Privacy Policy & Terms of Use - Restaurant Legal Summit

Privacy Policy

Last update: October 1, 2025

The National Restaurant Association and its affiliates, National Restaurant Association Solutions LLC, The National Restaurant Association Educational Foundation (NRAEF), Environmental Health Testing LLC (dba National Registry of Food Safety Professionals) (“NRFSP”), Multicultural Foodservice and Hospitality Alliance (MFHA), Restaurant Law Center, NRAS Restaurant Owner, LLC, and National Restaurant Association Political Action Committee (collectively, the “Association,” “we” or “us”) understand that you care about how we collect, use, and share information when you interact with us through our websites, mobile applications, social media sites and handles, email, events, surveys, and research (our “Services”) and we value the trust you place in us. This Privacy Policy explains:

the types of information we collect through our Services
how we use and protect that information
the types of information we may share with others and under what circumstances
the choices you have regarding our collection, use, and sharing practices
details regarding our use of third-party cookies and other tracking technologies

We also include specific disclosures for residents of the European Economic Area, the United Kingdom and Switzerland as well as Colorado, Oregon, Minnesota, Maryland, California, Delaware, New Jersey, Kentucky, Montana, and Nevada .

This Policy applies to the Association and our Services. It also applies anywhere it is linked. As described further below, certain sections do not apply to our entities that are tax-exempt and organized for charitable and educational purposes, such as NRAEF and MFHA. It also does not apply to non-Association websites and mobile applications that may link to the Services or be linked to from the Services. Please review the privacy policies on those websites and applications directly to understand their privacy practices.

How to Contact Us

We have appointed a data privacy officer who is responsible for overseeing questions concerning this Policy. If you have any questions, please contact our data protection officer in the following ways:

By email: privacy@restaurant.org
By phone: 1-800-765-2122
By post: Director of Security, National Restaurant Association, 233 South Wacker Drive, Chicago, IL 60606

Information We Collect

Below is a summary of the kinds of personal information we collect. We may collect this information directly from you, as you use our Services, automatically through technology you use when using our Services, from third parties who obtain information about you from publicly available sources or other sources that have legitimate and permissible access to information about you, or from third parties that share your information with us on your behalf.

Personal Identifiers:
- We may collect your name, phone number, email address and address when you create an account, register for events, or complete a transaction. If you choose to create an account, we may assign one or more unique identifiers to your profile.
- You may provide us with payment information, which may be your credit card information or a bank account, when you complete a transaction or set up a recurring payment.
- We may collect your Social Security number to verify your identity and as required by law for certain Services.
- We may collect your IP address and/or Device ID automatically when you use our Services, and may use it for marketing and sales purposes, as described in this Privacy Policy.
- We may collect information or data you provide by interacting in our online forums and chatrooms, or by commenting on content posted on our Services. Please note that these comments are also visible to other users of our Services.
- We collect information you provide when you complete a survey administered by us or a service provider acting on our behalf.
- We collect information you provide when you purchase or take a course or an exam in order to provide you with those Services, and for marketing and analysis purposes.
Protected Characteristics: We may collect your age in order to comply with laws that restrict collection and disclosure of personal information belonging to minors or as required by law to provide certain Services to you. We may collect information about your gender identity or status as a transgender or nonbinary person, sexuality, disability status, race, and/or ethnic origin that you voluntarily disclose to us when using the Services (a) as required by applicable law, federal contracts or grants, or accreditation agencies, (b) to ensure that we are not discriminating against anyone on the basis of their protected characterstics, (c) to provide accommodations on the basis of disability, (d) to ensure that we appropriately refer to your gender identity, or (e) to evaluate our strategies so that our Services are available to people of all backgrounds. This information is never used to determine if someone is eligible to access any of our products, programs, events, or other Services. We disclose that information only to third parties performing services on our behalf, to governmental entities as required by applicable law, federal contracts or grants, and to accreditation bodies as required in order to offer certifications accredited by such bodies.
Commercial Information: When you engage in transactions with us, we may create records of goods or services purchased or considered, as well as purchasing or consuming histories or tendencies for financial recordkeeping purposes and marketing purposes. In order to provide you with the Services, we will also collect information regarding appointment bookings you carry out through our site.
Biometric Information: We may collect information about your physiological, biological, and behavioral characteristics, such as height, weight, hair color and eye color, for identity verification purposes when registering for an exam, and as required by applicable law.
Internet or Other Electronic Network Activity Information:
- We may collect information regarding the device you use to access our Services, including, but not limited to, traffic data, cookies, location data, weblogs and other communication data, the resources that you access, and how you reached our site, your IP address, operating system and browser type, information about how you interact with our ads and newsletters, including whether you open or click links in any correspondence, information that you make available to us on a social media platform (such as by clicking on a social media icon linked from our Services), including your account ID or username and other information included in your posts automatically when you utilize our Services. We use these for analysis and marketing purposes.
- We may also track details of your visits to our site (including when you are logged into our site) including, but not limited to, traffic data, cookies, location data, weblogs and other communication data, the resources that you access, and how you reached our site for analysis, marketing, and improvement purposes.
- We may also track information generated as you use our site and our products and services (including the timing, frequency and pattern of use). We may monitor your progress in our online courses and exams for analysis purposes and to provide and improve our course and exam Services. We may also log your usage of our products and services when you are logged into our websites, including tracking which links you click on and how long you spend using such products and services.
Geolocation Data: We may collect your IP address automatically when you use our Services. We may be able to determine your general location based on the IP address.
Audio, Electronic, Visual, Thermal, Olfactory, or Similar Information: If you contact us via phone, we may record the call for customer service and quality control purposes. We will notify you if a call is being recorded at the beginning of the call. If you take an examination, the service provider administering the exam may video record and collect your image, thermal, olfactory, and similar information for exam security purposes.
Professional or Employment-Related Information: We may collect information about your current employer and your employment history for recordkeeping, marketing and analysis purposes. In the case of Hire Military! or other job board related Services, we collect information you may submit for possible employment with our members or other information you may submit to inquire about or apply for a job. We also may collect information submitted by or for our members, including employers or franchisors–which may include employees’ business and personal contact details, job titles, and membership details, in order to provide you with Services and for marketing and analysis purposes.
Education Information: We may collect information about the institutions you have attended and the level of education you have attained for marketing and analysis purposes.
Inferences Drawn to Create a Profile About a Consumer Reflecting the Consumer’s Preferences or Characteristics: We may analyze your actual or likely preferences through a series of computer processes for marketing purposes. On some occasions, we may add our observations to your internal profile. We do not use any of these inferences in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities.

How We Use Your Information

We use your personal data for the purposes noted above and otherwise set out in this Policy and where we have a valid legal ground for doing so under applicable data protection law. The legal ground will depend on the purpose for which we process your personal data. We use your personal data in the following ways as necessary in our legitimate business interests, including to meet our membership obligations and to provide Services.

We may use the information we collect from or about you for the following purposes:

To provide membership services, and to keep our membership contact information up to date.
To provide you with our products and services, including to take steps to enter into a contract for sale or for services, process payments, fulfill orders, and send service communications.
To communicate exam results, pending expiration dates or other information regarding your certificate, certification or similar status.
To demonstrate that you have received certain certificates or certifications.
To provide information or other materials relating to an event you are currently or previously registered for, including information regarding speakers, exhibitors, sponsors, or other attendees.
To enable additional features on our Services and to provide you with a personalized service.
To allow members or potential employers to access and download information posted on Hire Military! or other job board related sites.
To ensure compliance with standards set forth by accreditation bodies relevant to certifications, applicable laws, or regulatory and other applicable requirements.
To better understand how certificates and certifications you and other users have received through the use of our Services impact outcomes such as career earnings, career progression, employment, and earning additional related credentials.

We may use your personal data in the following ways as necessary for certain legitimate interests, or where you have given your consent to such processing to the extent required by applicable law (in which case, such consent can be withdrawn at any time):

To provide you with information for our products and services, or products or services of our commercial partners, that we believe may be of interest to you.
To create custom audiences on social media sites.
To provide you with the best service and improve and grow our business, including understanding our customer base, how customers use and interact with our Services, purchasing trends and understanding the effectiveness of our marketing.
To detect, investigate, and prevent activities that may violate our policies or be fraudulent or illegal, and to comply with legal requirements regarding the provision of products and services.

We retain your information in accordance with record retention policies, based on levels of business importance and internal guidance for compliance with auditing and legal requirements, and in accordance with retention requirements set forth by accreditation bodies.

How We Secure the Information We Collect From or About You

We use a combination of physical, technical, and administrative safeguards to protect the information we collect through the Services. We may de-identify your data, and we will maintain and use de-identified data only in a de-identified way and will not attempt to re-identify the data. De-identified information cannot be reasonably used to infer information about you or otherwise be linked to you.

While we use these precautions to safeguard your information, we cannot guarantee the security of the networks, systems, servers, devices, and databases we operate or that are operated on our behalf.

