Skip to main content
Image
cityscape at dusk

Privacy Policy

 

Effective Date: May 18, 2022

The CCIM Institute (“CCIM”, “we”, “us” or “our”) respects the privacy of our visitors, registered users, and members (referred to as “you” or “your”). This privacy policy (and as amended from time to time as posted on our website at www.ccim.com/privacy-policy (“Privacy Policy”) describes the types of information we collect from you or that you may provide when you visit or use any of the websites owned or controlled by The CCIM Insititute, namely, ccim.comstdb.com, and ccimef.org (collectively, “Site” or “Sites”), purchase our products (“Products”), use our services, register for and/or attend our events, or communicate with one of our customer service representatives (collectively, “Services”) and our practices for collecting, using, maintaining, protecting, disclosing, retaining, and transferring that information. 

This Privacy Policy does not cover the privacy practices of local CCIM chapters, which are separate legal entities that — depending on where they are located — may be subject to different laws and requirements than those of CCIM (to understand how chapters use personal information, please contact them directly). Please note that if you disagree with anything in this Privacy Policy, you must not use the Sites, or provide personal information to us in connection with The CCIM Institute's Products or Services. This Privacy Policy applies to the data collected by us, or those working on our behalf, through information you enter or from the data imported from authorized and approved sources. It does not apply to data collected through third-party websites, or to products, or services not approved by us.

By visiting our Website or purchasing our Products or Services in any manner, you acknowledge that you accept the terms, practices and policies described in this Privacy Policy (and as updated from time to time), and you hereby consent that we may collect, use, and share your information as described herein. If you do not agree with our policies and practices, your choice is not to use our Website or our Services. Your use of the Website and our Services is at all times subject to our Terms of Use (available at www.ccim.com/terms-of-use and as updated from time to time (the “Terms”)), which is incorporated by reference herein. Any capitalized terms we use in this Privacy Policy without defining them have the definitions given to them in the Terms.

  1. Overview 
  2. Information We Collect
  3. Cookie Notice and Policy
  4. User Content Posting
  5. How We Use Your Information
  6. How We Share Your Information
  7. Information Security
  8. Data Retention
  9. Your Choices and Privacy Rights
  10. International Transfers
  11. Notice for Residents or Citizens of the EEA, UK, or Switzerland
  12. Children
  13. Contact Information

1. Overview

Summary

This policy applies to all personal information that we collect about you when you use The CCIM Institute Sites.

It does not cover the privacy practices of local CCIM chapters or other third-party websites we may link to.

Details

This Privacy Policy covers our treatment of personally identifiable information, referred to herein as “Personal Information” and means any unencrypted or non-deidentified information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked with a particular person such as, but not limited to, your name, mailing address, email address, telephone number, etc. Please see additional information below on the particular information we collect.

If you are a citizen or resident of the European Economic Area (“EEA“), United Kingdom, or Switzerland, the definition of Personal Information is defined under the General Data Protection Regulation (“GDPR”) and you have certain rights; therefore, please see the section below entitled “GDPR.” 

Personal Information does not include your Personal Information that has been deidentified, pseudonymized, anonymized, aggregated, and/or otherwise processed so as to be unidentifiable in such a way that the data can no longer be attributed to you (by reasonable means) without the use of additional information, and where such additional information is kept separate and under adequate security to prevent unauthorized re-identification of a specific individual such that one could not, using reasonable efforts, link such information back to a specific individual (collectively, all of the foregoing in this sentence being referred to as “De-Identified Personal Information”).

Our Sites may contain links to third-party websites. These third-party websites and services are not related to us and may have separate privacy policies and data collection practices. We have no responsibility for these websites or their privacy practices and encourage you to read the privacy policies of all websites you visit.

A “visitor” is an individual who visits the Sites, without having registered. A “registered user” is an individual, such as a member, who has registered with us, and whose identity can be determined directly or indirectly from the information provided. For the purpose of this Privacy Policy “you” means a visitor or a registered user.

By accessing and using our Services, subject to applicable law, you signify you understand and consent to the terms of this Privacy Policy and consent to our Terms of Use. If you do not agree with or you are not comfortable with any aspect of this Privacy Policy or our Terms of Use, you should immediately discontinue access or use of our Services.

We are constantly working to improve our Sites and Services, and we may need to change this Privacy Policy from time to time as well. Our current Privacy Policy will always be on our Sites at www.ccim.com/privacy-policy and any updates will be effective upon posting. You are responsible for periodically checking our Sites for updates. Under certain circumstances, we may also elect to notify members of changes or updates to this Privacy Policy by additional means, such as posting a notice on the Sites or by sending you an email, but you should not rely on receiving such additional notice.

2. Information We Collect

Summary

We collect personal information when you interact with our Services. You provide personal information to us when you:

  • Sign up to become a registered user of our site(s).

  • Join as a CCIM member.

  • Register for virtual, or in-person, courses, events, or conferences.

  • Download certain publications or materials which are offered for free.

  • Register to take the Comprehensive Exam.

  • Communicate with The CCIM Institute staff and provide information to us, such as your email address.

We record your visits and use of our services.

We may use automatic data collection technologies to collect certain information about your device, your activities on our site, and your location as described in our Cookie Notice.

Third parties such as your employer, our training partners, or companies controlled by The CCIM Institute, may share your data with us.

We may collect data about you when you use our services on social media.

You provide us with data when you participate in our professional networking features or post on public areas of the site.

We use third-party payment processors who fully comply with PCI requirements (Payment Card Industry Security Standards Council). As such, your online payment data is not captured, stored or used by us.

Details

We collect personal information when you interact with our Sites or our Services. 

