Notice Effective January 23, 2024

DOLFIN, operating through DOLFIN Academy LLC (together with its affiliates, the “Company”), operates at website app.dolfin.org (“Site”). We are data controller for this Site.

This Privacy Policy explains what personal data and information we collect when you visit our Site and how we use it and provides mandatory information as required under applicable data protection laws, such as Articles 13 and 14 of the European General Data Protection Regulation (“GDPR”) or the California Consumer Privacy Act (“CCPA”), regarding the transparency of personal data processing. By using our Site and providing Personal Information to the Company, you agree to the collection and use of information in accordance with this Policy. This Privacy Policy should be read along with our Terms of Use, in order to ensure you understand and are comfortable with our use and disclosure of your Personal Information.

If you do not agree to any of the provisions of this Privacy Policy, you should not use the Site. If you have any questions or concerns about this Privacy Policy, you can contact us through support@dolfin.org.

1. Personal Information the Company Collects. “Personal Information” is information that identifies you as an individual. The Company collects certain Personal Information—such as your first and last name, email address, state and country of residence, company’s name, type of institution, years of industry experience, and area of counter-illicit finance / financial crime compliance (“CIF/FCC”) that you work in—when you contact us, view and use our Site, and purchase a subscription to DOLFIN.^TM The Company needs to collect this Personal Information to provide requested services and functionality to you. If you disclose any Personal Information relating to other people to us, to other members of the Company’s online community, or to our service providers in connection with your use of the Site, you represent that you have the authority to do so and permit us to use the information in accordance with this Privacy Policy. You are under no statutory or contractual requirement or other obligation to provide Personal Information to us via this Site.
2. How We Use Personal Information. The Company and its third-party service providers use Personal Information only for business purposes, including to:

• set up your account and enable you to use the Site and, in case of an institution, to allow authorized individual users to participate in training and certification programs supported by the Site;
• tailor the content on our Site to the needs of our users;
• fulfill and respond to your subscription requests and inquiries, whether sent to us by email or via the Contact Us form on the Site;
• provide updates on industry news and events;
• communicate with you regarding our services and provide you with related customer service; and
• send you important information regarding the Site, changes to our terms, conditions, policies, and/or other administrative information.

Third parties provide us with services such as website hosting, data analysis, payment processing, infrastructure provision, email delivery services, credit card processing, auditing services, and other similar services for the Site. To enable them to provide such services, we have agreed to provide them with access to your Personal Information on a need-to-know basis. If you would like specific information about our providers and the information they received, please contact us at support@dolfin.org.

We may also use Personal Information as we believe to be necessary or appropriate: (a) to comply with applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including those outside your country of residence; (d) to enforce the Company’s Terms of Use for the Site; (e) to protect the Company’s operations; (f) to protect the Company’s rights, privacy, safety or property, you or others; and (g) to allow the Company to pursue available remedies or limit the damages that we may sustain.

1. How Personal Information is Disclosed. Your Personal Information might be disclosed (a) within the Company or to any Company affiliate for the purposes described in this Privacy Policy; (b) to the Company’s third-party service providers; or (c) to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of the Company’s business, assets or stock (including in connection with any bankruptcy or similar proceedings).
2. Other Information We Collect. “Other Information” is any anonymous information that does not reveal your specific identity or relate to you as an identifiable individual. Other Information includes:

• browser information and log data;
• information collected through cookies, pixel tags and other technologies;
• demographic information and other information provided by you;
• aggregated information; and
• physical location.

1. Log Data. When you visit this Site, our servers automatically record information and data (the “Log Data”) your browser sends. This Log Data may include IP addresses, browser types (Firefox, Chrome etc.), browser versions, the search terms you use, date and time of your visit, and the pages on our Site that you visit.
2. Cookies. “Cookies” are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive. Like many other websites, we may from time to time use cookies to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to take full advantage of our Site.
3. How We Use and Disclose Other Information. Other Information does not personally identify you, therefore, we may use and disclose Other Information for any purpose. If we are required to treat Other Information as Personal Information under applicable law, then we will use and disclose it for the purposes for which we use and disclose Personal Information as detailed in this Privacy Policy.
4. The Company uses reasonable organizational, technical, and administrative measures to protect Personal Information under the Company’s control. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100 percent secure. You use the Site and provide us with information at your own discretion and risk. If you suspect or have reason to believe that your interaction with the Company is no longer secure, immediately notify us of the problem by sending an email to support@dolfin.org or calling +1.202.558.0960.
5. Links to Other Web Sites. This Privacy Policy does not cover the links within this Site linking to other websites. Those sites are not governed by this Privacy Policy, and if you have questions about how a site uses your information, you will need to check that site’s privacy statement.
6. Analytics and Third-Party Service Providers. We work with third party service providers such as Google, Inc., Mixpanel, Inc., and Zoho Corporation to monitor certain pages of our Site for such purposes as reporting traffic and other statistics. Where authorized by us, these providers may use cookies and/or other monitoring technologies to compile statistics about our visitors, including their IP address, web browser, pages viewed, time spent on pages, and links clicked. This information may be used to, among other things, analyze and track data, improve our service, determine the popularity of certain content and better understand our users’ online activity.