Our Sharing of Your Information

Public: We may publicly post which certificates and/or certifications you have received from us. Maintaining a public registry of certificates and certifications granted to individuals allows current and future employers to determine if someone holds a certificate or certification and is an essential part of the Services we provide with respect to issuing such certificates and certifications. If you are a certified instructor, registered proctor, or approved trainer or exam administrator for ServSafe, NRFSP, or other products, we may publicly post your name and contact information so that potential examinees may find you.
Service Providers: We engage vendors to perform functions on our behalf such as website hosting, software development, data storage, content management, database management, technical integration, marketing automation, analytics, site optimization, conducting customer surveys, shipping and payment processing and providing other business services. There are limited circumstances in which the service provider collects data directly from you when their privacy policies may also apply. Some of the Services offered to members, customers, or other users are provided through third parties such as newsletter providers, ServSafe Benefits providers, and event organizers, and we share your information with those parties so that they can provide you with those services.
Social Media Platforms: Where you choose to interact with us through social media, your interaction with these programs typically allows the social media company to collect some information about you through digital cookies they place on your device and other tracking mechanisms. In some cases, the social media company may recognize you through its digital cookies even when you do not interact with their application. Please visit the social media companies’ respective privacy policies to better understand their data collection practices and controls they make available to you.
Third Parties Involved in Advertising: We partner with third parties who assist us in serving advertising regarding the Services to others who may be interested in the Services. We also partner with third parties who use cookies to display interest-based advertising to you on the Services. These third parties may use tracking technologies on our website or elsewhere to collect or receive information from the Services and elsewhere on the internet and use that information to provide measurement services and target ads. While the Association will not share information that identifies you by name with unaffiliated third parties for their own uses, such third parties may, with sufficient data from other sources, be able to personally identify you.
Corporate Affiliates and Business Partners: We share data with affiliates or companies with whom we have affinity programs or other commercial relationships in order to market and provide products, goods or services that may be of interest to you.
Potential Employers: We may share data posted to Hire Military! or other job boards with interested potential employers and will have no liability for such third-party use.
Event Attendees, Sponsors, and Exhibitors: We may share event attendees’ information with sponsors and exhibitors for that event or similar events or may be used to provide invitations for other events conducted by us. Exhibitors’ information may be shared with Sponsors of such events or for invitation to exhibit at other events we conduct. Sponsors and exhibitors are generally organizations or entities that offer products or services that may be relevant to the restaurant and foodservice industry and wish to support the Association and Foundation’s missions. They may contact event attendees before or after such event. We may also share attendee information with public safety authorities and law enforcement in response to any safety or other incidents at events.
Sponsors: We may share information that you provide when purchasing or accessing resources, including events, webinars, reports, and other materials, with sponsors or other parties involved in the production of such resources. Sponsors are generally organizations or entities that offer products or services that may be relevant to the restaurant and foodservice industry and wish to support the Association and Foundation’s missions.
Grant Funders: We may share your information with grant funders as required by certain grants awarded to the Association or the Foundation. Private grant funders are typically organizations that provide grants and other funding to the Association and/or Foundation in accordance with their tax-exempt status or other purposes. They generally utilize the information provided to administer and evaluate their grant programs.
Employers, Instructors, and Proctors: If you access our Services through your employer or through a third-party instructor or proctor, you are using the Services to intentionally interact with your employer or third party instructor or proctor (as applicable), and an essential part of those Services includes sharing your name, email address, course information, and other information regarding your use of the Services with your employer, instructor or proctor. We may charge those employers, instructors or proctors an administrative fee to cover the costs of providing such information.
Purchasers: If you access our Services through someone else who has purchased those Services on your behalf (including by giving you a coupon code to use at checkout), we may share your name, email and physical addresses, course and exam information, and other information regarding your use of the Services with the purchaser.
State and Federal Agencies: We may share your name and certificate- or certification-related information with state agencies or federal agencies, as required by such agencies. If you are a certified instructor, registered proctor, or approved trainer or exam administrator for ServSafe, NRFSP, or other products, we may share information about your activities in that capacity with state regulatory agencies or other third parties with a legitimate interest in exam security.
State Restaurant Associations: We share data with State Restaurant Associations that we work with for the purposes of membership and program administration, exam security, advocacy, sales and marketing, and other purposes in order to provide our services.

Additional Information About Our Data Collection and Sharing Practices

Sharing of Aggregated Data: We may analyze aggregated, de-identified data and share these analyses at our discretion, including with marketing agencies, media agencies, and analytics providers. These third parties will not be able to relate this data to identifiable individuals.
Combination of Information: We may combine information from the Services together and with other information we obtain from our business records. Additionally, information collected about you from a particular browser or device may be linked to information collected from another computer or device that we believe relates to you.
Personal Data Collected from You About Others: If you decide to invite others to the site, we will collect your and the other person’s names, e-mail addresses, and/or phone numbers in order to send an e-mail or text message and follow up with the other person. You hereby agree that you will obtain the other person’s consent to this before giving us their personal data. You hereby agree not to send us the contact details of any legal minor.
Change of Ownership or Corporate Organization: We may transfer to another entity or its affiliates or service providers some or all information about you in connection with, or during negotiations of, any merger, acquisition, sale of assets or any line of business, change in ownership control, or financing transaction. We cannot promise that an acquiring party or the merged entity will have the same privacy practices or treat your information the same as described in this policy.
Cross-border Transfer of Data: If you use our Services outside of the United States, you understand that we may collect, process, and store your personal information in the United States and other countries. Personal data that we collect from you is generally stored on our computers, servers and other devices in the United States. However, third-party vendors, consultants and other service providers that we use may store and process your data where they are based, which may be in the United States or around the world. The laws in the U.S. regarding personal information may be different from the laws of your state or country. Any such transfers will comply with safeguards as required by relevant law. By using the Services, you consent to the collection, international transfer, storage, and processing of your data.
Sales of Personal Information: On certain occasions, we may sell personal information to third parties (entities we are not affiliated with, who are not processing personal information). In this context, “selling” personal information means disclosing it to third parties for monetary purposes, and not when directed by you (as discussed in this policy). We may sell the following types of personal information to third parties in order to provide you with targeted advertising, informational content, and marketing that may interest you. To our actual knowledge, we do not sell the personal information of minors under the age of 18 or use the personal information of minors under the age of 18 for targeted advertising.

- We may provide your contact information such as name, phone number, email address and contact address.
- We may provide commercial information, such as a business’s name and address.
- We may provide your contact information to directory services.
- We may provide your IP address and Device ID to our advertising partners and business partners.

Your Options and Rights

Please visit the login page on any of our websites to update your contact information and payment method.

If at any time you would like to unsubscribe from receiving future emails from an Association entity, you can click the unsubscribe link at the bottom of any email bulletin, or email us at Privacy@restaurant.org and we will promptly remove you from correspondence from that entity.

Please note that we may be required to contact you with important information relating to your use of our Services.

Your Colorado Privacy Rights

The Colorado Privacy Act (“CPA”) provides Colorado residents with rights to receive certain disclosures regarding the collection, use, and sharing of “Personal Data,” as well as rights to access and control Personal Data. The CPA defines “Personal Data” to mean “information that is linked or reasonably linkable to an identified or identifiable individual.” Certain information we collect may be exempt from the CPA because it is de-identified, considered public information (i.e., it is made available by a government entity), covered by a federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, the Fair Credit Reporting Act, or otherwise excluded from the definition of Personal Data under the CPA.

From time to time in this section of the Privacy Policy, we may refer to the “processing” of Personal Data. “Process” or “Processing” means collecting, using, selling, storing, analyzing, deleting, or modifying Personal Data.

If you are a Colorado resident and would like to see the categories of Personal Data that we collect or sell, please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices. If you are a Colorado resident and would like to make a request to access your Personal Data, correct your Personal Data, delete your Personal Data, or request that we do not sell your Personal Data or use it for targeted advertising or certain kinds of profiling (as described in more detail below), please visit our Privacy Request webpage, or contact us as described above.

To the extent that we collect Personal Data that is subject to the CPA, that information, our practices, and your rights are described below.

Right to Information Regarding the Categories of Personal Data Collected, Sold, and Disclosed. You have a right to obtain information about the categories of Personal Data we collect, sell, and disclose. Please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices.
Right to Access Information and Right to Data Portability. You have the right to confirm whether we are processing Personal Data collected about you and to access that Personal Data. When exercising your right to access your Personal Data, you have the right to obtain your Personal Data in a portable format, and (to the extent feasible) a format that is readily usable and allows you to transmit the data to another entity. You may exercise this right up to two times per calendar year. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request, and we may redact any highly sensitive information (such as driver’s license numbers, social security numbers, or financial account numbers). If we redact any information, we will clearly describe what information we are redacting.
Right to Correction. You have the right to correct inaccuracies in your Personal Data. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may not have to comply with this request based on the nature of the Personal Data you are asking us to correct or the purposes of processing that Personal Data. If that is the case, we will explain that to you in our response.
Right to Request Deletion of Personal Data. You have the right to request in certain circumstances that we delete any Personal Data that we have collected directly from you. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
Right to Information Regarding Participation in Data Sharing for Financial Incentives. We may run promotions from time to time whereby we incentivize a consumer to share certain pieces of information with us; for example, we may offer a one-time discount if consumers sign up for our email marketing list. Participation in these incentives is voluntary, and you may opt out of the data sharing at any time. If we do so, we will disclose the categories of Personal Data that we collect through the program, the categories of third parties to whom we will share the Personal Data received, the value of the program benefits available to you whether or not you opt out of the sale of Personal Data or the processing of Personal Data for targeted advertising, and a list of any benefits that require the sale of Personal Data or processing of Personal Data for targeted advertising at the time such Personal Data is collected.
Right to Opt Out of Targeted Advertising, Sale of Personal Data to Third Parties, and Certain Profiling. You have the right to opt out of any targeted advertising or sale of your Personal Data by us to third parties. You also have the right to opt out of profiling (described below) that is used in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities. Profiling is the automated processing of your Personal Data to evaluate, analyze or predict things about your economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. We do not engage in any of the profiling described above in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities. To exercise your right to opt out of targeted advertising or the sale of your Personal Data, please visit our Privacy Request Please note that your right to opt out does not apply to our sharing of Personal Data with service providers, who are parties we engage to perform a function on our behalf and are contractually obligated to use the Personal Data only for that function, or with state agencies, as required by such agencies.

Sensitive Data
Some of the Personal Information we collect falls under the definition of “Sensitive Data” under the CPA. The following is a description of our data collection practices with respect to Sensitive Data, including the Sensitive Data we collect, the sources of that Sensitive Data, the purposes for which we collect Sensitive Data, and whether we disclose that Sensitive Data to external parties.

Protected Characteristics. We may collect your age in order to comply with laws that restrict collection and disclosure of personal information belonging to minors or as required by law to provide certain Services to you. We may collect information about your gender identity, sexuality, disability status, race, and/or ethnic origin that you voluntarily disclose to us when using the Services (a) as required by applicable law, federal contracts or grants, or accreditation agencies, (b) to ensure that we are not discriminating against anyone on the basis of their protected characteristics, (c) to provide accommodations on the basis of disability, (d) to ensure that we appropriately refer to your gender identity, or (e) to evaluate our strategies so that our Services are available to people of all backgrounds. This information is never used to determine if someone is eligible to access any of our products, programs, events, or other Services. We disclose that information only to third parties performing services on our behalf, to governmental entities as required by applicable law, federal contracts or grants, and to accreditation bodies as required in order to offer certifications accredited by such bodies.

Your Oregon Privacy Rights

The Oregon Consumer Data Privacy Act (“OCDPA”) provides Oregon residents with rights to receive certain disclosures regarding the collection, use, and sharing of “Personal Data,” as well as rights to access and control Personal Data. The OCDPA defines “Personal Data” to mean “data, derived data or any unique identifier that is linked to or is reasonably linkable to a consumer or to a device that identifies, is linked to or is reasonably linkable to one or more consumers in a household.” Certain information we collect may be exempt from the OCDPA because it is de-identified, considered public information (i.e., it is made available by a government entity or widely distributed media), covered by a federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, the Fair Credit Reporting Act, or otherwise excluded from the definition of Personal Data under the OCDPA.

