What is GDPR?
General Data Protection Regulation is an update to EU Privacy and Data Protection. It requires that we disclose with our customers how we collect and use personal information, as well as give options for removal from our network.
What kind of personal information is collected?
You may browse our Site without creating an online account. However, if you register for our services we may collect certain information about you. In general, we collect the following types of Personal Information from you, through our Site:
- Applicant Information. When you register for our services online, by submitting an application for certification or self-registration, we collect information about you and your business, including (but not limited to) your name, gender, ethnicity, job title, contact information, and other relevant information; and your business name and contact information.
- Newsletters. If you sign up to receive our newsletters, we collect your name and email address.
- Event Registration. If you register for an event, we will collect your registration information and the type of event you have registered for and may combine it with any other Personal Information we have collected about you.
- Donations. If you make a donation, we collect information about your donation, such as your name and contact information and the amount of your donation.
How is this personal information used?
We use the Personal Information we collect about you for the following types of purposes:
- to connect you with others within our network of women business owners, multinational corporations, and business support organizations;
- to respond to your requests or inquiries, to communicate with you about your application, event registration or donations, and for similar customer-service-related purposes;
- to assess your application;
- to administer events and programs;
- to process payments and donations;
- to adjust our offerings or services to you and to tailor the information we send or display to you;
- to send you information that we believe you may find of interest, including to send you our newsletter and to solicit donations;
- to improve our Site, offerings or services and to better understand how users access and use our Site and offerings, on an aggregated and individualized basis.
How is personal information disclosed?
We may disclose Personal Information collected online to third parties for the following types of purposes:
- to our contractors or service providers (such as service providers who help us to administer our Site or process credit card payments) who provide services or perform functions on our behalf;
- if you make a donation, we may, with your consent, share your name and contact information with our partners, including other non-profit organizations;
- if you consent, we may also share your Personal Information with other women’s business support organizations within our network;
- in response to a subpoena or other legal process by a governmental entity or third party, or if otherwise required by law;
- “in a limited number of circumstances, WEConnect International may need to disclose data without your prior consent, including as needed to satisfy legal requirements, or to protect the rights or property of WEConnect International or others (including the enforcement of agreements or policies governing the use of the service).”
What other information is collected?
Business profile information is also collected through the application process. This will include things like employee count, revenue size, business description and number of owners.
What control do I have over the information shared?
If you have created an eNetwork profile, you still have the same visibility controls you did previously. By editing the visibility, you can control what is seen by other members of the eNetwork at your discretion. If you would like your personal data removed from the eNetwork entirely, please see below.
What if I want to remove personal information?
If you would like any personal information removed, you can do so by contacting our Data Protection Officer at firstname.lastname@example.org who can remove emails, phone numbers, addresses, and any other personal information from our network.
What if my assessor asks to see documentation I do not have available or do not want to share?
You will be provided a list of documentation that must be available for review by WEConnect International. All of the documentation on the list is required and should be available for review by WEConnect International or its assessors. If there is any documentation that is not available during the assessment visit, WEConnect International is unable to make a final determination about your application until that documentation has been reviewed by an assessor.
All of the documentation requested for review is required. If there is any required documentation related to your business that you do not wish share, WEConnect International will issue a determination of incomplete and will be unable to issue your business a WBE certification.
Why do I need to share private information about my business with WEConnect International?
WEConnect International upholds the global standard for Women’s Business Enterprise (WBE) certification set by our corporate members and used by our U.S. partner organization. To meet the new the standards, WEConnect International requires review of private business information, including company ownership and financial information, as part of the certification process. WEConnect International will review this information during the certification process but does not retain copies of any documents beyond that time. We require that each certified WBE retain copies of all documentation reviewed during the certification process in the event that WEConnect International needs to review it at a later date.
Why do I need to upload this information to WEConnect International’s eNetwork?
WEConnect International is a global organization with a network of thousands of business owners. We have found that having documents uploaded is the best way to manage the certification application of each company. It also limits the back-and-forth that can occur when there are questions related to certification assessments and helps manage the process so all required documentation has been submitted before an assessment is scheduled.
Is there another way I can share my information and documents without uploading them to the eNetwork?
At this time, WEConnect International only allows company documents to be submitted by uploading them to our eNetwork. This is more secure than other forms of submission, such as email, and allows us to access your documents as needed and then removed leaving only a digital fingerprint.
Will WEConnect International keep copies of my documents?
WEConnect International keeps copies of the documents only during your business’s assessment process. After 180 days, WEConnect International deletes all documents that are collected and keeps only a digital fingerprint of the documents collected for our records. We require that each certified WBE retains copies of all documents submitted in the event they need to be reviewed at a later date.
What is a digital fingerprint?
Digital fingerprinting is a technique in which software identifies, extracts, and then compresses characteristic components of a file enabling that file to be uniquely identified by its resultant “fingerprint.”
Who at WEConnect International will view and have access to my documents?
Each applicant company will be assigned a certification assessor responsible for reviewing all documents. That assessor and our certification team making the final decision on your certification application are the only ones who will have access to your company’s documents.
Will WEConnect International share my documents with corporate members?
WEConnect International values your privacy. We will never share your assessment-related documents with anyone beyond our certification team. We do not share any information on our certified WBEs with our corporate members beyond what is included in your public eNetwork profile.
What country’s data privacy laws does WEConnect International follow?
WEConnect International in a U.S. non-profit organization governed by U.S. law. However, we operate in a global economy where data privacy laws are constantly changing. We follow the laws related to U.S. organizations in each country that we operate in.
Where are WEConnect International’s servers located?
WEConnect International’s servers are located in the United States.
What if I want my personal data removed?
If you desire to remove personal data, such as emails, addresses or phone numbers, from our eNetwork, please contact our Data Protection Officer at email@example.com.
What if I want to learn more about my data usage?
If you want to submit a subject access request to learn more about the usage of your data, please contact our Data Protection Officer at firstname.lastname@example.org.