FITSI strives to ensure the security and privacy of all information and has a firm commitment to data privacy. This section states the FITSI Privacy Policy pertaining to information gathered from requests for information, individual exam registrations, and membership applications. FITSI reserves the right to change this policy and notify FITSP Certification Holders and FITSI members via email of any change to this privacy statement.

Privacy and Confidentiality of Individual Information
FITSI safeguards all individual records and information obtained related to a FITSP Certification Program Certification Candidate, FITSP Certification Applicant, FITSP Certification Holder, FITSI Founding Member, FITSI Associate Member, FITSI Certified Member, FITSI Employee, FITSI Consultant, or FITSI Volunteer. Except as required in the FITSI Policies and Procedures Handbook, all individual records and information obtained are considered confidential and will not be disclosed to a third party by FITSI without the individual's prior written consent, except as outlined below in the Use of Data section. Where the law requires disclosing such information to a third party, FITSI will notify the individual before releasing the information when reasonably possible.

FITSI will use the FITSI Privacy Request, Notification, and Release Form to document the request for information and the notification and release of private and/or confidential information.

In cases where written consent is required before release FITSI will use the FITSI Privacy Written Consent Release Form to be filled out and signed by the FITSI Certification Candidate, FITSP Certification Applicant, FITSP Certification Holder, FITSI Founding Member, FITSI Associate Member, FITSI Certified Member, FITSI Employee, FITSI Consultant, or FITSI Volunteer.

FITSI also uses the FITSI Privacy Request, Notification, and Release Tracking Log Sheet to have full visibility into all requests, notifications, and releases in one place.

Collection of Data
FITSI collects personal data via voluntary actions of an individual through a request for information such as a certification application, membership application, employment, consulting work with FITSI, or involvement as a volunteer. Data includes, but is not limited to, name, address, email address, phone number, area of interest, and employment.

Use of Data
Any personal data collected by the means documented above is used by FITSI and third parties acting on behalf of FITSI for Certification Candidate administration and marketing-related purposes, including processing certification applications, providing pertinent information, and sending marketing communications at the request of FITSI by a third-party marketing firm. Such firms will not own any FITSI-provided data or keep permanent data records.

FITSI utilizes collected data to notify interested parties of upcoming seminars, exams, etc. Personal email address, phone number, and home address information may be used for information dissemination to potentially interested parties.

FITSI does not sell individual information to third-party organizations, competitors, or marketing firms.

FITSI uses personal, geographic information and certification area-of-interest information to determine regional certification interest and scope-specific certification interest.

Storage of Data
All data about FITSI Certified Members, Associate Members, Founding Members, Certification Candidates, Certification Applicants, and Certification Holders is stored until certification renewal and updated if recertification is achieved. If an individual does not request recertification, data is maintained for five years from the end of the certification period.

Data collected from individuals who do not obtain certification either by personal choice or not passing the certification exam is maintained for five years.

Member and Certification Holder data are maintained, provided the membership or certification status is active. If a membership or certification becomes inactive, FITSI retains member or Certification Holder information for five years.

FITSI performs a records purge of applicable data and records annually in December. FITSI permanently maintains records of those members who have a certification withdrawn (revoked) for the FITSI Code of Ethics violations to ensure the individual is barred from obtaining future FITSP certifications.

Published Membership List
FITSI provides Certification Holders and members the option to include contact information in an online directory via the FITSI website. The type and scope of information published are controlled by the Certification Holder or member through their online account profile. When an online account is created, the default policy is "Not Published." The user can indicate the type of information they wish published in the directory.

Privacy and Confidentiality of Certification Information
Certification Holders' and certified members' records are maintained electronically and/or via a paper file.

Personnel acting on FITSI's behalf shall keep confidential all information obtained or created during the performance of FITSI's certification activities, except as required by law or where authorized by the Certification Candidate, Certification Applicant, or Certification Holder.

Certification Holders allow verification of their certification status. The process for verifying certification status is outlined in the FITSI Certification Verification Handbook, which can be found at https://www.fitsi.org/documents.html. The online tool for verification can be found at https://www.fitsi.org/fitsi/cert.asp. Certification Holders must provide their last name and FITSI certification identification number to the person verifying the certification.