Privacy Policy
Last Updated: July 8, 2026
1. Introduction
Institute of WorkComp Advisors LLC, DBA Institute of WorkComp Professionals (“we,” “us,” or “our”) operates WorkCompTechPro.com (the “Site”), through which we offer workers’ compensation training and credentialing programs (including WCTP, CWCA, CWCS, and MWCA courses). This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and what rights you have regarding your data.
This policy applies to all visitors and users of our Site.
2. Information We Collect
2.1 Information You Provide Directly
- Contact form: first name, last name, work email, phone number, role (e.g., underwriter, claims adjuster, premium auditor, TPA/fund manager, self-insurance fund, other), and your message.
- Enrollment / checkout: when you enroll in a course, you are directed to our order-processing partner (Keap, hosted at
bigideas.infusionsoft.app) to submit name, contact details, billing address, and payment information. We receive your name, contact details, and order/payment status from Keap — we do not directly receive or store your full credit card number.
2.2 Information Collected Automatically
We use Google Analytics to understand how visitors use our Site — including pages viewed, time on site, referring URLs, approximate location (city/region level), device and browser type, and IP address (which Google may truncate/anonymize). Google Analytics uses cookies and similar technologies to collect this information. See Google’s Privacy Policy and how Google uses data from sites that use its services for more detail. We do not currently run advertising or retargeting pixels (e.g., Facebook Pixel). Our web host and infrastructure providers also automatically log standard technical information (such as IP address, browser type, and access times) as part of normal server operation and security monitoring. If we add advertising, retargeting, or other tracking technologies in the future, we will update this policy and, where required, request your consent.
2.3 Information from Third Parties
We use Keap (Infusionsoft) as our CRM, email, and order-processing platform. Information you submit through our contact form or checkout is stored and processed within Keap on our behalf.
2.4 Cookies and Similar Technologies
| Cookie Type | Purpose | Examples Found | Duration |
|---|---|---|---|
| Essential | Site functionality, security | WordPress/hosting session cookies | Session |
| Analytics | Usage statistics, performance monitoring | Google Analytics (_ga, _ga_*) |
Up to 14 months |
| Marketing | Not currently in use | None detected | N/A |
| Preference | Not currently in use | None detected | N/A |
3. How We Use Your Information
- Responding to inquiries submitted through our contact form
- Processing course enrollments and payments
- Providing access to purchased training and credentialing content
- Sending service, enrollment, and course-related communications
- Sending promotional communications about courses (with consent / opt-out available)
- Complying with legal and tax obligations
- Maintaining the security and integrity of our Site
- Analyzing Site traffic and usage patterns via Google Analytics to improve our content and course offerings
Legal Basis for Processing (GDPR):
| Purpose | Legal Basis |
|---|---|
| Responding to contact inquiries | Legitimate Interest |
| Processing enrollment and payment | Contractual Necessity |
| Marketing communications | Consent |
| Legal/tax compliance | Legal Obligation |
| Analytics (Google Analytics) | Consent |
4. How We Share Your Information
Service Providers
- Keap — CRM, email delivery, and order/payment processing
- Google Analytics — Site traffic and usage analytics
- Our web hosting provider — infrastructure and server logs
Legal Requirements
We may disclose your information if required by law, subpoena, court order, or government request.
Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred.
We do NOT sell your personal information.
5. Data Retention
| Data Type | Retention Period | Reason |
|---|---|---|
| Contact form submissions | 24 months from submission | Customer service follow-up |
| Enrollment/order records | 7 years | Tax and legal recordkeeping |
| Marketing consent records | Until consent withdrawn | Marketing communications |
| Server logs | 30 Days | Security and debugging |
6. Data Security
We implement reasonable technical and organizational measures to protect your personal data, including: – Encryption in transit (HTTPS/TLS) – Access controls on our CRM and hosting accounts – Use of a PCI-DSS compliant payment processor (Keap) for all payment handling – IP anonymization/truncation settings in Google Analytics where available
Payment information is processed by Keap and is subject to its own PCI-DSS compliance standards. We do not store your full credit card number on our servers.
7. Your Rights Under GDPR (EEA/UK Residents)
If you are located in the European Economic Area or United Kingdom, you have the right to:
- Access a copy of your personal data
- Rectification of inaccurate personal data
- Erasure (“right to be forgotten”)
- Restrict Processing
- Data Portability
- Object to processing based on legitimate interests
- Withdraw Consent at any time
- Lodge a Complaint with your local Data Protection Authority
To exercise any of these rights, contact us at kevin@workcompprofessionals.com. We will respond within 30 days.
8. Your Rights Under CCPA/CPRA (California Residents)
California residents have the right to:
- Know what personal information we collect and how we use it
- Delete personal information
- Opt-Out of sale/sharing of personal information
- Non-Discrimination for exercising these rights
- Correct inaccurate personal information
To exercise these rights, contact us at kevin@workcompprofessionals.com.
Categories of Personal Information Collected (past 12 months): Identifiers (name, email, phone), commercial information (order/enrollment records).
We do not sell or share personal information as defined under CCPA.
9. Children’s Privacy (COPPA)
Our Site is intended for insurance and workers’ compensation industry professionals and is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us at kevin@workcompprofessionals.com.
10. International Data Transfers
Your information may be processed in the United States via our service providers (Keap, Google Analytics, our hosting provider). Where required, we rely on appropriate safeguards such as Standard Contractual Clauses with our service providers.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the “Last Updated” date. Continued use of the Site after changes constitutes acceptance of the updated policy.
12. Contact Information
- Company: Institute of WorkComp Advisors LLC, DBA Institute of WorkComp Professionals
- Email: kevin@workcompprofessionals.com
- Mailing Address: PO Box 5437, Asheville, NC 28813
For GDPR complaints, you may also contact your local Data Protection Authority.