Effective Date: March 25, 2019
Last Updated on February 25, 2022
We refer to the above website(s) and all related websites as “sites” and to each of them as a “site.” When we refer to “we,” “us,” or “our,” we mean NuStep, or the specific division, subsidiary, or affiliate that operates a site, provides its content, or processes information received through it and/or through other offline or online methods as set forth herein, each as appropriate and applicable. When we refer to “you” or “your,” we mean the person accessing the site or Services and/or providing information in connection with the site or Services. If the person accessing the site or Services does so on behalf of, or for the purposes of, another person, including a business or other organization, “you” or “your” also means that other person, including a business organization.
- GENERAL DISCLOSURES
- BIOMETRIC DATA
- COOKIES POLICY
- HOW TO RESTRICT COOKIES
- THIRD-PARTY ADVERTISING AND ANALYTICS
- LINKING SITES
- SOCIAL MEDIA
- HOW LONG WE RETAIN YOUR INFORMATION
- DO NOT TRACK
- MARKETING AND PROMOTIONAL COMMUNICATIONS
- CHILDREN’S ONLINE PRIVACY PROTECTION ACT (COPPA) COMPLIANCE AND RELATED INFORMATION
- CALIFORNIA PRIVACY RIGHTS
- CONTACT US
- ANNEX 1 NOTICE OF COLLECTION, USE AND DISCLOSURE
We take your privacy and the protection of your personal data seriously. We will only store, process and disclose your personal information in accordance with applicable law. We will make it clear when we collect personal information and will explain what we intend to do with it. We do our best to protect your privacy through the appropriate use of information security measures.
How We Collect Personal Information
We collect personal information about you in the following ways: 1) from you when you voluntarily submit information directly to us; 2) using automated technology, including when you visit our Website, social media, or interact with our electronic advertisements or communications; and 3) using third party sources, including our service providers, analytics providers, through social media and other websites or services we interact with. Automated technology collects information from your computer or mobile device and includes cookies, web beacons, local shared objects, or other similar technology. More information is given below in the “Cookies” section.
We collect, use, and disclose your personal information as described in the chart in Annex 1 below
This section defines NuStep’s policies and practices with respect to Biometric Data, as defined below, and is implemented under applicable laws, including, but not limited to, the Illinois Biometric Information Privacy Act, 740 ILCS § 14/1, et seq. and as may be amended (“BIPA”) and other applicable laws.
NuStep will collect your Biometric Data for the following purpose(s):
- NuStep and/or its vendors collect, store, and use your Biometric Data to identify you and verify your identity while using a Transitt.
- NuStep and/or its vendors will not sell, lease, trade, or otherwise profit from your Biometric Data.
NuStep will not collect, disclose, disseminate, or otherwise share your Biometric Data to or with anyone other than its vendors, who provide NuStep with products and services using Biometric Data, without/unless:
- First obtaining your written consent to such collection, disclosure or dissemination;
- The disclosure of Biometric Data is necessary to complete a financial transaction requested or authorized by you;
- Disclosure is required by state or federal law or municipal ordinance; or
- Disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.
NuStep shall use a reasonable standard of care to store, transmit, and protect from disclosure any Biometric Data collected. Such storage, transmission, and protection from disclosure shall be performed in a manner that is the same as or more protective than the manner in which NuStep stores, transmits, and protects from disclosure other confidential and sensitive information.
NuStep shall retain Biometric Data only until, and shall request that its vendors destroy such data when, the first of the following occurs:
- the initial purpose for collecting or obtaining such Biometric Data has been satisfied;
- within three (3) years of your last interaction with NuStep; or
- as otherwise may be required according to applicable law.
Like many online platforms, NuStep and its analytics vendors use server logs and automated data collection tools, such as browser cookies, pixel tags, scripts and web beacons. These tools are used for analytics purposes to enable NuStep to understand how users interact with the site(s) and Services. NuStep and its analytics vendors may tie the information gathered by these means to the identity of users.
Cookies are small text files placed on a computer or device while browsing the Internet. Cookies are used to collect, store and share bits of information about user activities. NuStep uses both session cookies and persistent cookies.
