IESE Confidentiality Policy and Terms and Conditions of Use of IT Services for IESE students and alumni

This guideline seeks to inform IESE students and alumni about the processing, purposes and recipients of their personal data, as well as to define the conditions for the use of IT services. The aforementioned aims to ensure that all alumni and participants are aware and consent to the purposes of use and the restrictions of IT services.

‘IT services’ are understood to be all information technology services (computers, tablets, smartphones, multifunction printers, photocopiers, peripherals, associated components and data storage media), any associated software (operating systems, system software and specific applications) and online services (emails, directories, Internet, Intranet, cloud services, videoconferences, audios, videos and similar elements) made available to students and alumni for courses undertaken.

All the IT services, as well as the information they contain, are the property of IESE. Their purpose is to support the school’s teaching and research. IT services are considered an extremely valuable asset which users must protect and use in an appropriate manner.

Access and use of the IT services implies the full and unreserved acceptance of the terms and conditions of use of these services.

IESE guarantees compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) to all data subjects, as well as the implementation of all necessary security measures, which guarantee its confidentiality and integrity.

Below is the information clause for the processing of the personal data of IESE students and alumni, as well as the terms and conditions of use of IT services (both general and service-specific).

For a more detailed description of the use of a specific service, please consult the user guides available in the Virtual Campus.

Information clause for the processing of personal data

DATA CONTROLLER: IESE Universidad de Navarra (R3168001J), Avenida Pearson 21, 08034, Barcelona, InfoDat@iese.edu.

PURPOSE: Formalisation, administration and delivery of the contracted course. To provide auxiliary services to students: insurance, funding, financial aid, canteen services, parking, career guidance and job bank. To participate in IESE projects, studies and surveys. To use your image for teaching purposes and for posting to the virtual campus and student directories, to be shared with the other students on your course. To record images and/or sound during training courses and events for publication in any medium (website, social media, brochures, internal training), for the purpose of promoting IESE activities and sharing training experiences with third parties, as well as keeping a photographic log. To send information on events, activities and courses which IESE considers of interest, including by electronic means. To participate in worldwide business school rankings prepared by third parties.

LEGAL BASIS: Execution of the registration contract. Legitimate interest in sending alumni information about our activities and services and in keeping a photographic log. Data subject’s consent for the use of their promotional images and the transfer of their data to third parties for the purposes of rankings.

RECIPIENTS: The public and private entities required to provide services. Between students on training courses. The Financial Times, Eduniversal, Bloomberg Businessweek, Forbes and The Economist, or other similar organisations, and which may involve the international transfer of data to the United States for participation in the rankings.

RETENTION: During the delivery of the course and the legally established retention periods (academic records). Photographic and audiovisual logs shall be kept indefinitely, based on IESE’s legitimate interest in keeping a historical record of the institution.

RIGHTS: You may withdraw your consent at any time, as well as request access, rectification, erasure and/or portability of your data and objection to and/or restriction of its processing in writing to InfoDat@iese.edu. In the event of any disagreement, you may lodge a complaint to the relevant Data Protection Authority.

General terms and conditions of use of IT services

The IT services provided by IESE have the sole purpose of providing teaching and education services and fomenting contact within the IESE community (with the aim of encouraging and facilitating communication among its members), and under no circumstances are they of a private or commercial nature.

In order to maintain and preserve the quality and reputation of IESE’s services, users must at all times respect the conditions of use of the IT services detailed below. These terms and conditions of use constitute the code of conduct of said services.

Access and use of the IT services implies the full and unreserved acceptance of the terms and conditions of use of these services.

Passwords

1. Choose hard-to-guess passwords and keep them secret.

2. Please bear in mind the following requisites when fomulating a password:

a. It has a minimum of eight characters.

b. It is different from any of the ten previous passwords.

c. It does not contain part of your first name or surnames.

d. It contains characters from at least three of the following four groups (passwords are case-sensitive):

i. Capital letters, for example: A, B, C…

ii. Lowercase letters, for example: a, b, c…

iii. Numbers, for example: 0, 1, 2, 3…

iiii. Non-alphanumeric characters (special characters)

3. For security reasons, there may be maximum expiration periods for passwords.

4. Passwords may be changed via the IESE website (https://wabmpre.iese.edu/iese_wa/ResetPwd.aspx), upon entering a username and password.

Exclusivity

1. IT services are made available to the user solely for teaching purposes, and shall be used in an appropriate manner.

2. The accounts which provide access to the IT services have been designed strictly for teaching purposes, and are individual and non-transferable. The use of the accounts of these services by third parties, as well as the sale or loan thereof, is totally prohibited.

Good practices for the use of IT services

1. The user agrees to properly use the content and the IT services in accordance with current legislation, this confidentiality policy and the terms and conditions of use of IT services, thereby avoiding any illegal or harmful action of rights or interests of IESE, or of third parties.

