring proper user service, including providing the user with product offers and completing his or her orders (compliant with Article 6 (1) (b) of GDPR);
  • processing claims and complaints (compliant with Article 6 (1) (c) of GDPR);
  • pursuing claims related to a contract (compliant with Article 6 (1) (f) of GDPR) where the right to pursue claims is a legitimate interest;
  • archiving purposes (compliant with Article 6 (1) (c) of GDPR);
  • statistical purposes (compliant with Article 6 (1) (f) of GDPR)

In addition, we are required by law to process your personal data for tax and accounting purposes.

Furthermore, we may process your personal data for marketing purposes i.e. promoting our products and services. If we do this without using electronic means of communication, the legal basis for those activities is Article 6 (1) (f) of GDPR where conducting marketing activities is a legitimate interest of the website administrator. However, if we use electronic means of communication for this purpose i.e. e-mail or phone, then due to other applicable laws we only process personal data with your consent (compliant with Article 6 (1) (a) of GDPR).

Data recipients

Your personal data may be transferred to other parties that will process your personal data on their own behalf, including but not limited to:

  • parties conducting postal or courier activities;
  • banks (for undue payment recovery purposes);
  • government authorities or other entities entitled by law, for the purposes of performing our responsibilities (tax offices, law enforcement agencies, etc.);
  • parties managing our IT systems (hosting companies, IT service providers);
  • parties providing us with legal counsel, accounting, tax, and advisory services.

Retention periods of your personal data

We will retain your personal data for the duration of a contract (performance of services) and after its dissolution:

  • Data included in contracts – stored until the limitation period for contract claims (up to 10 years from the date of contract completion);
  • For the purposes required under applicable law, in particular the obligation to retain accounting documentation, issue invoices, etc.;
  • Warranty and complaint-related documentation shall be stored for 1 year after the expiration of a warranty or clearing a complaint;
  • Data used for marketing purposes:
  • when processing data on the basis of consent – until withdrawal of consent;
  • when processing data on the basis of legitimate reasons – unless legitimate objections occur ;
  • Data transferred via a contact form – for the limitation period of possible claims (up to 3 years).

Rights related to data processing

You have the right to access, correct and transfer your data, limit its processing, object to its processing, or withdraw your consent at any time without affecting the lawfulness of processing that was already performed on the basis of consent prior to its withdrawal (if the processing is consent-based).

Moreover, should you decide that our processing breaches the provisions of GDPR; you have the right to submit a complaint to a data protection authority.

Automated data processing (profiling)

Your personal data will be processed in an automated way (including profiling), however this will not cause any legal or other serious repercussions for you.

Profiling of personal data means we process your data (including in an automated manner) and use it to assess some information, in particular to analyze or forecast personal preferences and interests.