Liste des politiques actives

Nom Type Consentement utilisateur
Privacy Policy Politique de site Tous les utilisateurs

Résumé

  LMS PRIVACY POLICY  


Politique complète


 

LMS PRIVACY POLICY

This Privacy Policy provides detailed information on how KNOWLEDGE INFRASTRUCTURE S.L. (hereinafter, “K-INFRA”) carries out the processing of Personal Data through the website https://smartcampus.k-infrastructure.com/ in accordance with the principle of transparency and rights of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data and by that Directive 95/46 / EC (hereinafter “DGPR”) is repealed. This Privacy Policy is applicable to the processing of the Personal Data that you provide to us or that we obtain from you when you access and use the services of the Website (https://smartcampus.k-infrastructure.com/) or when you contract certain K-Infra services. We recommend that you carefully review our Privacy Policy to ensure that you understand how your Personal Data will be used.

The basis of legitimacy of the data processing is the execution of the contract for the provision of services. The basis of legitimacy of the data processing for the sending of commercial communications is the consent of the interested party.

We inform you that the personal data requested at the time of registration on this campus, those requested by telephone or in any of our forms, are only the strictly necessary to formalize and manage the relationship with you, so that, if you do not provide them, we can not maintain that relationship. In any case, this main purpose is not subject to consent for the processing of data that are not necessary for this main activity.

The prospective offer of products and services of our own, as well as the elaboration of commercial profiles are additional treatments that are based on the consent you are asked for, without in any case the withdrawal of this consent conditioning the maintenance of the relationship you have with us. You will have the option to give or withhold your consent for our sending you emails including our use of your PII for marketing emails to inform you about:

·         Relevant communications related to PPP training courses,

·         Webinars

·         PPP trends

·         Other PPP knowledge sources

·         Promote our services or similar services from our affiliates.

You will always have the opportunity of unsubscribing from our communications and withdraw your consent by clicking the ‘Unsubscribe from this list’ option at the bottom of each non-transactional email, on our webpage or writing to us at dpo@k-infrastructure.com

K-Infra hereby undertakes to fulfill its obligations of confidentiality in personal data processing and its duty to protect them and to take the safety measures required by the applicable Spanish law to prevent variation, loss, or unauthorized access, always according with the available technology.

We will keep your PII for any or a combination of time periods described below in this Privacy Policy.

 

WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR DATA?

The person responsible for the treatment is the legal entity that determines the purposes and means of processing Personal Data. In other words, the person responsible decides how and for what purposes the Personal Data is processed. For the purposes of this Privacy Policy, the person responsible for the processing of Personal Data is: KNOWLEDGE INFRASTRUCTURE S.L., with registered office at C / Sauce 2, 3º B, Madrid, 28016 of Madrid (Spain), registered in the Mercantile Register of Madrid, Volume 34456, Folio 106, Section 8, Page M-619762, Registration 1st; and with CIF B-87500286.- And will also be responsible for the treatment of Personal Data, affiliated training entities with whom you hire any of the services offered.

Contact Details of the Person Responsible for the Treatment and the Delegate of Data Protection

The contact details of the controller are:

Responsible for the treatment: KNOWLEDGE INFRASTRUCTURE S.L. Postal Address: Calle Javier Ferrero 10 (Edificio Impact Hub Prosperidad) – 28002 Madrid (Spain), Phone: +34 91 128 88 09 Email: info@k-infrastructure.com

Responsible for the treatment: Affiliated Companies to whom you request one of the services of K-Infra. The contact details are those provided in the section of the Website AFFILIATED TRAINING ENTITIES

Delegate of data protection: K-INFRA has a data protection delegate, with whom you can contact through the electronic address: dpo@k-infrastructure.com

When We Act as Controller and Processor

K-Infra will be acting as the “Controller” of the personal data you provide directly to us via a “Contact Us” form, when creating an account, or via other contact methods.

If you are an employee or an authorized user of one of our clients which have entered into an agreement with us for the provision of our services, we will be acting as the “Processor” of your personal data transmitted by our customer. Our customer will be acting as Controller of your information. We follow their directions regarding this data, and may store it, delete it, or disclose it at their direction. As the processor, we do not own, control, or direct the use of any data provided to us by our clients which act as Controllers.

WHY WE NEED YOUR DATA

We need to know the PII you provide to us directly in our capacity as the controller or processor for purposes of responding to the execution of the contract for the provision of services. We also need to know the PII of authorized users of our clients when we act in our capacity as the processor for purposes of managing the authorized use of our services.

In addition, we need to know your PII to send you emails for other specific purposes and for sharing your PII for purposes as described in the Information Sharing and Disclosure section below.

