While you (the “User”) browse the websites:

• www.iaf-consulting.com 

• www.iaf.education 

or make use of any of the services that we offer on our Website (the “IAF Services”), your data may be processed by the following organization: Institute of Advanced Finance. Hereinafter, IAF.

Therefore, you may enter websites operated by the above mentioned service providers when visiting these websites. All these websites shall be jointly referred as the “Website”.

By reading this Privacy Policy, the User is informed regarding the manner in which IAF collect, process and protect the personal data provided to them through the forms made available on the Website, by third parties with which we have signed collaborative agreements, and received in any other way permitted in law, along with any data relating to browsing and any other information that may be provided through any other medium or channel.

The User must read carefully this Privacy Policy, which has been drafted in clear and simple terms in order to help its understanding, and must freely and voluntarily decide whether he/she/they wishes to pass on his/her/their personal data to IAF.

The data requested are in general mandatory (unless otherwise indicated in the required field) in order to meet the stated purposes. Therefore, if such data are not provided or are provided incorrectly, it will not be possible to attend to the User’s requests, notwithstanding the fact that the User may freely browse the contents of the Website.

The personal data provided will be processed by IAF for the following purposes:

• To provide personalized information on academic activities, other services, events, initiatives and relevant news items through the forwarding of communications, including commercial communications, using traditional, digital or other kinds of media, such as email, telephone calls, text messages and messages posted on social media (e.g. WhatsApp, Line, Telegram, Wechat, LinkedIn Messenger, etc.). In order to achieve this, a commercial profile will be created based on the User’s own preferences, which will be obtained using the information provided by the User or information received from external sources. In the event that Users no longer wish to receive commercial or promotional communications, they can ask to be unsubscribed from the service by sending an email to the following addresses: info@iaf-consulting.net ; info@iaf-education.net or through any of the communications they have received. The legal basis for processing Users’ personal data for this purpose may be the consent they have given, or it may result from the enforcement of a contractual or pre-contractual relationship between the User and IAF, depending on the nature of the relationship and the means of communication used.

• To respond to enquiries, questions or requests received from Users in relation to academic activities, other services, events, initiatives and relevant news, or in relation to any other matter. The legal basis for processing Users’ personal data for this purpose is a legitimate interest in attending and responding to enquiries.

• To contact Users using any of the means indicated above for the purposes of maintaining relations and/or continuing with the admission and, where relevant, enrolment process, or in order to arrange participation in initiatives. Users are hereby informed that some conversations may be recorded, solely for the purposes of monitoring relations and the relevant admission and/or enrolment process. The legal basis for processing Users’ personal data for this purpose may be the consent they have given, or it may result from the enforcement of a contractual or pre-contractual relationship between the User and IAF, depending on the nature of the relationship and the means of communication used.

• To manage enrolment in the relevant event, program or initiative, when Users have provided their data for this purpose. Users are informed that IAF reserve the right to record and broadcast any events or initiatives that are organized by or that involve IAF, either live or in a pre-recorded broadcast, and to take photos at such events and initiatives, and to use, reproduce, distribute and communicate such recordings and photos using analogue or digital media, such as the Intranet or social networks, both in Spain and abroad, for academic purposes or in order to promote their activities or the activities of the sponsors of the event or initiative. To this end, IAF will advise Users in advance and seek the necessary consents and authorizations required to use their personal image in each context. In the event that Users do not authorize the recording of their image and/or voice, they shall be informed of this possibility so that they may take the necessary steps. The legal basis for processing Users’ personal data for this purpose may be the consent they have given, or it may result from the enforcement of a contractual or pre-contractual relationship between the User and IAF, depending on the nature of the relationship and the means of communication used.

• To monitor Users’ browsing histories, in accordance with IAF’s Cookies Policy, and to monitor any action taken in relation to the communications that we send out (such as acknowledgment of receipt or the initiation of communications). Please check the aforementioned Cookies Policy in order to obtain further information. The legal basis for processing Users’ personal data for this purpose is their consent, combined with the legitimate interest of IAF.

• To manage access to IAF’s facilities, which shall include the use of biometric data, for security reasons and to protect the health and physical integrity of students, employees and members of the IAF community in general. The legal basis for processing Users’ personal data for this purpose is a legitimate interest on the part of IAF and the general public interest in ensuring the safety of both people and objects at their facilities. As regards the processing of biometric data, this is also founded on the legal basis that such processing is necessary in order to ensure the data controller’s compliance with its obligations and the exercise of its rights with regard to the personal safety of both students and employees. As regards the aim of protecting health, the data controller will be the medical service in question and its processing of any data shall be subject to the terms defined in its own privacy policy.

• To manage Users’ requests relating to the exercise of their personal data protection rights and any other legal rights to which they may be entitled. The legal basis for processing Users’ personal data for this purpose is the legal obligation to attend to the relevant request.

• To assess the candidacy submitted by Users in the event that they apply for a job position or wish to provide services to IAF. The legal basis for processing Users’ personal data for this purpose will be the consent they have given, the provision of certain services to be contracted by IAF, or the enforcement of a contractual or pre-contractual relationship between the parties, depending on the nature of the relationship.

• To assess the candidacy and suitability of candidates as the potential beneficiaries of the grants and assisted financing offered by IAF and other bodies and institutions with which we have collaborative agreements and, where applicable, to take the action necessary for the award of such grants and financing. The legal basis for processing the personal data of candidates and their referees for this purpose is the consent they have given. This consent may be withdrawn at any time, though this will mean that the User’s application cannot be taken into consideration in the process for the award of grants or financing.

