Our Data Privacy Policy

Effective Date: 24 May 2025

1. Introduction

MENA Executive Training ("we", "our", or "us") is committed to safeguarding the privacy and security of personal data entrusted to us. This Data Privacy Policy outlines our practices concerning the collection, use, disclosure, and protection of personal data in accordance with applicable data protection laws and regulations.

2. Scope

This policy applies to all personal data processed by MENA Executive Training in the context of our operations, including but not limited to data collected from clients, partners, employees, and website visitors.

3. Definitions

Personal Data: Any information relating to an identified or identifiable natural person.
Processing: Any operation performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, erasure, or destruction.
Data Subject: An individual whose personal data is processed.
Data Controller: The entity that determines the purposes and means of processing personal data.
Data Processor: An entity that processes personal data on behalf of the Data Controller.
Sensitive Personal Data: Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data, health information, or data concerning a person's sex life or sexual orientation.

4. Principles of Data Processing

We adhere to the following principles when processing personal data:

Lawfulness, Fairness, and Transparency: Processing personal data lawfully, fairly, and in a transparent manner.
Purpose Limitation: Collecting personal data for specified, explicit, and legitimate purposes and not processing it further in a manner incompatible with those purposes.
Data Minimisation: Ensuring that personal data is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
Accuracy: Taking reasonable steps to ensure that personal data is accurate and, where necessary, kept up to date.
Storage Limitation: Keeping personal data in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.
Integrity and Confidentiality: Processing personal data in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.
Accountability: Being responsible for, and able to demonstrate compliance with, these principles.

5. Collection of Personal Data

We collect personal data through various means, including:

Direct Interactions: When individuals register for our courses, contact us, or subscribe to our communications.
Automated Technologies: Through cookies and similar technologies when individuals interact with our website.
Third Parties: From partners, affiliates, or publicly available sources.

The types of personal data we may collect include:

Contact details (e.g., name, email address, phone number)
Professional information (e.g., job title, organisation, industry)
Payment information (e.g., billing address, payment card details)
Technical data (e.g., IP address, browser type, device information)
Preferences and feedback related to our services

6. Use of Personal Data

We process personal data for the following purposes:

To provide and manage our training services
To communicate with clients and respond to inquiries
To process payments and manage transactions
To improve our services and website functionality
To send marketing communications, subject to consent
To comply with legal obligations and regulatory requirements

7. Legal Basis for Processing

We process personal data based on one or more of the following legal grounds:

Consent: Where individuals have given clear consent for processing their personal data for specific purposes.
Contractual Necessity: Processing is necessary for the performance of a contract with the data subject or to take steps at the request of the data subject prior to entering into a contract.
Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject.
Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided that such interests are not overridden by the data subject's rights and interests.

8. Sharing of Personal Data

We may share personal data with:

Service Providers: Third parties who provide services on our behalf, such as payment processors, IT service providers, and event organizers.
Affiliates and Partners: Entities that are part of our corporate group or partners involved in delivering our services.
Legal Authorities: Regulatory bodies, law enforcement agencies, or other authorities as required by law.

We ensure that any third parties with whom we share personal data are subject to appropriate confidentiality and data protection obligations.

9. International Data Transfers

If we transfer personal data outside of the jurisdiction in which it was collected, we ensure that appropriate safeguards are in place to protect the data, such as:

Transferring to countries that have been deemed to provide an adequate level of data protection
Implementing standard contractual clauses approved by relevant data protection authorities
Obtaining explicit consent from data subjects for specific transfers

10. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

Encryption and secure storage of data
Access controls and authentication mechanisms
Regular security assessments and audits
Staff training on data protection and security

11. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying legal, accounting, or reporting requirements. The retention period may vary depending on the type of data and the applicable legal obligations.

12. Data Subject Rights

Individuals have the following rights regarding their personal data:

Right to Access: To obtain confirmation as to whether we process their personal data and access to that data.
Right to Rectification: To request correction of inaccurate or incomplete personal data.
Right to Erasure: To request deletion of personal data under certain circumstances.
Right to Restrict Processing: To request the restriction of processing under specific conditions.
Right to Data Portability: To receive their personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
Right to Object: To object to processing based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent: To withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise these rights, individuals can contact us at:

Email: training@menaexecutivetraining.com

13. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance user experience, analyze website traffic, and for marketing purposes. Users can manage their cookie preferences through their browser settings. Please note that disabling cookies may affect the functionality of our website.

