Privacy Policy - SSI International GmbH

Version 07.2025

PREAMBLE AND SCOPE OF THIS PRIVACY POLICY

SSI International GmbH provides you with a variety of products and services in connection with diving and swimming. These products and services are inter alia offered online on divessi.com as well as on the MySSI App for mobile use (al together "MySSI").

The following sections 1 to 8 including its Appendix ("GeneralProvisions") explain how we collect and use your personal data when you use MySSI. The addendum in section 9 ("Californian Provisions", and together with the General Provisions the "Privacy Policy") contains additional provisions in compliance with the California Consumer Privacy Act ("CCPA")that only apply to Californian residents. The Californian Provisions supplement the General Provisions but in the event of any conflict between the General Provisions and the Californian Provisions, the Californian Provisions shall prevail but only with regard to Californian residents.

If necessary, we will update this Privacy Policy with regards to the development of MySSI and in accordance with changes in the law and legal precedents. We therefore review this Privacy Policy and recommend to revisit it at regular intervals to familiarize yourself with the most up-to-date version.

1. GENERAL PROVISIONS

1.0 Controller

MySSI is operated by SSI International GmbH ("SSI", "we","us") as a controller pursuant to Art. 4 (7) General Data Protection Regulation ("GDPR"). You can reach us at:

Address: Johann-Hoellfritsch-Straße 6 – 90530 Wendelstein – Germany –

Email: privacy@diveSSI.com

Tel: + 49-9129-909938-0

You can reach our data protection officer at:

Address: SSI International GmbH c/o Privacy – Johann-Hoellfritsch-Straße 6– 90530 Wendelstein – Germany

Please note that we jointly determine the purposes and means of the processing concerning the execution of training, providing training content and issuing certifications, including the delivery of the certifications to the students as well as the administration of certificates and personal data of the students in MySSI with SSI Authorized Training Centers. You can, as appropriate, get a copy or a summary of the joint controllers agreement, by contacting SSI at privacy@diveSSI.com

1.1. What is personal data?

The GDPR and national data protection laws protect the fundamental rights and freedoms of individuals and their rights to the protection of personal data. According to Art. 4 (1) GDPR, "Personal Data" means any information relating to an identified or identifiable natural person ("Data Subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, etc. Hence, addresses, telephone numbers, e-mailaddresses, user IDs, credit card numbers, social media account IDs, user names,IP addresses, GPS data etc. are considered as Personal Data.

1.2. For what purposes do we collect Personal Data in general and are you obligated to provide your Personal Data?

We collect specific Personal Data of our users of MySSI ("user" or "you") during the use of MySSI as explained below in detail.

Please note that you are not legally obligated to provide us with your respective Personal Data. However, if you do not provide certain Personal Data, we might not be able to offer you the full services incorporated in MySSI.

2. HANDLING PERSONAL DATA OF USERS OF MYSSI

2.0 Collecting your data, when using MySSI for informational use and when you contact us

If you use MySSI purely for informational purposes, without further interacting with us, we only collect personal data that is transferred by your browser to us. To view MySSI, we collect the following personal data which is technically necessary in order for us to provide MySSI to you:

IP address,
Date and time of the request,
Time zone difference from Greenwich Mean Time (GMT),
content of request (actual web page),
access status/http status code,
respectively transferred data amount,
website from which the request is received,
browser used,
operating system and its interface,
language and version of the browser software

When contacting us by email or via the contact form, we process Personal Data that you have provided to us in this regard (e.g. name, email address, inquiry etc.) in order to respond to your message. In the event follow-upquestions arise, your Personal Data can be forwarded to the responsible person(for example, the IT department, the legal department, logistics, etc.). The processing is based on the performance of a contract or in order to take steps at your request prior to entering into a contract, (Art. 6 (1) (b) GDPR), inorder to comply with legal obligations (Art. 6 (1) (c) GDPR) or based on our legitimate interests (Art. 6 (1) (f) GDPR).