We collect several categories of Personal Information from and about you as summarized in the following table:

  • Information that you provide by filling in webforms on our Website. This includes information provided when creating an online account, purchasing our Products or Services, subscribing to our e-newsletters or other communications, requesting information from us, submitting or posting material (where permitted) on our forums, or interacting with customer support or service, report a problem with our Website, Products, or Services, or otherwise communicating with us.

  • Records and copies of your correspondence (including email addresses), if you contact us.

  • Registering for an event.

  • Your responses to surveys that we or our service providers might ask you to complete for research purposes.

  • Applying to become a certified CCIM or approved Member.

  • Your search queries on the Website.

  • In stores (parent, subsidiary, and affiliate brands).

  • When communicating with customer service/support.

  • Third party websites (e.g., websites that share information with us or advertising partners regarding online activities).

  • Data suppliers (e.g., companies that provide demographics and other information regarding consumers).

  • When making a donation via our Website.

  • Joint marketing partners.

  • Online advertising companies.

  • Fulfillment and delivery service providers.

  • Social media companies.

  • Other service providers.

  • Responding to employment opportunities.

Additionally, if you are a student, we may also use your Personal Information including students records to: 

  • Support and monitor your progress through the academic program in which you are enrolled. We do this so we can comply with our contractual obligations to you. 

  • Offer you various student support services. It is in our legitimate interests to offer support to our students. 

  • Ask you questions regarding your satisfaction with the program. It is in our legitimate interests to learn more about your experience with the program. 

  • Maintain your academic records. We do this so we can comply with our contractual obligations to you. 

  • Complying with our obligations. We process your Personal Information to, for example, carry out fraud prevention checks or comply with other legal or regulatory requirements, where required by law or where in our legitimate interests to do so. 

  • Maintain close communications with you in order to provide you with a rich, fulfilling and personalized academic experience. It is in our legitimate interests to communicate with our students and provide a personalized learning experience.

Additional Details on Information You Directly and Voluntarily Provide to Us

  • Membership. If you provide your personal information to CCIM to become a member or if you sign up to become a registered user of any Site, you will be required to provide certain information as part of the registration process. This information may include your first and last name, email address, and business or home address. We may also request that you voluntarily provide other information, such as your phone number, date of birth, demographic information, educational background, work experience, information about your non-CCIM certifications, courses or areas of study in which you may be interested, and information about your company as it relates to our Services and your membership. We use this information to communicate with you, to design content and activities that we believe would be of interest to you, and to ensure that we will not violate any applicable U.S. laws in providing you access to our Services. 
     
  • Events and Conferences. We may host events that include in-person and virtual conferences, training, knowledge sharing, and webinars. If you register for an event and you already have an account, we will access the information in your account to provide you with information and services associated with the event. We may also ask for additional demographic information during the registration process. If you register for one of our events and you do not have an account or are not a member, we will collect your first and last name, email address, business or home address, information about the type of business you work for or with, and your role in that business. 

  • We use the information provided by event attendees to provide them with event services, including badge printing, tracking your Continuing Education (CE) credits, tailoring sessions to meet the audience profile, and to determine the sessions likely to require the biggest rooms, as well as other related purposes connected with the event. 

  • If you are a presenter at one of our events, we will collect information about you, such as your name, employer, contact information, and image (e.g., photographs), and we may also collect information provided by event attendees who evaluated your performance as a presenter. We may also make and store a recording of your voice and likeness in certain instances. 

  • Publications. We offer various publications and materials through our Sites. Some of these publications and materials are publicly accessible, others require that you be a member or that you create an account and subscribe to receive access to these publications and materials. If you are not a member and you create an account for this purpose, you will be required to provide certain information as part of your account registration, which may include your first and last name, email address, business or home address, and professional information. 

  • Exams and Certification. When you register to take a CCIM exam, we will collect certain personal information such as your first and last name, email address, phone number, business address, home address, demographic information, and professional and education history. We may also collect and store information you provide to us about special accommodations that you may request. Only authorized employees within CCIM have access to your exam scores and personal information pertaining to any special accommodations you may request. CCIM will collect your exam results and, in conjunction with maintaining your certification(s), if applicable, your record of participation in CE. 

  • Certification Status. If you hold a CCIM certification, we will only share your certification status with a third party to the extent we have received your prior consent to share such information, or to the extent you have provided the third party with the necessary information to access your certification status on our Site.

  • Communications. If you communicate or correspond with us by email, through postal mail, via telephone, or through other forms of communication, including our customer service center, we may collect the information you provide as part of those communications. For example, if you correspond with us through email, we may collect and store the email address you use to send the applicable correspondence and use it to respond to your inquiry, to notify you of CCIM conferences, publications, or other services, or to keep a record of your complaint, accommodation request, as well as similar purposes. We may make and retain recordings of your voice and/or video likeness for customer support, or in connection with events, or the like.

  • We may also collect Personal Information from you through means other than our Website. This may include offline collection, such as if you submit a paper application, make a payment by check, or call or visit our office. It may also include emails, text messages, or other electronic communications that you send to us separate from our Website or by way of our Service Providers (as defined herein). However, if we combine the Personal Information we collect from you outside of our Website with Personal Information that is collected through our Sites or by another means as described above, the Privacy Policy will apply to the combined information, unless specifically disclosed otherwise.

Information We Automatically Collect.

