Your privacy is important to us. This privacy statement explains:

• What personal data is collected by the owner of this web site or provided by you, through our interactions with you and your use of our web site (www.nesalumni.org), apps and software.
• How your personal data will be used, where it is held, how long it will be kept and your rights.

Please read this privacy policy carefully.

Definitions and interpretation

In this privacy, the following definitions are used:

• Data controller means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.
• Data processor, in relation to personal data, means any person (other than an employee of the data controller) who processes the data on behalf of the data controller.

“You”, “your” or “data subject” means:

• Visitors to our website
• Subscribers to any service we offer through our site
• Prospective or existing clients or constituents corresponding with us by phone, e-mail or otherwise
• Job applicants

Data controller, “we”, “us” and “our” means:
"NES Alumni and Friends" Non-profit Partnership and its data processors;

Personal data means any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.

This definition provides for a wide range of personal identifiers to constitute personal data, including name, identification number, location data or online identifier, reflecting changes in technology and the way organisations collect information about people. The definition incorporates, where applicable, the definitions provided in the Data Protection Act 1998, General Data Protection Regulation and Data Protection Bill 2017-2019.

Sensitive personal data

The GDPR refers to sensitive personal data as “special category data”. Please see “Special category data”.

Special category data

Means personal data consisting of information as to the racial or ethnic origin of the data subject, his or her political opinions, his or her religious beliefs or other beliefs of a similar nature, whether he or she is a member of a trade union (within the meaning of the Trade Union and Labour Relations (Consolidation) Act 1992), his or her physical or mental health or condition, his or her sexual life. The special category specifically includes genetic data, and biometric data where processed to uniquely identify an individual.

Criminal offence data

Personal data relating to criminal convictions and offences.

Who we are (Identity of the data controller)

For the purpose of the Data Protection Act 1998, General Data Protection Regulation and Data Protection Bill 2017-2019 the data controller is "NES Alumni and Friends" Non-profit Partnership with registered address at Nakhimovskiy prospect, d. 47, office 1721 (for "NES Alumni and Friends" partnership), Moscow, 117418, Russian Federation.

Personal data we may collect from you

We may collect and process the following data and personal information about you:

Personal Data you provide us voluntarily

You might provide us some personal information by filling in the contact forms on our web, by corresponding with us by phone, e-mail or otherwise or reporting a problem with our Website.

The information you may give us is Personally Identifiable Information (“PI”). When we refer to “PI” in this policy we mean information that identifies an individual or may with reasonable efforts cause the identification of an individual) may include your first name, surname, graduation status and graduation class for your education in the New Economic School and e-mail address. Your messages on the site could include your personal data, lifestyle and social circumstances, family detail, education and employment details, special category data, (please see the paragraphs "Sensitive information and special category data" for more details) and information related to fundraising, volunteering or other activities.

Sensitive information and special category data

Your messages might include sensitive information or special category data (please check the paragraph "Definitions and interpretation") related to your racial or ethnic origin, political opinions, religious beliefs or other beliefs of a similar nature, physical or mental health or condition, sexual life.

Submission of this type of information is strictly voluntary. The submission of your enquiry is protected by an industry standard SSL/TLS encrypted connection. Please see the paragraph "Security" for more information.

By including special category data in your communication you provide your informed and explicit consent to the transfer, storage and processing of the specified special category personal data for the purposes specified in paragraph “Lawful basis and the purposes of the processing (Uses made of your personal information)”, by us and our Data Processors and subcontractors specified in paragraph “Trusted partners (data processors) who work on our behalf under confidentiality agreements and might store, maintain or process your data”.

Criminal offence data

By the nature of our usual activity, the services hereunder are not intended for processing of criminal offence data (please check the paragraph Definitions and interpretation). Please do not include this type of information in your request. If you feel the need to communicate us any information related to your criminal offence data, please specify it in your message and we will call you to avoid the record keeping of such information.

Applicant Information

Please see the paragraph Jobs Applications.

Children

If you are a child below 16 and wish to tell us something concerning you, you can contact us, call us or visit personally.


If later you wish to modify or delete the information you provided, you can contact us using the contact details below provided in the paragraph Your rights.

Information you provide about others

In providing personal data about other individuals (such as someone in whose name you are registering an account or subscribing to our marketing promotions), you represent that you have notified them of (i) the purposes for which information will be used (ii) the recipients of their personal data and (iii) how they can access and correct the information.  You further represent that You have obtained all necessary consents from them.

Information which may be made available to us, or collected automatically with the use of cookies or analytic tools

This information may vary over time but might include the following:

Technical information, including personally identifiable information

- Might include information about your device and connectivity information such as IP (Internet Protocol) address.

Non-personally identifiable information

Might include your configuration data such as browser type, browser plug-in types and versions. May include log information, such as error reports, download errors, any problems you experience using our web site and any phone number used to call our customer service number.

We do not combine information collected automatically through cookies and analytics tools with other personally identifiable information you may have provided to us.

Cookie policy

A cookie is a small file, typically of letters and numbers, downloaded on to a device when the user accesses certain websites. Cookies allow a website to recognise a user’s device.

