This policy applies to all personal information collected by and maintained on the e-learning ("classroom") systems operated by Les Bell and Associates Pty Ltd. We collect this information while providing educational and testing services.
Registered users can edit their profiles at any time via their personal menu (at the top right of most site pages).
When you register on this site we ask you to provide some personal information, primarily for authentication purposes. The information we require is your name and email address, which we will correlate with registration logs for our own courses and those provided via third parties. If you attend an in-house course paid for by your employer, we may also record that fact in order to provide you and your employer with customised services.
Your personal information is not shared with any other entities or companies.
Your user profile allows you to control whether other course attendees can see your email address or not.
Registering via an Identity Provider
Our site allows you to register and subsequently log in via any of several identity providers such as Google, Facebook and LinkedIn. The only information we obtain from these providers is your name and email address, and possibly a profile picture.
We also request that you provide such additional information in your profile as you feel comfortable sharing. We use this as evidence that you are not a bot or spammer attempting to use this site in unacceptable ways; providing this information reduces the probability that we will delete your account.
We view our courses as communities of learning in which course attendees are encouraged to participate in a collegial fashion - that is, to both ask and answer questions and to share professional experience. We do not share this information outside our courses.
Generated and Indirectly-Collected Information
As you use the services provided by the site, your activities are logged. We use these logs for trouble-shooting only. Your course progress (test and quiz scores, etc.) are not reviewed unless you ask us to investigate problems. If you attend an in-house course paid for by your employer, you will be advised, in advance, if the results of any quizzes and motivational competitions will be shared with your employer (most are not). Your course progress information is not visible to other course attendees.
You can view your own information via the "Grades" option in the personal menu at top-right of most site pages.
We reserve the right to contact users with updates about our courses and services.
Each of our courses provides a News Forum which is used for administrative purposes and only accessible to lecturers and course managers; subscription to such forums is automatic and course attendees are expected to not unsubscribe while actively using a course.
Each of our courses typically provides one or more Discussion Forums to which all course attendees can post. These forums provide options for unsubscribing or selecting a digest format which aggregates emails; the instructions for managing these options are at the foot of each email.
Each course provides instant messaging and email communications between course attendees.
Participation in Online Video Webinars and Meetings
When we organise online webinars or meetings, generally the Chatham House Rule will apply - that is, participants are free to use the information received, but neither the identity nor the affiliation of the speaker(s), nor that of any other participant, may be revealed (see https://www.chathamhouse.org/about-us/chatham-house-rule). In some circumstances, participants may agree that some information may be handled under the Traffic Light Protocol.
Sessions will only be recorded for later sharing with the consent of participants who appear on-screen, and non-active participants are free to mute their microphones and cameras. Links to shared video content will only be posted within the relevant site courses.
Security and Risk Management
We operate an information security management system which is compatible with - but not certified against - ISO 27001 and ISO 27002. We have also implemented a risk management process based on the FAIR (Factor Analysis of Information Risk) methodology and compatible with ISO 27005.
We do not currently store credit card information; if we ever do, it will be encrypted in accordance with PCI-DSS requirements.
We try to avoid storing password hashes, and recommend that users register and log on via a third-party identity provider such as Google. We further recommend that users secure such accounts using two-factor authentication. Where we do store passwords, this is done using a strong, salted hashing algorithm.
Your information is stored only only our server(s) in Google Cloud (currently in a US central data center), on snapshot images (also secured in Google Cloud) and on database backups stored in our office.
Should you have any questions or concerns about this policy, or wish to review your personal information or have it deleted, please contact:
Les Bell and Associates Pty Ltd
PO Box 173
Frenchs Forest NSW 1640