As you navigate through and interact with our Sites, we may use automatic data collection technologies to collect certain information about your device (computer, tablet, smartphone) and your activities, including:

  • If you access the Services through a computer, we will automatically collect information such as your browser type and version, computer and connection information, IP address, mobile device advertising identifier, Media Access Control (MAC) address pages you have visited, type of device, operating system name and version, device manufacturer, browser information (type, version), screen resolution, Internet service provider or mobile carrier’s name, connection speed and connection type, date stamp, URL of the last webpage visited before visiting our Platform, URL of the first page visited after leaving our Platform, pages viewed, time spent on a page, click-through and clickstream data, queries made, search results selected, comments made, search history, type of service requested, purchases made, and information collected through cookies, pixel tags, and other technologies. For more information on the tracking technology we use, please see our Cookie Notice below, which describes the cookies used on our Sites and provides information on how users can control the information they process.

  • If you access the Services through a mobile device, we may also be able to identify the location of your mobile device. We use your location information (if shared) to identify the geographic locations from which our content is accessed so that we can better understand what content topics may be most relevant in that region, and to our members generally, and to develop resources around those content topics. You may choose not to share your location details with us by adjusting your mobile device’s location services settings. For instructions on changing the relevant settings, please contact your service provider or device manufacturer. 

Behavioral Tracking.

  • We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services, or associate Personal Information with other information collected in this manner. 
  • Keystrokes. We or our service providers may keep track of and/or collect the keystrokes and cursor movements of Website visitors before purchase of a Product or Service from our Website (and before we have any email address or other information about you (other than IP address) which would specifically identify you), but, this information is anonymous and, at the time of collection, we do not directly associate or attempt to associate this information with you as an identifiable individual. If you sign up to receive our emails (e.g., through the popup box that appears) we then do have the ability going forward to associate the keystroke and cursor information with the email address you provide. We use this information solely for the purpose of improving our Website to improve our customers’ user experience (e.g., improving navigation, readability, etc.). 

For Events: 

Facial Recognition for Events. We may use Google Vision or other facial recognition software on our Websites that ask event attendees to upload a photo for their event badge for security purposes. This is used solely to identify if the photo contains an image of a human face. We store the photo that the attendee has uploaded and the facial recognition only adds a Yes/No answer as to whether the photo contains an image of a human face.

  1. Information from Third Parties. We may receive personal information about individuals from third parties. This may happen if your employer pays and registers you for training, certification, or membership; however, we will only share information about you with your employer if you consent in advance to our sharing this information. Our third-party training partners may also share your personal information with us when you sign up for training, certification, or membership through the applicable training partner. 

  2. We may also receive personal information about you from companies controlled by or under common control of CCIM. When you interact with our Services on a social media platform, we may collect the personal information that you or the platform make available to us on that page or account, including your social media account ID and/or user name associated with that social media service, your profile picture, email address, friends list, information about the people and groups you are connected to and how you interact with them, and any information you have made public in connection with that social media service. The information we obtain depends on your privacy settings on the applicable social media service; we will only collect and store such personal information that we are permitted to collect by those social media platforms. When you access our Sites through social media channels or when you connect the Site to social media services, you are authorizing us to collect, store, and use such information and content in accordance with this Privacy Policy.

  3. If you are a member or registered user and choose to participate in our professional networking features, which are provided by our third-party vendor and volunteer platform provider, Higher Logic, your postings will be associated with the personal information in your public member profile (which includes your name, user name, and other optional information you may choose to include). CCIM may share the following personal information with Higher Logic for this volunteer management platform and other CCIM platforms: your name, state, zip code, country of residence, phone number, bio, email, job title, company, CCIM and non-CCIM certifications, education (university or school and degree), areas of interest, membership level, chapter membership, chapter leader role, chapter ID, work experience, date of birth, photo, and staff membership. 

  4. If you decide to participate in our platforms and professional networking features, keep in mind that your personal information (for example, your name and online user name), along with any substantive information you disclose in the communication you decide to post, will be publicly accessible and viewable by others who visit that area. In addition, we may highlight certain users’ postings or contributions to other members of the CCIM professional networking features. For example, users who participate actively in our social networking features, like contributing materials and engaging in certain online activities, will be listed as “active members” in a roster that is viewable by all other registered users. It is possible that your posting may result in unsolicited messages from third parties. We strongly recommend that you do not post any information on the public areas of the Sites that allows strangers to identify or locate you or that you otherwise do not want to share with the public.

  5. Information You Provide to Payment Processors. All payments made to us are processed by a PCI/DSS-compliant (these are payment card industry security standards) payment processing service. All credit/debit card number information collected by these third-party providers for purposes of processing your payments is not available to us.

The technologies we use for this automatic data collection may include cookies, local storage cookies, web beacons, pixel tracking, GIF, IP address, and other technologies. Each of these is discussed below.

Browser Cookies

Browser cookies are small files placed on the hard drive of your computer or mobile device. They may contain certain data, including, but not limited to: the name of the server that has placed it there, an identifier in the form of a unique number, and, an expiration date (some cookies only). Browser cookies are managed by the web browser (Internet Explorer, Firefox, Safari, Google Chrome, etc.) on your computer or mobile device. Different types of cookies which have different purposes are used on our Website.

Essential Cookies

Essential cookies are essential to allow you to browse our Website and use its functions. Without them, services such as shopping baskets and electronic invoicing would not be able to work.

Performance Cookies

Performance cookies collect information on the use of our Website, such as which pages are consulted most often. This information enables us to optimize our Website and simplify browsing. Performance cookies also enable our affiliates and partners to find out whether you have accessed one of our Website pages from their site and whether your visit has led to the use or purchase of a Product or Service from our Website, including the references for the Product or Service purchased. These cookies do not collect any information which could be used to identify you. All the information collected is aggregated, and therefore anonymous.