Session cookies are used to identify a particular visit to the NuStep’s site(s) and collect information about your interaction with the site(s). These cookies expire after a short time or when the user closes their web browser after using the site(s). NuStep uses these cookies to identify a user during a single browsing session, such as when you log into the site(s). This helps NuStep improve the site(s) and Services as well as improve the users’ browsing experience.
A persistent cookie will remain on a user’s device for a set period of time specified in the cookie. NuStep uses these cookies to identify and recognize a specific user over a longer period of time. They allow NuStep to:
- analyze the usage of the site(s) (e.g. what links users click on) in order to improve our offering;
- test different versions of the site(s) to see which particular features or content users prefer to optimize the site(s);
- provide a more personalized experience to users with more relevant content and course recommendations; and
- allow users to more easily log in to use the site(s) and Services.
Examples of persistent cookies include: (i) preferences cookies to remember information about a user’s browser and settings preferences, such as preferred language – preference cookies make a user’s experience more functional and customized, (ii) authentication and security cookies to enable a user to log in or stay logged in to access the site(s) and Services, to protect user accounts against fraudulent log-ins by others and to help detect and protect against abuse or unauthorized usage of user accounts and (iii) functional cookies to make the experience of using the site(s) and Services better, like remembering the sound volume level selected by the user.
NuStep uses tracking technology to: (i) determine if a certain page was visited or whether an email sent by NuStep was opened or clicked on by a user; and (ii) to customize the learning experience of individual users by recommending specific courses and other content.
We also use clear gifs in HTML-based emails sent to our users to track which emails are opened and clicked on by recipients. We may use the information we obtain from the cookie in the administration of the site(s), to improve the usability of the site(s) and for marketing purposes. We may also use that information to recognize your computer when you visit our site(s), and to personalize our site(s) for you.
Cookies and information captured through our site(s) are stored for a certain retention period, however you can eliminate these cookies any time before the expiration date.
How to Restrict Cookies
You can adjust the settings in your browser in order to restrict or block cookies that are set by the site(s) (or any other website on the Internet). Your browser may include information on how to adjust your settings. Alternatively, you may visit www.allaboutcookies.org to obtain comprehensive general information about cookies and how to adjust the cookie settings on various browsers. This site also explains how to delete cookies from your computer.
You can control and delete these cookies through your browser settings through the following:
Or you can also use the following cookie management and disposal tool from Google Analytics by downloading and installing the browser plug-in from the following link: http://tools.google.com/dlpage/gaoptout.
Please be aware that restricting cookies may impact the functionality of the Services. Most browsers allow you to refuse to accept cookies. Additional general information about cookies, including how to be notified about the placement of new cookies and how to disable cookies, can be found at www.allaboutcookies.org.
Third-Party Advertising and Analytics
For instance, information collected through Google Analytics is shared with Google and its partners who may combine it with other information you provided to them or they collected from your use of their services. This information is stored in Google’s servers according to their privacy practices.
We may collect information from other sources, such as social media platforms that may share information about how you interact with our social media content. We do not control how your personal information is collected, stored or used by such third-party websites or to whom it is disclosed. You should review the privacy policies and settings on any social media website that you subscribe to so that you understand the information they collect and may be sharing. If you do not want your social media websites to share information about you, you must contact that website and determine whether it gives you the opportunity to opt-out of sharing such information. NuStep is not responsible for how these third-party websites may use information collected from or about you.
How Long We Retain Your Information
We generally retain your information as long as reasonably necessary to provide you the Services or to comply with applicable law. To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal information and whether we can achieve those purposes through other means and the applicable legal requirements. We may retain copies of information about you and any transactions or Services you have used for a period of time that is consistent with applicable law, applicable statute of limitations or as we believe is reasonably necessary to comply with applicable law, regulation, legal process or governmental request, to detect or prevent fraud, to collect fees owed, to resolve disputes, to address problems with our Services, to assist with investigations, to enforce other applicable agreements or policies or to take any other actions consistent with applicable law.
In some circumstances we may de-identify or aggregate your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you. This allows the specific information collected (name, email, address, phone number, etc.) to become de-identified, but allows NuStep to keep the transaction or engagement data. For example, NuStep will not be able to tell if John Smith registered for an event, but we will be able to tell that a person registered for an event and maintain headcount and transactional history. This will allow NuStep to maintain a level of information that helps us develop and improve our site(s) and Services.
