Privacy Policy

1. Personal Data & Special Categories of Data

To perform Brian Patten and Associates’ information and related services with respect to information and technology support. As further detailed below, the “Services”, we collect the types of personal information described below (“Personal Data”). For users outside of the United States information is only stored if the need is necessary to complete to our operations and our provision of products and services that you request from us. Once the service request is complete all data is deleted and/or destroyed. There are no repositories kept for extended storage for users outside the United States except for items legally binding in nature that are necessary to complete our operations and our provision of products and services that you request from us such as contracts, process documents, etc.

• Personal Information – We collect personal details about you, including without limitation legal name, place of employment, location of employment, work phone numbers, mobile numbers, work email addresses and additional employment-related information (including without limitation computer usage information, access logs and information, etc.).

2. How We Obtain Personal Data

We collect Personal Data in a variety of ways including, without limitation: via phone call, our website (including without limitation when you log a ticket, purchase a product or service, register for a conference or event, submit your name for employment with us, etc.), information submitted via email, physical mail, online or physical questionnaires or forms, business cards collected by Brian Patten and Associates and/or our affiliates or service providers while at events, conferences, or otherwise, orally, or otherwise collected by us during our provision of services in the ordinary course of business. We may also collect Personal Data from third-party sources, with the understanding that we take steps to obtain assurances from such sources that you gave your consent to the sharing of such information when you provided such information to such third party.

3. Personal Data Processing and Data Retention

Subject always to your rights as set forth in Section 9 below:

• Brian Patten and Associates Services – “Brian Patten and Associates Services” hereunder include Brian Patten and Associates services for individuals and entities who have registered and paid for services, or for individuals and entities (including publishing a searchable, internal directory of certified individuals and entities). We use Personal Data that we collect hereunder as necessary to provide the Brian Patten and Associates Services as requested by you, including without limitation processing applications and registrations to participate in Brian Patten and Associates Services communicating with you about the Brian Patten and Associates Services, and providing you with the benefits of Brian Patten and Associates Services.
• In all cases we will ask for your express consent to our inclusion of your Personal Data in directories.
• Accounting and Billing – We may use Personal Data for our own administrative, accounting, and business needs including billing, invoicing, internal accounting, and record-keeping requirements as well as other related administrative and business purposes. Certain processing is undertaken as necessary to complete a contract for services (collecting payments, making payments for authorized transactions such as membership fees, registration fees, payment for services rendered, etc.). In other instances, our processing of Personal Data as described in this paragraph is required for us to fulfil legal obligations to which we are subject (e.g., record keeping mandated by applicable law).
• Brian Patten and Associates Service Roles – As part of the Services, we hire and/or locate employees, interns, contractors, and speakers, and may grant certain people access to internal client information as necessary to provide the Brian Patten and Associates Services as requested by you, including without limitation processing applications and registrations to participate in Brian Patten and Associates Services and communicating with you about the Brian Patten and Associates Services and providing you with the benefits of Brian Patten and Associates Services. We use Personal Data that we collect hereunder as necessary in connection with the Brian Patten and Associates Service Roles as may be requested by you from time to time, including without limitation communicating with you about the Brian Patten and Associates Service Roles, sharing your name and other Personal Data to identify you as a candidate for negotiating a contract for services provided by Brian Patten and Associates, paying you (if applicable) in connection with the Brian Patten and Associates Service Roles, and otherwise as necessary in connection with the Brian Patten and Associates Service Roles.
• Legitimate Interests – We may also use Personal Data collected hereunder in circumstances other than as expressly described above in connection with the services we provide and/or our own operations; provided, however that any such additional processing may only occur when there is a legitimate interest to do so that is not overridden by your data protection rights as required by applicable law.  The types of processing/uses contemplated hereunder may include, without limitation, for our own administrative and business needs, audits, and self-assessments for compliance with applicable laws, regulations, court order, and applicable firm or Employer policies, for information technology purposes including without limitation trouble shooting, business continuity, disaster recover, data backup and recovery.
• Personal Data Retention – We generally retain Personal Data in accordance with and for the time periods required by our document retention/filing polices and applicable retention requirements imposed on us by applicable law, rule, regulation, or court order, unless there is reasonable basis for retaining such data for a longer period (including, without limitation, in connection with the establishment, exercise or defense of legal claims).