Functionality Cookies

Functionality cookies enable our Website to remember the choices you have made when browsing. For example, we can store your geographical location in a cookie so that the Website corresponding to your area is shown. We can also remember your preferences, such as the text size, font and other customizable aspects of the Website. Functionality cookies may also be able to keep track of the products or videos consulted to avoid repetition. The information collected by these cookies cannot be used to identify you and cannot monitor your browsing activity on sites which do not belong to us.

It is possible that you will come across third-party cookies on some pages of sites that are not under our control.

We also use cookies such as functionality cookies to implement tracking technology on our Website. This allows us to display advertising that is tailored to you on our Website, to understand which parts of our content interest you the most, and which Product or Service categories you request. This tracking uses De-Identified Personal Information data. Some of our service providers are allowed to place cookies on our Website. Those companies may also provide you with the option of preventing the use of cookies in the future. For more information, contact the relevant third-party provider. 

At any time, you can prevent the use of cookies in the future. You may activate the appropriate setting in your browser to refuse to accept browser cookies. However, if you do, your experience on our Website may be affected; e.g., you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.

Local Storage Cookies

Certain features of our Website may use local stored objects to collect and store information about your preferences and navigation to, from and on our Website. Local storage cookies are not managed by the same browser settings as are used for browser cookies. 

Web Beacons

Pages of our Website and our emails may contain small electronic files known as web beacons (also referred to as clear GIFs, pixel tags, and single-pixel GIFs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content, and verifying system and server integrity). 

Pixel Tracking

In addition to using cookies, the Website may employ “pixel tracking,” a common process which may be used in connection with advertisements on other sites. Pixel tracking involves the use of pixel tags that are not visible to the user and consist of a few lines of computer code. Pixel tracking measures the effectiveness of advertisements and compiles aggregate and specific usage statistics. A “pixel tag” is an invisible tag placed on certain pages of websites that is used to track an individual user’s activity. We may access these pixel tags to identify activity and interests that may allow us to better match our products, services, and offers with your interests and needs. For example, if you visit our Website from an advertisement on another website, the pixel tag will allow the advertiser to track that its advertisement brought you to the Website. If you visit our Website, and we link you to another website, we may also be able to determine that you were sent to and/or transacted with a third-party website. This data is collected for use in our marketing, research, and other activities.

GIF 

We may use tiny images known as clear GIFs to track behavior of users, including statistics on who opens our emails.

IP Address

Our servers (or those of our service providers) automatically record certain log file information reported from your browser when you access the Website. These server logs may include information such as which pages of the Website you visited, your internet protocol (“IP”) address, browser type, and other information on how you interact with the Website. These log files are generally deleted periodically.

Membership Directory Content 

In addition to data collected by us, members may update or supplement data provided in our Membership Directory. We permit members to upload and share user-generated content, such as photographs and resumes, with other members. The directory is not intended as a place for members to post third-party content. We expect our members to respect the copyrights, intellectual property rights and data protection rights of others at all times. Our Membership Directory area is provided as a service to members to foster scientific and clinical information exchange. The use of the data for any commercial purposes by anyone other than us is expressly forbidden. If you feel that your information in this Membership Directory has been used inappropriately, please contact us.

4. User Content Posting

You also may submit information, such as comments, reviews, testimonials, etc., to be published or displayed (“posted”) on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, “Content”). Your Content is posted and transmitted to others at your own risk. We cannot control the actions of other users of the Website with whom you may choose to share your Content. Therefore, we cannot and do not guarantee that your Content will not be viewed by unauthorized persons. By posting any Content or submitting Content for posting you agree to and do hereby grant us and our licensors, affiliates, partners, successors, and assigns, a nonexclusive, perpetual, irrevocable, worldwide, sublicensable, transferrable, royalty-free right, and license to use, store, display, publish, transmit, transfer, distribute, reproduce, rearrange, edit, redact, modify, aggregate, summarize, adapt, create derivative works of, and publicly perform the Content that you post or otherwise submit to us for any purpose, in any form, medium, or technology now known or later developed (“Right to Use”). 

The Right to Use you grant us above also extends to any Content that you have posted to our Facebook or other social media account pages, or on other websites, e.g., Google, Yelp, Trip Advisor, Instagram, etc. The term “Use” includes, but is not limited to, use, reproduce, modify, publish, list information regarding, edit, delete, translate, distribute, publicly display, publicly perform, and make derivative works of the Content.

If we permit you to post Content, by posting any Content, or submitting Content for posting, you agree to with the following “User Content Posting Guidelines”:

To the extent our Website contains areas where you can post or submit to be posted such as comments, product reviews, testimonials, etc., you agree to post Content that is proper and related to the general theme of the Website. Content also includes that which you send to us by email, text, mail, or other means. You agree not to post or submit any Content that:

  • Is off-topic, false, inaccurate, misleading, defamatory, libelous, stalking, threatening, obscene, pornographic, indecent, vulgar, offensive, which contains unlawful material or information, or which otherwise violate the legal rights (such as rights of privacy and publicity) of others;

  • Harasses, degrades, intimidates, or is hateful toward an individual or group of individuals on the basis of religion, gender, sexual orientation or identity, race, ethnicity, age, or disability;

  • Is not your own original creation or that you do not have permission to use or that infringes the copyright, trademark, patent, or other proprietary right of any person or that is used without the permission of the owner;

  • Is intended to provide professional advice, including but not limited to, the provision of medical treatment, or legal, financial, or investment advice;

  • Promotes or provides instructional information about illegal or illicit activities;

  • Purports to be from any person or entity, including but not limited to one of our employees, or falsely states or otherwise misrepresents your affiliation with a person or entity;

  • Includes personal or identifying information about another person without that person's explicit consent, or is doxxing;

  • Contains malicious software code of any kind, including, but not limited to, code that contain viruses, malware, corrupted files, or any other similar software or programs designed to or that may interrupt, lock up, destroy, damage or limit the operation of another person's computer, or network or telecommunications equipment;

  • Disrupts the normal flow of dialogue with an excessive number of messages (flooding attack) to the Website, or that otherwise negatively affects the ability of others to use the Website; or,

  • Advertises or offers to sell any goods or services, or engage in surveys, contests, chain letters, or for any commercial purpose.