Do Not Track
Marketing and Promotional Communications
You may opt-out of receiving marketing and promotional messages from NuStep, if those messages are powered by NuStep, by contacting us in writing and letting us know your specific opt-out request. If you decide to opt-out, you will still receive non-promotional communications relevant to your use of our Services.
Children’s Online Privacy Protection Act (COPPA) Compliance and Related Information
The Children’s Online Privacy and Protection Act (COPPA) regulates online collection of information from persons under the age of 13. It is our policy to refrain from knowingly collecting or maintaining personal information relating to any person under the age of 18. If you are under the age of 18, please do not supply any personal information through the site(s). If you are under the age of 18 and have already provided personal information through the site(s), please have your parent or guardian contact us immediately using the information provided under CONTACT US so that we can remove such information from our files.
We take reasonable measures, including administrative, technical, and physical safeguards, to protect your information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. Nevertheless, no online or computer environment is 100% secure, and we cannot guarantee absolute security of the transmission or storage of your information. We hold information about you both at our own premises and with the assistance of third-party service providers. Further public disclosure here of our security measures could aid those who might attempt to circumvent those security measures. If you have additional questions regarding security, please feel free to contact us directly using the information provided under CONTACT US.
California Privacy Rights
California law permits residents of California to request certain details about our disclosure of your personal information by us to third-parties for direct marketing purposes during the immediate preceding calendar year. If you are a California resident please see section “CALIFORNIA CONSUMERS ONLY” for an explanation of your rights.
Please contact NuStep with any questions or concerns regarding this Privacy Notice.
47700 Halyard Dr
Plymouth, Michigan, USA 48170
California Consumers Only: Your California Privacy Rights
The purpose of this section is to inform California residents from whom we may collect personal information about certain rights California affords to its residents with respect to personal information.
You have the right to request that we disclose to you the following information about personal information we collect from you:
- categories of personal information collected;
- categories of sources of personal information collected;
- the business or commercial purpose for collecting or selling personal information;
- the categories of third parties with whom we share personal information; and
- the specific pieces of personal information we have collected about you over the past 12 months.
You also have a right to know if we have sold or disclosed your personal information for a business purpose over the past 12 months and, if so, the categories of personal information sold or disclosed and the categories of third parties to whom the personal information was sold or disclosed, along with the business or commercial purpose for which the personal information was sold or disclosed.
Requests to Know
To make a request for any of the information set forth above (a “Request to Know”), please submit a verifiable consumer request pursuant to the instructions below. You may only make a Request to Know twice within a 12-month period. We will acknowledge your Request to Know within 10 business days and will attempt to respond substantively within 45-90 days.
The Request to Know must provide sufficient information to allow us to verify that you are the person about whom the personal information was collected, sold or disclosed and must contain sufficient detail to allow us to properly understand, evaluate and respond to your request. If we cannot verify your identity, we will not be able to respond to your request.
You can make a Request to Know the personal information we have about you in the following ways:
- You may make a request here: email@example.com
- You may also make a request by phone by contacting us at 1.800.322.2209
Once we receive your Request to Know, we will begin the process to verify that you are the person that is the subject of the request (the “Verification Process”). The Verification Process consists of matching identifying information provided by you with the information we have about you in our records. You will be asked to provide us with two or three pieces of information that will help us to verify your identification.
Within the past 12 months, we have collected the categories of personal information about California consumers as described in this Policy in the section labelled “How We Collect Personal Information.” To review these categories click here.
Information Sold or Disclosed:
We have not sold any categories of personal information to third parties for a business or commercial purpose.
We have disclosed the following categories of personal information to third parties for a business or commercial purpose in the preceding 12 months:
- Personal Identifiers
- Commercial Information
- Internet/Network Activity
- Biometric Information
- Financial Information
For information regarding the categories of third parties with whom we have sold or disclosed these categories of personal information, please review Annex 1 here .
We do not knowingly sell the personal information of minors under 16 years of age.
Right to Request Deletion of Personal Information
You have the right to request the deletion of your personal information collected or maintained by us (“Request to Delete”), subject to certain exceptions permitted by law.
