Privacy Policy

Last updated: May 17, 2026

1. Information We Collect

When you enroll in a Apex Institute program, we collect the following personal information:

  • Full name, date of birth, and contact information
  • Email address (used for account login, course access, and communications)
  • Phone number (for advisor follow-up and account recovery)
  • Street address (for certificate delivery if a physical copy is requested)
  • Social Security Number (last 4 digits displayed only) — collected solely for identity verification and submission to the Maryland Department of Health and Mental Hygiene (DHMH) registry as required by state law
  • Payment information (processed by third-party gateway; never stored on our servers)

2. How We Use Your Information

  • Create and manage your student account
  • Issue your certification credentials
  • Communicate with you about enrollment and course progress
  • Submit certification records to DHMH as required by Maryland law
  • Send renewal reminders before your certification expires

3. How We Protect Your Data

  • All personal data, including SSN, is encrypted using industry-standard AES-256 encryption at rest and in transit over TLS/HTTPS
  • Access to personally identifiable information (PII) is restricted to authorized Apex Institute staff only, on a need-to-know basis
  • Your full SSN is encrypted at rest and in transit. Only the last four digits are displayed to you at any time
  • Payment processing is PCI-DSS Level 1 compliant through our third-party gateway

4. Third-Party Sharing

Your information will never be sold to third parties. It will not be used for any purpose other than those described above. We share data only with:

  • Maryland DHMH (as required by law for certification issuance)
  • Our PCI-DSS compliant payment processor
  • Our transactional email provider (for enrollment confirmations and results)

5. Maryland Personal Information Protection Act (MPPIPA)

In accordance with MPPIPA, Apex Institute will notify all affected individuals within 45 days of discovering a data breach. We maintain an incident response plan and conduct regular security audits.

6. FERPA Compliance

Student education records are protected. Only authorized staff may access individual records through role-based access control (RBAC).

7. Your Rights

You may request access to, correction of, or deletion of your personal information at any time by contacting us at trainatapex@gmail.com or +1 (240) 429-2729.

8. Contact

Apex Institute
Mt. Rainier, MD 20712
trainatapex@gmail.com
+1 (240) 429-2729