From time to time in this section of the Privacy Policy, we may refer to the “processing” of Personal Data. “Process” or “Processing” means performing an action or operation, or a series of actions or operations (including automatically) on Personal Data, such as collecting, using, selling, storing, analyzing, deleting, or modifying Personal Data.

If you are an Oregon resident and would like to see the categories of Personal Data that we collect or sell, please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices. If you are an Oregon resident and would like to make a request to access your Personal Data, correct your Personal Data, delete your Personal Data, or request that we do not sell your Personal Data or use it for targeted advertising or certain kinds of profiling (as described in more detail below), please visit our Privacy Request webpage, or contact us as described above.

If you would like to appeal any decision we make not to comply with your request (in whole or in part), please respond to the email you received from Privacy@restaurant.org notifying you of our decision, or write to us or call us at the above address within forty-five (45) days of your receipt of our response. We will approve or deny your appeal, in writing with an explanation of our decision, within forty-five (45) days of our receipt of your appeal.

To the extent that we collect Personal Data that is subject to the OCDPA, that information, our practices, and your rights are described below.

Right to Information Regarding the Categories of Personal Data Collected, Sold, and Disclosed. You have a right to obtain information about the categories of Personal Data we collect, sell, and disclose. Please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices.
Right to Access Information and Right to Data Portability. You have the right to confirm whether we are processing Personal Data collected about you and to access that Personal Data. When exercising your right to access your Personal Data, you have the right to obtain your Personal Data in a portable format, and (to the extent feasible) a format that is readily usable and allows you to transmit the data to another entity. You may also request that we provide you with a list of third parties we have shared either your Personal Data specifically, or anyone’s personal data generally. Please note that this list would not include any of our affiliates or any service providers or other entities that process your Personal Data on our behalf. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request, and we may redact any highly sensitive information (such as driver’s license numbers, social security numbers, or financial account numbers). If we redact any information, we will clearly describe what information we are redacting.
Right to Correction. You have the right to correct inaccuracies in your Personal Data. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may not have to comply with this request based on the nature of the Personal Data you are asking us to correct or the purposes of processing that Personal Data. If that is the case, we will explain that to you in our response.
Right to Request Deletion of Personal Data. You have the right to request in certain circumstances that we delete any Personal Data that we have collected directly from you or Personal Data that we have collected from another source. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
Right to Opt Out of Targeted Advertising, Sale of Personal Data to Third Parties, and Certain Profiling. You have the right to opt out of any targeted advertising or sale of your Personal Data by us to third parties. You also have the right to opt out of profiling (described below) that is used in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities. Profiling is the automated processing of your Personal Data to evaluate, analyze or predict things about your economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. We do not engage in any of the profiling described above in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities. To exercise your right to opt out of targeted advertising or the sale of your Personal Data, please visit our Privacy Request Please note that your right to opt out does not apply to our sharing of Personal Data with affiliates or service providers, who are parties we engage to perform a function on our behalf and are contractually obligated to use the Personal Data only for that function, or with state agencies, as required by such agencies.
Revoking Consent. If you wish to revoke your consent to our processing of your Personal Data as specified in this Privacy Policy, you may do by visiting our Privacy Request Please note that we may continue using your Personal Data as required to provide the Services, as described in this Privacy Policy.

We will provide information that you request pursuant to this section once during any twelve (12)-month period without charge. For any subsequent requests in a twelve (12)-month period (other than subsequent requests intended for you to verify our compliance with your prior request), we may charge a reasonable fee to cover the administrative costs of complying with your subsequent requests.

Sensitive Data
Some of the Personal Information we collect falls under the definition of “Sensitive Data” under the OCDPA. The following is a description of our data collection practices with respect to Sensitive Data, including the Sensitive Data we collect, the sources of that Sensitive Data, the purposes for which we collect Sensitive Data, and whether we disclose that Sensitive Data to external parties.

Protected Characteristics. We may collect your age in order to comply with laws that restrict collection and disclosure of personal information belonging to minors or as required by law to provide certain Services to you. We may collect information about your gender identity or status as a transgender or nonbinary person, sexuality, disability status, race, and/or ethnic origin that you voluntarily disclose to us when using the Services (a) as required by applicable law, federal contracts or grants, or accreditation agencies, (b) to ensure that we are not discriminating against anyone on the basis of their protected characteristics, (c) to provide accommodations on the basis of disability, (d) to ensure that we appropriately refer to your gender identity, or (e) to evaluate our strategies so that our Services are available to people of all backgrounds. This information is never used to determine if someone is eligible to access any of our products, programs, events, or other Services. We disclose that information only to third parties performing services on our behalf, to governmental entities as required by applicable law, federal contracts or grants, and to accreditation bodies as required in order to offer certifications accredited by such bodies.

Your Minnesota Privacy Rights

The Minnesota Consumer Data Privacy Act (“MCDPA”) provides Minnesota residents with rights to receive certain disclosures regarding the collection, use, and sharing of “Personal Data,” as well as rights to access and control Personal Data. The MCDPA defines “Personal Data” to mean “any information that is linked to or is reasonably linkable to an identified or identifiable natural person.” Certain information we collect may be exempt from the MCDPA because it is de-identified, considered public information (i.e., it is made available by a government entity or widely distributed media), covered by a federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, the Fair Credit Reporting Act, or otherwise excluded from the definition of Personal Data under the MCDPA.

From time to time in this section of the Privacy Policy, we may refer to the “processing” of Personal Data. “Process” or “Processing” means performing an action or operation, or a series of actions or operations (including automatically) on Personal Data, such as collecting, using, storing, disclosing, analyzing, deleting, or modifying Personal Data.

If you are a Minnesota resident and would like to see the categories of Personal Data that we collect or sell, please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices. If you are a Minnesota resident and would like to make a request to access your Personal Data, correct your Personal Data, delete your Personal Data, or request that we do not sell your Personal Data or use it for targeted advertising or certain kinds of profiling (as described in more detail below), please visit our Privacy Request webpage, or contact us as described above.

To the extent that we collect Personal Data that is subject to the MCDPA, that information, our practices, and your rights are described below.

Right to Information Regarding the Categories of Personal Data Collected, Sold, and Disclosed. You have a right to obtain information about the categories of Personal Data we collect, sell, and disclose. Please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices.
Right to Access Information and Right to Data Portability. You have the right to confirm whether we are processing Personal Data collected about you and to access that Personal Data. When exercising your right to access your Personal Data, you have the right to obtain your Personal Data in a portable format, and (to the extent feasible) a format that is readily usable and allows you to transmit the data to another entity. You may also request that we provide you with a list of third parties we have shared anyone’s personal data generally since we do not maintain the information in a format that is specific to each consumer. Please note that this list would not include any of our affiliates or any service providers or other entities that process your Personal Data on our behalf. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request, and we may redact any highly sensitive information (such as driver’s license numbers, social security numbers, or financial account numbers). If we redact any information, we will clearly describe what information we are redacting.
Right to Correction. You have the right to correct inaccuracies in your Personal Data. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may not have to comply with this request based on the nature of the Personal Data you are asking us to correct or the purposes of processing that Personal Data. If that is the case, we will explain that to you in our response.
Right to Request Deletion of Personal Data. You have the right to request in certain circumstances that we delete any Personal Data that we have collected directly from you or Personal Data that we have collected from another source. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
Right to Opt Out of Targeted Advertising, Sale of Personal Data to Third Parties, and Certain Profiling. You have the right to opt out of any targeted advertising or sale of your Personal Data by us to third parties. You also have the right to opt out of profiling (described below) that is used in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities. Profiling is the automated processing of your Personal Data to evaluate, analyze or predict things about your economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. We do not engage in any of the profiling described above in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities or other legal or similarly significant effects concerning you. To exercise your right to opt out of targeted advertising or the sale of your Personal Data, please visit our Privacy Request webpage. Please note that your right to opt out does not apply to our sharing of Personal Data with affiliates or service providers, who are parties we engage to perform a function on our behalf and are contractually obligated to use the Personal Data only for that function, or with state agencies, as required by such agencies.
Revoking Consent. If you wish to revoke your consent to our processing of your Personal Data as specified in this Privacy Policy, you may do by visiting our Privacy Request webpage. Please note that we may continue using your Personal Data as required to provide the Services, as described in this Privacy Policy.

We will provide information that you request pursuant to this section twice during any twelve (12)-month period without charge. For any subsequent requests in a twelve (12)-month period (other than subsequent requests intended for you to verify our compliance with your prior request), we may charge a reasonable fee to cover the administrative costs of complying with your subsequent requests.

Sensitive Data
Some of the Personal Information we collect falls under the definition of “Sensitive Data” under the MCDPA. The following is a description of our data collection practices with respect to Sensitive Data, including the Sensitive Data we collect, the sources of that Sensitive Data, the purposes for which we collect Sensitive Data, and whether we disclose that Sensitive Data to external parties.

Protected Characteristics. We may collect your age in order to comply with laws that restrict collection and disclosure of personal information belonging to minors or as required by law to provide certain Services to you. We may collect information about your sexual orientation, disability status, race, and/or ethnic origin that you voluntarily disclose to us when using the Services (a) as required by applicable law, federal contracts or grants, or accreditation agencies, (b) to ensure that we are not discriminating against anyone on the basis of their protected characteristics, (c) to provide accommodations on the basis of disability, or (d) to evaluate our strategies so that our Services are available to people of all backgrounds. This information is never used to determine if someone is eligible to access any of our products, programs, events, or other Services. We disclose that information only to third parties performing services on our behalf, to governmental entities as required by applicable law, federal contracts or grants, and to accreditation bodies as required in order to offer certifications accredited by such bodies.

Your Maryland Privacy Rights

The Maryland Online Data Privacy Act (“MODPA”) provides Maryland residents with rights to receive certain disclosures regarding the collection, use, and sharing of “Personal Data,” as well as rights to access and control Personal Data. The MODPA defines “Personal Data” to mean “any information that is linked or can be reasonably linked to an identified or identifiable consumer.” Certain information we collect may be exempt from the MODPA because it is de-identified, considered public information (i.e., it is made available by a government entity or widely distributed media), covered by a federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, the Fair Credit Reporting Act, or otherwise excluded from the definition of Personal Data under the MODPA.

From time to time in this section of the Privacy Policy, we may refer to the “processing” of Personal Data. “Process” or “Processing” means an operation or set of operations performed by manual or automated means on Personal Data, such as collecting, using, storing, disclosing, analyzing, deleting, or modifying Personal Data.

