What Information Do We Collect?
Information We Collect Directly From Users
We collect Personal Data from Users in a variety of ways, including, but not limited to, when Users visit our Site, register on the Site, use our Services, subscribe to a newsletter, respond to a survey, fill out a form, register for an AACSB event, communicate with us, or use any of the resources or features we make available on our Site or at an event. Depending upon the request or activity, we will ask the User to provide the following information: name; organization name; job title; and business contact information including email address, mailing address, and phone number. Users can always refuse to supply Personal Data; however, that refusal may prevent them from engaging in certain Site or Service activities. You may also voluntarily submit Personal Data to us, for example, by filling out a survey about your User experience with our Services or responding to a request for information about Services that may be of interest to you.
Information We Collect Automatically
Information We Collect From Our Members and Other Sources
We may obtain Personal Data about you from third parties, including the following sources:
- The AACSB member, applicant, or other organization you are employed by or associated with.
- Other member organizations of the AACSB Business Education Alliance.
- Publicly available information such as academic, business, and professional publications and websites.
- Commercial providers of business contact and email marketing services such as professional/business contact and profile information.
We may combine this third-party information with other information we have collected from and about you and use your Personal Data in furtherance of our legitimate interest in: conducting and enhancing AACSB accreditation processes; maintaining accurate and current records; identifying potential new members and Users of our Services; improving our Services and developing new Services; and communicating with academic, business, and individual Users who may be interested in our Services.
What Does AACSB Use Your Information for?
AACSB may use your Personal Data in any of the following ways:
- To provide our Site and Services
We process your Personal Data to perform our contract with you or your organization for the use of our Services, where applicable, to pursue our legitimate interest in operating and administering our Services, to provide you with the content you access and request, and to provide the functionality required to make our Site and Services available.
- To include in our Business Contact Database
We collect and organize data from Users and make these data available for end users’ internal business purposes (the “Business Contact Database”).
- To protect the security of our Site and Services
We process your Personal Data by tracking use of our Site and Services; creating aggregated, non-personal data; verifying accounts and activity; and investigating suspicious activity and enforcing our terms and policies, to the extent that this is necessary for our legitimate interest in promoting the safety and security of the Services, systems, and applications and in protecting our rights and the rights of others.
- To manage User accounts
If you register for an account with us, we process your Personal Data by managing your User account for the purpose of performing our contract with you according to the Terms of Service.
- To manage event registrations and attendance
We process your Personal Data to plan and host events for which you register, including sending related communications to you.
- To process payments
For Services that require payment, our authorized third-party service provider processes the financial information you provide to complete and perform our contract with you.
- To send newsletters, marketing, and other email messages
We will use your email address to send you information you request (or opt-in to receive), such as our newsletters, and to respond to your inquiries, questions, and other requests. We will also send you information about our Services as necessary for our legitimate interest in building our relationship with you and conducting direct marketing or to the extent that you have provided your prior consent (please see "Your rights relating to your Personal Data" below to learn how you can control the processing of your Personal Data for marketing purposes). If at any time the User would like to unsubscribe from receiving future emails, we include unsubscribe instructions at the bottom of each email, or you may contact us via our Site.
- To study and improve our Services
We use analytics to help optimize User experiences. Any Personal Data collected for this purpose are not distributed outside of AACSB. When such analytics are used for reporting to external parties, User information is anonymized or reported in aggregate.
- To improve our Site
We use feedback you provide and information we obtain from cookies to provide statistics and usage data to improve our Site.
- To personalize User experience
We may use information in the aggregate to understand how our Users as a group use the Services and resources provided on our Site through customizing the content, products, and Services that are offered to you.
- To comply with legal obligations and protect legal rights
We may process your Personal Data to meet our legal obligations under applicable laws, including disclosure of Personal Data to government authorities, courts, or regulators to protect our rights or if necessary for our legitimate interest in protecting against misuse or abuse of our Site and Services, to protect personal property or safety, to pursue remedies available to us and limit our damages, and to respond to lawful requests.
Cookies are small files that a Site or our authorized service provider transfers to a User’s hard drive through a web browser (if you so allow). Some cookies are necessary for the Site to function properly, and they expire when you terminate the session and close your browser. Other cookies and similar technologies retain certain Personal Data unless you take steps to restrict their use. This information may include IP address (or proxy server), device and application identification numbers, location, browser type, internet service provider and/or mobile carrier, the pages and files viewed, searches, operating system and system configuration information, and date/time stamps associated with your usage. This information is used to analyze overall trends, to help us provide and improve our Site, and to protect Site security and functioning. This information can be controlled by you in your personal browser settings and in our cookie setting pop-up:
How to Disable Cookies
Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. You can explore the “Help” option on most browsers’ toolbars to learn how you can prevent your computer from accepting new cookies, have the browser notify you when you receive a new cookie, or disable cookies altogether. Visitors to our Site who disable cookies will be able to browse certain areas of the Site, but some features may not function.
Do We Disclose Any Information to Outside Parties?
We may use trusted third-party service providers to assist AACSB in operating its Sites, conducting business, or servicing members and Users, so long as these parties agree to keep all information confidential. AACSB may also share User information with these third parties when believes the release is necessary in order to comply with the law (for example, if a subpoena is issued) or otherwise believes that the law requires the organization to do so; to enforce its Site(s) policies; or to protect its or other rights, property, or safety. However, anonymized visitor information may be provided to other parties for marketing, advertising, research, or other uses.