• To comply with any collaborative agreements, conventions, contracts or other agreements signed by IAF. The legal basis for processing personal data for this purpose is compliance with the contractual or pre-contractual relationship in question.

• To make surveys and rankings. The legal basis for processing personal data, which will be carried out in order to improve and appraise the quality of IAF's programs in general, is the legitimate interest of IAF.

• To improve the provision of services and make the relationship with the User as close and personalized as possible; as well as any other purpose appropriate in relation to the services and aims of IAF, pursuant to the law and in accordance with their duly notified legitimate interests.

Users’ data shall be retained by IAF for at least the amount of time required in order to ensure compliance with the aforementioned aims or until consent is objected to or revoked. In any case, data shall be retained for the length of time necessary to establish, exercise and defend any legal claims, and they shall be kept, duly encrypted, for the amount of time required under the data protection regulations that apply.

IAF may process the following kinds of User data, depending on the application made via the Website or through any other channel: identifying data (including image and voice) and biometric data (in this specific case, never collected via the Website), contact details, information on personal characteristics, information on social circumstances, information on employment, economic, financial and insurance data, and browsing data gathered through the use of cookies, such as browsing history, IP address or other similar information.

In the event that Users provides data from third persons, he/she/they hereby state to have obtained consent from the third party in question and undertakes to pass the information contained in this Privacy Policy, holding IAF harmless from any liability in this sense whatsoever. However, IAF may carry out periodic verifications to confirm this fact, adopting the corresponding due diligence measures, according to the data protection regulations.

Explicit consent given by the User, which may be withdrawn at any time. However, if the User withdraws his/her/their consent, this will not affect the lawfulness of the processing carried out previously;

• Enforcement of a pre-contractual or contractual relationship;

• Provision of services that have been engaged or are to be engaged;

• Compliance with a legal obligation; or

• Legitimate interests of IAF.

Users’ personal data may be communicated, among others, to the following:

• Public Administrations in the cases provided by law;

• Legal and natural persons with whom IAF have signed agreements for the provision of services in which they act as data controllers or under which the transfer of data is necessary in order to perform the contracted service (Mutual Accident Insurance Companies, insurance companies, social welfare organizations, external lawyers and administrators, IAF clubs, IAF offices, hotels and transport companies for the management of trips, messenger services, etc.);

• Medical or support centres and/or services, in the event that the User requires medical attention or where there are medical safety grounds;

• Third party institutions for the grant or management of aid, grants and subsidies, or any process required by the competent authorities or bodies;

• The media, social networks, industry websites and third party companies in charge of recording while events are taking place;

• Banks and financial institutions for the management of payments, requests for financial assistance, loans, financing and any other kind of service;

• Companies within the IAF Group, for administrative and management purposes and any others that may be incorporated in the future.

In some of these cases, data may be forwarded to organizations located outside the EEA (European Economic Area) or outside the group of countries recognized as safe by the EU, which would involve an international data transfer.

The User:

• Hereby guarantees that he/she/they are over the age of 16 and that the data that he/she/they provide to IAF are true, precise, complete and up-to-date. To this end, the User is liable for the veracity of any data provided, and he/she/they shall ensure that these data remains updated in such a way that it reflects his/her current status.

• Guarantees that he/she/they have informed any third parties whose data he/she provides, where applicable, of the contents of this document. He/she/they further guarantee that he/she/they have obtained their authorization to forward their data to IAF for the purposes indicated.

• Shall be responsible for any false or inaccurate information he/she/they may provide via the Website and for any damage caused directly or indirectly to IAF or to any third parties as a consequence.

One of the purposes for which IAF will process the personal data provided by Users is to send them personalized electronic communications containing information relating to products, services, events, courses, programs, promotions and news that is relevant to Users. Whenever any communications of this nature are sent out, they will solely and exclusively be addressed to Users who have not previously expressed a wish not to receive them. In order to achieve this, a commercial profile will be created based on the User’s own preferences, which will be obtained using the information provided by the User or information received from external sources. In the event that Users no longer wish to receive commercial or promotional communications, they can ask to be unsubscribed from the service by sending an email to the following addresses: info@iaf-consulting.net; info@iaf-education.net, or through any of the communications they have received.

The User may send a written notice to info@iaf-consulting.net; info@iaf-education.net marked “Data Protection”, free of charge and at any time, accompanied by a photocopy of his/her/their identity document, for the purposes of:

• Withdrawing any consent provided.

• Obtaining confirmation as to whether or not IAF is processing personal data affecting the User.

• Accessing his/her personal data.

• Correcting any inaccurate or incomplete information.

• Asking for his/her/their data to be deleted when, among other reasons, his/her/their data are no longer necessary for the purposes for which they were gathered.

• Requiring IAF to limit their processing of the data when any of the conditions provided for in the data protection regulations are met.

• Objecting to the processing of the data. In this case, IAF shall then cease processing the data, unless this is necessary for legitimate mandatory ends or for the exercise or defense of any potential claims.

• Requesting the portability of his/her/their data.

User’s data will be processed at all times in an absolutely confidential manner, and the necessary duty of secrecy will be retained in respect thereof, pursuant to the provisions of the applicable legislation. The necessary technical and organizational measures will be adopted in order to guarantee the security of the User´s data and prevent their alteration or loss or any unauthorized processing or access, bearing in mind the technological state of the art, the nature of the data being held and the risk to which they are exposed.