1.3 For purposes of GDPR, the data controller is:
Institute of International Finance
1333 H Street NW, Suite 800E
Washington, D.C. 20005
1.4 Any questions regarding the processing or use of IIF data may be sent to firstname.lastname@example.org.
Information Collection and Use
2.1 Why does IIF collect and process personal data?
We collect limited personal data of our Users in order to provide and improve our services. Among other things, we collect limited personal data so that we can provide you with copies of our educational research, invite you to events, manage registration and payments for events, respond to requests or inquiries, and to gather statistical information to make our research products more relevant to you.
2.2 What personal data does IIF collect?
Personal data collected by IIF may include:
- Name, email address, name of employer, job title, and mailing address
- Invoicing information
- Communications, such as emails or other correspondence, between the user and IIF
In addition, when you visit our website, we will record “log data,” which is information your browser automatically sends such as your computer's Internet Protocol address, browser type, browser version, the pages of our website that you visit, the time and date of your visit, and the time spent on those pages.
Our website supports Do Not Track ("DNT"). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.
We also use Google Analytics, which is a web analytics service, to gather data about the research products accessed by visitors to our website. We use this information to make our research products more relevant to readers. The IP address of the data subject is abridged by Google and anonymised when accessing our websites from a Member State of the European Union or another Contracting State to the Agreement on the European Economic Area. Users may block Google Analytics by preventing the setting of cookies through our website, as discussed above, or by downloading and installing a browser add-on under the link https://tools.google.com/dlpage/gaoptout.
Storage and Security
3.1 Where is my personal data stored?
The IIF is based in the United States, and data we hold will be stored on servers in the U.S.
We may also employ Customer Relationship Management (“CRM”) companies to store and process limited personal data. These companies are also based in the U.S., and may store your data on servers in the U.S. The CRMs we use also comply with relevant law, including GDPR, and can support GDPR-related requests.
3.2 How long will you hold the data?
Data will be held as long as necessary to meet IIF’s legitimate business interests and/or legal obligations or until we receive a request from the individual to delete his/her data.
3.3 Is the data secure?
The security of your Personal Information is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure. However, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure and we are unable to guarantee the absolute security of the Personal Information we have collected from you.
3.4 Will you disclose my data to outside parties?
We will disclose your Personal Data when required to do so by law or subpoena or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement.
Communications and Marketing
4.1 When will you contact me?
We use your contact information to send you educational research, event invitations, or other information. For Users in the European Union or in a Contracting State to the Agreement on the European Economic Area, we will only send marketing information for services that are similar to services you have previously used.
4.2 How should I let you know if I no longer wish to receive emails?
You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send, or by visiting the website and changing your subscription preferences.
Your Rights Under GDPR
5.1 What are my rights?
Data subjects in the European Union and in Contracting States of the EEA have the right to request access to and rectification of erasure of their personal data, to restrict processing of their personal data or to object to processing. Data subjects also have the right to data portability, which is the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided. Data subjects also have the right to lodge a complaint with a supervisory authority.
6.1 Children’s privacy
Only persons age 16 or older have permission to access our services. We do not knowingly collect personally identifiable information from children under 16. If you are a parent or guardian and you learn that your children have provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from a child under age 16 without verification of parental consent, we will take steps to remove that information from our servers.