If you are a Maryland resident and would like to see the categories of Personal Data that we collect or sell, please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices. If you are a Maryland resident and would like to make a request to access your Personal Data, correct your Personal Data, delete your Personal Data, or request that we do not sell your Personal Data or use it for targeted advertising or certain kinds of profiling (as described in more detail below), please visit our Privacy Request webpage, or contact us as described above.

To the extent that we collect Personal Data that is subject to the MODPA, that information, our practices, and your rights are described below.

Right to Information Regarding the Categories of Personal Data Collected, Sold, and Disclosed. You have a right to obtain information about the categories of Personal Data we collect, sell, and disclose. Please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices.
Right to Access Information and Right to Data Portability. You have the right to confirm whether we are processing Personal Data collected about you and to access that Personal Data. When exercising your right to access your Personal Data, you have the right to obtain your Personal Data in a portable format, and (to the extent feasible) a format that is readily usable and allows you to transmit the data to another entity. You may also request that we provide you with the categories of third parties to whom we have disclosed any consumer’s Personal Data, since we do not maintain this information in a format specific to each consumer. Please note that this list would not include any of our affiliates or any service providers or other entities that process your Personal Data on our behalf. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request, and we may redact any highly sensitive information (such as driver’s license numbers, social security numbers, or financial account numbers). If we redact any information, we will clearly describe what information we are redacting.
Right to Correction. You have the right to correct inaccuracies in your Personal Data. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may not have to comply with this request based on the nature of the Personal Data you are asking us to correct or the purposes of processing that Personal Data. If that is the case, we will explain that to you in our response.
Right to Request Deletion of Personal Data. You have the right to request in certain circumstances that we delete any Personal Data that we have collected directly from you or Personal Data that we have collected from another source. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
Right to Opt Out of Targeted Advertising, Sale of Personal Data to Third Parties, and Certain Profiling. You have the right to opt out of any targeted advertising or sale of your Personal Data by us to third parties. You also have the right to opt out of profiling (described below) that is used in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities. Profiling is the automated processing of your Personal Data to evaluate, analyze or predict things about your economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. We do not engage in any of the profiling described above in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities or other legal or similarly significant effects concerning you. To exercise your right to opt out of targeted advertising or the sale of your Personal Data, please visit our Privacy Request webpage. Please note that your right to opt out does not apply to our sharing of Personal Data with affiliates or service providers, who are parties we engage to perform a function on our behalf and are contractually obligated to use the Personal Data only for that function, or with state agencies, as required by such agencies.
Revoking Consent. If you wish to revoke your consent to our processing of your Personal Data as specified in this Privacy Policy, you may do by visiting our Privacy Request webpage. Please note that we may continue using your Personal Data as required to provide the Services, as described in this Privacy Policy.

Sensitive Data

Some of the Personal Information we collect falls under the definition of “Sensitive Data” under the MODPA. The following is a description of our data collection practices with respect to Sensitive Data, including the Sensitive Data we collect, the sources of that Sensitive Data, the purposes for which we collect Sensitive Data, and whether we disclose that Sensitive Data to external parties.

Protected Characteristics. We may collect your age in order to comply with laws that restrict collection and disclosure of personal information belonging to minors or as required by law to provide certain Services to you. We may collect information about your sexual orientation, disability status, race, and/or ethnic origin that you voluntarily disclose to us when using the Services (a) as required by applicable law, federal contracts or grants, or accreditation agencies, (b) to ensure that we are not discriminating against anyone on the basis of their protected characteristics, (c) to provide accommodations on the basis of disability, or (d) to evaluate our strategies so that our Services are available to people of all backgrounds. This information is never used to determine if someone is eligible to access any of our products, programs, events, or other Services. We disclose that information only to third parties performing services on our behalf, to governmental entities as required by applicable law, federal contracts or grants, and to accreditation bodies as required in order to offer certifications accredited by such bodies.

Your California Privacy Rights

The California Consumer Privacy Act, as amended by the California Privacy Rights Act of 2020 (“CPRA”) provides California residents with rights to receive certain disclosures regarding the collection, use, and sharing of “Personal Information,” as well as rights to access and control Personal Information with respect to certain business entities. The CPRA defines “Personal Information” to mean “information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” Certain information we collect may be exempt from the CPRA because it is considered public information (i.e., it is made available by a government entity) or covered by a federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, or the Fair Credit Reporting Act, or otherwise excluded from the definition of Personal Data under the CPRA.

Due to the Association and its subsidiaries’ and affiliates’ status as tax-exempt, not-for-profit trade associations, public charities, and political action committees, it is our position that we are not subject to either the CCPA or the CPRA.

Because we respect your privacy, we have voluntarily agreed to make certain disclosures available to California residents. If you are a California resident and would like to see the categories of personal information that we collect or sell, please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices. If you are a California resident and would like to make such a request to access your personal information, delete your personal information, request that we do not sell or share your information, or request that we limit the use of your sensitive personal information to those purposes authorized by the CPRA, please visit our Privacy Request webpage, or contact us as described above.

To the extent that we collect Personal Information that is subject to the CPRA, that information, our practices, and any rights you may have under the CPRA are described below.

Right to Information Regarding the Categories of Personal Information Collected, Sold, and Disclosed. To the extent that we collect Personal Information that is subject to the CPRA, you may have a right to obtain information about the categories of Personal Information we collect, sell, and disclose. Please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices.
Right to Access Information. To the extent that we collect Personal Information that is subject to the CPRA, you may have the right to request access to Personal Information collected about you and information regarding the source of that information, the purposes for which we collect it, and the third parties and service providers with whom we share it. To protect our customers’ Personal Information, we are required to verify your identity before we can act on your request.
Right to Request Deletion of Information. To the extent that we collect Personal Information that is subject to the CPRA, you may have the right to request in certain circumstances that we delete any Personal Information that we have collected directly from you. To protect our customers’ Personal Information, we are required to verify your identity before we can act on your request. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
Right to Correction. To the extent that we collect Personal Information that is subject to the CPRA, you may have the right to correct inaccuracies in your Personal Information. To protect our customers’ Personal Information, we are required to verify your identity before we can act on your request. We may not have to comply with this request if we determine that the contested information is more likely to be accurate than not, if such a request would conflict with federal or state law, or if compliance would be impossible or involve disproportionate effort, or for other reasons permitted under the CPRA. If that is the case, we will explain that to you in our response.
Right to Information Regarding Participation in Data Sharing for Financial Incentives. We may run promotions from time to time whereby we incentivize a consumer to share certain pieces of information with us; for example, we may offer a one-time discount if consumers sign up for our email marketing list. Participation in these incentives is voluntary, and you may opt out of the data sharing at any time.
Right to Opt Out of Sale of Personal Information to Third Parties and Targeted Advertising. To the extent that we collect Personal Information that is subject to the CPRA, you may have the right to opt out of any sale of your Personal Information or sharing of your Personal Information for cross-context behavioral (targeted) advertising purposes by the Association to third parties. To exercise this right, please visit our Privacy Request Please note that your right to opt out does not apply to our sharing of Personal Information with service providers, who are parties we engage to perform a function on our behalf and are contractually obligated to use the Personal Information only for that function, or with state agencies, as required by such agencies.

Sensitive Personal Information
Some of the Personal Information we collect falls under the definition of “Sensitive Personal Information” under the CPRA. The following is a description of our data collection practices with respect to Sensitive Personal Information, including the Sensitive Personal Information we collect, the sources of that Sensitive Personal Information, the purposes for which we collect Sensitive Personal Information, and whether we disclose that Sensitive Personal Information to external parties. We may use any and all of the Sensitive Personal Information for any of the purposes described in this Privacy Policy, unless limitations are listed. The categories we use to describe the information are those enumerated in the CPRA.

Government Identifiers. If you take an examination, we may collect images of your driver’s license, state identification card, or passport to verify your identity. We may collect your Social Security number to verify your identity or to comply with applicable law.
Complete account access credentials. We may collect information, such as usernames, account numbers, or card numbers combined with required access/security code or password, for security purposes.
Protected Characteristics. We may collect information about your sexual orientation, disability status, race, and/or ethnic origin that you voluntarily disclose to us when using the Services (a) as required by applicable law, federal contracts or grants, or accreditation agencies, (b) to ensure that we are not discriminating against anyone on the basis of their protected characteristics, (c) to provide accommodations on the basis of disability, (d) to ensure that we appropriately refer to your gender identity, or (e) to evaluate our strategies so that our Services are available to people of all backgrounds. This information is never used to determine if someone is eligible to access any of our products, programs, events, or other Services.

Right to Limit Use or Disclosure of Sensitive Personal Information
To the extent that we collect Personal Information that is subject to the CPRA, you may have the right to limit the use or disclosure of your Sensitive Personal Information to just actions to those that:

help to ensure security and integrity, if the use of your Sensitive Personal Information is reasonably necessary and proportionate to the purpose of ensuring security and integrity;
are for short-term, transient use, so long as your Sensitive Personal Information is not disclosed to another third party and is not used to build a profile about you or otherwise alter your experience;
are involved in the performance of services on behalf our business, such as maintaining or servicing accounts, verifying customer information, processing payments, providing financing, providing analytic services, and/or providing storage; and
are used to undertake activities to verify or maintain the quality or safety of the Services.

Your Delaware Privacy Rights

The Delaware Personal Data Privacy Act (“DPDPA”) provides Delaware residents with rights to receive certain disclosures regarding the collection, use, and sharing of “Personal Data,” as well as rights to access and control Personal Data. The DPDPA defines “Personal Data” to mean “any information that is linked or reasonably linkable to an identified or identifiable individual, and does not include de-identified data or publicly available information.” Certain information we collect may be exempt from the DPDPA because it is de-identified, covered by a federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, the Fair Credit Reporting Act, information that is collected in the context of an individual being employed by or acting as an agent or independent contractor, or otherwise excluded from the definition of Personal Data under the DPDPA.

From time to time in this section of the Privacy Policy, we may refer to the “processing” of Personal Data. “Process” or “Processing” means collecting, using, storing, disclosing, analyzing, deleting, or modifying Personal Data.

If you are a Delaware resident and would like to see the categories of Personal Data that we collect or sell, please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices. If you are a Delaware resident and would like to make a request to access your Personal Data, correct your Personal Data, delete your Personal Data, or request that we do not sell your Personal Data or use it for targeted advertising or certain kinds of profiling (as described in more detail below), please visit our Privacy Request webpage, or contact us as described above.

To the extent that we collect Personal Data that is subject to the DPDPA, that information, our practices, and your rights are described below.