2.1. Collection of user data when participating in training programs

SSI provides the user with training programs – also called SSI digital learning products – on MySSI

We process the following information from participants in SSI training programs:

Name, First Name,
Street,Post Box
Postcode,City
State, Country
Email Address
Telephone Numbers
Date of Birth
Salutation, Gender
Personal Photo
Language
SSI Master ID
Course Type, Course Progress
Certification Data (Number, Date,Instructor, Number of Dives at Certification Time, Year of Commencement of Diving)
SSI Authorized Training CenterAffiliation
Current Geodata when Using differentMySSI App Functions
Health Data
Insurance Data Of Diving SpecificPolicies (when applicable)
SSI Membership Number (forProfessionals)
Quality Assurance Data (forProfessionals)

SSI might transfer the above mentioned data to its members – SSI DiveCenters or Resorts ("SSI Authorized Training Centers") and SSI Professionals or Instructors ("Instructors") –via MySSI for training and certification purposes. Equally, external companies might have access to the data in order to manage and improve the digital workflows of SSI digital learning products.

The legal basis for processing this data is the performance of acontract (Art. 6 (1) (b) GDPR), your consent (Art. 6 (1) (a) GDPR) orlegitimate interests (Art. 6 (1) (f) GDPR).

2.2. Use of user data when participatingin training programs

MySSI LogIn

The Personal Data mentioned above under 2.1 is processed when you register for MySSI or when a SSI Authorized Training Center or an Instructor has registered you in order to create a user profile.

Once your data has been collected in MySSI, you will receive an automatically generated email from SSI with your username and password in order to activate your MySSI account. The activation of your account is mandatory for any SSI certification and assures your access to the teaching content as well as your personal profile information (e.g. learning progress, accomplished certifications, educational level etc.). The personal account will, further,hold information on the status of your training progress and certification status at any time.

The described processing is necessary for the performance of a contract(Art. 6 (1) (b) GDPR).

For the purpose of identifying you and to verify that you have all the necessary certificates in place to be eligible to dive we might share with other SSI Authorized Training Centers and potentially their affiliated instructors your Personal Data as described above, if you have given consent and you havea ctivated this option in your Privacy Settings in the MySSI account as explained in detail under point 2.4.

The legal basis for sharing your data with other SSI Authorized Training Centers is your consent (Art. 6(1) (a) GDPR).

Use of the Digital Learning Platform

As part of the training and for the purpose of certification, the learning progress, completed performance requirements, examination results,etc. are recorded and stored. This data is accessible by the SSI Authorized Training Center that you have chosen and any affiliated instructors of the SSI Authorized Training Center, SSI, and the external service providers required to provide the service.

The legal basis for sharing your data with other SSI Authorized Training Centers is your consent (Art. 6(1) (a) GDPR).

As part of the SSI quality management, the participants/users will receive questionnaires about the training program by email as well as additional information/documents on, for example, course progress, certification data, etc. Additionally, they will receive correspondence for quality assurance aswell as further educational opportunities via the platform. The described processing is based on our legitimate interest (Art. 6 (1) (f) GDPR).

Within the digital learning system, users can provide additional personal information on the individual pages of the training programs, take personal notes and ask questions about specific content, and share them with their SSI Authorized Training Center or instructor upon request. The processing is based on legitimate interests (Art. 6 (1) (f) GDPR).

MySSI also allows the user to upload certain documents necessary for training and certification, which can also be viewed by other authorized persons, such as SSI, SSI Authorized Training Centers or Instructors. The described processing is necessary for the performance of a contract (Art. 6 (1)(b) GDPR).

Use of the Digital Certification and Document Functions

MySSI also allows the user to upload certain documents required for training and certification, such as proofs of First Aid, CPR, Oxygen Administration in Diving Emergencies and a Medical Statement signed by a practitioner, which may also be viewed by other authorized parties such as SSI, SSI Authorized Training Centers or Instructors, based on the personal settings in the Privacy function.