4. Optional Data Processing.

In addition to processing Personal Data in the ways set forth above, you may also choose to allow us to use certain Personal Data at your direction and/or with your express consent, as detailed below. The types of data processing described in this Section 5 are not necessary or integral to the performance of Brian Patten and Associates Services and we will not use Personal Data for such optional purposes except as expressly set forth in this Section 5.

• Information Requested – If you request information about us or our products and/or services, you may elect to provide Personal Data. We will use such Personal Data to respond to your request.
• Marketing (Consent) – From time to time we may offer you the option of signing up, or having us sign you up, for various mailing lists, emailing list or other directory-related list used to send communications from us for purposes of keeping our members and prospective members updated with respect to developments in our Services, our industry, conferences that we or our service providers operate, or otherwise (“Marketing Updates”). To register you on such lists, we will ask for your Personal Data.  We will specifically ask for your consent to use such Personal Data on an opt-in basis and contact you with such Marketing Updates from time to time.
• Information Provided by Non-Members – From time to time customers of our services or products and visitors to our websites, conferences and other events (in each case who are not members of ours), may provide us with Personal Data, and we may keep such Personal Data and use it to market and communicate with such persons about our products and services; provided that we will ask for your express consent to use such Personal Data for such purposes.

5. Onward Transfers – Data We Share With Others.

We will not sell, share, transfer, disclose, rent, use, or distribute Personal Data hereunder for purposes other than as set forth in this Privacy Policy unless required by law or as expressly authorized by a Data Controller as described above.

• Performance of Services – In order for us to perform Services we disclose Personal Data hereunder to third parties as we may be directed while providing Services.
• Service Providers (Consent) – We may provide Brian Patten and Associates Services, or otherwise process Personal Data as detailed above, using third-party service providers we have retained to support us. Such service providers include, without limitation, those who assist us in providing information technology services, training, audits, magazine circulation, backing up of Personal Data, billing services, membership certifications and other similar services. These entities may be located inside, or outside, the European Economic Area. We take steps to require that such service providers protect Personal Data transferred to them in a manner that is consistent with this Privacy Policy. The information shared with each is limited only to that information required for that entity to fulfil its role in assisting us with the performance of the actions described above. Where we have knowledge that a service provider processes your Personal Data in a manner contrary to this Privacy Policy, and we will take reasonable steps to prevent or stop such processing. Where applicable law requires us to obtain your consent to use such third-party service providers, you acknowledge that refusal to provide your consent, or withdrawal of your consent, may affect or prevent our ability to provide Services, and that our engagement may need to be terminated for lack of such consent.
• Exigent Circumstances– In addition to the disclosures set forth above, we will disclose Personal Data about you: (1) if we are required to do so by law or legal process, (2) to law enforcement authorities or other government officials, (3) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss in connection with an investigation of suspected or actual illegal activity; or (4) if necessary to protect the vital interests of any person.

6. Transfer of Personal Data Outside of the EEA.

• Brian Patten and Associates is Headquartered in the United States – Brian Patten and Associates processes Personal Data as described above in our home country, the United States of America. The United States of America is a country outside of the EEA (a “third country”) that is not the subject to a European Commission finding of adequacy (the European Commission has not found that U.S. laws ensure an adequate level of protection for personal data with reference to the GDPR). When applicable, we process Personal Data in the U.S. based on our participation in the EU-US Privacy Shield. Otherwise, we process Personal Data in the U.S. based on your consent.