Right to Information Regarding the Categories of Personal Data Collected, Sold, and Disclosed. You have a right to obtain information about the categories of Personal Data we collect, sell, and disclose. Please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices.
Right to Access Information and Right to Data Portability. You have the right to confirm whether we are processing Personal Data collected about you and to access that Personal Data. When exercising your right to access your Personal Data, you have the right to obtain your Personal Data in a portable format, and (to the extent feasible) a format that is readily usable and allows you to transmit the data to another entity. You may also request that we provide you with a list of the categories of third parties we have shared your Personal Data with. Please note that this list would not include any of our affiliates or any service providers or other entities that process your Personal Data on our behalf. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request, and we may redact any highly sensitive information (such as driver’s license numbers, social security numbers, or financial account numbers). If we redact any information, we will clearly describe what information we are redacting.
Right to Correction. You have the right to correct inaccuracies in your Personal Data. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may not have to comply with this request based on the nature of the Personal Data you are asking us to correct or the purposes of processing that Personal Data. If that is the case, we will explain that to you in our response.
Right to Request Deletion of Personal Data. You have the right to request in certain circumstances that we delete any Personal Data that we have collected directly from you. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
Right to Opt Out of Targeted Advertising, Sale of Personal Data to Third Parties, and Certain Profiling. You have the right to opt out of any targeted advertising or sale of your Personal Data by us to third parties. You also have the right to opt out of profiling (described below) that is used in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities. Profiling is the automated processing of your Personal Data to evaluate, analyze or predict things about your economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. We do not engage in any of the profiling described above in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities. To exercise your right to opt out of targeted advertising or the sale of your Personal Data, please visit our Privacy Request Please note that your right to opt out does not apply to our sharing of Personal Data with service providers, who are parties we engage to perform a function on our behalf and are contractually obligated to use the Personal Data only for that function, or with state agencies, as required by such agencies.
Revoking Consent. If you wish to revoke your consent to our processing of your Personal Data as specified in this Privacy Policy, you may do by visiting our Privacy Request Please note that we may continue using your Personal Data as required to provide the Services, as described in this Privacy Policy.

Sensitive Data
Some of the Personal Information we collect falls under the definition of “Sensitive Data” under the DPDPA. The following is a description of our data collection practices with respect to Sensitive Data, including the Sensitive Data we collect, the sources of that Sensitive Data, the purposes for which we collect Sensitive Data, and whether we disclose that Sensitive Data to external parties.

Protected Characteristics. We may collect your age in order to comply with laws that restrict collection and disclosure of personal information belonging to minors or as required by law to provide certain Services to you. We may collect information about your gender identity, sexuality, disability status, race, and/or ethnic origin that you voluntarily disclose to us when using the Services (a) as required by applicable law, federal contracts or grants, or accreditation agencies, (b) to ensure that we are not discriminating against anyone on the basis of their protected characterstics, (c) to provide accommodations on the basis of disability, (d) to ensure that we appropriately refer to your gender identity, or (e) to evaluate our strategies so that our Services are available to people of all backgrounds. This information is never used to determine if someone is eligible to access any of our products, programs, events, or other Services. We disclose that information only to third parties performing services on our behalf, to governmental entities as required by applicable law, federal contracts or grants, and to accreditation bodies as required in order to offer certifications accredited by such bodies.

Your New Jersey Privacy Rights

The New Jersey Data Privacy Act (“NJPDA”) provides New Jersey residents with rights to receive certain disclosures regarding the collection, use, and sharing of “Personal Data,” as well as rights to access and control Personal Data. The NJPDA defines “Personal Data” to mean “any information that is linked or reasonably linkable to an identified or identifiable person.” Certain information we collect may be exempt from the NJDPA because it is de-identified, covered by a federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, the Fair Credit Reporting Act, or otherwise excluded from the scope of the NJPDA.

If you are a New Jersey resident and would like to see the categories of Personal Data that we collect or sell, please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices. If you are a New Jersey resident and would like to make a request to access your Personal Data, correct your Personal Data, delete your Personal Data, or request that we do not sell your Personal Data or use it for targeted advertising or certain kinds of profiling (as described in more detail below), please visit our Privacy Request webpage, or contact us as described above.

To the extent that we collect Personal Data that is subject to the NJPDA, that information, our practices, and your rights are described below.

Right to Information Regarding the Categories of Personal Data Collected, Sold, and Disclosed. You have a right to obtain information about the categories of Personal Data we collect, sell, and disclose. Please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices.
Right to Access Information and Right to Data Portability. You have the right to confirm whether we are processing Personal Data collected about you and to access that Personal Data. When exercising your right to access your Personal Data, you have the right to obtain your Personal Data in a portable format, and (to the extent feasible) a format that is readily usable and allows you to transmit the data to another entity. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request, and we may redact any highly sensitive information (such as driver’s license numbers, social security numbers, or financial account numbers). If we redact any information, we will clearly describe what information we are redacting.
Right to Correction. You have the right to correct inaccuracies in your Personal Data. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may not have to comply with this request based on the nature of the Personal Data you are asking us to correct or the purposes of processing that Personal Data. If that is the case, we will explain that to you in our response.
Right to Request Deletion of Personal Data. You have the right to request in certain circumstances that we delete any Personal Data that we have collected directly from you. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
Right to Opt Out of Targeted Advertising, Sale of Personal Data to Third Parties, and Certain Profiling. You have the right to opt out of any targeted advertising or sale of your Personal Data by us to third parties. You also have the right to opt out of profiling (described below) that is used in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities. Profiling is the automated processing of your Personal Data to evaluate, analyze or predict things about your economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. We do not engage in any of the profiling described above in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities. To exercise your right to opt out of targeted advertising or the sale of your Personal Data, please visit our Privacy Request Please note that your right to opt out does not apply to our sharing of Personal Data with service providers, who are parties we engage to perform a function on our behalf and are contractually obligated to use the Personal Data only for that function, or with state agencies, as required by such agencies.
Revoking Consent. If you wish to revoke your consent to our processing of your Personal Data as specified in this Privacy Policy, you may do by visiting our Privacy Request Please note that we may continue using your Personal Data as required to provide the Services, as described in this Privacy Policy.

Sensitive Data
Some of the Personal Information we collect falls under the definition of “Sensitive Data” under the NJDPA. The following is a description of our data collection practices with respect to Sensitive Data, including the Sensitive Data we collect, the sources of that Sensitive Data, the purposes for which we collect Sensitive Data, and whether we disclose that Sensitive Data to external parties.

Protected Characteristics. We may collect your age in order to comply with laws that restrict collection and disclosure of personal information belonging to minors or as required by law to provide certain Services to you. We may collect information about your gender identity, sexuality, disability status, race, and/or ethnic origin that you voluntarily disclose to us when using the Services (a) as required by applicable law, federal contracts or grants, or accreditation agencies, (b) to ensure that we are not discriminating against anyone on the basis of their protected characteristics, (c) to provide accommodations on the basis of disability, (d) to ensure that we appropriately refer to your gender identity, or (e) to evaluate our strategies so that our Services are available to people of all backgrounds. This information is never used to determine if someone is eligible to access any of our products, programs, events, or other Services. We disclose that information only to third parties performing services on our behalf, to governmental entities as required by applicable law, federal contracts or grants, and to accreditation bodies as required in order to offer certifications accredited by such bodies.
Financial Information. We may collect your credit card or debit card number, security code and expiration date on the card, and other account holder information for transactions, including to process payments, when you make purchases from us or donations to us. We may collect your account and routing numbers, and other information necessary to make and receive payments via ACH or other electronic transfers of funds. We collect and use this information only for transactions, including to process payments, and disclose this information only to service providers assisting us in processing invoices and payments, and completing transactions.

Your Kentucky Privacy Rights (Effective as of January 1, 2026)

The Kentucky Consumer Data Protection Act (“KCDPA”) provides Kentucky residents with rights to receive certain disclosures regarding the collection, use, and sharing of “Personal Data,” as well as rights to access and control Personal Data. The KCDPA defines “Personal Data” to mean “information that is linked or reasonably linkable to an identified or identifiable individual.” Certain information we collect may be exempt from the KCDPA because it is de-identified, considered public information (i.e., it is made available by a government entity), covered by a federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, the Fair Credit Reporting Act, or otherwise excluded from the definition of Personal Data under the KCDPA, or because it is collected by entities that are exempt from the law due to their status as tax-exempt entities organized for charitable and educational purposes (like NRAEF and MFHA) (we refer to those entities in this section as “Exempt Entities”).

If you are a Kentucky resident who used Services other than those offered by Exempt Entities and would like to see the categories of Personal Data that we collect or sell, please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices. If you are a Kentucky resident who used Services other than those offered by Exempt Entities and would like to make a request to access your Personal Data, correct your Personal Data, delete your Personal Data, or request that we do not sell your Personal Data or use it for targeted advertising or certain kinds of profiling (as described in more detail below), please visit our Privacy Request webpage, or contact us as described above.

To the extent that we collect Personal Data that is subject to the KCDPA, that information, our practices, and your rights are described below.

Right to Information Regarding the Categories of Personal Data Collected, Sold, and Disclosed. You have a right to obtain information about the categories of Personal Data we collect, sell, and disclose. Please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices.
Right to Access Information and Right to Data Portability. You have the right to confirm whether we are processing Personal Data collected about you and to access that Personal Data. When exercising your right to access your Personal Data, you have the right to obtain your Personal Data in a portable format, and (to the extent feasible) a format that is readily usable and allows you to transmit the data to another entity. You may exercise this right up to two times per calendar year. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request, and we may redact any highly sensitive information (such as driver’s license numbers, social security numbers, or financial account numbers). If we redact any information, we will clearly describe what information we are redacting.
Right to Correction. You have the right to correct inaccuracies in your Personal Data. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may not have to comply with this request based on the nature of the Personal Data you are asking us to correct or the purposes of processing that Personal Data. If that is the case, we will explain that to you in our response.
Right to Request Deletion of Personal Data. You have the right to request in certain circumstances that we delete any Personal Data that we have collected directly from you. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
Right to Opt Out of Targeted Advertising, Sale of Personal Data to Third Parties, and Certain Profiling. You have the right to opt out of any targeted advertising or sale of your Personal Data by us to third parties. You also have the right to opt out of profiling (described below) that is used in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities. Profiling is the automated processing of your Personal Data to evaluate, analyze or predict things about your economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. We do not engage in any of the profiling described above in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities or any other legal or similarly significant effects concerning a consumer. To exercise your right to opt out of targeted advertising or the sale of your Personal Data, please visit our Privacy Request webpage. Please note that your right to opt out does not apply to our sharing of Personal Data with service providers, who are parties we engage to perform a function on our behalf and are contractually obligated to use the Personal Data only for that function, or with state agencies, as required by such agencies.
Revoking Consent. If you wish to revoke your consent to our processing of your Personal Data as specified in this Privacy Policy, you may do by visiting our Privacy Request webpage. Please note that we may continue using your Personal Data as required to provide the Services, as described in this Privacy Policy.

