Privacy Policy

Barcelona School for International Studies Privacy Policy

LAST UPDATED: 5.18.2018

Introduction and Overview of our Privacy Policy

At Barcelona School for International Studies, we understand that privacy is an important issue for our customers and take our role in protecting your privacy seriously: the following paragraphs outline our policies for doing so. Our Policy covers the treatment of all personal information that the company collects when you interact with our website and customer database, submit information through our forms, and/or participate in our programs. This Policy is further subject to the company’s Terms and Conditions, available by request.

There are two important clarifications as you begin to read. First, this document will varyingly refer to “the company” which is a reference to Barcelona School for International Studies, the company with whom you are interacting. Next, for the purposes of this document the term ‘you’ or ‘customer’ refers to you the individual, whether you are a student or teacher of a participating university who is interested in, planning to or already participating in our programming. Please continue to read our Privacy Policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information (PII).

The Information We Collect

We collect two types of information: personal information that you provide to us and non-personal information automatically collected through automated means.

Personal Information

Generally and wherever possible, personal information is collected directly from the customer, although there may be occasions when information is collected from third parties, such as host or partner universities or a publically maintained record. If you are registered with us, you can access content and services that we offer only to registered users. Registered users also have the option of changing or deleting the data specified during registration at any time. We are also able to provide you with information about the personal data we hold about you at any time. If you do not want to provide us with your Personal Information, you are not required to do so; however, while you may still access the Website, certain services may not be available to you. By providing your Personal Information to us via the Website, you consent to receive information and updates from us, our representatives or our authorized third party service providers (except where prohibited by law).

Personal information that we might collect includes:

  • Your contact details to communicate with you. Things like your email address, mailing address, and phone number.
  • Your academic information, such as your transcript and educational background to forward to our affiliated institutions so that you may further your education.
  • Your health and medical information to ensure your specific needs are addressed (e.g. allergies, prescriptions, disabilities, etc).
  • Your national identification information (i.e. social security number), passport and related data to fulfil international immigration regulations, register you with the proper local institutions and authorities, and organize logistics essential to your program.

Non-personal Information

When you access our website, information of a general nature is automatically recorded. We use web analytics tools that rely on cookies, web beacons, and other automated tracking technologies to help us analyze how users interact with our website, how we can improve our website, how we can personalize your website experience and provide you with information we believe may be of interest to you. This information does not individually identify you as a person. Anonymous information of this kind is statistically evaluated by us to optimize our Internet presence and the underlying technology.

Non-personal information that we might collect automatically includes:

  • The type of web browser you are using
  • The operating system you are using
  • The domain name of your Internet service provider

Our website uses third party tracking technologies like Google Analytics and Google Conversion Tracking. In both cases these technologies rely on the use of “cookies” and “web beacons.” A cookie is a small amount of data which is sent to your browser from a web site’s computers and stored on your computer’s hard drive. Most browsers automatically accept cookies as the default setting. You can modify your browser setting to reject our cookies or to prompt you before accepting a cookie by editing your browser options. However, if a browser is set not to accept cookies or if a user rejects a cookie, some portions of the website and services may not function properly. A web beacon is an electronic image, also called a “gif,” that may be used on our web pages to deliver cookies, count visits and compile statistics on usage and campaign effectiveness or in our emails to tell if an email has been opened and acted upon.

To better understand how Google may use the information collected through Google Analytics to evaluate Users’ and Visitors’ activity on our Site see Google Analytics Privacy and Data Sharing. You can obtain more information about cookies by visiting http://www.allaboutcookies.org.

How We Collect Your Information

As stated above (What Information We Collect), we collect your information for:

  • Operations: To operate, maintain, enhance and provide all features of our programming to provide the services and information that you request
  • Improvements: We use the information, other than customer Data, to understand and analyze the usage trends and preferences of our visitors and users, to improve our products, services, website, and to develop new products, services, features, and functionality.
  • Communications: For administrative purposes such as customer service, to address intellectual property infringement, right of privacy violations, or defamation issues related to the customer Data or Personal Data posted on the Service or to provide updates on promotions and events, relating to products and services offered by us and by third parties we work with.

We do not sell, rent, trade or share any information gathered with any other companies or third parties who are not directly involved in the delivery of your program. This information is used only internally by company administrators and administrators of any company partners in the locations where you sign up so that they may better understand your needs and provide a better service.