7. Tracking and Traffic Data

In addition to Personal Data that we collect hereunder, we may, through our website, collect data generated automatically by traffic to our website (“Traffic Data”). Traffic Data may include, without limitation, internet protocol address(es), operating system(s) and browser specifics of your device, device characteristics, geographic (geo-location) information, user ID(s), clickstream data, and specifics regarding your interactions with (i.e., the path you take through) the website. Traffic Data may also include your mobile device information (e.g., device model, operating system version, device date and time, unique device identifiers, mobile network information) and how you use the website. These types of information do not generally identify or relate to you as an individual; however, we may associate these types of information with you as an individual.

Our website may require you to accept session “cookies” to provide customer experience and efficiencies such as enabling you to login, personalizing your experience, and/or automatically filling in standard information on return visits. “Cookies” are small pieces of information that are stored locally on your device by your browser and passed back to the server whenever a request for a new page on the site is made. The session cookie is never saved or written to disk. It is discarded when the browser exits, when you log out of the website, or when you have not visited a page on the website for a given period, for example 60 minutes. Most web browsers automatically accept session cookies, but most browsers also allow you to configure your web browser to refuse them or to notify you before a cookie is set. You also can manually view (and delete) any cookies stored on your computer. If you do not allow session cookies to be set, you may not be able to use our website, access the full content otherwise available through our website and/or use the full features and functionality of our website.

Our website may use Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies” to help the website analyze how users use and view the website. Any information generated by the cookie about your use of our website (including your IP address, and particulars about your browser and configuration as reported by your browser) may be transmitted to and stored by Google on servers in the United States. Please note any information collected by Google Analytics cookies do not include personalized identification information (such as names, e-mail addresses, and payment information). Google may use the information collected for the purpose of enabling us to evaluate your use of our website, certain aspects of your user experience thereon, compiling reports on activity for us and providing other services relating to our website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. More information on the Google Analytics cookies is available from Google at

https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.

8. Your Rights and Options

• Generally – If you have any questions or concerns about our privacy practices or the Personal Data we store and process about you, please contact us as outlined herein.
• Privacy Shield Complaints, Concerns, Recourse – If you have unresolved concerns about the processing of your Personal Data, you may have the right to complain to a data protection authority where you reside, where you work or where you believe there has been an infringement of data protection laws, all in accordance with, and subject to, applicable local law.
  1. In compliance with the EU-US Privacy Shield Principles, Brian Patten and Associates commits to resolve complaints about your privacy and our collection or use of your Personal Data. Data subjects, whose personal data is subject to GDPR, with inquiries or complaints regarding this privacy policy should first contact Brian Patten and Associates at the address located in Section 1.
  2. Under certain, specific conditions, individuals have the possible additional recourse of invoking binding arbitration before a Privacy Shield Panel (arbitral body), created by the US Department of Commerce and the European Commission.

You may also object to processing that is described above as being based on our legitimate interests alone. In such instances, our business interests must be found to be compelling and not to jeopardize your individual rights before further processing may continue.

To meet our obligations under applicable law, we may take reasonable steps to verify your identity before responding to demands as set forth in this Section 9.

If you have unresolved concerns about the processing of your Personal Data, you may have the right to complain to a data protection authority where you reside, where you work or where you believe there has been an infringement of data protection laws, all in accordance with, and subject to, applicable local law.

9. Do Not Track

Do Not Track (DNT) is a privacy preference that you can set in certain web browsers. When you turn on DNT, the browser may send a signal or other message to web services requesting that they not track you. At this time, our information collection practices will continue to apply as described in this Privacy Policy, regardless of any DNT signals that are sent by certain browsers or selected by you. For more information about DNT, please visit AllAboutDNT.org.

How to contact us

To exercise your rights hereunder, if you have any questions about this Privacy Policy and/or our processing of Personal Data, you may contact us in accordance with the information set forth in Section 1 above.