Session cookies – allow websites to link the actions of a user during a browser session. They may be used for a variety of purposes such as remembering what a user has put in their shopping basket as they browse around a site. They could also be used for security when a user is accessing internet banking or to facilitate use of webmail. These session cookies expire after a browser session so would not be stored longer term. For this reason session cookies may sometimes be considered less privacy intrusive than persistent cookies.

Persistent cookies – are stored on a users’ device in between browser sessions which allows the preferences or actions of the user across a site (or in some cases across different websites) to be remembered. Persistent cookies may be used for a variety of purposes including remembering users’ preferences and choices when using a site or to target advertising.

First and third party cookies – Whether a cookie is ‘first’ or ‘third’ party refers to the website or domain placing the cookie. First party cookies in basic terms are cookies set by a website visited by the user - the website displayed in the URL window. Third party cookies are cookies that are set by a domain other than the one being visited by the user. If a user visits a website and a separate company sets a cookie through that website this would be a third party cookie.
We might use cookies to recognize you when you visit our site or use our Services, remember your preferences, and give you a personalized experience:

• Authentication cookies. If you're signed in to our Services, these cookies will help us show you the right information and personalize your experience.
• Session cookies. These cookies store the ID of a user’s session. The cookie is set when a user signs in and is used to restore the session without entering the personal data.
• 
Security cookies. We use cookies for our security features, and to help us detect malicious activity.
• 
Preferences, features and services. These cookies help us to customise your preferences, such as which language you prefer and what your communications preferences are or to fill out forms on our faster.
• Performance, Analytics and Research. Cookies help us to analyse our web site performance. We use cookies to improve our products, features, and services, including to create logs and record when you access our site.
• Third-party cookies. We might use them for website analytics and advertising purposes, i.e. cookies which are set and can be accessed by servers respectively domains of our third-party providers.

What can you do if you don't want cookies to be set or want them to be removed

Most browsers accept cookies automatically, however some people prefer not to allow cookies. You may change the security settings of your web browser in order to stop your device receiving and storing cookies, to allow receiving and storing cookies from selected websites you trust, or to be notified before receiving cookies. You may also delete cookies stored in your browser at any time. Information stored in such cookies will be removed from your device. However, that these settings may have negative effects on the  web sites usability.

Browser manufacturers usually provide help pages relating to cookie management in their products. Please see below for more information:

• Google Chrome
• Internet Explorer
• Mozilla Firefox
• Safari (Desktop)
• Safari (Mobile)
• Android Browser with further details here, here, on this page
 and here
• Opera
• Opera Mobile


For other browsers, please consult the documentation that your browser manufacturer provides.

Social media features and widgets

Our Website might include certain Social Media features and widgets, such as the “Facebook Like”, “Facebook Share”, “Instagram Follow”, “Twitter Tweet”, “Google +1” features, buttons or other interactive mini-programs (“Social Media Features”). These Social Media Features may collect information such as your IP address or which page you are visiting on our Website, and may set a cookie to enable them to function properly. Social Media Features are either hosted by a third party or hosted directly on our Website. Please be aware that if you choose to interact or share any Personal Information via such widgets, you are in fact providing it to these third parties and not to us. Your interactions with these third parties are managed by these Social Media policies and not ours. For example, you will not be able to use the “Facebook Like” button if you are not logged in to your Facebook account. Once you use the button this will be associated with your Facebook history, but we will not process this information.

Information we might obtain from third parties

We do not obtain any data from third parties.

Where do we store your information?

We take Client confidentiality and security very seriously. We are committed to protecting the Personal Data you share with us. We use a combination of industry-standard security technologies, procedures, and organizational measures to help protect your Personal Data from unauthorized access, use or disclosure.

The data processing consisting in hosting provider services (storage and maintenance of databases containing your personal data, protected by password) is performed on our behalf and under written confidentiality agreements by our authorized data processor located outside the European Economic Area in the USA.

The written agreements with the data processor guarantees that the requirements of the GDPR will be met and the rights of data subjects are protected.

Once this contract is concluded, data processor will return data to us or transmit to another processor appointed by us, and erase any copy in its possession. However, the processor may keep the data locked to address possible administrative or jurisdictional responsibilities.

Trusted partners (data processors) who work on our behalf under confidentiality agreements and might store, maintain or process your data:

We do not involve any third party data processors and all your personal data will be maintained and processed on rented secure computer storage facilities and/or in paper-based files. We use a combination of industry-standard security technologies, procedures, and organizational measures to help protect your Personal Data from unauthorized access, use or disclosure.

Data Retention

Unless otherwise specified, we may retain your Personal Information for as long as needed to provide you with information on our services and events or discuss with you any fundraising, volunteering or other activities. As the data subject you have rights related to processing of your personal data and the option of withdrawing your consent for processing it at any time. Please see paragraph “Your rights”.

Lawful basis and the uses made of your personal information

We process all personal data lawfully, fairly and in a transparent manner. We use the data we collect for the following basic purposes, described in more detail below.

1. We process personal information and special category data in order to provide a voluntary service for the benefit of the public as specified in our constitution; to fundraise and promote the interests of the charity;  As the data subject you have the right to withdraw your consent for processing your personal data at any time. Please see paragraph “Your rights”. We may also contact you about our projects, fundraising activities and other ways to support us or communicate with us. The lawful basis for such processing is consent.
2. Website improvement
   We might use your automatically collected data such as IP address and browser data for our Website improvement, such as: to administer our site and for internal operations, including data security, troubleshooting, testing, statistical purposes; to ensure that content from our site is presented in the most effective manner for you and for your device. The lawful basis for such processing is legitimate interests.

Disclosure of information to third parties

We do not share personal information about you with other people or non-affiliated organisations without your consent except to provide products or services you've requested, when we have your permission, or under the following circumstances:

We provide the information to trusted partners who provide us services under confidentiality agreements, specified in Paragraph "Trusted partners (data processors) who work on our behalf under confidentiality agreements" and might store, maintain or process your data. These companies do not have any independent right to share this information.

We may disclose your information to third parties when we reasonably believe we are obligated to do so by law, and in order to investigate, prevent, or take action regarding suspected or actual prohibited activities, including but not limited to, fraud and situations involving potential threats to the physical safety of any person.

In the event we are merged with a third party entity or undergo another change of control, we reserve the right to transfer information, including any PII and non-PII, to a successor entity. In this event, we will notify you by electronic means and obtain your consent before information about you is transferred and becomes subject to a different privacy policy.   

Jobs Applications

Applicant Information

We also collect information that is provided to us by jobs candidates (“Applicants”), when they apply to any of the open positions published at our Website via the relevant Position Application Form on our Website by sending us an e-mail or otherwise (see paragraph Personal Data you provide us voluntarily).

Your contact details and CV (“Applicants Information”) might include your: first name, surname, residential address, email address, telephone number, employment and educational history, language proficiencies and other work-related skills, date of birth, gender, national insurance number, citizenship and work authorization status, references as well as their contact information, resume or any document you may choose to upload to our website as part of your application, qualifications for employment, work and salary expectations.

Sensitive information and special category data

With your application you might provide us some sensitive information or special category data related to your Disability status, racial or ethnic origin (please check the paragraph Definitions and interpretation). Submission of this type of information is strictly voluntary. We will obtain your consent to process special category data if you wish to share it with us on our later communication regarding your application. If this is not possible we will destroy such data and erase any copy in our possession.

Criminal offence data

By the nature of our business and the purposes of processing the data, the services hereunder are not intended for processing of criminal offence data (please check the paragraph Definitions and interpretation). If you provide any information or documents containing this type of data, you are hereby notified that any input of such information will be solely at your risk and responsibility, we will destroy such data if we receive it accidently.

Purposes of the processing

By registering as a job candidate (“Applicant”) to any of the open positions published at our Website You explicitly confirm that you are interested in an employment at "NES Alumni and Friends" Non-profit Partnership and contact us as a step to enter in a contract with us. You therefore voluntarily provide Your personal data to be used for recruiting purposes, in particular for filling and matching your profile with any and all open positions at "NES Alumni and Friends" Non-profit Partnership, including beyond those for which you specifically applied.

Retention period

We may retain submitted Applicants Information even after the applied position has been filled or closed. This is done so we could re-consider Applicants for other positions and opportunities; so we could use their Applicants Information as reference for future applications submitted by them; and in case the Applicant is hired, for additional employment and business purposes related to his/her work. As a data subject you have rights related to maintenance, storage and processing of your personal data. Please see paragraph 'Your rights'.

International transfers

You can find detailed information related to data location in paragraphs 'Where Do We Store Your Information?' and 'Trusted partners (data processors) who work on our behalf under confidentiality agreements and might store, maintain or process your data.

Law Enforcement, Legal Requests and Duties

We may disclose or otherwise allow others access to your Personal Information pursuant to a legal request, such as a subpoena, legal proceedings, search warrant or court order, or in compliance with applicable laws, if we have a good faith belief that the law requires us to do so, with or without notice to you. Your details may also be disclosed to the police and law enforcement agencies for the purpose of fraud detection, crime prevention and national security.

Your rights

You have the following rights in accordance with the Data Protection Act 1998, General Data Protection Regulation and Data Protection Bill 2017-2019: 

• The right to be informed. In this privacy statement we supply you detailed information related to your personal data storage, maintenance and processing.
• The right to access information held about you
• The right to rectify your personal data if it is inaccurate, incomplete or out-of-date
• The right to erasure (delete or remove) your personal data
• The right to restrict (block) processing. When processing is restricted, we will store your personal data, but not further process it.
• The right to data portability which allows individuals to obtain and reuse their personal data for their own purposes across different services. It allows them to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.
• Rights related to automated decision making including profiling - we are not making any decisions which might produce a legal effect on you based on automated processing.
• The right to withdraw your consent (object) to direct marketing. You can exercise your rights by contacting us at nesalumni@nes.ru.
• The right to lodge a complaint with a supervisory authority. You have the right to lodge a complaint with a supervisory authority (Information Commissioner´s Office in the United Kingdom) if you have a concern about our information rights practices.