DMCA Notice. If you believe that any content on the Website violates these Terms or your intellectual property rights, you can report such violation to us in accordance with the Digital Millennium Copyright Act (17 U.S.C. §512, “DMCA”). In the case of an alleged infringement, please provide the following information:

  • A description of the copyrighted work or other intellectual property that you claim has been infringed;

  • A description of where the material that you claim is infringing is located on the Website (including the exact URL);

  • An address, a telephone number, and an email address where we can contact you;

  • A statement that you have a good faith belief that the use is not authorized by the copyright or other intellectual property rights owner, by its agent, or by law;

  • A statement by you under penalty of perjury that the information in your notice is accurate and that you are the copyright or intellectual property owner or are authorized to act on the owner’s behalf; and,

  • Your electronic or physical signature, or that of the person authorized to act on behalf of the owner of the copyright or other right being infringed.

We may request additional information before we remove allegedly infringing material. You may report a copyright violation by providing the above information to the designated agent listed below:

CCIM Institute

Attn: Privacy

Address: CCIM Institute, 430 North Michigan Avenue, Suite 700, Chicago, Illinois 60611 USA

Email: privacy@ccim.com

We have the right to terminate the user account of any user who repeatedly submits Content that violates our intellectual property policies. A repeat infringer is a user who has been notified of infringing activity more than twice and/or has had User Content removed from the Website more than twice.

5. How We Use Your Information

Summary

We use your data to provide our services to you, respond to you, advise you of other services, to personalize your experience, and for other purposes.

Details

We will only use your information as described in this Privacy Policy or as disclosed to you prior to such processing taking place.

  • To present our Site and its contents to you.

  • To provide you with information and respond to your questions on Products or Services that you request from us and information on new products and services, discounts, special promotions, or upcoming events, and features or offers that we believe will be of interest to you.

  • To provide you with the Products, Services, or information that you have requested.

  • To process transaction payments, including, but not limited to, Product and/or Service fees, subscription fees, professional fees, membership dues, registration fees, voluntary contributions, examination fees, credential and Designation fees, and payments, refunds, and reimbursements for any products or services that you choose to purchase from us (though we do not receive your credit or debit card number).

  • To provide you with notices about your account, including expiration and renewal notices.

  • To notify you about information regarding or changes to our Site, our policies, terms, or any Products or Services we offer or provide, or regarding your account.

  • To process your account application and any changes to your account information.

  • To process Personal Information or other information that you submit through to us.

  • To allow you to participate in interactive features on our Site.

  • To contact you about our own and third-parties’ products and services that may be of interest to you.

  • To provide access to restricted parts of our Site, e.g., areas accessible if you have a user account.

  • To enhance and improve our Products and Services, for example, by performing internal research, analyzing user trends, and measuring demographics and interests.

  • For internal purposes, such as Site or Service and system operation, administration, maintenance, internal audits and reviews, diagnosing technical problems, and maintaining security.

  • To provide statistics about the usage levels of the Site and other related information to our service providers.

  • To notify you of data privacy incidents or provide you with legally required information.

  • To contact you regarding a promotion, contest, or sweepstakes in which you have participated.

  • To request your participation in ratings, reviews, surveys, focus groups, or other initiatives which help us to gather information used to develop and enhance our Products and Services.

  • To determine eligibility for membership, credentials, Designations, or volunteer opportunities.

  • To evaluate your performance on continued learning courses and assist you in the tracking of your progress.

  • For examination or event registration, scheduling, event attendance, administration, and related purposes.

  • To fulfill any other purpose for which you provide Personal Information.

  • In any other way we may describe and for which we obtain your consent when you provide the information and you give your consent.

Additional Information on How We Use Personal Information

  • To Provide and Maintain our Services. We will use your personal information to provide information or deliver Services that you request and to allow you to participate in interactive features of our Sites and Services when you choose to do so. For example, we process your personal information to provide membership benefits and other services to you, including order processing, processing of certification or membership applications, registering you for event or training programs, or registering you for reduced hotel price rates. When you sign up for a certification course or seminar, we will use your personal information to facilitate the delivery of such course or seminar. To the extent your organization has paid for your certification course or seminar, we may provide the status of your course or seminar to your organization upon notice to you. In compliance with applicable laws, we may also publish the names, titles, country and business affiliations of officers, committee members, and others who have assisted with initiatives or projects to provide recognition of their achievements to the CCIM community.

  • To Provide Customer Support or Respond to You. We collect any information that you provide to us when you contact us, such as with questions, concerns, feedback, disputes, or issues. Without your personal information, we cannot respond to you.

  • To Advise You of Other Services. From time to time, subject to the applicable law, we may share your personal information with third parties or partners. You may opt out of having your personal information shared with third parties. If you choose to limit the use of your personal information, certain features or Services may not be available to you.

  • To Personalize Your Experience. We may also use your personal information to tailor your experience at our Sites, to compile and display content and information that we think you might be interested in, and to provide you with content according to these preferences. We may also use this information to help us understand your needs and interests, and to better tailor our products and services to meet your needs.

  • To Send You Marketing and Promotional Communications. We may use your personal information we collect from you and third-party sources to contact you with newsletters, marketing, or promotional materials and other information that may be of interest to you, to deliver targeted and relevant advertising and marketing to you, and to promote our Services. 

