Privacy and Cookies Policy
Privacy and Cookies Policy
: ESCP Europe Business School
: Calle Arroyofresno, nº 1, bajo izquierda , CP: 28035 – Madrid. Spain
: firstname.lastname@example.org / Tel: (+34) 913 862 511 / Fax: (+34) 913 739
: Registered in the Spanish Register of Associations as ESCP Europe España, in Group 1, Section 1. National Number 78469
ESCP Europe Business School, pursuant to the current regulation on personal data protection, hereby informs that the personal data collected through its online forms in computerised form is included in specific automated files on users of ESCP Europe Business School’s services.
The purpose of collection and automated processing of personal data is to maintain commercial relationships and undertake tasks related to teaching, information, training, consultancy and other activities carried out by ESCP Europe Business School. This data shall only be transferred to entities deemed necessary, with the sole aim of complying with the aforementioned purpose. Moreover, its aim is to provide you with a means of contacting us, allowing us to address your requests and to send you information on our services, courses and activities, including by electronic means (email, SMS, WhatsApp, etc.)
ESCP Europe Business School adopts the necessary measures for guaranteeing the security, integrity and confidentiality of data in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
ESCP Europe Business School is legitimised to process personal data based on user consent, when users request information through the contact form, or any other ESCP Europe form, and check the box to accept that information be sent.
Users may, at any moment, exercise their rights to access, opposition, rectification and erasure, as recognised in the aforementioned Regulation (EU). These rights may be exercised by users themselves by emailing email@example.com or by writing to Calle Arroyofresno, no. 1, bajo izquierda, Postcode: 28035 – Madrid. Spain.
Furthermore, users guarantee that any personal data provided to ESCP Europe
Business School is true and they are responsible for communicating any modification
of this data to ESCP Europe Business School.
The aim of this Policy is:
- To guarantee that you understand what personal data we gather concerning you, the reasons for gathering it and whom it is shared with;
- To explain how we use the personal data that you share with us, with the aim of offering you an excellent experience of ESCP Europe Business School’s services; and
- To explain your rights and options relating to the personal data that we gather and process concerning you, and how we protect your privacy.
We hope that this will help you to understand our commitment to your privacy.
Purpose of processing personal data:
Information collected through online forms is recorded in a computerised file belonging to ESCP Europe for managing client relationships, direct sales and recruitment/selection of
All personal data requested, and marked as such, is necessary for users to receive information related to ESCP Europe Business School and its programmes and education
on offer; nevertheless, this information is provided voluntarily by the User, who, upon consenting to provide it, guarantees its authenticity and commits to communicating any
variation in this data to ESCP Europe Business School.
At ESCP Europe Business School, we will process collected personal data concerning you for the following purposes:
- In cases of recruitment/selection of candidates, to maintain contractual relationships and for management, administration, information, provision and
improvement of our service.
- To send information requested using forms available in digital or physical format.
- To send newsletters, in addition to business communication on promotions and/or advertising regarding our entity and/or the education sector.
All user responses to requests for personal data are voluntary and are provided with express consent to ESCP Europe Business School; they are necessary for users to
receive information related to ESCP Europe Business School via the email address provided by the user. The fields of these forms must be completed; if this data is not provided, fulfilling the aforementioned aims is impossible.
We remind you that you may object to the sending of business communication by any means and at any time by sending an email to the previously-indicated email address.
Your rights and preferences:
The new European Regulation, known as the General Data Protection Regulation (GDPR), grants people
certain rights relating to their personal data. Depending on their availability, and except where they are limited by applicable law, the rights granted to people are:
- • Right of access: the right to be informed of and request access to the personal data concerning you that we process;
- • Right to rectification: the right to request that we correct or update your personal data, should it be inaccurate or incomplete;
- • Right to erasure: the right to request that your personal data be deleted;
- • Right to restriction: the right to request that processing of all or some of your personal data be temporarily or permanently ceased.
- • Right to object: either the right, at any point, to object to processing of your personal data for reasons relating to your specific situation, or the right to object to your personal data being processed for direct marketing purposes;
- • Right to data portability: the right to request a copy of your personal data in electronic format and the right to transfer this data for use as part of a third-party service; and
- • The right not to be subject to automated decision-making: the right to not be subject to decisions based solely on automated decision-making, including
profiling, when this decision may imply a legal effect for you or cause a similar significant effect.
For further information on the previously-described GDPR rights for all ESCP Europe Business School users, or should you have any questions regarding your privacy, your
rights, or how to exercise them, please contact our data protection department. We will respond to your request as quickly as possible, and always within a month of receiving the
request, subsequent to verification of your identity. This request should include the following details: name and surname(s) of the User, address for notification purposes,
photocopy of ID document or passport and the specific request. If you are not satisfied with the way in which we are using your personal data, you can also contact or make an appeal
before the Spanish data protection authority (LOPD) or your local data protection authority.
How we gather your personal data:
We gather your personal data in the following ways:
- • When registering via an ESCP Europe Business School information form: when registering using any ESCP Europe Business School form, we collect certain personal data, such as your name, surname(s), email address, gender, country of origin, amongst others; not all the information requested when participating on the website is obligatory, except that deemed necessary by us and made known to you as such. Moreover, you have the option of providing us with certain additional personal data, in order to further personalise requested information. The exact personal data gathered by us depends on the type of ESCP Europe Business School educational programme for which you register.
- • Personal data gathered in the specific forms which allow us to register you for an educational programme: if you decide to apply to a ESCP Europe Business School educational programme, you will be asked to provide additional information and, for the purposes of making payments corresponding to the programme, financial data such as your credit card number and invoicing address, which shall be used to create an ESCP Europe Business School invoicing account.
We use anonymous, additional information for purposes including tests of our computer systems, research, data analysis, creation of marketing and promotion models, improving the ESCP Europe Business School service and developing new functions within the ESCP Europe Business School service.
How long is gathered personal data stored for?
Personal data provided shall be stored for as long as business relationships are maintained and unless you request its erasure; it is stored for 3 years for use by the marketing and recruitment/admissions departments. Subsequently, it shall be retained for the legally-required terms (except, in both cases, if processing is based on User consent and the User repeals this, in which case it shall be stored until this repeal is received). Therefore, we can guarantee that your data shall not be retained for longer than necessary for the aforementioned purposes, without prejudice to storage which may be necessary for formulating, exercising or defending possible claims and/or as permitted by applicable legislation.
Your data shall be processed based on the following legal grounds, which legitimise this processing:
- • Requesting information and/or purchasing ESCP Europe Business School services, the terms and conditions of which shall be placed at your disposal prior to any purchase.
Should you not provide us with your data, or should you provide incorrect or incomplete data, we will not be able to address your request; consequently, it will prove entirely impossible for us to provide the requested information or for you to purchase the services in question.
Data shall not be communicated to any third party external to ESCP Europe Business School, unless this is legally required or so established in this communication. Optimal provision of the service offered by ESCP Europe Business School may require other third-party providers of ESCP Europe Business School services to access the User’s personal data, as processors.
In addition to the possible access that third-party suppliers, whether national or international, may have to personal data under the responsibility of ESCP Europe Business School as processors, in the context of provision of a service to the processing controller, ESCP Europe Business School may transfer the User’s personal data to authorised ESCP Europe Business School distributors, provided that the User’s consent has been requested and the User has expressly granted this.
We may share parts of aggregated information which includes your personal data (but does not directly identify you), alongside other information, such as registration data, with third parties to analyse the sector and demographic profiles, and for personalised advertising messages concerning other products and services.
We share your data with the following third-party categories:
- • Moderators for supervising registration applications and approving the recruitment/selection of candidates
- • Advertising partners, targeted advertising markets and suppliers
- • Security forces, when the law so requires or to protect the vital interests of a person
- • Companies which process payments and telecommunications companies, to facilitate payments for our services
We ensure that these third parties adhere to strict confidentiality and data protection standards, which are compatible with this Policy. We take measures to ensure that any shared data, as far as possible, is not attributable.
In addition to the above, ESCP Europe Business School may transfer or communicate personal data to comply with its obligations with Public Administration bodies, in cases in which this is required in accordance with the current legislation, at all times, and with Judicial authorities.
Protection and storage of information:
ESCP Europe Business School makes back-up copies of the content stored on its servers; however, it cannot be held responsible for accidental loss or deletion of users’ data. Similarly, it cannot guarantee the total recuperation of deleted data, since the aforementioned data may have been erased and/or modified during the period of time elapsed since the last back-up copy was made.
Recuperation of deleted data is only included in the price of the service when this loss of content is due to causes attributable to ESCP Europe Business School.
In order to offer an improved personal data management service, we operate using our own network of servers in Spain and France. The hardware is located in data centres belonging to ESCP Europe Business School, always within the European Economic Area. We ensure that data is suitably protected by guaranteeing that valid legal mechanisms are in place, such as EU-approved model clauses and the implementation of robust contractual standards.
Implemented security measures:
ESCP Europe Business School commits to complying with its obligation and duty of confidentiality regarding personal data and it shall adopt the necessary measures to prevent its alteration, loss or non-authorised processing or access, in accordance with the established provisions of the applicable regulation.
ESCP Europe Business School has implemented technical and organisational security measures necessary for guaranteeing the security of your personal data and for preventing its alteration, loss and non-authorised processing and/or access, considering the state of technology, the nature of the stored data and the risks to which it is exposed, whether originating from human action or the physical or natural environment, in accordance with the established provisions of the applicable regulation.
ESCP Europe Business School, as an entity concerned about privacy, in order to reinforce the confidentiality and integrity of the information in the organisation, continuously supervises, monitors and evaluates its processes to ensure respect of the privacy and security of information, in line with international standards.
We gather information using cookies on your computer or mobile phone. A cookie is a fragment of information stored on the browser of your computer or mobile phone.
The list of cookies used on the website, not strictly technical in their operation, is as follows:
|From the web analytics systems Google Analytics, Google Remarketing and Google Display Network.
end of session end
end of session end
|Their purpose is to analyse the traffic generated on the website.
However, ESCP Europe Business School, as the Website owner, adheres to the policy and standards of managing your privacy, which guarantee maximum privacy when browsing our Website. If so desired, the User may deactivate and/or delete these cookies via the procedures provided by Web browsers for this purpose, following the instructions..
Important:please carefully read the help section of your browser to better understand how to activate “private mode”. You may continue to browse our website even if your browser is in “private mode”; however, your browsing may not be optimal and certain features may not function correctly.
Below, Users can find examples and instructions of how to proceed to block cookies when using the main browsers currently available:
Chrome: Settings > Show advanced options > Privacy > Content Settings.
For further information, please consult Google Help or your browser’s Help function.
Firefox: Tools > Options > Privacy > History > Personalised Settings.
For further information, please consult Mozilla Support or your browser’s Help function.
Internet Explorer: Tools > Internet Options > Privacy > Settings.
For further information, please consult Microsoft Support or your browser’s Help function.
Safari: Preferences> Security.
For further information, please consult Apple Support or your browser’s Help function.
Opera: Options > Advanced > Cookies.
For further information, please consult Opera Software Support or your browser’s Help function.
Reservation of rights and operation principle for personal data protection
ESCP Business School reserves the right to modify, at any time, its policy on personal data processing and security, always respecting current legislation on data protection, and
subsequent to communication to data subjects, either via publication on this web page or on any other part of the website, or via any other means of communication or
dissemination considered appropriate, preferably sending the indicated modification to the email address provided by the user. Simple proof of sending to this email address shall
satisfy our commitment to information.
- - For compliance with relevant administrative and tax obligations
- - In response to a requirement from a competent authority, complying with the legal procedures corresponding to the case
- - Should a regulation with the status of a Law, or with a delegated legal status, so require.
ESCP Business School
All rights reserved 25 May, 2018