Further information about each of these service providers’ privacy policies may be found here:

• Microsoft
• SCORM Cloud
• Pantheon
• Google
• Mixpanel
• Stripe
• MailChimp
• Zoho
• Panopto

1. How You Can Access, Change or Suppress Your Personal Information. If you would like to request to review, correct, update, suppress or delete, or object to, restrict, or otherwise limit the Company’s use of, your Personal Information that has been previously provided to the Company, you can contact us at support@dolfin.org or by calling +1.202.558.0960. In your request, please make clear what information you would like to have changed, whether you would like to have your Personal Information suppressed from a Company database, or otherwise let the Company know what limitations you would like to put on our use of your Personal Information. We will try to comply with your request as soon as reasonably practicable and in accordance with applicable law.
2. Retention Period. We will retain your Personal Information for as long as is necessary for the purposes listed above or longer where this is required by the law. Please contact us for further details of applicable retention periods.

We may keep an anonymized form of your information, which will no longer refer to you, for statistical purposes without time limits, to the extent that we have a legitimate and lawful interest in doing so.

We will retain information in accordance with our clients’ instructions where we act on their behalf as a data processor.

1. If you are located in the European Economic Area. The Company’s main administrative offices are based in the USA and that is where we process Personal Information collected through our Site. When you provide Personal Information to us, we request your consent to transfer that personal information to the USA. The USA does not have an adequacy decision from the European Commission, which means that the Commission has not determined that the laws of the USA provide adequate protection for personal information. Although the laws of the USA do not provide legal protection that is equivalent to EU data protection laws, we safeguard your Personal Information by treating it in accordance with the provisions of GDPR. We take appropriate steps to protect your privacy and implement reasonable security measures to protect your Personal Information in storage. We use secure transmission methods to collect Personal Information through this Site. We also enter into contracts with our data processors that require them to treat Personal information in a manner that is consistent with this Privacy Policy.

You have the right to be informed about our use of your Personal Information, and to correct any mistakes in the Personal Information we have collected and have such information erased. To exercise any of these rights, please contact us at support@dolfin.org or by calling +1.202.558.0960.

1. Complaint with a Supervisory Authority. You have the right to file a complaint concerning our processing of your Personal Information with your national (or in some countries, regional) data protection authority. The EU Commission has a list here: Data Protection | Innovation and Networks Executive Agency (europa.eu)
2. If you are a California Resident. The Company collects information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with our consumers (“personal information”). Personal information does not include publicly available information from government records, deidentified information, or aggregated information. The following sections of our Company Privacy Policy describe the personal information we may have collected in the last twelve (12) months, along with the corresponding categories of sources (Section 1), purposes (Section 2), and third parties with whom we shared your personal information (Section 3).

In limited circumstances, California residents may have additional rights over personal information including:

The Right to Request More Information. You may have the right to request more information about how we have treated our personal information in the past 12 months, including:

• The categories of personal information we collected about you;
• The categories of sources from which we collected that information;
• Our business or commercial purpose for collecting that information;
• The categories of third parties with whom we shared that information; and
• The specific pieces of personal information we collected about you.

The Right to Request Access. You also may have the right to receive a copy of your personal information.

The Right to Request Deletion. Under certain conditions, you have the right to request that we delete your personal information.

How to Exercise these Rights. To submit a request to exercise these rights you may contact us as follows:

For all requests, please clearly state that the request is related to “Your California Privacy Rights” and provide your name, street address, city, state, zip code and an e-mail address or phone number where you may be contacted. We are not responsible for notices that are not labeled or sent properly or that do not include complete information. You can always opt-out or unsubscribe from marketing emails by using the opt-out link at the bottom of any marketing email we send. Although we encourage you to use the opt-out link because it is automated, you may also send us a request at support@dolfin.org. For more information on your choices, please see Section 11 of our Company Privacy Policy.

Verification. Before we can respond to your request, we will first need to verify your identity using personal information you recently provided to us. If we are not able to verify your request, we will contact you for more information. If we are unable to verify your identify after a good faith attempt, we may deny the request and, if so, will explain the basis for the denial.

Designating an Authorized Agent. You may designate someone to submit requests and act on your behalf (an “Authorized Agent”). To do so, you must provide us with written permission to allow your Authorized Agent to act on your behalf.

Do Not Track Requests. As set out in Section 6 of our Company Privacy Policy, we use cookies to collect information about your internet activity to help us understand our audience and provide you with personalized features and enhanced functionality. When you arrive on our Site you will see a banner message informing you about cookies. Once you click ‘OK’, this message will close. If you do not wish to give consent you must modify your browser settings and click ‘OK’ when you revisit the site so the banner will not reappear. If you, or another user of your device, wish to withdraw your consent at any time, you have the ability to accept or decline cookies by modifying your browser setting as explained at http://www.allaboutcookies.org and http://www.youronlinechoices.com/, in relation to third party cookies. If you choose to decline cookies, the Site may not function properly. Unless you change the settings, we assume that you are happy for us to place cookies on your device.

Third-Party Marketing and Selling. We do not provide your information to third parties for their direct marketing purposes. We also do not intend to sell your personal information to third parties.

No Discrimination. We will not unlawfully discriminate against you for exercising any of these rights.

1. Changes to this Privacy Policy. This Privacy Policy is reviewed and updated annually to ensure it accurately captures our practices and procedures. The effective date is identified above. Your use of the Site following these changes means that you accept the revised Privacy Policy.

Resolving Concerns and How to Contact Us. If you have questions or concerns about this Privacy Policy, contact us at support@dolfin.org.