Occasionally, at our discretion, we may include or offer third party products or services on our website. As an example, if you purchase any product or service available through the Website, you may be transferred to a website operated by a third party processor and be required to provide financial and other Personal Information to that third party processor. As another example, you may decide to connect with us through various social media tools, such as Facebook or Twitter, that are provided by third parties. Any collection, processing, or use of information by such a third party is subject to that third party’s terms of use and privacy policy, and we will not be responsible for their actions. Please check the privacy statements of these other websites for more information about their policies on collection and use of personal information. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

Sharing Your Information

We at the company abide by the requirements laid out by GDPR, and Privacy Shield which outline the situations in which an organization may disclose personal information to a third party. We may share your Personal Information with our offices, technical consultants, host universities and institutions, other third parties who help to deliver required components of your program. As a rule, the company will not use or disclose personal information unless it is reasonably necessary and/or the person about whom the information relates is aware of and has consented to, the use or disclosure of their information. Personal information may be disclosed where an individual has consented to the disclosure, or when the disclosure is done in the best interest of the individual such as the case of a medical emergency, a serious and imminent threat to a person’s life, health or safety, a requirement under law, or authorized by law, or a requirement for an enforcement body. The company establishes contracts with all third party organizations affirming that they will also uphold and abide by the same regulations and principles.

Keeping Your Information Secure

In alignment with GDPR Article 32, and Privacy Shields 4th principle the company takes all reasonable and appropriate measures to protect your data from unauthorised access, disclosure, loss, use, modification, or other misuse. Moreover, the company also consistently destroys hard copies of personal information that is no longer required, this destruction is undertaken by secured means. Your personal information is contained behind secured networks (i.e. HTTPS) and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology by a third party.

GDPR Information Rights and Practices

As of May 25th, 2018, all European Union residents and citizens are granted personal privacy as a fundamental human right. This also applies to our participants while they are residing in Europe during our various programs. As such, under these regulations, the company will not hold onto participant data for longer than is legally necessary and only for as short as possible to protect individual privacy as well as business interests. Individuals also have the right to rectify any mistakes or incomplete information that may have been provided in order to ensure accurate and complete records. In addition to this is the right to object to the processing of data relating to him or her except in the cases of a specific legal obligation. The company agrees to not collect more personal data than necessary for its legitimate business interest of providing safe and rewarding international programs. All customers have the right to revoke consent to the onward transfer of their PII, or to be forgotten so long as there is no conflicting legitimate business or individual interest. In addition customers may request to have a copy of their personal data sent to them. All of these rights are afforded free of charge. However, we are not responsible for removing your Personal Information from the lists or systems of any third party who has previously been provided your information in accordance with this Policy. Once data is no longer relevant to our legitimate business purposes, it is pseudonymized or anonymized based on the kind and calibre of information. What information is kept exists strictly for analytical purposes to better serve the interests future customers.

Your Access to Your Data

The company will take reasonable steps to ensure that personal information is accurate. To aid this, you may request to see and correct any mistakes present in your record. Additionally, provided there is no legitimate business interest relating to the purpose for which they were collected or otherwise processed or legal requirement you have the right to request that your personal details are removed from our records (aka, Opt Out).

Such requests need to be made in writing to our Data Protection Representative, who then will investigate the validity of the request and shall proceed to take all reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

Requests for removal will not be honored in the cases of the following:

  • The removal impinges on the “right of freedom and expression”
  • There is a corresponding legal obligation which requires processing or holding of financial or medical records
  • Reasons of public interest in the area of public health
  • For archiving purposes in the public interest, scientific, historical research, or statistical purposes
  • For the establishment, exercise or defense of legal claims

You may opt out of receiving promotional emails or text messages from us at any time by following the instructions in those emails or text messages. If you opt out, we may still send you non-promotional communications, such as messages about your account or our ongoing business relations, as well as emergency communications regarding our programs abroad.

Change of Our Privacy Policy

We reserve the right to modify this Privacy Policy from time to time to ensure that it complies with current legal requirements or to implement changes to our services in the Privacy Policy. Any modification will be effective immediately upon posting on this website. You are responsible for regularly reviewing this Policy so that you will be apprised of any changes. You can determine when this Policy was last revised by referring to the “LAST UPDATED” legend at the top of this Policy.

Questions or Grievance Procedures

If an individual believes that their personal information has not been dealt with in accordance with the company’s policies or applicable laws and regulations, they may lodge a complaint to the Data Protection Authority in writing via email listed below. Acknowledgement will be made within 7 working days of receiving the complaint and a response provided within 30 days.

For any questions regarding the company’s compliance of personal information privacy requirements, or to request removal of personal data, please contact our Data Protection Representative by email to DPR Group at ge@dpr.eu.com or by contacting them on our online webform at www.dpr.eu.com/ge

Our Data Protection Authority is the Spanish Agency of Data Protection
+34 901 100 099
(spain) 91.266.35.17
Spanish Agency for Data Protection
C/ Jorge Juan, 6
28001-Madrid
Open from Monday to Friday 9am to 5:30pm CEST

External Links

https://www.privacyshield.gov
https://gdpr-info.eu/