The described processing is necessary for the performance of a contract(Art. 6 (1) (b) GDPR) except for the processing of your medical statement. With regards to the latter the legal basis of the processing activity is your explicit consent (Art. 9 (2) (a) GDPR).

Use of the Digital DiveLog Function with GPS Data Transmission

When using the DiveLog (digital logbook) function with the location/location-sharing-function activated by the user on the user's smartphone and/or tablet and for the purpose of identifying available divespots and logging of dives for you, we process when using the DiveLog:

Your GPS or location data, as far as you have activated the location transmission function on the smartphone and/or tablet,

Legal basis for described processing activity is your consent (Art. 6 (1) (a) GDPR).

By activating the Share Functions of the personal profile as a dive buddy, geo data of the diving spot, maximum depth and time and the name and last name of the diver who shared the data and logged dive data can be shared with the dive buddy via QR Code Scan between the personal mobile devices.

The described processing is based on your consent (Article 6 (1) (a) GDPR).

2.3. Use of user data when using MySSI services

Use of the Equipment Function

If you use the MySSI equipment function you can register your equipment on your profile on MySSI and get automatic reminders for necessary equipment services.

You can upload the following information to MySSI:

personal equipment and relating data like brand, model, description, serial number, purchase date, dealer/store, etc.,
certain equipment related documents such as proofs for service and maintenance, warranty certificates, copies of purchase invoices, etc.,

Legal basis fort his processing activity is the legitimate interest (Art. 6 (1) (f) GDPR).

Legal basis for this processing activity are legitimate interests (Art. 6 (1) (f) GDPR).

Use of the SSI Authorized Training Center Locator and Event Calendar Functions with GPS Data Transmission

GPS information received about a user's location (when activated by the user) will be used in order to provide the user with the requested information,e.g. the Training Center Locator. The Event Calendar will request GPS data tolocate the nearest SSI Authorized Training Center or event. The described processing is based on your consent (Art. 6 (1) (a) GDPR).

Tailored marketing communication from SSI or third parties and product improvement

SSI collects your postcode, city, state, country, date of birth, course type, course progress, SSI authorized training center affiliation, current geodata and the data mentioned above insection 2.3 to identify your interests to provide you with customized advertising materials via newsletters, or in the app, or in your personal dashboard andspecial offers based on your interests (Profiling). The legal basis of the processing activity is your consent (Art. 6 (1) (a) GDPR and Art. 5 Para. 3E-Privacy Directive). Additionally, SSI collects functional data relating to MySSI to be able to improve MySSI and SSI products and services. The legal basis for this processing activity is our legitimate interest (Art. 6 (1) (f)GDPR)

By signing up for the newsletter and confirming the subscription via the double opt-in email you will receive, we will process your first name, e-mail address, IP address,country and language as well as any optionally chosen interests of newsletter content. The newsletter will be sent for the purpose of sending (i)personalised marketing and product information related to goods and services from the HEAD Group's sport product range, (ii) personalised promotional information and news matching your interest categories and/or based on your website use (for example, frequent viewing of products within your selected interest categories and geolocalisation), (iii) satisfaction surveys regarding services, products and advice of the HEAD Group and demand analyses, (iv)contests, coupons, discount campaigns and prize games and (v) electronic greeting cards via e-mail.

When we collect your email address in the context of a sale of a product or a service, we mayuse your email address also for direct marketing of similar products orservices (via our newsletter), provided that you have not opted-out of this communication upfront. You have the right to opt-out at any time and we will provide you with an opt-out in all such communications, e.g. via a unsubscribelink. The legal basis for this processing operation is our legitimate interest,(Art. 6 (1) (f) GDPR and Art. 13 (2)E-Privacy Directive. (does not apply to customers from Australia)

Based on your IP address and with the aid of our "Browser Region Managers", we can locate the region where you are located when you are using MySSI. This information will be saved to direct you to the regional subpage and newsletter sign up applicable to your country of residence. We do not determine your exact location while doing this. You can manually change your allocated country before signing up to our newsletter by using the country drop down menu on our website or after youhave already signed up for our newsletter by updating your preferences.(instead of allocating the country/language via the Browser Regional Manager).