Sensitive Data

Some of the Personal Information we collect may fall under the definition of “Sensitive Data” under the KCDPA. To the extent that we collect Personal Data that is subject to the KCDPA, the following is a description of our data collection practices with respect to Sensitive Data, including the Sensitive Data we collect, the sources of that Sensitive Data, the purposes for which we collect Sensitive Data, and whether we disclose that Sensitive Data to external parties.

Protected Characteristics. We may collect your age in order to comply with laws that restrict collection and disclosure of personal information belonging to minors or as required by law to provide certain Services to you. We may collect information about your sexuality, disability status, race, and/or ethnic origin that you voluntarily disclose to us when using the Services (a) as required by applicable law, federal contracts or grants, or accreditation agencies, (b) to ensure that we are not discriminating against anyone on the basis of their protected characteristics, (c) to provide accommodations on the basis of disability, or (d) to evaluate our strategies so that our Services are available to people of all backgrounds. This information is never used to determine if someone is eligible to access any of our products, programs, events, or other Services. We disclose that information only to third parties performing services on our behalf, to governmental entities as required by applicable law, federal contracts or grants, and to accreditation bodies as required in order to offer certifications accredited by such bodies.

Your Montana Privacy Rights

The Montana Consumer Data Privacy Act (“MTCDPA”) provides Montana residents with rights to receive certain disclosures regarding the collection, use, and sharing of “Personal Data,” as well as rights to access and control Personal Data. The MTCDPA defines “Personal Data” to mean “any information that is linked to or is reasonably linkable to an identified or identifiable natural person.” Certain information we collect may be exempt from the MTCDPA because it is de-identified, considered public information (i.e., it is made available by a government entity or widely distributed media), covered by a federal privacy law, such as the Gramm–Leach–Bliley Act, the Health Insurance Portability and Accountability Act, the Fair Credit Reporting Act, or otherwise excluded from the definition of Personal Data under the MTCDPA.

From time to time in this section of the Privacy Policy, we may refer to the “processing” of Personal Data. “Process” or “Processing” means performing an action or operation, or a series of actions or operations (including automatically) on Personal Data, such as collecting, using, storing, disclosing, analyzing, deleting, or modifying Personal Data.

If you are a Montana resident and would like to see the categories of Personal Data that we collect or sell, please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices. If you are a Montana resident and would like to make a request to access your Personal Data, correct your Personal Data, delete your Personal Data, or request that we do not sell your Personal Data or use it for targeted advertising or certain kinds of profiling (as described in more detail below), please visit our Privacy Request webpage, or contact us as described above.

To the extent that we collect Personal Data that is subject to the MTCDPA, that information, our practices, and your rights are described below.

Right to Information Regarding the Categories of Personal Data Collected, Sold, and Disclosed. You have a right to obtain information about the categories of Personal Data we collect, sell, and disclose. Please see the Sections above entitled Information We Collect, How We Use Your Information, Our Sharing of Your Information, and Additional Information About our Data Collection and Sharing Practices.
Right to Access Information and Right to Data Portability. You have the right to confirm whether we are processing Personal Data collected about you and to access that Personal Data. When exercising your right to access your Personal Data, you have the right to obtain your Personal Data in a portable format, and (to the extent feasible) a format that is readily usable and allows you to transmit the data to another entity. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request, and we may redact any highly sensitive information (such as driver’s license numbers, social security numbers, or financial account numbers). If we redact any information, we will clearly describe what information we are redacting.
Right to Correction. You have the right to correct inaccuracies in your Personal Data. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may not have to comply with this request based on the nature of the Personal Data you are asking us to correct or the purposes of processing that Personal Data. If that is the case, we will explain that to you in our response.
Right to Request Deletion of Personal Data. You have the right to request in certain circumstances that we delete any Personal Data that we have collected directly from you or Personal Data that we have collected from another source. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
Right to Opt Out of Targeted Advertising, Sale of Personal Data to Third Parties, and Certain Profiling. You have the right to opt out of any targeted advertising or sale of your Personal Data by us to third parties. You also have the right to opt out of profiling (described below) that is used in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities. Profiling is the automated processing of your Personal Data to evaluate, analyze or predict things about your economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. We do not engage in any of the profiling described above in furtherance of decisions that result in providing or denying education enrollment or opportunity or employment opportunities or other legal or similarly significant effects concerning you. To exercise your right to opt out of targeted advertising or the sale of your Personal Data, please visit our Privacy Request webpage. Please note that your right to opt out does not apply to our sharing of Personal Data with affiliates or service providers, who are parties we engage to perform a function on our behalf and are contractually obligated to use the Personal Data only for that function, or with state agencies, as required by such agencies.
Revoking Consent. If you wish to revoke your consent to our processing of your Personal Data as specified in this Privacy Policy, you may do by visiting our Privacy Request webpage. Please note that we may continue using your Personal Data as required to provide the Services, as described in this Privacy Policy.

Sensitive Data

Some of the Personal Information we collect falls under the definition of “Sensitive Data” under the MTCDPA. The following is a description of our data collection practices with respect to Sensitive Data, including the Sensitive Data we collect, the sources of that Sensitive Data, the purposes for which we collect Sensitive Data, and whether we disclose that Sensitive Data to external parties.

Protected Characteristics. We may collect your age in order to comply with laws that restrict collection and disclosure of personal information belonging to minors or as required by law to provide certain Services to you. We may collect information about your sexual orientation, disability status, race, and/or ethnic origin that you voluntarily disclose to us when using the Services (a) as required by applicable law, federal contracts or grants, or accreditation agencies, (b) to ensure that we are not discriminating against anyone on the basis of their protected characteristics, (c) to provide accommodations on the basis of disability, or (d) to evaluate our strategies so that our Services are available to people of all backgrounds. This information is never used to determine if someone is eligible to access any of our products, programs, events, or other Services. We disclose that information only to third parties performing services on our behalf, to governmental entities as required by applicable law, federal contracts or grants, and to accreditation bodies as required in order to offer certifications accredited by such bodies.

Your Nevada Privacy Rights

Residents of the State of Nevada have the right to opt out of the sale of certain pieces of their information to third parties who will sell or license their information to others. If you are a Nevada resident and would like to make such a request, please visit our Privacy Request webpage, or contact us as described above.

Special Information for Students of Academic Institutions (FERPA)

Students using our Services through an educational agency or institution (“School”) may be entitled to certain rights under federal and/or state student privacy laws, such as the Family Educational Rights and Privacy Act (“FERPA”). Under FERPA, these rights include the right to:

Access and inspect the student’s education records;
Provide written consent to the disclosure of education records or personally identifiable information; and
Request the amendment of the student’s education records that the parent or eligible student believes are inaccurate, misleading or in violation of the student’s privacy rights.

Please note that in order to provide our Services to students, we may receive or collect education records and personally identifiable information as reasonably required to provide the Services. We may also be required to disclose students’ education records or personally identifiable information as required by state agencies (such as state departments of health). If you do not consent to such disclosure, do not use our Services.

If you are an academic student at an American educational institution and identify yourself as a student as described below, you are considered a “Student User,” and our Student Data Privacy Policy describes how we use your student data in that capacity.

As part of our Services to Student Users, we use your data in the following ways, given you have provided consent (as described below):

Share with Schools, prospective employers or current employers of a student the exam results, certification status and professional training of such student;
Post accreditation, certification or training results to our public website for access by Schools, employers, educators or others;
Share or publicly disclose such other education records or personally identifiable information as reasonably required to attest to a student’s certification status or for other purposes relevant to users of the Services; and
Provide students information regarding additional Services that may advance or enhance the workforce development or career opportunities of students.

If you are a Student User, how you identify yourself as a student and give consent depends on what website you are using:

If you are a user of any of our websites, other than ServSafeInternational.com or Benefits.ServSafeBrands.com, please follow the instructions below:
- New Users: Create your account, select your Job Role as “Academic Student”, and respond to the following fields to provide consent.
- Existing Users: Login to your account, update your profile, select your Job Role as “Academic Student”, and respond to the following fields to provide consent.
If you are a user of ServSafeInternational.com or Benefits.ServSafeBrands.com, or are otherwise unable to give consent when you create an account or by updating your profile (as described above), please follow the instructions below:
- Complete this Online Consent Form and send it to Privacy@restaurant.org before commencing any Services or providing any educational records or personal information.

Information for Individuals Located in the United Kingdom, European Economic Area and Switzerland

The categories of personal data that we collect, and the recipients of that data are described above. We process personal data on the following legal bases (which are described in more detail above): (1) with your consent; (2) as necessary to perform our agreement to provide Services; and (3) as necessary for our legitimate interests in providing the Services where those interests do not override your fundamental rights and freedom related to data privacy, as described above. Personal information we collect may be transferred to, and stored and processed in, the United States or any other country in which we or our affiliates or subcontractors maintain facilities, as described above.

Users that reside in the United Kingdom, EEA or Switzerland have the right to lodge a complaint about our data collection and processing actions with the supervisory authority concerned. Contact details for data protection authorities are available here.

If you are a resident of the United Kingdom, EEA or Switzerland, you are entitled to certain rights. Please note: In order to verify your identity, we may require you to provide us with personal information prior to accessing any records containing information about you. These rights include the following:

Right to Access Information and Right to Data Portability. You have the right to confirm whether we are processing personal data collected about you (including the purposes, the categories, the categories of recipients, the retention period, the source of the data) and to access that personal data. When exercising your right to access your Personal Data, you have the right to obtain your Personal Data in a portable format, and to the extent feasible a format that is readily usable and allows you to transmit the data to another entity. To protect our customers’ Personal Data, we are required to verify your identity before we can act on your request, and we may redact any highly sensitive information (such as driver’s license numbers, social security numbers, or financial account numbers). If we redact any information, we will clearly describe what information we are redacting.
Right to Rectification. You have the right to correct inaccuracies in your Personal Information or, taking into account the purpose of the processing, to have incomplete personal data completed.

