Please read this policy carefully as it contains important information on who we are, how and why we collect, store, use and share personal data, your rights in relation to your personal data, how to contact us and supervisory authorities if you would like to report a concern.
For the purposes of the GDPR, IMI is the ‘controller’ of the personal data you provide to us. For all privacy and data protection matters at IMI please contact our Data Protection Officer by sending an email to firstname.lastname@example.org.
The International Management Institute (IMI) is committed to providing quality services to you and this policy outlines our ongoing obligations to you in respect of how we manage your personal information.
What is personal information and why do we collect it?
We may collect and process the following personal data:
If you are a student, potential student, alumni, representative, partner school, parent of potential or current students, supplier, tutor/lecturer or administrator at IMI, we may receive information about you from our network of agents, from education fairs or school visits we have participated in, from select web portals where we advertise IMI, that you will be in contact with or when you register or liaise directly with us to receive products and/or services from us.
Information you provide to us when you:
Through this process we may collect your name, date of birth, e-mail address, postal address, telephone number and other data that you supply to us at that time.
If you are aged 16 or under you must get your parent/guardian’s permission before you provide us with your personal information. Unless you have this consent, you are not allowed to give us your information. We will not gather, hold or process any information without consent.
We do not guarantee website links or policy of authorised third parties.
Once you have accepted our cookies policies, we use the relevant traffic to identify which pages are being used. This helps us analyse data about web page traffic and impr ove our website to tailor it to customer needs. We exclusively use this information for statistical analysis purposes and then the data is removed from the system.
We collect your personal information for the primary purpose of providing customised and timely accurate services to you, providing information to our clients and our marketing functions. We may also use your personal information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. You may unsubscribe at any time from our mailing/marketing lists at any time by contacting us via email on email@example.com.
Information about other people
If you provide information to us about any person other than yourself, such as your relatives, next of kin, your advisers or your suppliers, you must ensure that they understand how their information will be used and ensure that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.
Sensitive information is defined in Swiss federal law on data protection (DSG) 235.1 as well as the General Data Protection Regulation (EU) 2016/679 (GDPR) to include information or opinion about such things as an individual's racial or ethnic origin, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
Sensitive information is recorded based on your explicit consent and will be used by us only:
Disclosure of personal information
Your personal information may be disclosed in several circumstances including the following:
Usage of personal data
We may use your personal data to fulfil the obligations of our contract, or take steps linked to a contract:
Where reasonable and practicable to do so, we will collect your personal information only from you. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.
Such parties would be:
IMI works with the following third party companies who, in certain situations, may act as the data processor or data handler for your personal information:
Where required by law
We may also process your personal data if required by relevant Swiss law including responding to requests by government or law enforcement authorities, or for the prevention of crime or fraud, or for visa and immigration purposes.
Other cases of sharing your personal data
We take all reasonable steps to ensure that our staff protect your personal data and are aware of their information security obligations. We limit access to your personal data to those absolutely necessary to provide a smooth service.
Note: you have the right to object to the processing of your personal data, but this must be based on legitimate interests as set out below, under the heading ‘Your rights’.
Security of personal information
Your personal information is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure.
When your personal information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your personal information. However, most of the personal information is or will be stored in client files which will be kept by us for up to 10 years.
Under the Swiss federal law on data protection (DSG) 235.1 as well as the General Data Protection Regulation (EU) 2016/679 (GDPR) on data protection, you have various rights with respect to our use of your personal data:
Right to be informed
You have the right to request a copy of the personal data that we hold about you by contacting us at the email or if you prefer postal address given below. We will request all information that will enable us to verify your identity and will respond within 30 days of request. Please note that there can be exceptions to this right. We may be unable to make all information available to you if, for example, making the information available to you would reveal personal data about another person, if we are legally prevented from disclosing such information, or if your request is manifestly unfounded or excessive, or in order to protect public security and freedoms of others.
Right to rectification
We aim to keep your personal data accurate and complete. We encourage you to contact us using the contact details provided below to let us know if any of your personal data is not accurate or changes, so that we can keep your personal data up-to-date.
Right to erasure
You have the right to request the deletion of your personal data where, for example, the personal data are no longer necessary for the purposes for which they were collected, where you withdraw your consent to processing, where there is no overriding legitimate interest for us to continue to process your personal data, or your personal data has been unlawfully processed. If you would like to request that your personal data is erased, please contact us using the contact details provided below.
Right to object
In certain circumstances, you have the right to object to the processing of your personal data where, for example, your personal data is being processed based on legitimate interests and there is no overriding legitimate interest for us to continue to process your personal data, or if your data is being processed for direct marketing purposes. If you would like to object to the pressing of your personal data, please contact us using the contact details provided below.
Right to restrict processing
In certain circumstances, you have the right to request that we restrict the further processing of your personal data. This right arises where, for example, you have contested the accuracy of the personal data we hold about you and we are verifying the information, you have objected to processing based on legitimate interests and we are considering whether there are any overriding legitimate interests, or the processing is unlawful, and you elect that processing is restricted rather than deleted. Please contact us using the contact details provided below.
Right to data portability
In certain circumstances, you have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format. This right arises where you have provided your personal data to us, the processing is based on consent or the performance of a contract, and processing is carried out by automated means. If you would like to request that your personal data is ported to you, please contact us using the contact details provided below.
Please note that the GDPR sets out exceptions to these rights. If we are unable to comply with your request due to an exception we will explain this to you in our response.
Access to your personal information
You may access the personal information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your personal information, please contact us in writing. The International Management Institute will not charge any fee for your access request. In order to protect your personal information, we may require identification from you before releasing the requested information.
Maintaining the quality of your personal information
It is an important to us that your personal information is up to date. We will take reasonable steps to make sure that your personal information is accurate, complete and up-to-date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.
This policy may change from time to time and is available on our website. It was last updated in May 2018.
If you have any questions about this policy please contact us at:
IMI International Management Institute
+41 (0)41 349 64 00