Personalised promotional information and news is sent based on your IP address and your usage behaviour on MySSI (Profiling). Based on your IP address and with the aid of our "Browser Region Managers", we can send you regional offers to the extent to which you have consented. In the process, we also analyse the frequency of clicks solely for your selected areas of interest "[diving, open water diving,…]" and, for example, in the case of frequent use of the "[diving]" section, send you information from this area of interest via e-mail based on the declaration of consent described above. The analysis is carried out based on the following assessment methods and sequence of preferences: The data regarding your usage behaviour on MySSI is compared anonymously with the empirical values for similar data sets in our database. Based on this, we calculate the probabilities of potential future contacts and purchases with us. We can therefore also make corresponding offers and send information that, based on our experience, was of interest to customers with similar behaviour. In the process, we can also create anonymised and pseudonymised user profiles.

We also store your IP address and the date and time of registration upon subscribing to the newsletter. This is only saved to serve as proof in the event that a thirdparty misuses an e-mail address and subscribes to receive the newsletter without the knowledge of the rightful owner. Personal data collected when subscribing to the newsletter is not forwarded to third parties for marketing purposes.

The legal basis for this processing activity is your consent (Art 6 (1) (a) GDPR).

You may revoke your consent to receive newsletters at any time with effect for the future without specifying the reasons (for example, via an unsubscribe link at the end of every newsletter or via e-mail at privacy@diveSSI.com).

2.4. Personal Privacy Settings– Disclosure to other App users and processing of anonymised data

Registered users of MySSI can select the confidentiality level of most of their information in their profile settings by defining visibility settings like "Everyone" (visible for everybody), "Buddies" (visible for accepted buddies) or "Private" (only visible to the user). The default setting of MySSI for new users is always "Private", so that the new user must actively allow higher visibility levels. When the profile is set to "Private" only statistical data is processed about the respective use, in order to determine trends, usage patterns, frequency of use and regional activities.

2.5. Disclosure to other SSI Authorized Training Centers

Subject to your consent, and for the purposes described below we will make available your personal data namely Name, First Name, Street, Postbox,Postcode, City, State, Country, Email Address, Telephone Numbers (optional),Date of Birth, Personal Photo, Language, Gender, SSI Master ID, Course Type,Course Progress, Certification Data, (Number, Date, Instructor, Number of Divesat Certification Time, Year of Commencement of Diving), Dive Center Assignment and other personal information provided by you voluntarily via MySSI, e.g. Insurance Data Of Diving Specific Policies (if applicable) to other SSI Service Centers (please find an overview of all SSI Service Centers here: https://my.divessi.com/ssi) around the world and also Authorized SSI Training Centers, if you choose to affiliate or do business with them (please find an overview of all Authorized SSI Training Centers here: https://my.divessi.com/divecenter). This will help them to identify you, verify you or confirm the status of your training and certifications and to offer you appropriate trainings or services based on your personal status or training progress regarding your diving activities and/or certifications.

Please note that not all recipients (SSI Authorized Training Centers)have established an adequate level of data protection. Sharing your data issubject to your freely given consent. Also please note that SSI Authorized Training Centers can only access your data on your request and when providing your name and birthday for identification. Legal basis for the described processing is your consent (Art. 6 (1) (a) GDPR).

2.6. No processing of personal data from individuals who are under the age of 18

SSI does not processes personal data from individuals under the age of 18 who participate in SSI training programs if a legal guardian has not consented to registration. Should SSI find out that data of an individual under the age of 18 is processed, SSI will delete this data.

3. WEB SHOP PURCHASES

If you purchase a digital kit in our web shop (www.divessi.com), we process your name, billing and delivery address, e-mail address, telephone number and these rial number assigned to the ordered items and information on the goods that you purchased for the purpose of the performance of a contract (Art 6 (1) (b)GDPR).