WHAT KIND OF DATA DO WE COLLECT?

“Personally Identifiable Information” (or “PII”) refers to contact information that directly or indirectly tells specifically who you are, such as:

·         name

·         email

·         phone number

·         country

·         company name

·         company sector

·         position

·         or any other information that could be linked to you with reasonable effort.

We do not collect sensitive information such as location information (GPS), racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation.

User management data

User management data is everything we need to handle your account. This data includes your username, your email address, your password and so forth. This also includes session tokens, cookie data and tracking data need for our LMS to work.  The LMS is built using third-party frameworks and back-ends, and these may also add their own session data.

HOW WE COLLECT, STORAGE AND USE YOUR DATA

During the process of enrolling in a course or program, you will provide K-Infra with certain personal data.

The data will be duly managed and protected in accordance with our data protection guidelines, which have been drawn up in compliance with the security measures required by European Regulation 679/2016 on the protection of natural persons with regard to the processing of personal data (hereinafter referred to as GDPR).

If you proceed with the initiation of a course registration, you are providing your explicit consent to the use of your personal data provided through our website or through any other means, use which is subject to the limitations and rights established in the Spanish Law and described in this Privacy Policy.

Before collecting your PII, you will have the option to give or withhold your consent for our sending you emails including our use of your PII for marketing emails to inform you about:

·         Relevant communications related to PPP training courses,

·         Webinars

·         PPP trends

·         Other PPP knowledge sources

·         Promote our services or similar services from our affiliates.

You will always have the opportunity of unsubscribing from our communications and withdraw your consent by clicking the ‘Unsubscribe from this list’ option at the bottom of each non-transactional email, on our webpage or writing to us at dpo@k-infrastructure.com

Passively or Automatically Collected Data

Passively or automatically collected data (referred to as “User Management Data”) is collected as you use this campus. We or our affiliated entities, may use automated means to collect various types of information about you, your computer or other device used to access this site and related campus use. This information is based on your usage of this site. Usage Data is essentially anonymous when collected, but could be used indirectly to identify a person.

Subject to your right to opt-out, we may combine Usage Data with PII that we collect and use the combined data to create profiles about you only for purposes of improving our services and your user experience with our services.

HOW LONG WE KEEP YOUR DATA

We will keep your PII for any or a combination of time periods described as follows:

(i)      for as long as required by law,

(ii)    until we no longer have a valid reason for keeping it,

(iii)   until you request us to stop using it (please note that by exercising this right it may affect the ability to verify your qualifications for future trainings), or

(iv)  for so long as our client for which you are an authorized user remains a client or you are a registered user on the system.

(v)    to preserve the history of our course records (exam reports, feedbacks reports) according to our QMS.

When we delete your PII from our databases, it will remain in our backup system until it cycles out.

WHOM WE SHARE YOUR PERSONAL DATA WITH AND WHY (General Disclosure Policy)

We may share and disclose your PII with third parties, either because you have consented to allow us to do so or for a legitimate purpose or to comply with the law. Please note some of these organisations may be located outside Spain and/or EEA. If you are from outside the EU., understand that you are sending PII and Usage Data to Spain where our servers are located. That information may be then transferred within the EU. or back out of the EU. to other countries outside of your country of residence. Except for the EU, these countries may not necessarily have data protection laws as comprehensive or protective as those in your country of residence; however, our collection, storage, and use of your PII and Usage Data will at all times be governed by this Privacy Policy

We may share and disclose Usage Data without restriction, including without limitation, as described below.

Please contact us at dpo@k-infrastructure.com to opt out of all information sharing with a third party.

Disclosure of data collected and used via the K-Infra Learning Management System (this campus)

When we act as Controller: logs, activity completion, activity scores, information shared during training sessions, information about training attendees and any recordings of training sessions, belongs to K-Infra. We may use this content, which may include personal data about training attendees, for our own purposes.

When we act as Processor: our customer will be acting as Controller of your information. We follow their directions regarding this data, and may store it, delete it, or disclose it at their direction. As the processor, we do not own, control, or direct the use of any data provided to us by our clients which act as Controllers.

Trainer may also receive data we collect (for example, attendees’ names) when they access LMS dashboards and generate reports.

When you use the LMS, some data will be disclosed to other course attendees and to the trainer or affiliate deliver the training. For example, your name will appear in the attendee list. If you turn your video camera on, your image will be shown. If you send a chat or share content, that can be viewed by others in the same session or chat.

In addition, your email will be shared with the trainer and the rest of the training participants in order to create a common work/communication group during the course.

Access to your stored personal data via password. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site or online platform, you are responsible for keeping that password confidential. We ask you not to share passwords with anyone. The User undertakes to keep the password privately and protect it from the use of third parties. The User should notify K-Infra as soon as practicable if he/she becomes aware of the use by a third party of his/her password and right to access to those sections of pages. K-Infra is committed to adopting all necessary technical and organizational measures to ensure the personal data protection and to avoid their deterioration, loss, unauthorized analysis and/or access, to the extent those measures are reasonably available in accordance to the Personal Data Protection Law. K-infra is not responsible for the disclosure of their personal information to third parties for reasons out of the control of K-Infra.

Affiliated Entities. There may be certain courses or training programs that are developed and/or managed in collaboration with other training organizations, which are our Affiliates. Only in such cases, your data may be shared with those organizations (with the respective organization / Affiliate with which we collaborate for the specific course) for the purpose of registering, paying or communicating with you during the respective course. We may provide your PII and Usage Data to any affiliated entities we may have, including our subsidiaries. K-Infra takes all its reasonable efforts to ensure that those organizations are in compliance with the aforementioned policies and laws. The organization/affiliate will be indicated in the respective course page of our website.

You may find information about our Affiliates on our website (https://www.k-infrastructure.com/en/k-infra). Likewise, we inform you that you may exercise your rights of access, rectification, cancellation and opposition at the email address dpo@k-infrastructure.com, or by mail to Calle Javier Ferrero 10 (Edificio Impact Hub Prosperidad) – 28002 Madrid (Spain).

Sub-Processors. We may provide access to your PII and Usage Data to our trusted sub-processors that assist us with the operation and maintenance of our services. For example, we may contract with third parties to process payments, host our servers, provide security, and provide production, fulfillment, optimization, analytics, reporting, and software maintenance and development services. In addition, our sub-processors will be given access to your information only as is reasonably necessary to provide the services for which they are contracted. We have agreements with our service providers that say that they cannot use any of this data for their own purposes or for the purposes of another third party.

Exam Provision and Certificates: for the provision of APM Group Limited (APM) certification services, K-Infra may share your data with APM exclusively for this purpose, on the basis of which K-Infra may declare that the following is true:

·         APM will process the data provided exclusively for the processing purposes related to:

o   The reserve or booking of the exam for the candidates,

o   To allow candidates to register on APM portal

o   To manage and view the results of the exam and obtain the official certification

o   To dispatch the exam papers and certificated to the candidates

o   To report data back to Scheme Owners. Scheme Owners in regard to the CP3P Program are APMG and World Bank (located in USA).

o   and other parties involved in the provision of the certification services, such as Proctor U. This service allows you to take an online exam from the comfort of your own home or office with online proctoring.  APMG uses a third party supplier, ProctorU, to provide this service.  Their privacy policy can be seen here https://www.proctoru.com/privacy-policy  

Data will be processed as set out in the APMG Privacy Policy. APMG does ask data subjects for permission to contact them for advertising purposes and will do so where they get permission.

·         APM will comply with the obligations imposed by the data protection regulations in force.

·         APM already confirms that it will abide to all applicable data protection laws in force. This is set out in Clause 12 of the APMG General Terms and Conditions

·         Adopt the security measures required by the data protection regulations by virtue of the nature of the data transferred. This is an obligation prescribed by law which APMG already agrees to comply to (as per Clause 12 of APMG’s General Terms and Conditions).

·         Respect the confidentiality of the transferred data and not reveal them, nor transfer them or leave them at the disposal of third parties, except those parties necessary to manage the certification program such as the product owner (in this case the World Bank), a courier/shipping company (to dispatch the certificates), the ATO (to access to your marks) or unless  required by the Law, a Court or control authority.

Obtaining a digital badge and certificate via Credly: This service allows successful candidates to claim a digital badge to embed on an email signature, website, social media or a digital CV.  Successful candidates are required to register and accept their digital badge on Credly. A digital certificate will also be available on their personal account.  Each certificate has a unique verifiable link built into it allowing individuals, teams, managers and employers to quickly validate any certificate presented electronically.  Candidates can also print their own certificate on demand from their Credly account. Their privacy policy can be seen here https://www.youracclaim.com/privacy

IP owners of the APMG qualification you have chosen to undertake: Scheme Owners in regard to the:

•                    CP3P Program are APMG and World Bank (located in USA).

•                    Better Business Cases are APMG and HM Treasury/Welsh Treasury (located in UK)

•                    Praxis are APMG and Praxis Framework Limited (located in UK)

Aggregated or anonymized data with personal information removed: K-Infra may, from time to time, provide third parties with data that has been aggregated or anonymized.  This means that personal information that could be used to identify you has been removed from the data.  An example of this may be how many candidates have taken an exam in a country. Data provided to third parties in this way is not personal data; however, we do respect your right to object to your data being used in this way.

