‘Personal data’ means identifiable information about you, like your name, email, address, telephone number, bank account details, payment information, and so on. If you can’t be identified (for example, when personal data has been aggregated and anonymized) then this notice doesn’t apply.
We may need to update this notice from time to time. Where a change is significant, we’ll make sure we let you know – usually by sending you an email.
Legal basis for processing
Legal bases for each processing activity are specified in the relevant sections above. When we process personal information for our legitimate interests, we make sure to consider and balance any potential impact on a data subject (both positive and negative), and the data subject’s rights under data protection laws. Our legitimate business interests do not automatically override interests of the data subjects - we will not process personal data for activities where our interests are overridden by the impact on the data subject (unless we have the consent or are otherwise required or permitted to by law).
Last updated: 14 August 2018
Here is a summary of some of the key changes we made on 14th August 2018:
- Collection and Use: We’ve provided information about the ways we collect personal data (when we do so at all) and how we intend to use it.
- Sharing: We’ve been more prescriptive about who we share your personal data with, which includes third party service providers and partners, regulators, an actual or potential buyer or where required by law.
- Security: We are committed to protecting your personal data using appropriate technical and organizational procedures.
- Data Subject Rights: We’ve outlined all rights individuals have in relation to their personal data and how those rights can be exercised .
Who are ‘we’?
When we refer to ‘we’ (or ‘our’ or ‘us’), that means MBA25Our headquarters are in the Russian Federation, in the USA and in Europe – in Ukraine but we operate all over the world.
For European Union data protection purposes, when we act as a controller in relation to your personal data, FASTFORWARD, LLC(Ukraine) (Tax identification number 37566464) is our representative in the European Union.
Our principles of data protection
Transparency: We are open, honest and transparent in our data processing approach.
Enablement: We enable connection and efficient use of personal data (only when absolutely needed) to empower productivity and growth.
Security: We follow the industry best practices to ensure the highest level of security and protection.
Stewardship: We accept the responsibility that comes with processing personal data.
Collection of personal data
We receive personal data, such as name, title, company address, email address, and telephone and fax numbers, from website visitors; for example when an individual subscribes to updates from us.
Visitors are also able to send an email to us through the website. Their messages will contain the user’s screen name and email address, as well as any additional information the user may wish to include in the message.
We ask that you do not provide sensitive information (such as race or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; physical or mental health; genetic data; biometric data; sexual life or sexual orientation; and, criminal records) to us when using our website; if you choose to provide sensitive information to us for any reason, the act of doing so constitutes your explicit consent for us to collect and use that information in the ways described in this privacy statement or as described at the point where you choose to disclose this information.
Use of personal data
When a visitor provides personal data to us, we will use it for the purposes for which it was provided to us as stated at point of collection (or as obvious from the context of the collection). Typically, personal data is collected to:
- register for certain areas of the site;
- subscribe to updates;
- enquire for further information;
- distribute requested reference materials;
- submit curriculum vitae;
- monitor and enforce compliance with our terms and conditions for use of our website;
- administer and manage our website, including confirming and authenticating identity and preventing unauthorised access to restricted areas, premium content or other services limited to registered users; and
- aggregate data for website analytics and improvements.
Unless we are asked not to, we may also use your data to contact you with information about MBA25 business, services and events, and other information which may be of interest to you. Should visitors subsequently choose to unsubscribe from mailing lists or any registrations, we will provide instructions on the appropriate webpage, in our communication to the individual, or the individual may contact us by email to email@example.com
Our websites do not collect or compile personal data for the dissemination or sale to outside parties for consumer marketing purposes or host mailings on behalf of third parties. If there is an instance where such information may be shared with a party that is not a MBA25 member firm, the visitor will be asked for their consent beforehand.
Legal basis for the processing
We will process personal data of visitors to our website based on our legitimate business interests or the consent, if the data subject has been requested to express one. For example, we have an interest in making sure our marketing is relevant for specified individuals, so we may process personal data to send our marketing that is tailored to the interests of a data subject.
Personal data collected via our websites will be retained by us for as long as it is necessary (e.g. for as long as we have a relationship with the relevant individual).
How we collect your data
When you visit our websites or use our services, we may collect personal data. The ways we collect it can be broadly categorized into the following:
Information you provide to us directly: When you visit or use some parts of our websites and/or services we might ask you to provide personal data to us. For example, we ask for your contact information when you sign up for a free trial, respond to a job application or an email offer, take part in training and events, contact us with questions or request support. If you don’t want to provide us with personal data, you don’t have to, but it might mean you can’t use some parts of our websites or services.
Information we collect automatically: We collect some information about you automatically when you visit our websites or use our services, like your IP address and device type. We also collect information when you navigate through our websites and services, including what pages you looked at and what links you clicked on. This information helps us get a better understanding of how you’re using our websites and services so that we can continue to provide the best experience possible.
Information we get from third parties: Most of the information we collect, we collect directly from you. Very rarely, we may collect personal data about you from other sources, such as publicly available materials or trusted third parties like our marketing and research partners. We use this information to supplement the personal data we already hold about you and to validate the personal data you provide.
Where we collect personal data, we’ll only process it:
- to perform a contract with you, or
- where we have legitimate interests to process the personal data and they’re not overridden by your rights, or
- in accordance with a legal obligation, or
- where we have your consent.
If we don’t collect your personal data, we may be unable to provide you with all our services ( these include billing, self-billing, etc.), and some functions and features on our websites may not be available to you.