If you want to order other products, such as hardware, we will process your name, billing and delivery address, e-mail address, telephone number and transfer this data to HEAD Watersports SpA (Salita Bonsen 4, 16035, Rapallo (GE), Italy), from which you buy the chosen products and which will process your purchase. The legal basis for this processing activity is the legitimate interest (Art 6 (1)(f) GDPR).

4. TRANSFER OF YOUR PERSONAL DATA TO THIRD PARTIES

SSI might transmit your personal data to external performance agents orservice providers. When third parties are processing data on behalf of SSI, SSI will enter into data processing agreements with them to ensure that the user´s/student´s information is used in accordance with the SSI Privacy Policy.

SSI transfers data to the following recipients

SSI Service Centers (please find an overview of all SSI Service Centers here: https://my.divessi.com/ssi)
SSI Training Centers (please find an overview of all Authorized SSI Training Centers here: https://my.divessi.com/divecenter)
IT service providers and/or providers of data hosting services;
service providers of software solutions who also support us in providing our services(incl. providers of marketing tools, marketing agencies, communication serviceproviders and call centers);
companies of the HEAD group ;
Head Watersports SpA (Salita Bonsen 4,16035, Rapallo (GE), Italy)
LiveAboard.com BV (Keizersgracht 307-2, 1016 ED Amsterdam, the Netherlands)
third parties who are fulfilling our obligations in regard to services provided to you (e.g.,parcel service providers for the shipment of your certificate or purchased products, payment service providers and banks for payment processing);
other third parties (e.g., auditors, insurance companies, legal representatives, insuranceproviders etc.);
officials and other public bodies if required by law (e.g., tax authorities etc.).

5. TRANSFER OF YOUR PERSONAL DATA TO THIRD PARTIES OUTSIDE OF THE EU/EEA

We might also transmit your personal data to companies and other contractual partners outside of the EU/EEA for the verification of your SSI trainingstatus and certifications, for the provision of our services, the operation of MySSI, the handling of your order, the maintenance of our IT systems and software etc. However, such transmission does not change anything in our obligation to protect your personal data in accordance with this Privacy Notice. If your personal data is transmitted outside of the EU/EEA, we guarantee an adequate measure of security by forwarding them to countries that have an appropriate level of protection based on confirmation by the European Commission or by concluding a transfer agreement incorporating the European Commission's Standard Contractual Clauses (which are available here) between us and the legal person outside of the EU/EEA who receives the data. In other cases, the data transfer might be based Art. 49 (1) 1 GDPR. You may receive a copy of the suitable guarantees by sending an e-mail to privacy@divessi.com.

6. DATA SECURITY

MySSI operates in encrypted https-format. Additionally, we take appropriate technical and organizational security measures to protect your personal data from unintentional or unauthorized deletion or modification, and from loss, theft and unauthorized viewing, forwarding, reproduction, use, alteration or access. We and our employees are also bound to data secrecy and confidentiality. Likewise, performance agents and authorized agents who must have access to your personal data to fulfill their professional duties will be subject to the same obligations to observe data secrecy and confidentiality.

7. DATA RETENTION PERIOD

SSI stores your data as long as your MySSI account is active and SSI will keep your data for the duration of the contractual relationship you have with us. Laws may require SSI to hold certain information for specific periods. In other cases, SSI may retain data for an appropriate period after any relationship with you ends to protect itself from legal claims, or to administer its business.

In case a registered user does not activate the MySSI account and does not get certified within 12 months after registration, the account and user data will be automatically deleted from MySSI.