Successors. If we sell or otherwise transfer part or all of our business or assets to another organization, such as in the course of an acquisition, merger, bankruptcy or liquidation, we may transfer your PII and Usage Data. In such an event, we will require the buyer or transferee to agree to our commitments provided in this Privacy Policy.

Transmission and storage of your personal data: The data you provide will be lodged in Moodle and on our servers located in Madrid. Likewise, we store your data in our CRM provider, Teamleader, with registered office in Belgium. See its security policy: https://www.teamleader.eu/security</a

In addition, if you give us your consent for marketing communications or you are subscribed to our newsletter, your data will be storage in the servers of Mailchimp, an email marketing service provider, subject to the security agreement: "Privacy Shield" between the EU and the US. See Mailchimp's privacy policy.

Unfortunately, the transmission of information via the internet is not completely secure. Although we have technical and organisational measures in place to protect your data, we cannot guarantee the security of your data as it is transmitted and stored.

Compelling Obligations. Except for sharing your information as described in this Information Sharing and Disclosure Section, K-Infra will not disclose information about you or the contents of your communications unless compelled to do so in the good-faith belief that such action is reasonably necessary

(a) to comply with the law;

(b) to comply with legal process;

(c) to enforce these terms and conditions;

(d) to respond to claims that any content violates the rights of third parties;

(e) to facilitate the terms of an acquisition of K-Infra by, or merger with, another company, or

(f) to protect K-Infra’s interests regarding its property, including without limitation its intellectual property.

YOUR RIGHTS

K-Infra will respect your legal rights to your data. Below are the rights that you have under law, and what K-Infra does to protect those rights:

Legal right

What K-Infra does to protect your rights

The right to be informed

 

K-Infra is publishing this Privacy Notice to keep you informed about what we do with your personal information. We strive to be transparent about how we use your data.

The right to access

 

You have the right to access your information. Please contact K-Infra´s Data Protection Manager at dpo@k-infrastructure.com if you wish to obtain a copy of the personal information K -Infra holds about you. 

The right to rectification

 

If the information K-Infra holds about you is inaccurate or incomplete, you have the right to ask us to rectify it. If that data has been passed to a third party with your consent or for legal reasons, then we must also ask them to rectify the data. Please contact us at: dpo@k-infrastructure.com. If you have an account with us via our website or LMS, you may also update your personal information by logging into your profile page.

The right to erasure

 

This is sometimes called ‘the right to be forgotten’. If you want K-Infra to erase all your personal data and we do not have a legal reason to continue to process and hold it, please contact us at: dpo@k-infrastructure.com Please note that by exercising this right it may affect the ability to verify your qualifications.

The right to restrict processing

 

You have the right to ask K-Infra to restrict how we process your data. This means we are permitted to store the data but not further process it. We keep just enough data to make sure we respect your request in the future. If you want us to restrict processing of your data, please contact: dpo@k-infrastructure.com

The right to data portability

 

K-Infra must allow you to obtain and reuse your personal data for your own purposes across services in a safe and secure way without affecting the usability of your data. If you want information on how to port your data elsewhere: please contact  dpo@k-infrastructure.comThis right only applies to personal data that you have provided to us as the Data Controller. The data must be held by us by consent or for the performance of a contract.

The right to object

 

You have the right to object to K-Infra processing your data even if it is based on our legitimate interests, the exercise of official authority, direct marketing (including data aggregation), and processing for the purposes of statistics. If you wish to object please contact: dpo@k-infrastructure.com

The right to withdraw consent

 

If you have given us consent to process your data but change your mind as you have the right to withdraw your consent at any time, K-Infra must stop processing your data. If you want to withdraw your consent, please contact: dpo@k-infrastructure.com. Withdrawing consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

The right to complain to a Supervisory Authority

 

You have the right to complain to the AEPD if you feel that K-Infra has not responded to your requests in a reasonable time to solve a problem. Contact details for data protection authorities in the European Economic Area, Switzerland and certain non-European countries (including the US and Canada) are available at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm .

 

CHANGES TO OUR PRIVACY POLICY

We may update or amend this Privacy Policy from time to time, to comply with law or to meet our changing business requirements. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. Any updates or amendments will be posted on this campus. We encourage you to review the campus website regularly for the latest information on our privacy practices. By continuing to access our websites and/or online platforms or using any of our services, your access and use will be subject to these updates and amendments.