1. SUMMARY, SCOPE, PURPOSE

The following document works like what lawyers call an “agreement”. In this case, it is the “Privacy Policy” of IASRM. Before we tell you what that actually means and thus delve into the details of it, we first need to establish a few definitions so it’s easier for you, our dear reader, to fully understand.

The first question is who this document is relevant to, i.e. the parties of this agreement. That’s fairly straight-forward to answer and the parties are:

  • our website visitors (i.e. a “Visitor”). That could be you unless you fall into the next category called “Members” who – unlike “Visitors” – have a membership of IASRM.
  • our members (i.e. a “Member”) who have taken up a membership with IASRM. This could be a member as an individual Member of IASRM, a company membership (for example, when a company signs up 10 or 1000 of its employees as members of IASRM), or membership as an individual through a free trial membership offered by IASRM.

Okay, so that should be fairly straightforward: When we say “you” in the following text, we assume that you fall into the one of the two aforementioned categories, either a Member or a Visitor. When we say “we”, we mean IASRM. That way, we don’t have to write legalese sentences like “ IASRM collects and handles information about its Visitors and/or Members” but can instead write an understandable sentence like “We collect and handle information about you”. Hey.. that’s what we promised you – that we would write these terms so that actual humans like yourself can understand them.

Okay, now, let’s get a bit more specific. Why do we then need this document/agreement?

Well, that’s because we, at IASRM, collect personal data about you (i.e. our Visitors and/or Members) during the normal course of our activities. We made this Privacy Policy to explain all relevant aspects of this collection and handling of your data in one place – easy for you to understand. We collect and handle data about you by means of the website located at https://iasrmglobal.org (hereinafter referred to as the “Site”) and/or other websites used and/or controlled by us from time to time. We process your personal data collected for specified, explicit and legitimate purposes, in accordance with applicable laws in the EU (like the GDPR) and the US.

  • The personal data and any information you provide us with – or that we collect about you – will be used, among other purposes, to:
  • maintain a register of Members and Visitors
  • send transactional email, e.g. send you an email when you have successfully earned a Course Certificate with a copy of your Certificate
  • supply you with any goods and services you may request from us from time to time via our Site, e.g. send you a copy of the book you bought
  • create browsing and consumption preference profiles of you in order to make recommendations and better user experience (UX). For example, we may serve you recommendations on which course to take on our Site or we may serve you ads on a third-party website (what’s known as remarketing) based on the courses you have visited
  • create databases to be used to send Visitors and Members emails with newsletters, promotions, advertising and information about our Site in accordance with your wishes and permissions. We of course never send you anything without your explicit consents and conscious opt-in and we make unsubscription from the given service/mailing/newsletter/etc as easy as possible (usually as a one-click action). No hassles or sneaky methods employed!

By entering and using our Site, you hereby provide us with your consent for the collection, treatment, and processing of your personal data according to this Privacy Policy.

Wait..what? Read that last sentence again! Here it is: “By entering and using our Site, you hereby provide us with your consent for the collection, treatment, and processing of your personal data according to this Privacy Policy.”. So, did you just consent to us doing whatever we wish with your data? Nope, certainly not! We know that the chances of you reading this full document are very low so we, of course, insert a lot of so-called “roadblocks” where we ask you to consciously agree to these Terms before signing up for something. For example, when you sign up for our newsletter, we send you an email where we not only ask you to confirm your subscription but also include a link to these Terms to give you as much transparency as possible. In addition, we also employ a range of practices – some of which are also included in the GDPR (which we will tell you about in a second) – that make it easy for you to know what and why we do as we do.

Edits, comments, commentaries and other contributions to our Site made or provided by you will be publicly distributed, and except in certain, very limited circumstances will remain a permanent part of this site. If you decide to contribute to our Site, you must keep this in mind. Your contributions will be subject to our Site’s Terms and Conditions and The Interaction Design Foundation’s Site IP/Copyright Policy.

2. THE ACT ON PROCESSING OF PERSONAL DATA

Under “The Act on Processing of Personal Data”, incorporated under Indian law, you may request a copy of the information we hold on you for free, by writing to our address first shown above or by emailing our Data Protection Officer Prabhu on prabhu@iasrmglobal.org. This requirement has been repeated by the introduction of the GDPR and we have been compliant long before this law took effect on 25th of May 2018.

3. GENERAL DATA PROTECTION REGULATION (GDPR)

We comply with the General Data Protection Regulation (GDPR), which is a European Union (EU) regulation on data protection and privacy for all individuals within the EU. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for business by unifying the regulation within the EU. The regulation enters into effect on the 25th of May 2018 and we are fully compliant. We have made the decision to be compliant and thus collect and handle your data in accordance with the GDPR regardless of whether you are from the EU or not. So if you’re from outside the EU, you can consider it as an added bonus