CALEA® operates as a not-for-profit organization that serves public safety agencies by delivering professional public safety accreditation and management services. As such, it is necessary to provide and maintain a contemporary corporate website to provide information to the general public, as well as current and prospective clients regarding services and related information. CALEA’s primary website address is www.calea.org; however, additional links associated with this site are utilized to optimize services. Specifically, conference registration and merchandise sales redirect browsers for the purpose of financial transactions and registration. Furthermore, in some cases CALEA will provide links to other corporate websites for the purpose of providing access or information to goods or services. Although CALEA® will take all reasonable actions to protect client information and will not auto-populate these sites with information collected within its corporate website, it cannot confirm these sites’ security. And, these organizations are responsible for maintaining separate website policies that users should consult.
CALEA® does utilize a commercial platform for website management that has been customized for corporate branding and message delivery. To this end, commercially developed and endorsed updates are regularly applied to the site to ensure the most contemporary security and application tools are in place. This promotes sound browser services and works to prevent breaches based on emerging trends or occurrences discovered within the internet environment.
When engaged with the CALEA website, users may be requested to provide electronic mail addresses and other points of identification. There are no requirements to provide any information as requested within the website; however, some pages can only be viewed by providing requisite registration data that includes client identification numbers issued by CALEA. The purpose of collecting user descriptors and assigning levels of access is to improve client services, while limiting access to only those engaged in contractual agreements with CALEA. Additionally, this stratification of users allows CALEA to maximize its resources to serve customer needs. CALEA only collects volunteered information and does not incorporate the use of “cookies” for the purpose of data collection. The CALEA website does utilize “cookies” for controlling the logins and access to restricted site components.
As it relates to the storage of user information, CALEA takes reasonable precautions to protect the website and submitted information. Access to information collected by or submitted to CALEA.org is restricted to employees of CALEA or approved contractor and accessible only for the purpose of performing official duties. Common practices and technical controls are utilized to protect this information, as well as the entire Calea.org site. These practices and controls include, but are not limited to encrypting the transfer of personal information via Secure Sockets Layer (SSL), using high-strength firewalls and intrusion detection systems (IDS) to safeguard personal information and maintaining strict technical controls and procedures to ensure the integrity of all data.
CALEA will never provide information collected through website applications to third parties without the expressed written consent of the user. And, CALEA does not redistribute or sale user information for any purpose. Exceptions to this corporate policy exist only for the purpose of delivering goods or services of CALEA to the customer. To this end, CALEA does engage in affinity agreements with vendors for the purpose of professional services related to the company’s primary mission of accreditation programming. Information provided by clients when enrolling in accreditation programming is provided to these Commission endorsed vendors, to ensure the appropriate resources are provided to program participants. This includes accreditation management system vendors and training vendors. These are limited to only those vendors endorsed by the Commission for the stated purpose.
It should be noted that as a result of the open architecture associated with the internet, personal identifiers transmitted may be intercepted before they are received by CALEA®. Although this may not prevent all breaches of transmissions, users should utilized secure usernames provided by CALEA® and ensure passwords conform to requirements, and they are maintained securely by the user. Usernames should not be shared or redistributed. Users should periodically change passwords for the purpose of confidentiality and information security.
User information may be used for the purposed of determining marketing trends or other indicators to promote the effective delivery of accreditation services or improve the awareness of CALEA® programming. However, specific user identification will be protected in the event it is used for this purposed. Additionally, CALEA® utilizes a professional website consulting firm for the technical management of its website services. Employees and subcontractors of this firm are obligated to maintain the confidentially of any information accessible through their access to the CALEA® corporate website. Additionally, in the event CALEA® is required by law to release information collect through its website, it will comply with legal requirements. This includes the release of any information collected, including personal information.
CALEA® utilizes the email addresses collected for the purpose of notifying registrants about events, activities, and other program related information that supports CALEA® Accreditation. Information may be delivered in individual electronic messages or through other broad-based mediums. Requests to be removed from distribution lists are processed and approved by CALEA. Opportunities to be removed from these distributions will be included in the respective delivery, or direct contact with CALEA for this purpose is accessible at firstname.lastname@example.org.
13575 Heathcote Blvd., Suite 320
Gainesville, Virginia 20155-6660
In the event email addresses are removed from electronic message distributions, the recipient may still be contacted as a result of program enrollment with CALEA.
Policy implementation date: July 12, 2012
Policy Revision History: None Noted