  • For Research and Development. We may use your information to gather analysis or valuable information so that we can improve our Services and to detect, prevent, and address technical issues. We may also use your information to monitor the usage of our Sites including, without limitation, search terms entered, pages visited and documents viewed.

  • For Security Reasons. We may use personal information to help monitor, prevent, and detect fraud, enhance security, monitor, and verify identity or access, or identify and address security risks.

  • To Post Testimonials. We may use personal information to post testimonials on our Sites. Prior to posting a testimonial, we will obtain your consent to use your name and testimonial. You can request your testimonial be updated or deleted at any time by sending a request with your name, testimonial location, and contact information.

  • To Enforce Compliance with Our Terms and Agreements or Policies. When you access or use our Services, you are bound to our Terms of Use and this Privacy Policy. To ensure you comply with them, we process your personal information by actively monitoring, investigating, preventing, and mitigating any alleged or actual prohibited, illicit, or illegal activities on our Services. We also may process your personal information to: investigate, prevent, or mitigate violations of our internal terms, agreements, or policies; enforce our agreements with third parties and business partners; and, as applicable, collect fees based on your use of our Services. We also use your information to ensure that we will not violate any applicable U.S. sanctions in accepting your donation or by providing you access to our Services.

  • Other Legitimate Business Purpose. We may use your personal information when it is necessary for other legitimate purposes such as protecting our confidential and proprietary information.

6. How We Share Your Information

Summary

We may or do disclose your Personal Information, in whole or in part, to the following types of third parties, and for one or more of purposes discussed below.

Details

Except as set forth in this Privacy Policy or when specifically agreed to by you, we take care to allow your personal information to be accessed only by those who need access in order to perform their tasks and duties, and to share with third parties who have a legitimate purpose for accessing it. In general, we do not share your information with a third party for their independent use unless: (i) you request or authorize it, (ii) it is required by law, or (iii) it is in connection with a co-sponsored event. We may share personal information in the following circumstances:

  1. Service Providers. We may share your information with our suppliers, subcontractors, and other third parties who provide services to us (collectively “service providers”) in connection with advertising, hosting, data analytics, information technology and infrastructure, email delivery, auditing, exam testing, training providers, and other related activities, vendors, or third parties who deliver or provide goods and services or otherwise act on our behalf of or at our direction. Our service providers are given only the information they need to perform their designated functions and are prohibited from using the information we provide them for their own marketing purposes.

  2. Business Partners and Sponsors. From time to time, we may engage in joint sales or product promotions with selected business partners (who may or may not also be service providers, as described above). If you opt-in, purchase, or specifically express interest in a jointly offered product, promotion, or service, we may share relevant personal information with those partners. If you are an event attendee, speaker, or sponsor, certain items of your information may be included in the event roster, which may also be shared with third-party event sponsors and exhibitors, and publicly disclosed, subject to the applicable law. While we do not control our business partners’ use of such information, we do take appropriate steps to ensure that they use appropriate safeguards to protect your personal information. Our partners and sponsors are responsible for managing their own use of the personal information collected in these circumstances, including providing information to you about how they use your personal information. We recommend you review the privacy policies of the relevant partner to find out more about their handling of your personal information. Where we do share your personal information with third parties, CCIM takes steps to ensure that they use appropriate safeguards to protect your personal information.

  3. Within Our Corporate Organization and with Our Local Chapters and Volunteers. We are part of a corporate organization that has many legal entities, business processes, management structures, and technical systems. We may share your personal information within our organization and with our subsidiaries and/or affiliates to provide services and support, provide recommendations to optimize services, to provide members and prospective members with information about our Services, and for other purposes described in this Privacy Policy. We may also share your information with our board members and our volunteers for the purposes of conducting our internal business operations. We may also share your information with your local CCIM Chapter so they may offer membership and associated services to you pursuant to your membership in that Chapter, CCIM Technologies, Site To Do Business, and CCIM Foundation to provide information regarding their programs and initiatives. If you participate in our “Enterprise Participation Program,” your information, particularly with respect to the goods and/or services your company has purchased from CCIM for your benefit, will be shared with your organization’s program coordinator. 

  4. Compliance with Laws or Regulatory Body. Except as otherwise described in this Privacy Policy, we will not disclose your Personal Information to any third party unless required to do so by law, court order, legal process, or subpoena, including, but not limited to, in order to respond to any government, regulatory, or licensing request, or if we believe that such action is necessary to: (a) comply with the law, comply with legal process served on us or our affiliates, subsidiaries, contracted vendors, or affinity partners, or investigate, prevent, or take action regarding suspected or actual illegal activities; (b) enforce our Terms or customer agreement (including for billing and collection purposes); (c) take precautions against liability; (d) investigate and defend ourselves against any third-party claims or allegations; (e) assist government enforcement agencies or to meet national security requirements; (f) to protect the security or integrity of our Website, our Products, Services; or, (g) exercise or protect the rights, property, or personal safety of us, our users or others. We will attempt to notify you about these requests unless: (i) providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law, or (ii) we believe that providing notice would be futile, ineffective, create a risk of injury or bodily harm to an individual or group, or create or increase a risk of fraud upon us, our users, our Website, or our Services. In instances where we comply with legal requests without notice for these reasons, we will attempt to notify that user about the request after the fact if we determine in good faith that we are no longer legally prohibited from doing so and that no risk scenarios described in this paragraph apply.

