Who we are
The data we collect about you
We may collect, use, store and transfer the following personal data about you, which is your name, business email address, device information (DeviceID, Device Name), browser information (BrowserID, Browser Name), IP address, geolocation through IP addresses, user activity.
We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Authentication through Okta
In order to use the Site, where applicable, you may need to authenticate with the third-party provider Okta Inc. (301 Brannan St Ste 300, San Francisco, CA 94107) with your personal username and a personal password. To do this, download the Okta Verify app and perform the authentication process. The regulations and data protection declaration of Okta, Inc. apply. We have no influence on and are not responsible for the data collection by Okta Inc. Your data will be processed exclusively for the purpose of authentication. After successful authentication you will receive personal access to our app. Here you register once with your e-mail address.
How your personal data is collected
We will collect and process the following data about you:
- Information you give us. This is information you consent to giving us when you submit request demo form (your name and email address), or by corresponding with us (for example, by email). It includes information you provide when you request a demo or when you report a problem with the Site. If you contact us, we will keep a record of that correspondence.
- When you register to the emailing list. We may collect your personal data where you subscribe to join our email list while you submit the request demo form.
COOKIES AND OTHER TRACKING TECHNOLOGIES
To view a detailed list of cookies used on the Site, click here.
- Purposes for use Of your personal data
We process your personal information for the following purposes:
- Corresponding with you (by phone or email)
- Monitoring usage of the Site;
- Providing you support related to accessing and using the Site
- Improving the Site content and navigation; informing you about updates to the Site
- Tailoring and personalizing the Site and its content, improving the Site and service experience, conduct research to improve Site conversion and interaction content, improving navigation, improving search results, recommending content based on industry/company/interest/location/searches, improving/understanding needs for existing service improvements/roadmaps, developing new services
- Informing the user about updates to the Site
- Understanding the user population; determining whether the Site is designed to work with the Device settings of a majority of users
- Sending marketing communications via emails, from CO2 AI by BCG based on your consent where required.
How your personal data is USED
We process your personal information for the purposes described above and most commonly we will use your personal data in the following circumstances:
- Where you have consented before the processing
- Where we need to perform a contract we are about to enter or have entered with you (including where necessary to use the Site)
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and
- Where we need to comply with a legal or regulatory obligation
Insofar as you have granted us consent to the processing of personal information for specific purposes (including registration on the Site), the lawfulness of such processing is based on your consent. You may withdraw your consent to the extent permitted by applicable law, by sending an email to: firstname.lastname@example.org.
Disclosure of Personal Data
We may also disclose your Personal Data to law enforcement agencies, courts, other government authorities or other third parties where we believe necessary to comply with a legal or regulatory obligation. Further we may disclose your Personal Data to potential transaction partners, service providers, advisors, and other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell or transfer all or a portion of our assets or business. Should such a sale or transfer occur, we will use reasonable efforts to obligate the entity to which we transfer your Personal Data to use it in a manner that is consistent with this Policy.
Choices Regarding Disclosures
BCG does not disclose your personal data for purposes not described herein or to unaffiliated third parties for commercial or marketing purposes. BCG allows individuals to “opt out” before commencing any such disclosure in the future.
Personal data will only be kept as long as is reasonably necessary to fulfil the purpose for which it was collected. We may retain your personal information for longer if they may be the subject of a legal claim, or may otherwise be relevant for future litigation.
In some circumstances we will anonymise and/or aggregate your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
International Data Protection Standards
With respect to personal data about you residing in the EEA and UK, BCG adheres to legitimate cross-border data transfer mechanisms (namely Standard Contractual Clauses approved by the European Commission) and the principles of applicable data protection laws. Accordingly, third parties obtaining access to personal data about you for purposes of performing services for or on behalf of BCG, are required to assure BCG in writing that they will provide at least the level of privacy protection as BCG provides e.g. the appropriate safeguards have been put in place.
BCG handles personal data in accordance with BCG procedures to protect the integrity and security of the personal data, including conducting periodic reviews of personal data quality, purging obsolete information, and imposing security measures such as industry-standard technical, physical and administrative safeguards. We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.
In accordance with applicable data protection laws, you have the right to access your personal data, you have a right to request a copy of the personal information we hold about you and details of how we use that information. If any of the information held about you is incorrect or out of date, you have the right to amend or rectify it. Please follow the process outlined below and we will amend our records where appropriate. You also have the right to require us to erase your personal data, stop processing your personal data, restricting the processing of your personal information, right of portability of your personal information, right of not be subject to automated decision making, including profiling and/or to withdraw your consent to processing. This may not apply if there are other legal justifications to continue processing.
If you think we may have incorrect personal information, or would like a copy of the personal information we hold on you, or to exercise any other data protection right, please contact us on our point of contacts below. Please note that we need you to prove who you are before we can provide you with any information. You also have a right to lodge a complaint with your local supervisory authority.
If you have further questions on the topic of data protection, please contact us. For questions regarding the processing of your personal data, regarding access, rectification, blocking/restriction of processing or erasure of data, data transferability, objection to data processing and revocation of given consents, please contact us via:
Data Protection Office
Boston Consulting Group Inc.
200 Pier Four Boulevard
Boston, MA 02210
If you are a California resident, please see the California Addendum.
Data Protection Officer (Der Datenschutzbeauftragte)
Boston Consulting Group GmbH
80539 Munich Germany