To make a Request to Delete, please submit a verifiable consumer request pursuant to the instructions below. We will acknowledge your Request to Delete within 10 business days and will attempt to respond substantively within 45-90 days.
A Request to Delete requires two steps: 1) making the Request to Delete and 2) confirming that you want your information to be deleted.
You can make a Request to Delete in the following ways:
You may make a request here: firstname.lastname@example.org
You may also make a request by phone by contacting us at 1.800.322.2209
Once we receive your request to delete, we will need to verify that you are the person that is the subject of the request (the “Verification Process”). The Verification Process consists of matching identifying information provided by you with the information we have about you in our records. If we cannot verify your identity, we will not be able to respond to your request. If the information requested to be deleted is necessary for us to maintain, we will not be able to comply with your request and will notify you this is the case.
We will retain correspondence, documents and information related to any Request to Know, Request to Delete, or Request to Opt-Out for 24 months as required by law.
Right to Opt-Out of Sale of Personal Information
As explained in Annex 1 of this Policy, we and our third-party partners, may collect and share your data with third parties for our business purposes. This type of sharing may be considered a “sale” under the CCPA. You can control the information shared about you and request an opt-out.
You can make a Request to Opt Out in the following ways:
As explained in our “Cookies” section above, you can opt out of cookies using your browser.
- Opt-outs are device and browser based. You must opt out on each device and each browser where you want your choice to apply.
- Opt-outs maybe stored via cookies. If you clear cookies, your opt-out may no longer be valid and you must opt out again where you want your choices to apply.
- We may still share your information with our service providers that help us perform functions that are necessary for our business such as vendors that host our Site, analytics processors, etc. These entities are contractually obligated to keep this information confidential and not use it for any purpose other than for the services they provide to our business.
- You may still receive ads from us that are not tailored to your interests.
Additional Options to Opt-Out of Sale
In addition to the above options to opt out of the “sale” of your information under the CCPA as described above, you have controls and choices with respect to collection and use of your information by third parties. These are summarized for you below. We do not control or maintain opt-out mechanisms for third party companies and are not responsible for their operation.
Online Behavioral Advertising Opt-Out
You can opt out of sharing your information with third-party companies engaged in online behavioral advertising including social networking sites such as Google and Facebook using the following tools provided through the AdChoices website powered by the Digital Advertising Alliance (DAA): For websites: http://optout.aboutads.info/?c=2&lang=EN. For mobile apps: http://www.aboutads.info/appchoices
You can opt out of Google Analytics by installing Google’s Opt Out browser add on: https://tools.google.com/dlpage/gaoptout. You can opt out of interest-based Google ads using https://adssettings.google.com/u/0/authenticated.
Facebook Ad Preferences
To understand more about Facebook advertising and manage your preferences, please visit https://www.facebook.com/about/ads. Login to Facebook and go to Settings > Ads > Ad Settings (web) or Ad Preferences > Ad Settings (app) for more information.
Right to Non-Discrimination for Exercising Consumer Privacy Rights
You have the right not to receive discriminatory treatment for exercising your privacy rights conferred by the California Consumer Privacy Act, including by exercising the rights specified herein.
Authorized Agent Information
You may designate an authorized agent to make a request on your behalf under the California Consumer Privacy Act.
Authorized agents can make requests under the California Consumer Privacy Act by emailing us at email address: email@example.com. We will require authorized agents to provide proof of the consumer’s identity and proof of designation as an the authorized agent. We may also require that a consumer verify his or her own identity directly with us before we respond to an authorized agent’s request.
We reserve the right to deny requests in certain circumstances, such as where we have a reasonable belief that the request is fraudulent.
California Do Not Track Notice: Because there are not yet common, industry accepted “do not track” standards and systems, our website does not respond to Do Not Track signals. In addition, we may allow third parties to collect personal information from your activity on our website, as described in the “Information Collection and Use” section above and as described in Annex 1 below.
Contact For More Information
For information and questions about the use of your personal information or this California Consumer Privacy Section or your rights under California law, you may contact us at:
47700 Halyard Dr
Plymouth, Michigan, USA 48170
This Policy may be revised from time to time for any reason. If this Policy changes, the revised policy will include a new effective date, and we will notify you of such changes by posting the revised policy on this page. Be sure to check the Policy whenever you submit personal information to us.