  5. Your Consent to Disclosure/Transfer/Sale of Your Personal Information. You consent to our disclosure of your Personal Information, De-Identified Personal Information, and other information you provide to us (collectively, “Transferred Information”) to a potential or actual buyer or acquirer of our company or other successor for the purpose of considering or undergoing a merger, divestiture, restructuring, reorganization, dissolution, change in control, or sale or transfer of some or all of our assets (each of the foregoing referred to as a “Transfer”), whether as a going concern or as part of bankruptcy, liquidation, or other court proceeding, in which Personal Information held by us is among the assets transferred. You agree to and do hereby consent to (and shall not object to) our assignment, conveyance, transfer, and/or license (whether by contract, merger or operation of law) as part of a Transfer, of any or all of our rights, in whole or in part, in or to Transferred Information and your consents, with or without notice to you and without your further consent. We cannot make any representations regarding the use or transfer of Transferred Information that we may have in the event of our bankruptcy, reorganization, insolvency, receivership, or an assignment for the benefit of creditors. By providing any Personal Information, you expressly agree and consent to the use and/or transfer of Transferred Information or other information in connection with a Transfer. Furthermore, except as required by law, we are not and will not be responsible for any breach of security by any third parties or for any actions of any third parties that receive any of the Transferred Information that is disclosed to us.

7. Information Security

Summary

We take reasonable measures to ensure your data is safe.

Details

We take reasonable measures to protect any personal information we may hold in order to prevent loss, misuse, unauthorized access, disclosure, alteration, or destruction. In some areas of our platforms, we may use encryption technologies to enhance data privacy and help prevent loss, misuse, or alteration of the information under CCIM’s control.

We cannot guarantee, however, that all information will remain secure. The Internet by its nature is a public forum. We encourage you to use caution when disclosing information online. Often, you are in the best situation to protect yourself online. You are responsible for protecting your login ID and password from third-party access, and for selecting passwords that are secure.

8. Data Retention

Summary

We retain your information according to applicable laws and our retention policy and store it securely.

Details

We will retain the personal information we collect from you where we have a justifiable business need to do so and/or for as long as is needed to the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, legal, accounting, or other purposes). 

Following termination or deactivation of your user account, we may retain your profile information and all information posted to public areas of the Website. Following termination or deactivation of your user account, we may retain your Personal Information and other data, but will maintain it as confidential according to the Terms, this Privacy Policy, and as required by applicable law. We have the right to delete all of your Personal Information and other data after termination of your user account without notice to you.

We may retain De-Identified Personal Information for as long as we deem appropriate.

9. Your Choices and Privacy Rights

Summary

You have choices on how we communicate with you, and how you can exercise certain of your rights.

Details

By providing us with your email address (including by “following,” “liking,” linking your account to our Website or Service or other services, etc., on a third party website or network), you consent to our using the email address to send you Service-related notices by email, including any notices required by law (e.g., notice of data privacy or security incidents), in lieu of communication by postal mail. 

Listed below are choices we provide you in relation to the processing of your personal information. Residents and citizens of the European Economic Area (“EEA”), the United Kingdom or Switzerland at the time they access our Services, please see Section 11, for more information about your choices and rights.

  1. Marketing Communications. If you receive commercial electronic communications from us, you can unsubscribe from the receipt of future commercial electronic communications from us by clicking on the unsubscribe link provided in such communications and submitting an opt-out request. Please note that even though you have opted out of receiving marketing-related communications from us, we may still send you important administrative or transactional messages, and you cannot opt out from receiving these messages.

  2. Access and Correction. You can correct personal information that we have collected from you by contacting us as indicated in the “ Need Further Assistance” section of the help page on the Site. In your request, please make clear what information you would like to have changed. For your protection, we may need to verify your identity before implementing your request. We will try to implement your request as soon as reasonably practicable. We reserve the right to refuse to act on a request that is manifestly unfounded or excessive (for example because it is repetitive) and/or to charge a fee that takes into account the administrative costs for providing the information or taking the action requested.

10. International Transfers

Summary

We operate in the United States as a global organization.

Details

Your personal information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including personal information, to the United States and process it there.

We will take reasonable steps to ensure that your personal information is treated securely and in accordance with this Privacy Policy and no transfer of your personal information will take place to an organization or a country unless there are adequate controls in place. If you do not want your information transferred to or processed or maintained outside of the country or jurisdiction where you are located, you should not use our Services.

Individuals located in the European Economic Area (“EEA”), United Kingdom, or Switzerland at the time they access our Services, please see Section 9, for information on how we transfer your personal information.

11. Notice for Residents or Citizens of the EEA, UK, or Switzerland

Summary

The policies in this Section 9 apply only to those who are residents or citizens of the European Economic Area, United Kingdom, or Switzerland. These policies describe how we market to you, our legal bases for processing your information and your rights.

Details

This Section 9 only applies to residents and citizens of the EEA, UK, and Switzerland that access or use our Services while located in the European Economic Area, United Kingdom, or Switzerland (collectively “Europe”). We may ask you to identify which country you are located in when you use some of the Services or we may rely on your IP address to identify in which country you are located. When we rely on your IP address, we cannot apply the terms of this Section 9 to any individual that masks or otherwise hides their location information from us so as not to appear located in Europe. If any terms in this section conflict with other terms contained in this Policy, the terms in this Section 9 shall apply to users in Europe.

We are a controller with regard to any personal information collected from individuals accessing or using our Services. A controller is an entity that determines the purposes for which and the manner in which any personal information is processed.

  1. Marketing. We will only contact individuals located in Europe by electronic means (including email or SMS) based on our legitimate interests, as permitted by applicable law or the individual’s consent. When we rely on legitimate interest, we will only send you information about our Services that are similar to those which were the subject of a previous communication, sale or negotiations of a sale to you. If you do not want us to use your personal information in this way or to disclose your personal information to third parties for marketing purposes, please click an unsubscribe link in your emails and submit an opt-out request. You can object to direct marketing at any time and free of charge. Direct marketing includes any communications to you that are only based on advertising or promoting products and services.

