PT Exelera Global Media (“Exelera”) respects the privacy of individuals and is committed to protecting personal data processed in connection with its certification, training, personnel certification, recruitment, and related business activities.
As part of these activities, Exelera may collect, use, store, review, disclose, transfer, and retain personal data where necessary to administer services, maintain records, communicate with interested parties, evaluate applications, verify certification activities, and comply with applicable legal, contractual, accreditation, and operational requirements.
Personal data may be obtained directly from individuals, participating organizations, certification applicants, training participants, job applicants, business partners, publicly available sources, or other authorized sources relevant to the services being provided.
Exelera is committed to processing personal data lawfully, fairly, transparently, and responsibly. Appropriate administrative, technical, and organizational measures are implemented to protect personal data and support secure information handling throughout its lifecycle.
This Privacy Notice explains how Exelera collects, uses, discloses, protects, retains, and otherwise processes personal data, as well as the rights that may be available to individuals under applicable laws and regulations.
The personal data collected by Exelera depends on the nature of the relationship, interaction, or service being provided.
For certification activities, Exelera may collect information relating to client representatives, audit participants, management system personnel, technical contacts, certification scope, audit records, nonconformity records, corrective action records, and certification decisions.
For training and personnel certification activities, Exelera may collect participant information, registration details, attendance records, assessment records, examination results, certificates, and related communication records.
For business enquiries and website interactions, Exelera may collect contact details, organization information, enquiry details, communication records, and information submitted through online forms.
For recruitment activities, Exelera may collect applicant information, curriculum vitae, employment history, education records, professional qualifications, references, interview records, and other information submitted as part of an application.
The types of personal data processed may include names, contact details, job titles, organization details, identification information where required, professional records, training records, certification records, correspondence, and any other information necessary for the relevant purpose.
Personal data is processed only for legitimate purposes directly related to Exelera’s certification, training, personnel certification, recruitment, and business activities.
Certification Activities
To administer certification applications, plan and conduct audits, maintain certification records, manage certification decisions, and support ongoing certification activities throughout the certification cycle.
Training Administration
To manage training registrations, participant records, attendance, examinations, certificates, learning activities, and related administrative processes.
Personnel Certification
To administer certification schemes, evaluate competence, conduct examinations, issue certifications, maintain certification records, and support certification lifecycle activities.
Application Processing
To review enquiries, applications, registrations, partnership requests, and other submissions received through Exelera’s services and communication channels.
Communication and Support
To communicate with clients, applicants, participants, certified persons, business partners, and other interested parties regarding services, activities, enquiries, and support requests.
Certification Verification
To verify certification status, respond to verification requests, maintain public certification information where applicable, and support confidence in certification activities.
Recruitment Activities
To evaluate job applications, assess qualifications, conduct recruitment processes, communicate with applicants, and maintain recruitment records.
Legal and Accreditation Compliance
To comply with applicable laws, regulations, accreditation requirements, contractual obligations, audit requirements, and other legitimate compliance obligations.
Business Relationship Management
To manage relationships with clients, suppliers, partners, service providers, and other stakeholders necessary for the operation and development of Exelera’s services.
Personal data may be shared only where necessary to support Exelera’s certification, training, personnel certification, recruitment, business, legal, accreditation, or operational activities.
Exelera does not sell personal data and does not disclose personal data to unrelated third parties for marketing purposes.
Audit Team Members
Personal data may be shared with audit team members where necessary to plan, conduct, review, and report certification activities.
Technical Reviewers
Personal data may be shared with technical reviewers responsible for independently evaluating audit information and supporting certification activities.
Certification Decision Makers
Personal data may be shared with authorized personnel involved in certification decision processes where required to determine certification outcomes.
Training Partners
Personal data may be shared with training partners, instructors, examination providers, or related organizations where necessary to administer training programs, examinations, certifications, and learning activities.
Technology Service Providers
Personal data may be processed by technology service providers that support Exelera’s systems, communications, data storage, website operations, or other business functions. Such providers are required to handle information appropriately and only for authorized purposes.
Accreditation Bodies
Personal data may be disclosed to accreditation bodies during assessments, witness activities, investigations, oversight activities, or other accreditation-related processes where disclosure is required.
Regulatory Authorities
Personal data may be disclosed to courts, regulators, law enforcement agencies, government authorities, or other competent authorities where required by applicable laws, regulations, legal processes, or official requests.
Exelera takes reasonable steps to ensure that personal data is shared only with authorized parties and only to the extent necessary for the relevant purpose.
Exelera implements administrative, technical, and physical safeguards designed to protect personal data against unauthorized access, disclosure, alteration, loss, misuse, or destruction.
The security measures applied are proportionate to the nature of the information being processed and are designed to support the confidentiality, integrity, and availability of personal data throughout its lifecycle.
Access Controls
Access to personal data is restricted to authorized personnel, contractors, and service providers who require access for legitimate business, certification, training, recruitment, or operational purposes.
Confidentiality Obligations
Personnel, contractors, auditors, reviewers, and other authorized parties are subject to confidentiality obligations and are expected to handle information responsibly and in accordance with applicable requirements.
Secure Information Handling
Information is managed using established procedures and practices designed to support secure collection, storage, use, transfer, retention, and disposal of personal data.
Information Security Practices
Exelera maintains information security measures intended to support the protection of systems, records, communications, and information assets used in the delivery of its services.
Monitoring and Protection Measures
Exelera may implement monitoring, review, maintenance, testing, and improvement activities to support the effectiveness of its security measures and reduce the risk of unauthorized access, misuse, loss, or compromise of information.
While Exelera takes reasonable steps to protect personal data, no method of transmission, storage, or processing can be guaranteed to be completely secure. Individuals are encouraged to exercise appropriate care when submitting information through electronic means.
Exelera retains personal data only for as long as necessary to fulfill the purposes for which it was collected and processed.
Retention periods may vary depending on the nature of the information, the services provided, applicable legal requirements, accreditation requirements, contractual obligations, operational needs, and legitimate business purposes.
Certain records may be retained for extended periods where necessary to support certification activities, training administration, personnel certification schemes, audit records, certification decisions, accreditation assessments, dispute resolution, legal proceedings, regulatory requirements, or historical certification information.
When personal data is no longer required for the purposes for which it was collected, and there is no legal, contractual, accreditation, or operational requirement to retain it, Exelera will take reasonable steps to securely delete, destroy, anonymize, or otherwise dispose of the information in accordance with applicable procedures.
The duration for which information is retained may therefore differ depending on the type of record, the service involved, and the obligations associated with that information.
Exelera recognizes the rights of individuals regarding the processing of their personal data and is committed to handling requests in accordance with applicable laws, regulations, accreditation requirements, contractual obligations, and legitimate business interests.
Access
Individuals may request information regarding the personal data processed by Exelera and, where applicable, obtain access to such information.
Correction
Individuals may request the correction, update, or completion of personal data that is inaccurate, incomplete, misleading, or no longer current.
Withdrawal of Consent
Where the processing of personal data is based on consent, individuals may withdraw their consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal and may be subject to applicable legal, contractual, accreditation, or operational requirements.
Deletion
Individuals may request the deletion of personal data where the information is no longer required for its intended purpose and there is no legal, contractual, accreditation, regulatory, or legitimate business reason requiring continued retention or processing.
Restriction of Processing
Individuals may request that the processing of personal data be restricted in circumstances permitted by applicable laws and regulations.
Objection
Individuals may object to certain processing activities where applicable laws provide such rights and where legitimate grounds for objection exist.
Complaints
Individuals may submit concerns or complaints regarding the processing of personal data and request that Exelera review the matter.
Exercising Rights
Requests relating to personal data rights may be submitted through Exelera’s available contact channels. Exelera may request reasonable information to verify the identity of the requester before responding to a request.
Certain requests may be limited, deferred, or declined where Exelera is required to retain or process information to satisfy legal, regulatory, contractual, accreditation, certification, dispute resolution, security, or other legitimate business requirements.
The Exelera website may use cookies and similar technologies to support website functionality, improve user experience, maintain security, and better understand how visitors interact with the website.
Cookies are small data files stored on a user's device that help websites operate effectively and remember certain information between visits.
Website Functionality
Cookies may be used to support essential website functions, maintain user preferences, improve navigation, and enable features necessary for the operation of the website.
User Experience
Cookies may help improve the browsing experience by remembering settings, preferences, and interactions that enhance usability and accessibility.
Performance and Security
Cookies and similar technologies may be used to support website security, identify technical issues, prevent misuse, and improve the reliability and performance of the website.
Analytics and Usage Insights
Exelera may use cookies or analytics technologies to understand how visitors use the website, identify trends, measure performance, and improve website content and services.
Users may control or disable cookies through their browser settings. However, disabling certain cookies may affect the functionality, performance, or availability of some website features.
Individuals may contact Exelera regarding this Privacy Notice or any matter relating to the collection, use, disclosure, retention, protection, or processing of personal data.
Requests relating to personal data rights, privacy concerns, corrections, access requests, consent withdrawal, complaints, or other privacy-related enquiries may be submitted through Exelera’s available contact channels.
Exelera will review and respond to enquiries within a reasonable period and may request additional information where necessary to verify identity, clarify the request, or support the handling of the enquiry.
Where a request cannot be fulfilled in whole or in part due to legal, contractual, accreditation, regulatory, security, or operational requirements, Exelera will provide an appropriate explanation to the extent permitted by applicable obligations.