If you’re someone who doesn’t have a relationship with us, but have reasons to believe that a MBA25 user has entered your personal data into our websites or services, you’ll need to contact that MBA25 user for any questions you have about your personal data (including where you want to access, correct, amend, or request that the user delete, your personal data).
How we use your data
We use your personal data to operate our websites and provide you with any services you’ve requested and to manage our relationship with you. We also use your personal data for other purposes, which may include the following:
To communicate with you. This may include:
- providing you with the information you’ve requested from us (like training or education materials) or information we are required to send to you
- operational communications, like changes to our websites and services, security updates, or assistance with using our websites and services
- marketing communications (about MBA25 or another product or service we think you might be interested in) in accordance with your marketing preferences
- asking you for feedback or to take part in any research we are conducting (which we may engage a third party to assist with).
To support you: This may include assisting with the resolution of technical support issues or other issues relating to the websites or services, whether by email, chat or otherwise.
To enhance our websites and services and develop new ones: For example, by tracking and monitoring your use of websites and services so we can keep improving, or by carrying out technical analysis of our websites and services so that we can optimize your user experience and provide you with more efficient tools.
To protect: So that we can detect and prevent any fraudulent or malicious activity, and make sure that everyone is using our websites and services fairly and in accordance with our Terms & Conditions.
To market to you: In addition to sending you marketing communications, we may also use your personal data to display targeted advertising to you online – through our own websites and services or through third party websites and their platforms.
To analyze, aggregate and report: We may use the personal data we collect about you and other users of our websites and services (whether obtained directly or from third parties) to produce aggregated and anonymized analytics and reports, which we may share publicly or with third parties.
How we can share your data
There will be times when we need to share your personal data with third parties. We will only disclose your personal data to:
- third party service providers and partners who assist and enable us to use the personal data to, for example, support delivery of or provide functionality on the website or services, or to market or promote our goods and services to you
- regulators, law enforcement bodies, government agencies, courts or other third parties where it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure
- an actual or potential buyer (and its agents and advisers) in connection with an actual or proposed purchase, merger or acquisition of any part of our business
- other parties where we have your consent.
International Data Transfers
When we share data, it may be transferred to, and processed in, countries other than the country you live in. These countries may have laws different to what you’re used to. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected.
For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. Where your personal data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data, or to a third party where we have approved transfer mechanisms in place to protect your personal data – i.e., by entering into the European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US-based office).
You should know to when and how we share personal data and locations of processing:
- We will only share personal data with others when we are legally permitted to do so. When we share data with others, we put contractual arrangements and security mechanisms in place to protect the data and to comply with our data protection, confidentiality and security standards.
- We are part of a global network of firms and in common with other professional service providers, we use third parties located in other countries to help us run our business. As a result, personal data may be transferred outside the countries where we and our clients are located.
- In respect of personal data being regulated by EU legislation please note that: cross border transfers may include countries outside theEEA and to countries that do not have laws that provide specific protection for personal data. We have taken steps to ensure all personal data is provided with adequate protection and that all transfers of personal data outside the EEA are done lawfully. Where we transfer personal data outside of the EEA to a country not determined by the European Commission as providing an adequate level of protection for personal data, the transfers will be under an agreement which covers the EU requirements for the transfer of personal data outside the EEA, such as the European Commission approved standard contractual clauses. Personal data held by us may be transferred to:
- Other MBA25 member firms
- We may share personal data with other MBA25 member firms where necessary for administrative purposes and to provide professional services to our clients (e.g. when providing services involving advice from MBA25 member firms in different territories). Our business contacts are visible to and used by MBA25 users from other MBA25 member firms to learn more about a contact, client or opportunity they have an interest in.
- Third party organisations that provide applications/functionality, data processing or IT services to us
- We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems. For example, providers of information technology, cloud based software as a service providers, identity management, website hosting and management, data analysis, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them.
- Third party organisations that otherwise assist us in providing goods, services or information
- Auditors and other professional advisers
- Law enforcement or other government and regulatory agencies or to other third parties as required by, and in accordance with, applicable law or regulation
- Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law or regulation.
We’re committed to protecting your personal data and have appropriate technical and organizational procedures in place to make sure that happens.
The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you’ve requested or to comply with applicable legal, tax or accounting requirements).
We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we’ll make sure it’s deleted or anonymized.
You have rights to:
- Know what personal data we hold about you, and to make sure it’s correct and up to date (Right to rectification)
- Restrict the processing of your personal data or delete it (Rightto erasure or to be forgotten):
You have the right to restrict or object to the processing of your personal information at any time, on reasonable grounds relating to your particular situation, unless the processing is required by law. In such case, we will no longer process or restrict the processing of the personal data, unless we can demonstrate compelling legitimate grounds for the processing or for the establishment, exercise or defence of legal claims.
- Object to our continued processing of your personal data (Right to restrict processing).
We hope that you won’t ever need to, but if you do want to complain about our use of personal data, please send an email with the details of your complaint to firstname.lastname@example.org. We will look into and respond to any complaints we receive.
- Other data subject rightsThis transparency notice is intended to provide information about what personal data we collect about you and how it is used. As well as rights of access, amendment and restriction or objection to processing referred to above, individuals may have other rights in relation to the personal data we hold, such as right to data portability. If you wish to exercise any of these rights, please send an email to email@example.com.
- You can exercise these rights at any time by login to your MBA25 account or sending an email to firstname.lastname@example.org.
How to contact us?
We prefer to communicate with you by online consultant– this ensures that you’re put in contact with the right person, in the right location, and in accordance with any regulatory time frames.
The relevant email is: email@example.com