We have updated this policy to comply with the EU General Data Protection Regulations
1. Our Responsibilities
It is the policy of the Gebeya to maintain an environment that promotes ethical and responsible conduct in all online network activities by instructors, employees and students. Gebeya INC recognizes its legal and ethical obligation to provide a safe study environment in both its online and taught courses and to protect your personal information and Data in that regard. To this end, Gebeya reserves the right and recognizes its obligation to:
- log network use and to monitor file server space utilization by Users, and assume no responsibility or liability for files deleted due to violation of file server space allotments;
- remove a user account on the network;
- monitor the use of online activities. This may include real-time monitoring of network activity and/or maintaining a log of Internet activity for later review;
- restrict online destinations through software or other means.
- provide guidelines and make reasonable efforts to train staff and students in acceptable use and policies governing online communications.
2. Data Collection
We collect certain data from you directly, like information you enter yourself, data about your participation in our marketplace and/ trainings, and data from third party platforms you connect with Gebeya. We also use third party analytics to collect some data, like information about your device.
Data You Provide
We may collect different data from or about you depending on how you use the Services. When you create an account and use the Services, including through a third party platform, we collect personal information which includes any information about you from which you can be identified. It does not include data where the identity has been removed (e.g., anonymized or aggregated data). The categories of Personal Information about you that we may collect, use, store or transfer (subject to your consent and/ requirements under applicable law) includes the following, some of which constitute Personal Information only when combined with personal identifiers:
- Identity Data: Information we use to identify you, authenticate you as an authorized user of the Services, communicate with you, and record any transactions you make. This includes first name, maiden name, last name, login/user ID and password details, marital status, title, data of birth and gender.
- Contact Data: Includes billing address, postal address, email address, telephone number and mobile phone number.
- Technical Data: Includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Services.
- Usage Data: Includes information about how you use our Services.
- Transaction Data: Includes details of the Services for which you have previously registered and/or in which you have been enrolled.
- Assessment Data: Information on your aptitude in certain technology-based subject areas and your performance on General Assembly’s capabilities and learning needs assessments.
- Profile Data: Includes your interests, preferences, website browsing history, demographic information such as age, gender, education level, feedback and survey responses.
How We Get Data About You
We use tools like cookies, web beacons, analytical services to analyze trends and administer the website, track users’ movement around the websites and to gather data referenced above.
3. Purpose of Information
Before or at the time of collecting personal information, we will identify the purposes for which information is being collected. These include but not limited to:
- identify the user/user account, give the user access to complete the registration process on the portal and access our Services
- enable and deliver the Services
- to manage our relationship with you
- promptly inform the user of any updates or changes to our policies and services,
- furnish the user with feedback on their participation and performance in the use of our Services
- assess and mark the users’ coursework and examinations
- grant the user access to the portal, to enable the user to complete and submit reviews and/or submit completed questionnaires/surveys.
- make our services and the portal’s content available to the user and also continue to modify, maintain and enhance the user’s experience
- intermittently upgrade the user experience and functionality of our Services while providing related customer services.
- manage and protect the Services (including troubleshooting, data analysis, testing, system review).
- endeavour to respond to the users’ queries/enquiries and forward information requested by the user via electronic mail, sms or other marketing channels.
We will collect and use of personal information solely with the objective of fulfilling those purposes specified above by us and for other compatible purposes, unless we obtain the consent of the individual concerned or as required by law.
4. Information Sharing and Disclosure
- With Gebeya Talent: We share data about you or your company with Gebeya Talent retained for your engagement or retained to deliver projects for which you have sought our technical intervention.
- With Hiring Companies: We share data that we have about you with hiring companies seeking to engage Gebeya Talent with your specific competence or skill set.
- With Your Instructors: We share data that we have about you with instructors or teaching assistants for courses you enroll in or request information about, so they can improve their courses for you and other students. This data may include things like your city, country, browser language, operating system, device settings, If we collect additional data about you (like age or gender), we may share that too
- With Service Providers, Contractors, and Agents: We share your data with third party companies who perform services on our behalf, like data analysis, marketing and advertising services (including retargeted advertising), email and hosting services. These service providers may access your personal data and are required to use it solely as we direct, to provide our requested service.
- With Business Partners: We have agreements with other websites and platforms to distribute our Services and drive traffic to Gebeya.
- With Analytics and Data Enrichment Services: As part of our use of third party analytics, we share certain contact information and data (as detailed in Section 1), or de-identified data as needed. De-identified data means data where we have removed things like your name and email address and replaced it with a token ID. This allows these providers to provide analytics services or match your data with publicly-available database information (including contact and social information from other sources). We do this to communicate with you in a more effective and customized manner.