2. Any user of IT services commits oneself to a certain attitude and to use respectful language in communications with other users, whether in public and private spaces, and not to transmit or post opinions or content which may be illegal, defamatory, offensive or threatening to the values and dignity of people.

Intellectual property

1. The user acknowledges and accepts that all the industrial and intellectual property rights of the IT services belong to IESE, or to third parties which have been assigned rights. The user is authorised for educational purposes only, and in no way for profit-making purposes. Any other use or exploitation of any rights shall be subject to the prior and express authorisation specifically granted for that purpose by IESE, or the third-party holder of the rights in question.

Waiver of Liability

The IESE is exempt from any liability arising from the negligent use of the IT services made available to students, as well as the interruption or temporary or permanent downtime of the IT services provided.

Compliance with the terms and conditions of use of IT services

1. Access and use of the IT services implies the full and unreserved acceptance of these terms and conditions of use of these services.

2. Failure to comply shall entitle IESE to deny, withdraw, suspend or block access and use of services, and, if applicable, to lodge a claim for non-compliance.

Specific terms and conditions of use of IT services

Email

IESE email accounts have been designed for a strictly teaching and non-transferable use. Their use by third parties inside or outside IESE is strictly forbidden and the accounts are public among all members of the IESE community (staff and students).

The Office 365 email service does not provide backup copies, i.e. there is no possibility of recovering a mailbox in its previous state. Therefore, it is recommended to keep classified messages in folders and delete them selectively.

The use of these services for political, illegal or immoral purposes, or for reasons which may disturb public order, is strictly prohibited. The list of prohibited activities includes, but is not limited to, the following:

Sending mass mailings of unsolicited marketing communications (spam or serial messages), any type of malicious or harmful communication, or software components such as viruses, trojans, etc.

Disclosing IESE email addresses to third parties without the explicit consent of their owners.

Imitating, substituting or modifying the identity of any person or their email address.

Distributing illegal, defamatory, obscene or threatening materials which violate the privacy of third parties or which may violate intellectual or industrial property rights, or any other right of third parties.

Undertaking any behaviour which directly or indirectly causes or may cause damage, alteration or errors to the proper functioning of IESE email services or technological systems.

Undertaking any conduct which may violate the provisions contained in current laws, especially those contained in the Criminal Code, Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce (LSSI, in its Spanish acronym), and the GDPR.

Inappropriate use or abuse of the email service may result in temporary or permanent deactivation of the account. In this sense, actions may be carried out in the event of incidents which may jeopardise the proper operation of the service.

The deactivation of the account entails the possible elimination of email messages, which at the time are in the server, and the impossibility of receiving new messages until the account is activated again.

Virtual Campus

Virtual Campus accounts have been designed for a strictly teaching and non-transferable use. Their use by third parties inside or outside IESE is strictly forbidden.

The Virtual Campus for IESE lecturers and students sets out to streamline the exchange of information, documents and communication between the different profiles of the Campus (students, course coordinators, lecturers, etc.), as well as to provide services to students and facilitate contact between members of the IESE community.

Directories and lists of IESE students and partners are designed to facilitate contact between members of the IESE community. Their commercial use is prohibited, as is their transfer to or access by unauthorised third parties.

Access to and processing of photographic material. IESE provides Virtual Campus users with access to the photographic repertoire of private and family events in which the members of the school take part. The images are considered private and do not belong to IESE data processing files.

The use of said images should be limited exclusively to the private and family environment, so it is not possible to use the images which IESE makes available for other purposes, including their transfer or publication in other media other than IESE media, without the consent of each person featured in the images.

Access to Campus Groups or Piazza: Certain websites such as Campus Groups and Piazza are the exclusive responsibility of their members when it comes to private activities conducted (clubs, events, direct contacts, etc.) and, consequently, the terms and conditions of use and processing of personal data generated on these websites shall be the sole responsibility of the users, not IESE.

Virtual Campus users also have the possibility to use the services and tools of Campus Groups and Piazza on a personal basis. Access to these websites shall be governed by the terms and conditions of use and privacy of the provider companies.

IESE is exempt from any liability arising from private relations established between users, as well as from access to and use of Campus Groups and Piazza, including anything related to the use and processing of personal data.

Modifications to these terms and conditions

1. The terms and conditions of use shall remain effective dependent on their exposure and until they are modified by other duly published terms and conditions.

2. IESE reserves the right to unilaterally modify, without prior notice, the confidentiality policy and the terms and conditions of use of IT services established herein. It is the user’s responsibility to review the confidentiality policy, the terms and conditions of use and the legal notices whenever IESE informs them of any modification. You may access the information clause for the processing of personal data, as well as the confidentiality policy and terms of use of IT services, on the IESE Intranet (http://intranet.iese.edu).

This privacy policy and the terms and conditions of use of IT services were drafted on 25 May 2018.

IESE Confidentiality Policy and Terms and Conditions of Use of IT Services for IESE Alumni

This guideline seeks to inform IESE alumni about the processing, purposes and recipients of their personal data, as well as to define the conditions for the use of IT services. The aforementioned aims to ensure that all alumni are aware and consent to the purposes of use and the restrictions of IT services.

‘IT services’ are understood to be all online services (emails, directories, Internet, cloud services, virtual campus, alumni portal and other alumni-focussed applications providing services such as careers advice, coaching, training, etc.).

All the IT services, as well as the information they contain, are the property of IESE. The purpose of said services is to foster career development, lifelong training and professional and social relations among IESE alumni. IT services are considered an extremely valuable asset which users must protect and use in an appropriate manner.

Access and use of the IT services implies the full and unreserved acceptance of the terms and conditions of use of these services.

Below is the information clause for the processing of the personal data of IESE students and alumni, as well as the terms and conditions of use of IT services (both general and service-specific).

Detailed service-specific information may be viewed on the Alumni website.

Information clause for the processing of personal data

DATA CONTROLLER: IESE Universidad de Navarra (R3168001J), Avenida Pearson 21, 08034, Barcelona, InfoDat@iese.edu.

PURPOSE: To manage our alumni community so they can enjoy the advantages of belonging to this community. To validate, manage, administer, execute and develop all IESE activities. To offer coaching services, career guidance and job opportunities. To record images and/or sound during training courses and events for publication in any medium (website, social media, brochures, internal training), for the purpose of promoting IESE activities and sharing training experiences with third parties, as well as keeping a photographic log. To send information about activities, new developments, courses, events, programmes, services and products related to IESE, including by electronic means. To form part of the alumni website directory. To participate in worldwide business school rankings prepared by third parties.

LEGAL BASIS: Membership agreement. Legitimate interest in sending IESE information and keeping a photographic log. Consent of the data subject for the use of their images and the transfer of their data to third parties for the purposes of rankings.

RECIPIENTS: Publication of voluntarily provided data in the alumni directory, accessible from the website and app. The Financial Times, Eduniversal, Bloomberg Businessweek, Forbes and The Economist, or other similar organisations, and which may involve the international transfer of data to the United States for participation in the rankings.

RETENTION: Until the alumnus voluntarily unsubscribes or withdraws their consent. The company shall retain, based on a legitimate interest, their images in the historical archive of IESE.

General terms and conditions of use of IT services

Access and use of the IT services implies the full and unreserved acceptance of the terms and conditions of use of these services.

Passwords

1. Choose hard-to-guess passwords and keep them secret.

2. Please bear in mind the following requisites when fomulating a password:

a. It has a minimum of eight characters.

b. It is different from any of the ten previous passwords.

c. It does not contain part of your first name or surnames.

d. It contains characters from at least three of the following four groups (passwords are case-sensitive):

i. Capital letters, for example: A, B, C…

ii. Lowercase letters, for example: a, b, c…

iii. Numbers, for example: 0, 1, 2, 3…

iiii. Non-alphanumeric characters (special characters)

3. For security reasons, there may be maximum expiration periods for passwords.

4. Passwords may be changed via the IESE website (https://wabmpre.iese.edu/iese_wa/ResetPwd.aspx), upon entering a username and password.

Exclusivity

1. IT services are made available to the user solely for teaching purposes, and shall be used in an appropriate manner.

Good practices for the use of IT services

Intellectual property

The user acknowledges and accepts that all the industrial and intellectual property rights of the IT services belong to IESE, or to third parties which have been assigned rights. The user is authorised for educational purposes only, and in no way for profit-making purposes. Any other use or exploitation of any rights shall be subject to the prior and express authorisation specifically granted for that purpose by IESE, or the third-party holder of the rights in question.

Waiver of Liability

Compliance with the terms and conditions of use of IT services

1. Access and use of the IT services implies the full and unreserved acceptance of these terms and conditions of use of these services.

2. Failure to comply shall entitle IESE to deny, withdraw, suspend or block access and use of services, and, if applicable, to lodge a claim for non-compliance.

Specific terms and conditions of use of IT services

Email

Sending mass mailings of unsolicited marketing communications (spam or serial messages), any type of malicious or harmful communication, or software components such as viruses, trojans, etc.

Disclosing IESE email addresses to third parties without the explicit consent of their owners.

Imitating, substituting or modifying the identity of any person or their email address.

Distributing illegal, defamatory, obscene or threatening materials which violate the privacy of third parties or which may violate intellectual or industrial property rights, or any other right of third parties.

Undertaking any behaviour which directly or indirectly causes or may cause damage, alteration or errors to the proper functioning of IESE email services or technological systems.

Undertaking any conduct which may violate the provisions contained in current laws, especially those contained in the Criminal Code, Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce (LSSI, in its Spanish acronym), and the GDPR.

Modifications to these terms and conditions

1. The terms and conditions of use shall remain effective dependent on their exposure and until they are modified by other duly published terms and conditions.

This privacy policy and the terms and conditions of use of IT services were drafted on 25 May 2018.