When users register for an event, their information, including full name, title, organization, telephone number, and email address, may be distributed to other attendees to facilitate networking. Upon request, event sponsors and exhibitors are provided with an event attendee roster, limited to event attendees’ full names and institutions. Event exhibitors and sponsors may also request a one-time mailing list of event attendees, limited to postal addresses only.
The Use of Third-Party Links
Occasionally, at AACSB's discretion, third-party products or services may be offered via its Sites (e.g., digital banner advertisements from paid advertisers). These third-party Sites have separate and independent privacy policies. AACSB, therefore, has no responsibility or liability for the content and activities of these linked Sites. Nonetheless, AACSB seeks to protect the integrity of its Site(s) and welcomes any and all feedback about these linked Sites.
California Online Privacy Protection Act Compliance
Because AACSB values its Users' privacy, it has taken necessary precautions to be in compliance with the California Online Privacy Protection Act.
As part of the California Online Privacy Protection Act, all Users of AACSB's Sites may make any changes to their information at any time by logging into their "myAACSB" account and going into the “My Profile” page. Organizational profiles cannot be changed by Users. Individual profiles may be changed by the authorized User.
Children's Online Privacy Protection Act Compliance
AACSB does not knowingly collect any information from anyone under 16 years of age. If you are a parent or guardian and believe your child has provided us with Personal Data without your consent, please contact us by using the information in the "Contacting AACSB International" section below, and we will take steps to delete such Personal Data from our systems.
Retention of Personal Data
AACSB will keep Personal Data for the time period appropriate to fulfill the purposes for which the Personal Data were processed, including our legitimate interest in maintaining business records, fulfilling a contract, or complying with a legal obligation. AACSB has data retention policies and will endeavor to delete, purge, or anonymize Personal Data when the data are no longer deemed required.
Safeguards in Place to Protect Personal Data
AACSB employs a variety of technical and organizational measures for protecting and safeguarding Personal Data within its control, including using established minimum-security measures that protect the confidentiality and security of data held. AACSB extends such standards to service providers it uses to process Personal Data. Controls in place to protect Personal Data include, for example: physical access controls to AACSB premises and data, logical access controls to ensure only appropriate access to company systems and data from authorized individuals, transfer controls used to protect data during electronic transmission, and availability controls to ensure that stored data are protected against loss or destruction.
Review the Agreements and Policies:
- AACSB Policies for All DataDirect Surveys
- AACSB Data Use Agreement—School Members
- AACSB Data Use Agreement—Business Members
Data Protection Laws and International Transfers of Personal Data
The data protection laws of different countries and jurisdictions differ significantly as to what categories of Personal Data are protected and how they are protected. If your Personal Data are transferred out of the jurisdiction where you reside, such as to AACSB’s affiliates or business partners in other countries, including in the United States, different standards may govern what rights you have in those countries relating to your Personal Data. AACSB takes reasonable precautions, in accordance with applicable legal requirements and in consideration of the nature, scope, context, and purposes of its processing activities, to protect your Personal Data, irrespective of the country in which the data are processed. These precautions may include, where appropriate, contract clauses with third-party providers or other compliance mechanisms.
EEA Users—Your Rights Relating to Personal Data
The following is a brief and partial list of some of the rights and protections that may be available to Users in the European Economic Area (“EEA”). Detailed information is available at https://ec.europa.eu/. Please note that exercise of these rights is subject to specific conditions and limitations, and we may take steps to confirm your identity before acting on your request.
- Access to your Personal Data
- Rectification (correction) of your Personal Data
- Erasure of your Personal Data (under certain circumstances, for example, when your Personal Data are no longer necessary for the purposes for which they were collected)
- Restriction of processing
- Halting of processing based on an objection
- Data portability—the ability to receive a portable format copy of Personal Data held about you and to move the data to another data controller
- Withdrawal of your consent from processing. Note: withdrawal does not invalidate the consent-based processing that occurred prior to withdrawal
- To not be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you as the data subject
Users may request changes to the processing of their Personal Data through AACSB’s Data Subject Access Rights (DSAR) portal. AACSB shall provide you, the data subject, with a response to any such request(s) without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months when necessary, taking into account the complexity and number of request(s). AACSB shall inform you, the data subject, of any such extension within one month of receipt of the request, together with the reason(s) for the delay. Where you, the data subject, make the request by electronic form means via the DSAR portal, the information shall be provided by electronic means where possible, unless otherwise requested by you in written documentation.
If, after evaluating the legitimacy of the request, AACSB does not take action on your request, AACSB shall inform you without delay and at the latest within one month of receipt of the request of the reasons for not taking action and of the possibility of lodging a complaint with a local data protection authority and seeking a judicial remedy. A listing of the European Data Protection Authorities can be found on the EDPB website.
Questions and Requests About Personal Data
We encourage you to contact us directly to update your Personal Data or make another type of request regarding the Personal Data you know or believe AACSB holds as the controller. We will respond to requests subject to EEA data protection laws as described in the section titled “EEA Users—Your Rights Relating to Personal Data.” We will make a prompt and reasonable effort to honor other requests, consistent with applicable legal obligations. To protect your privacy and security, we may need to take steps to verify your identity before taking action on your request. If you are the authorized user of a member organization, you may be able to update your User or organization settings and event registrations by logging into your account and editing these items directly. For any DSAR requests, please visit our DSAR portal.
Contacting AACSB International
If we fail to respond to your complaint within a reasonable period of receiving it in writing, or if you are dissatisfied with the response that you receive from us, you may lodge a complaint with the data protection authorities in your home country.