- To Administer Promotions and Surveys: we may share your data as necessary to administer, market, or sponsor promotions and surveys you choose to participate in, as required by applicable law (like to provide a winners list or make required filings), or in accordance with the rules of the promotion or survey.
- For Advertising: If we decide to offer advertising in the future, we may use and share certain Data with third party advertisers and networks to show general demographic and preference information among our users
- For Security and Legal ComplianceWe may disclose your data to third parties if we (in our sole discretion) in good faith believe that the disclosure.
- Permitted or required by law;
- Requested as part of a judicial, governmental, or legal inquiry, order, or proceeding;
- Reasonably necessary as part of a valid subpoena, warrant, or other legally-valid request;
- Required to detect, prevent, or address fraud, abuse, misuse, potential violations of law (or rule or regulation), or security or technical issues; or
- Reasonably necessary in our discretion to protect against imminent harm to the rights, property, or safety of Gebeya, our users, employees, members of the public, or our Services.
K. During a Change in Control: If Gebeya undergoes a business transaction like a merger, acquisition, corporate divestiture, or dissolution (including bankruptcy), or a sale of all or some of its assets, we may share, disclose, or transfer all of your data to the successor organization during such transition or in contemplation of a transition (including during due diligence).
L. After Aggregation/De-identification: We can disclose or use aggregate or de-identified data for any purpose.
5. Data Retention
6. Security of Information
Gebeya has implemented generally accepted standards of technology and operational security to protect personal data from loss or theft, unauthorized access, disclosure, copying, use or modification, alteration, or destruction. Only authorized Gebeya personnel and third party service providers are provided access to personal data, and these employees and service providers are required to treat this information as confidential. All access to our Services is encrypted using industry-standard transport layer security technology (“TLS”). When you enter sensitive information, we encrypt the transmission of that information using secure socket layer technology (“SSL”). We also use HTTP strict transport security to add an additional layer of protection. Despite these precautions however, Gebeya cannot guarantee that unauthorized persons will not obtain access to your personal data.
7. Your Choices and Rights
- Where granted by local law, you may have the right to request access to the personal data that we have collected about you for the purposes of reviewing, modifying, or requesting deletion of the data. You may also have the right to request a copy of the personal data that we have collected about you and to have any inaccuracies in that data corrected. In certain circumstances, you may also request that we cease processing your personal data.
- If you would like to make a request to access, review, or correct the personal data we have collected about you, or to discuss how we process your personal data, please contact us at firstname.lastname@example.org. To help protect your privacy and security, we will take reasonable steps to verify your identity, such as requiring a password and user ID, before granting access to your personal data. We will make reasonable attempts to promptly investigate, comply with, or otherwise respond to your requests as may be required by applicable law. Different laws may prevent us from providing access to your personal data or otherwise fully complying with your request depending upon the circumstances and the request, such as for example, where producing your information may reveal the identity of someone else. We reserve the right to charge an appropriate fee for complying with your request where allowed by applicable law, and/or deny your requests where they may be manifestly unfounded, and/or excessive, or otherwise objectionable or unwarranted under applicable law.
- In addition, and where granted by local law, you have the legal right to lodge a complaint with a competent data protection authority.
- Right to be forgotten: If you are located in the European Economic Area (“EEA”), in addition to the rights described above, you may contact us at the contact information provided below to (1) request a restriction on the processing of your personal information, (2) object to the processing of your personal information, (3) exercise your rights to be forgotten or (4) exercise other rights with respect to your personal information.
8. International Transfers of Your Personal data
Information collected from you may be stored and processed in Ethiopia, Kenya, Djibouti, European Economic Area, the United States, or any other country in which we or agents or contractors maintain facilities, and by accessing our sites and using our services, you consent to any such transfer of information outside of your country. Such countries may have laws which are different, and potentially not as protective, as the laws of your own country. If you reside in the EEA or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your personal data to other jurisdictions in which we operate. By providing your personal data, you consent to any transfer and processing in accordance with this Policy.
10. Governing Law
Any claim relating to the Services shall be governed by the laws of the State of California without regard to its conflict of law provisions.
In any action between or among any of the parties, whether arising out of these or otherwise, each of the parties irrevocably and unconditionally (i) consents and submits to the exclusive jurisdiction and venue of the state and federal courts located in California; and (ii) waives any and all right to trial by jury in any legal proceeding arising out of or related to this agreement or any transactions contemplated hereby.