8. YOUR RIGHTS

You have the following data subject rights in relation to your personal data processed by us:

you have the right to access your personal information and to receive a copy of the personal data processed by us, Art. 15 GDPR;
If your personal data which we are processing is incorrect or no longer current, you have the right to rectification, Art. 16 GDPR;
you have the right to obtain erasure of your data ("right to be forgotten"), Art. 17 GDPR;
you have the right to receive your personal data in a structured, commonly used and machine-readable formatand you have the right that we transmit your data to another controller Art. 20GDPR;
you have the right to obtain from us the restriction of processing where the prerequisites are met, Art. 18GDPR;
you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects, Art. 22 GDPR;

Your right to object, Art. 21 GDPR:

Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If we process your data for legitimate purposes, you also have the right to object this processing at any time if grounds for this arise from your specific situation

So that we can process your inquiry regarding your rights specified above and ensure that personal data is not given to unauthorized third parties, please address the inquiry with clear identification of your person and with a short description regarding the scope of the exercise of your data subject rights listed above.

Your right to lodge a complaint

You also have the right to lodge a complaint with the competent dataprotection authority, in particular the data protection authority in the Member State of your habitual residence or place of work, if you are of the opinion that the processing of the personal data about you violates the applicable dataprotection laws.

Your right to withdraw your consent

If you have given us your consent for a certain processing activity you can withdraw it at any time by sending an email to privacy@divessi.com. The withdrawal of your consent does not affect the lawfulness of the processing carried out on the basis of the consent until the withdrawal.

8.1. CONTACT DETAILS OF CONTROLLER AND DATA PROTECTION OFFICER

If you have any questions about the processing of your personal data, please feel free to contact us or our data protection officer via email: privacy@diveSSI.comor letter: SSI International GmbH c/oPrivacy – Johann-Hoellfritsch-Straße 6 – 90530 Wendelstein – Germany.

9. CALIFORNIAN PROVISIONS

9.1 Categories of personal information we collect, where we collect it from, why we collect it, and who we share it with.

We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer or household ("personal information").

We use the personal information we collect for our operational purposes or other purposes set out in this privacy notice. Those purposes may include

Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
Debugging to identify and repair errors that impair existing intended functionality.
Short-term, transient use, provided the personal information that is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer's experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.
Undertaking internal research for technological development and demonstration.
Undertaking activities to verify, improve, upgrade, enhance, or maintainthe quality or safety of our products or services.

To help you understand our privacy practices, the following table shows, for the past twelve (12) months: which categories of personal information we have collected, the categories of sources from which we collected personal information, our business or commercial purposes for collecting the information, and the categories of third parties with whom we have shared personal information:

Category of Personal Information	Sources	Purposes	Third parties shared with
Identifiers such as name, email, address, PTR number, and PPR number.	Consumer. Third-party operators of tournaments or other events. Third-party organizations for amateur and professional athletes.	To provide product offerings or services at events we sponsor. To accept and fulfill product purchases. To provide you with newsletters or other mailings. To perform our contractual obligations to you. To perform market research and product development. To market our products and services to you.	Service providers. Affiliates. Third parties we rely on for business, financial, or legal matters, such as financial institutions, collection agencies, insurance companies, creditor protection associations, and legal counsel. Third parties that help us market or advertise our products and services.
Categories of personal information described in Cal. Civ. Code § 1798.80(e) such as name, email, address, credit card number or other payment information, and telephone number	Consumer. Third-party operators of tournaments or other events. Third-party organizations for amateur and professional athletes.	To provide product offerings or services at events we sponsor. To accept and fulfill product purchases. To provide you with newsletters or other mailings. To perform our contractual obligations to you. To perform market research and product development. To market our products and services to you.	Service providers. Affiliates. Third parties we rely on for business, financial, or legal matters, such as financial institutions, collection agencies, insurance companies, creditor protection associations, and legal counsel.
Characteristics of protected classifications under California or federal law such as age and gender.	Consumer	To provide product offerings or services at events we sponsor.	Service providers. Affiliates.
Commercial information such as, e.g., records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	Consumer	To provide you with newsletters or other mailings. To perform market research and product development. To market our products and services to you.	Third parties we rely on for business, financial, or legal matters, such as financial institutions, collection agencies, insurance companies, creditor protection associations, and legal counsel.
Internet or other electronic network activity information such as e.g., browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.	Consumer	To provide you with newsletters or other mailings. To perform market research and product development. To market our products and services to you.	Third parties we rely on for business, financial, or legal matters, such as financial institutions, collection agencies, insurance companies, creditor protection associations, and legal counsel.