Right to Request Deletion of Personal Data. You have the right to request in certain circumstances (such as if the data is no longer necessary to fulfill the purpose for which it was collected, where you withdraw consent and no other legal ground exists for processing, where you object to the processing and there are no overriding legitimate grounds for processing, where the data was unlawfully processed, where the data is required to be deleted to be in compliance with applicable law) that we delete any personal data about you. To protect our customers’ personal data, we are required to verify your identity before we can act on your request. We may have a reason under the law why we do not have to comply with your request, or why we may comply with it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
Right to Request Restriction of Processing: You have the right to request that we restrict our processing if we are processing your data based on legitimate interests or the performance of a task in the public interest as an exercise of official authority (including profiling); using your data for direct marketing (including profiling); or processing your data for purposes of scientific or historical research and statistics.

To submit a request to exercise your rights, please contact us at Privacy@restaurant.org. We may have a reason under the law why we do not have to respond to your request, or respond to it in a more limited way than you anticipated. If we do, we will explain that to you in our response.

Changes to This Policy

We may make changes to this Policy from time to time. We will post any changes, and such changes will become effective when they are posted unless otherwise required by law. Your continued use of our Services following the posting of any changes will mean you accept those changes. For questions about our privacy practices, contact us at:

Director of Security
National Restaurant Association
233 South Wacker Drive
Chicago, IL 60606
1-800-765-2122
Email: Privacy@restaurant.org

Additional Information About Our Use of Tracking Technologies and Interest-Based Advertising

The Association relies on partners to provide many features of our sites and services using data about your use of the Association and other sites. We use cookies for the following purposes:

Strictly Necessary Cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. These cookies do not store any personally identifiable information.
Performance Cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous.
Functional Cookies: These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages.
Targeting Cookies: These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertising on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device.
Social Media Cookies: These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests.

Below is a list of these partners with links to more information about the use of your data by our service providers and third parties that use tracking devices or cookies. We have provided links to information about the choices these services may make available to you.

Category	Partner	Further Information
Analytics	Google	Google Privacy & Terms
Personalized Advertising and Social Media	Facebook	Data Policy
Personalized Advertising	LinkedIn	Privacy Policy
Analytics	Microsoft Clarity	Privacy Policy (see below)
Site Operations	Marketo Forms	Privacy Information
Personalized Advertising	Marketo Munchkin	Privacy Information
Site Operations	ON24	Privacy Center

In addition to the foregoing, the National Restaurant Association and its affiliates, including National Restaurant Association Solutions LLC and The National Restaurant Association Educational Foundation, partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our websites through behavioral metrics, heatmaps, and session replay to improve and market our programs and any products/services made available through our website. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

Most web browsers automatically accept cookies but, if you prefer, you can usually modify your browser setting to disable or reject cookies. If you delete your cookies or if you set your browser to decline cookies, some features of the Services may not be available, work, or work as designed. You may also be able to opt out of or block tracking by interacting directly with the third parties who conduct tracking through our Services.

You can learn more about ad serving companies and the options available to limit their collection and use of your information by visiting the websites for the Network Advertising Initiative, the Digital Advertising Alliance, and the European Interactive Digital Advertising Initiative. Similarly, you can learn about your options to opt out of mobile app tracking by certain advertising networks through your device settings and by resetting the advertiser ID on your Apple or Android device.

Please note that opting-out of advertising networks services does not mean that you will not receive advertising while using our Services or on other websites, nor will it prevent the receipt of interest-based advertising from third parties that do not participate in these programs. It will, however, exclude you from interest-based advertising conducted through participating networks, as provided by their policies and choice mechanisms. If you delete your cookies, you may also delete your opt-out preferences.

TERMS OF USE

Last Modified: December 9, 2024

Acceptance of the Terms of Use

These terms of use are entered into by and between You and The Restaurant Law Center (“Company”, “we” or “us”). The following terms and conditions, together with any documents they expressly incorporate by reference (collectively, these “Terms of Use”), govern your access to and use of ww.restaurantlegalsummit.org (the “Website”), including any content, functionality and services offered on or through the Website, whether as a guest or a registered user.

Please read the Terms of Use carefully before you start to use the Website. These Terms of Use include a Class Action Waiver. By using the Website or by clicking to accept or agree to the Terms of Use when this option is made available to you, you accept and agree to be bound and abide by these Terms of Use and our Privacy Policy, incorporated herein by reference. If you do not want to agree to these Terms of Use or the Privacy Policy, you must not access or use the Website.

Changes to the Terms of Use

We may revise and update these Terms of Use from time to time in our sole discretion. All changes are effective immediately when we post them, and apply to all access to and use of the Website thereafter.

Your continued use of the Website following the posting of revised Terms of Use means that you accept and agree to the changes. You are expected to check this page from time to time so you are aware of any changes, as they are binding on you.

Accessing the Website and Account Security

We reserve the right to withdraw or amend this Website, and any service or material we provide on the Website, in our sole discretion without notice. We will not be liable if for any reason all or any part of the Website is unavailable at any time or for any period. From time to time, we may restrict access to some parts of the Website, or the entire Website, to users, including registered users.

You are responsible for:

Making all arrangements necessary for you to have access to the Website.
Ensuring that all persons who access the Website through your internet connection are aware of these Terms of Use and comply with them.

To access the Website or some of the resources it offers, you may be asked to provide certain registration details or other information. It is a condition of your use of the Website that all the information you provide on the Website is correct, current and complete. You agree that all information you provide to register with this Website or otherwise, including but not limited to through the use of any interactive features on the Website, is governed by our Privacy Policy and you consent to all actions we take with respect to your information consistent with our Privacy Policy.

If you choose, or are provided with, a user name, password or any other piece of information as part of our security procedures, you must treat such information as confidential, and you must not disclose it to any other person or entity. You also acknowledge that your account is personal to you and agree not to provide any other person with access to this Website or portions of it using your user name, password or other security information. You agree to notify us immediately of any unauthorized access to or use of your user name or password or any other breach of security. You also agree to ensure that you exit from your account at the end of each session. You should use particular caution when accessing your account from a public or shared computer so that others are not able to view or record your password or other personal information.

We have the right to disable any user name, password or other identifier, whether chosen by you or provided by us, at any time in our sole discretion for any or no reason, including if, in our opinion, you have violated any provision of these Terms of Use.

Intellectual Property Rights

The Website and its entire contents, features and functionality (including but not limited to all information, software, text, displays, images, video and audio, and the design, selection and arrangement thereof), are owned by the Company, its licensors or other providers of such material and are protected by United States and international copyright, trademark, patent, trade secret and other intellectual property or proprietary rights laws.

These Terms of Use permit you to use the Website for your personal, non-commercial use only. You must not reproduce, distribute, modify, create derivative works of, publicly display, publicly perform, republish, download, store or transmit any of the material on our Website, except as follows:

Your computer may temporarily store copies of such materials in RAM incidental to your accessing and viewing those materials.
You may store files that are automatically cached by your Web browser for display enhancement purposes.

You must not:

Modify copies of any materials from this site.
Delete or alter any copyright, trademark or other proprietary rights notices from copies of materials from this site.

You must not access or use for any commercial purposes any part of the Website or any services or materials available through the Website.

If you wish to make any use of material on the Website other than that set out in this section, please address your request to: info@restaurantlawcenter.org.

If you print, copy, modify, download or otherwise use or provide any other person with access to any part of the Website in breach of the Terms of Use, your right to use the Website will cease immediately and you must, at our option, return or destroy any copies of the materials you have made. No right, title or interest in or to the Website or any content on the Website is transferred to you, and all rights not expressly granted are reserved by the Company. Any use of the Website not expressly permitted by these Terms of Use is a breach of these Terms of Use and may violate copyright, trademark and other laws.

Trademarks

The Company name and all related names, logos, product and service names, designs and slogans are trademarks of the Company or its affiliates or licensors. You must not use such marks without the prior written permission of the Company or its affiliates or licensors, as applicable. All other names, logos, product and service names, designs and slogans on this Website are the trademarks of their respective owners.

Prohibited Uses

You may use the Website only for lawful purposes and in accordance with these Terms of Use. You agree not to use the Website:

In any way that violates any applicable federal, state, local or international law or regulation (including, without limitation, any laws regarding the export of data or software to and from the United States or other countries).
For the purpose of exploiting, harming or attempting to exploit or harm minors in any way by exposing them to inappropriate content, asking for personally identifiable information or otherwise.
To engage in any other conduct that restricts or inhibits anyone’s use or enjoyment of the Website, or which, as determined by us, may harm the Company or users of the Website or expose them to liability.

Additionally, you agree not to:

Use the Website in any manner that could disable, overburden, damage, or impair the site or interfere with any other party’s use of the Website, including their ability to engage in real time activities through the Website.
Use any robot, spider or other automatic device, process or means to access the Website for any purpose, including monitoring or copying any of the material on the Website.
Use any manual process to monitor or copy any of the material on the Website or for any other unauthorized purpose without our prior written consent.
Use any device, software or routine that interferes with the proper working of the Website.
Introduce any viruses, trojan horses, worms, logic bombs or other material which is malicious or technologically harmful.
Attempt to gain unauthorized access to, interfere with, damage or disrupt any parts of the Website, the server on which the Website is stored, or any server, computer or database connected to the Website.
Attack the Website via a denial-of-service attack or a distributed denial-of-service attack.
Otherwise attempt to interfere with the proper working of the Website.

Reliance on Information Posted

The information presented on or through the Website is made available solely for general information purposes. We do not warrant the accuracy, completeness or usefulness of this information. Any reliance you place on such information is strictly at your own risk. We disclaim all liability and responsibility arising from any reliance placed on such materials by you or any other visitor to the Website, or by anyone who may be informed of any of its contents.

This Website may include content provided by third parties, including materials provided by other users, bloggers and third-party licensors, syndicators, aggregators and/or reporting services. All statements and/or opinions expressed in these materials, and all articles and responses to questions and other content, other than the content provided by the Company, are solely the opinions and the responsibility of the person or entity providing those materials. These materials do not necessarily reflect the opinion of the Company. We are not responsible, or liable to you or any third party, for the content or accuracy of any materials provided by any third parties.

Changes to the Website

We may update the content on this Website from time to time, but its content is not necessarily complete or up-to-date. Any of the material on the Website may be out of date at any given time, and we are under no obligation to update such material.

Information About You and Your Visits to the Website

All information we collect on this Website is subject to our Privacy Policy. By using the Website, you consent to all actions taken by us with respect to your information in compliance with the Privacy Policy.

Linking to the Website and Social Media Features

You may link to our homepage, provided you do so in a way that is fair and legal and does not damage our reputation or take advantage of it, but you must not establish a link in such a way as to suggest any form of association, approval or endorsement on our part.