  2. Legal Bases for Processing. Our legal bases for the processing activities identified in this Policy are (depending on the activity):

  • We rely on our contract with you as our legal basis for processing in relation to the following: to provide and maintain our services, to provide customer support or respond to you, to enforce compliance with our Terms, agreements or policies, and to share your information with service providers.

  • Depending on the specific circumstances, we rely on your consent or legitimate interest in relation to the following processing activities: to send you marketing and promotional emails, to advise you of other services, and to share your information with business partners, sponsors, or within our corporate organization.

  • We rely on legitimate interest in relation to the following processing activities: to personalize your experience, for research and development, and when we share your information with board members or volunteers or in relation to business transfers or bankruptcy.

  • When we share your information to respond to subpoenas, court orders, government requests, or to protect rights and comply with our policies, or in relation to business transfers or bankruptcy, our processing is based on our legal obligations.

  1. Your Rights. We provide you with the rights described below when you use our Services. We may limit your individual rights requests in the following ways: (a) where denial of access is required or authorized by law; (b) when granting access would have a negative impact on other’s privacy; (c) to protect our rights and properties; and (d) where the request is frivolous or burdensome. When we fulfill your individual rights requests for correction (or rectification), erasure or restriction of processing, we will notify third parties also handling the relevant personal information unless this proves impossible or involves disproportionate effort. If you would like to exercise your rights under applicable law, please contact us at the “ Need Further Assistance” section of the help page on the site. We may seek to verify your identity when we receive an individual rights request from you to ensure the security of your personal information. 

  2.  In certain circumstances, you have the following data protection rights:

  • Right to withdraw consent. You have the right to withdraw your consent to the processing of your personal information collected on the basis of your consent at any time. Your withdrawal will not affect the lawfulness of our processing based on consent before your withdrawal.

  • Right of access to and rectification of your personal information. You have a right to request that we provide you a copy of your personal information held by us. This information will be provided without undue delay subject to some fee associated with the gathering of the information (as permitted by law), unless such provision adversely affects the rights and freedoms of others. You may also request us to rectify or update any of your personal information held by us that is inaccurate.

  • Right to erasure. You have the right to request erasure of your personal information that: (a) is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (b) was collected in relation to processing that you previously consented, but later withdraw such consent; or (c) was collected in relation to processing activities to which you object, and there are no overriding legitimate grounds for our processing. If we have made your personal information public and are obliged to erase the personal information, we will, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform other parties that are processing your personal information that you have requested the erasure of any links to, or copy or replication of, your personal information. The above is subject to limitations by relevant data protection laws.

  • Right to data portability. If we process your personal information based on a contract with you or based on your consent, or the processing is carried out by automated means, you may request to receive your personal information in a structured, commonly used and machine-readable format, and to have us transfer your personal information directly to another controller, where technically feasible, unless the exercise of this right adversely affects the rights and freedoms of others.

  • Right to the restriction of or processing. You have the right to restrict or object to us processing your personal information where one of the following applies:

  • You contest the accuracy of your personal information that we processed. In such instances, we will restrict processing during the period necessary for us to verify the accuracy of your personal information.

  • The processing is unlawful and you oppose the erasure of your personal information and request the restriction of its use instead.

  • We no longer need your personal information for the purposes of the processing, but it is required by you to establish, exercise, or defend against legal claims.

  • You have objected to processing, pending the verification whether the legitimate grounds of our processing override your rights.

  • Restricted personal information shall only be processed with your consent or for the establishment, exercise, or defend against legal claims, or for the protection of the rights of another natural or legal person or for reasons of important public interest. We will inform you if the restriction is lifted.

  • Right to object to processing. Where the processing of your personal information is based on consent, contract, or legitimate interests, you may restrict or object, at any time, to the processing of your personal information as permitted by applicable law. We can continue to process your personal information if it is necessary for the defense of legal claims or for any other exceptions permitted by applicable law.

  • Automated individual decision-making, including profiling. You have the right not to be subject to a decision based solely on automated processing of your personal information, including profiling, which produces legal or similarly significant effects on you, save for the exceptions applicable under relevant data protection laws. We do not engage in this type of automated processing.

  1. Transfers of European Personal Information to the U.S. Our headquarters are located in the United States, and information we collect from you will be transferred, stored, and processed in the United States. We will protect your personal information in accordance with this Privacy Policy wherever it is processed and will take appropriate contractual or other steps to protect the relevant personal information in accordance with applicable laws. These steps may include implementing the European Commission's Standard Contractual Clauses for transfers of personal information to our service providers and business partners, or the adoption of binding corporate rules. To the extent applicable, CCIM may rely on derogations as set forth in GDPR Article 49 for the transfer and onward transfer of personal information collected from individuals in Europe to the United States and other countries that the EU views as not providing adequate data protection. Specifically, we may transfer such information to another party to perform a contract with you, with your explicit consent or in a manner that does not outweigh your rights and freedoms. If this personal information is not processed and transferred, we will not be able to execute the contract with you or you will not have access to any or all the benefits and features associated with your transaction.

12. Children

Summary

We do not collect data from children.

Details

We do not knowingly collect personal information data from persons under the age of 18. If you are a parent of a child under 18 and you believe that your child has provided us with information about themselves, please contact us via the information in the Contact section below.

13. Contact Information

If you have any questions or concerns about this Privacy Policy, please visit the contact us or write to us at CCIM, 430 North Michigan Avenue, Suite 700, Chicago, Illinois 60611 USA, or email us at privacy@ccim.com.