9.2 Disclosure of personal information

In the past twelve (12) months, we have disclosed the following categories of personal information of California consumers for a business purpose:

Identifiers
Categories of personal information described in Cal. Civ. Code § 1798.80(e)
Characteristics of protected classifications under California or federal law

9.3 Do Not Track

Some browsers have "do not track" features that allow you to tell a website not to track you. These features are not all uniform. We do not currently respond to those signals. Instead, we collect, use, and share information as described in this privacy notice regardless of a "do not track" choice.

9.4 Your rights under California law

You have the right to ask us to send you the following information:

9.4.1 The personal information we have collected, used, or disclosed about you.
9.4.2 The categories of personal information we have collected about you.
9.4.3 The categories of sources from which we collected the personal information.
9.4.4 Our business or commercial purpose for collecting personal information.
9.4.5 The categories of third parties with whom we share personal information.
9.4.6 The specific pieces of person information we have collected about you.

You have the right to ask us to delete the personal information about you that we have collected orthat we maintain.

We do not, and will not sell your personal information. Therefore we don`t provide a mechanism to opt-out of sales of personal information.

9.5. Non-discrimination

Your privacy rights are important. If you exercise your privacy rights under California law, we will not do any of the following in response:

Deny you goods or services.
Charge you different prices or rates for goods or services, including through the use of discounts or other benefits, or imposing penalties.
Provide you a different level or quality of goods or services.
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

9.6. How California residents can submit requests

If you are a California resident and you want to submit a request to us regarding your California rights, you can contact us here privacy@divessi.com. If you have a pre-existing account with us, you must submit your request through that account, but you do not have to create an account with us to submit a request.

If you submit a request to delete personal information, you must separately confirm the request. After receiving your request, we will send you a separate communication with instructions on how to confirm your request to delete.

We can only respond to your request if it is verifiable. This means we are obligated to take reasonable steps to verify your identity.

If you have a password-protected account with us, we will verify your identity using our existing authentication practices for that account, but you must re-authenticate yourself before we can disclose or delete the information related to your request.
If you do not have an account with us, we verify your identity by matching the following information you provide as part of your request with information about you we already have: name, address, phone number.

If necessary to verify your identity, we may ask you to provide additional information that will help us do so. We may also require a signed declaration under penalty of perjury, depending on the nature of the request. We will only use that additional information in the verification process, and not for any other purpose. If we cannot verify your request, we will not disclose any personal information.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.

9.7. Authorized agents

If you wish to submit a request to know or delete through an authorized agent, we require the following before we can process the request:

A notarized copy of your written permission authorizing the agent to make the request, and
That you verify your identity directly with us, as described above.

Consumers may submit the information listed above to privacy@divessi.com. Authorized agents may also submit the notarized copy of written permission to privacy@divessi.com.

If your authorized agent has a valid power of attorney under California Probate Code sections 4000 to 4465, we may request proof of the power of attorney instead of the foregoing.

We may deny a request from an agent that does not submit proof you authorized them to act on your behalf.

10. Changes to this privacy notice

From time to time, we may update this privacy notice. When we do, we will post it on our Website and include the effective date of the update. If there are material changes to this privacy notice, we will post a prominent notice on our Website and provide other notice as required by law.

APPENDIX

Link to the list of SSI Service Centers – https://my.divessi.com/ssi

Link to the list of Authorized SSI Training Centers - https://www.divessi.com/dealer-locator

Link to diveSSI Website Privacy Statement – https://www.divessi.com/info/privacy-policy

Link to MySSI System Privacy Statement – http://my.divessi.com/myssi_privacy

Link to the document describing the essence of the applicable joint controller agreement - https://my.divessi.com/ssi_dc_joint_controller_agreement

Beginner

Advanced

Professional

Continents

Oceans

Wildlife

Blog & News