This Website may provide certain social media features that enable you to:

Link from your own or certain third-party websites to certain content on this Website.
Send e-mails or other communications with certain content, or links to certain content, on this Website.
Cause limited portions of content on this Website to be displayed or appear to be displayed on your own or certain third-party websites.

You may use these features solely as they are provided by us, solely with respect to the content they are displayed with and otherwise in accordance with any additional terms and conditions we provide with respect to such features. Subject to the foregoing, you must not:

Establish a link from any website that is not owned by you.
Cause the Website or portions of it to be displayed, or appear to be displayed by, for example, framing, deep linking or in-line linking, on any other site.
Link to any part of the Website other than the homepage.
Otherwise take any action with respect to the materials on this Website that is inconsistent with any other provision of these Terms of Use.

You agree to cooperate with us in causing any unauthorized framing or linking immediately to cease. We reserve the right to withdraw linking permission without notice.

We may disable all or any social media features and any links at any time without notice in our discretion.

Links from the Website

If the Website contains links to other sites and resources provided by third parties, these links are provided for your convenience only. This includes links contained in advertisements, including banner advertisements and sponsored links. We have no control over the contents of those sites or resources, and accept no responsibility for them or for any loss or damage that may arise from your use of them. If you decide to access any of the third party websites linked to this Website, you do so entirely at your own risk and subject to the terms and conditions of use for such websites.

Geographic Restrictions

The owner of the Website is based in the United States. We make no claims that the Website or any of its content is accessible or appropriate outside of the United States. Access to the Website may not be legal by certain persons or in certain countries. If you access the Website from outside the United States, you do so on your own initiative and are responsible for compliance with local laws.

Disclaimer of Warranties

You understand that we cannot and do not guarantee or warrant that files available for downloading from the internet or the Website will be free of viruses or other destructive code. You are responsible for implementing sufficient procedures and checkpoints to satisfy your particular requirements for anti-virus protection and accuracy of data input and output, and for maintaining a means external to our site for any reconstruction of any lost data. WE WILL NOT BE LIABLE FOR ANY LOSS OR DAMAGE CAUSED BY A DISTRIBUTED DENIAL-OF-SERVICE ATTACK, VIRUSES OR OTHER TECHNOLOGICALLY HARMFUL MATERIAL THAT MAY INFECT YOUR COMPUTER EQUIPMENT, COMPUTER PROGRAMS, DATA OR OTHER PROPRIETARY MATERIAL DUE TO YOUR USE OF THE WEBSITE OR ANY SERVICES OR ITEMS OBTAINED THROUGH THE WEBSITE OR TO YOUR DOWNLOADING OF ANY MATERIAL POSTED ON IT, OR ON ANY WEBSITE LINKED TO IT.

YOUR USE OF THE WEBSITE, ITS CONTENT AND ANY SERVICES OR ITEMS OBTAINED THROUGH THE WEBSITE IS AT YOUR OWN RISK. THE WEBSITE, ITS CONTENT AND ANY SERVICES OR ITEMS OBTAINED THROUGH THE WEBSITE ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS, WITHOUT ANY WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED. NEITHER THE COMPANY NOR ANY PERSON ASSOCIATED WITH THE COMPANY MAKES ANY WARRANTY OR REPRESENTATION WITH RESPECT TO THE COMPLETENESS, SECURITY, RELIABILITY, QUALITY, ACCURACY OR AVAILABILITY OF THE WEBSITE. WITHOUT LIMITING THE FOREGOING, NEITHER THE COMPANY NOR ANYONE ASSOCIATED WITH THE COMPANY REPRESENTS OR WARRANTS THAT THE WEBSITE, ITS CONTENT OR ANY SERVICES OR ITEMS OBTAINED THROUGH THE WEBSITE WILL BE ACCURATE, RELIABLE, ERROR-FREE OR UNINTERRUPTED, THAT DEFECTS WILL BE CORRECTED, THAT OUR SITE OR THE SERVER THAT MAKES IT AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS OR THAT THE WEBSITE OR ANY SERVICES OR ITEMS OBTAINED THROUGH THE WEBSITE WILL OTHERWISE MEET YOUR NEEDS OR EXPECTATIONS.

THE COMPANY HEREBY DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING BUT NOT LIMITED TO ANY WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR PARTICULAR PURPOSE.

THE FOREGOING DOES NOT AFFECT ANY WARRANTIES WHICH CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.

Limitation on Liability

IN NO EVENT WILL THE COMPANY, ITS AFFILIATES OR THEIR LICENSORS, SERVICE PROVIDERS, EMPLOYEES, AGENTS, OFFICERS OR DIRECTORS BE LIABLE FOR DAMAGES OF ANY KIND, UNDER ANY LEGAL THEORY, ARISING OUT OF OR IN CONNECTION WITH YOUR USE, OR INABILITY TO USE, THE WEBSITE, ANY WEBSITES LINKED TO IT, ANY CONTENT ON THE WEBSITE OR SUCH OTHER WEBSITES OR ANY SERVICES OR ITEMS OBTAINED THROUGH THE WEBSITE OR SUCH OTHER WEBSITES, INCLUDING ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO, PERSONAL INJURY, PAIN AND SUFFERING, EMOTIONAL DISTRESS, LOSS OF REVENUE, LOSS OF PROFITS, LOSS OF BUSINESS OR ANTICIPATED SAVINGS, LOSS OF USE, LOSS OF GOODWILL, LOSS OF DATA, AND WHETHER CAUSED BY TORT (INCLUDING NEGLIGENCE), BREACH OF CONTRACT OR OTHERWISE, EVEN IF FORESEEABLE.

THE FOREGOING DOES NOT AFFECT ANY LIABILITY WHICH CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.

Indemnification

You agree to defend, indemnify and hold harmless the Company, its affiliates, licensors and service providers, and its and their respective officers, directors, employees, contractors, agents, licensors, suppliers, successors and assigns from and against any claims, liabilities, damages, judgments, awards, losses, costs, expenses or fees (including reasonable attorneys’ fees) arising out of or relating to your violation of these Terms of Use or your use of the Website, including, but not limited to, any use of the Website’s content, services and products other than as expressly authorized in these Terms of Use or your use of any information obtained from the Website.

Governing Law

All matters relating to the Website and these Terms of Use and any dispute or claim arising therefrom or related thereto (in each case, including non-contractual disputes or claims), shall be governed by and construed in accordance with the internal laws of Washington, D.C. without giving effect to any choice or conflict of law provision or rule (whether of the Washington, D.C. or any other jurisdiction).

Dispute Resolution

If you have any concern or dispute that we are unable to resolve (“Claim”), you agree to first try to resolve the dispute informally and in good faith by contacting us and providing a written notice of your Claim (“Notice of Claim”) to the address below. The Notice of Claim must provide us with fair notice of your identity, a description of the nature and basis of your Claim, and the relief you are seeking, including the specific amount of any monetary relief you are seeking, and cannot be combined with a Notice of Claim for other individuals. Neither party shall initiate legal action until 30 days after the Notice of Claim is received.

Venue; Jurisdiction

Any legal suit, action or proceeding arising out of, or related to, these Terms of Use or the Website shall be instituted exclusively in the federal courts of the United States located in Washington, D.C. or the courts of Washington, D.C. You waive any and all objections to the exercise of jurisdiction over you by such courts and to venue in such courts.

CLASS ACTION WAIVER

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, YOU AND COMPANY WILL ONLY BRING DISPUTES, CLAIMS, OR CONTROVERSIES BETWEEN YOU AND COMPANY IN AN INDIVIDUAL CAPACITY AND SHALL NOT:

SEEK TO BRING, JOIN, OR PARTICIPATE IN ANY CLASS OR REPRESENTATIVE ACTION, OR ANY OTHER ACTION WHERE ANOTHER INDIVIDUAL OR ENTITY ACTS IN A REPRESENTATIVE CAPACITY (LIKE PRIVATE ATTORNEY GENERAL ACTIONS); OR
CONSOLIDATE OR COMBINE INDIVIDUAL PROCEEDINGS OR PERMIT ANOTHER TO DO SO WITHOUT THE EXPRESS CONSENT OF ALL PARTIES.Limitation on Time to File ClaimsANY CAUSE OF ACTION OR CLAIM YOU MAY HAVE ARISING OUT OF OR RELATING TO THESE TERMS OF USE OR THE WEBSITE MUST BE COMMENCED WITHIN ONE (1) YEAR AFTER THE CAUSE OF ACTION ACCRUES, OTHERWISE, SUCH CAUSE OF ACTION OR CLAIM IS PERMANENTLY BARRED.Waiver and SeverabilityNo waiver of by the Company of any term or condition set forth in these Terms of Use shall be deemed a further or continuing waiver of such term or condition or a waiver of any other term or condition, and any failure of the Company to assert a right or provision under these Terms of Use shall not constitute a waiver of such right or provision.If any provision of these Terms of Use is held by a court or other tribunal of competent jurisdiction to be invalid, illegal or unenforceable for any reason, such provision shall be eliminated or limited to the minimum extent such that the remaining provisions of the Terms of Use will continue in full force and effect.Entire AgreementThe Terms of Use and our Privacy Policy constitute the sole and entire agreement between you and The Restaurant Law Center with respect to the Website and supersede all prior and contemporaneous understandings, agreements, representations and warranties, both written and oral, with respect to the Website.Comments and ConcernsAll notices of copyright infringement or other legal claims, including Notices of Claims, should be sent to legal@restaurant.org.All other feedback, comments, requests for technical support and other communications relating to the Website should be directed to: info@restaurantlawcenter.org.

Privacy Policy

How to Contact Us

Information We Collect

How We Use Your Information

How We Secure the Information We Collect From or About You

Our Sharing of Your Information

Additional Information About Our Data Collection and Sharing Practices

Your Options and Rights

Your Colorado Privacy Rights

Your Oregon Privacy Rights

Your Minnesota Privacy Rights

Your Maryland Privacy Rights

Your California Privacy Rights

Your Delaware Privacy Rights

Your New Jersey Privacy Rights

Your Kentucky Privacy Rights (Effective as of January 1, 2026)

Your Montana Privacy Rights

Your Nevada Privacy Rights

Special Information for Students of Academic Institutions (FERPA)

Information for Individuals Located in the United Kingdom, European Economic Area and Switzerland

Changes to This Policy

Additional Information About Our Use of Tracking Technologies and Interest-Based Advertising

TERMS OF USE

SIGN UP TO VIEW THE COMPLETE 2017 SESSIONS