14. Data Protection Officer

We have appointed a Data Protection Officer (DPO) responsible for overseeing our data protection strategy and ensuring compliance with data protection laws. The DPO can be contacted at:

Email: training@menaexecutivetraining.com

15. Complaints

If individuals believe that their data protection rights have been violated, they have the right to lodge a complaint with the relevant supervisory authority.

16. Changes to This Policy

We may update this Data Privacy Policy from time to time to reflect changes in our practices or legal obligations. We encourage individuals to review this policy periodically to stay informed about how we protect personal data.

For any questions or concerns regarding this policy or our data protection practices, please contact us at training@menaexecutivetraining.com.

Our Data Privacy Policy

Personal Data: Any information relating to an identified or identifiable natural person.

Processing: Any operation performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, erasure, or destruction.

Data Subject: An individual whose personal data is processed.

Data Controller: The entity that determines the purposes and means of processing personal data.

Data Processor: An entity that processes personal data on behalf of the Data Controller.

Sensitive Personal Data: Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data, health information, or data concerning a person's sex life or sexual orientation.

4. Principles of Data Processing We adhere to the following principles when processing personal data:

Lawfulness, Fairness, and Transparency: Processing personal data lawfully, fairly, and in a transparent manner.

Purpose Limitation: Collecting personal data for specified, explicit, and legitimate purposes and not processing it further in a manner incompatible with those purposes.

Data Minimisation: Ensuring that personal data is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.

Accuracy: Taking reasonable steps to ensure that personal data is accurate and, where necessary, kept up to date.

Storage Limitation: Keeping personal data in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.

Integrity and Confidentiality: Processing personal data in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

Accountability: Being responsible for, and able to demonstrate compliance with, these principles.

5. Collection of Personal Data We collect personal data through various means, including:

Direct Interactions: When individuals register for our courses, contact us, or subscribe to our communications.

Automated Technologies: Through cookies and similar technologies when individuals interact with our website.

Third Parties: From partners, affiliates, or publicly available sources.

The types of personal data we may collect include:

Contact details (e.g., name, email address, phone number)

Professional information (e.g., job title, organisation, industry)

Payment information (e.g., billing address, payment card details)

Technical data (e.g., IP address, browser type, device information)

Preferences and feedback related to our services

6. Use of Personal Data We process personal data for the following purposes:

To provide and manage our training services

To communicate with clients and respond to inquiries

To process payments and manage transactions

To improve our services and website functionality

To send marketing communications, subject to consent

To comply with legal obligations and regulatory requirements

7. Legal Basis for Processing We process personal data based on one or more of the following legal grounds:

Consent: Where individuals have given clear consent for processing their personal data for specific purposes.

Contractual Necessity: Processing is necessary for the performance of a contract with the data subject or to take steps at the request of the data subject prior to entering into a contract.

Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject.

Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided that such interests are not overridden by the data subject's rights and interests.

8. Sharing of Personal Data We may share personal data with:

Service Providers: Third parties who provide services on our behalf, such as payment processors, IT service providers, and event organizers.

Affiliates and Partners: Entities that are part of our corporate group or partners involved in delivering our services.

Legal Authorities: Regulatory bodies, law enforcement agencies, or other authorities as required by law.

Transferring to countries that have been deemed to provide an adequate level of data protection

Implementing standard contractual clauses approved by relevant data protection authorities

Obtaining explicit consent from data subjects for specific transfers

10. Data Security We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

Encryption and secure storage of data

Access controls and authentication mechanisms

Regular security assessments and audits

Staff training on data protection and security

Right to Access: To obtain confirmation as to whether we process their personal data and access to that data.

Right to Rectification: To request correction of inaccurate or incomplete personal data.

Right to Erasure: To request deletion of personal data under certain circumstances.

Right to Restrict Processing: To request the restriction of processing under specific conditions.

Right to Data Portability: To receive their personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

Right to Object: To object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent: To withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

4. Principles of Data Processing

We adhere to the following principles when processing personal data:

5. Collection of Personal Data

We collect personal data through various means, including:

6. Use of Personal Data

We process personal data for the following purposes:

7. Legal Basis for Processing

We process personal data based on one or more of the following legal grounds:

8. Sharing of Personal Data

We may share personal data with:

10. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include: