Founder’s Studio website Privacy Policy

Last updated on 03/19/2024

This Privacy Policy applies to the websites and mobile applications (together, the "Sites") provided by Founder’s Studio by Bain & Company, a company with registered office at 131 Dartmouth Street, Boston, MA, 02116, and/or the companies in its group (collectively “we” or “us”) who act as data controllers [1] with respect to the personal data you share with us under this Policy.

The Sites include www.bainfoundersstudio.com and additional websites or mobile applications produced and managed by us.

We know that your privacy is important to you and take user privacy very seriously. We are committed to protecting your personal data [2] (i.e. any information you provide to us from which you can be identified) in accordance with this Privacy Policy. We reserve the right, at our sole discretion, to alter and update this Privacy Policy from time to time. We invite you to review the current version of the Privacy Policy each time you return to our Sites.

Some terms are defined throughout this Policy. Simply click on the terms in bold to obtain their definition or refer to the definitions at the bottom of this Policy.

Information we collect and how we use it

We might collect personal data from you such as your name, contact details, occupation, company or university affiliation, industry, region/country, relationship to us, reason for contacting us, topics you are interested in and any other information you choose to share. By browsing our Sites or sending us information, you explicitly consent to us processing your personal data in accordance with this Privacy Policy. We might use your personal data to fulfil your request, send you marketing communications or consider potential investment opportunities in your company.

We collect personal data from you when you request information from us and/or supply, information through the Sites, such as when you fill out a contact form or, opt in to receive emails from us or agree to participate in surveys.

Personal data we collect might include your name, e-mail address, title, occupation, company or university affiliation, industry, region/country, relationship to us, reason for contacting us, topics you are interested in, any other background information provided with an application and any other information contained in messages you send us.

We might also collect information about how you use our Sites in accordance with our Cookie Policy.

By browsing our Sites and submitting this information to us, you explicitly agree to us using your personal data for the purposes and in the manner described in this Privacy Policy. Please do not send us any information you do not wish us to use.

We will use your personal data to fulfil your request, provide you with the information you requested and/or send you marketing communications. We may also use your information to consider potential investment opportunities in your company, as well as, to communicate with you about our events and to send you publications that we think may be of interest to you. 

We may collect personal data and may disclose such information to third party service providers in aggregate for marketing and promotional purposes. However, in these situations, we do not disclose to these entities any information that could be used to personally identify you. You do not have to provide us with any personal data.  However, if you do not, we may be unable to handle your request or to provide you with the services you are requesting.

We will keep your personal data for as long as needed to handle your request, or for as long as we have a relationship with you. 

Please note that we are not responsible for any information you may disclose publicly in any chat rooms, message boards, or similar web pages, including those hosted on or linked to our Sites. You should keep in mind that, whenever you publicly disclose information about yourself online (for example, via message boards or chat rooms), such information could be collected and used by people whom you do not know. In addition, certain message boards and similar user forums may display IP addresses along with the message poster's name and message. We bear no responsibility for any action or policies of any third parties who collect any information users may disclose on the message boards, chat areas or other user forums, if any, on the Sites.

Use of cookies on the Sites

We may use cookies or other technology (“cookies”) to obtain certain types of information when you browse our Sites. You can find information about what data is collected and how it is used in our Cookie Policy.

Who we share your personal data with

We may share your personal data with other companies in our group, as well as, with other third parties that might be located in a different country than your country of residence. We will not share or sell your data to any third party for their own use.

We may share your personal data with others, such as:

Third parties, other than law enforcement authorities or government bodies, will only handle your personal data on our behalf for the purposes described in this Policy. We will not sell or otherwise share your personal data with such third parties for their own use.

The companies of our group and other third parties we share your information with may be located in other countries, including countries that do not offer the same protection to your personal data as the country in which you reside. Where that is the case, we ensure that your personal data is protected by using appropriate legal mechanisms. If you reside in the European Union, such mechanisms include using contracts or wording approved by the European Commission called “Standard Contractual Clauses”.

Links to other websites

Our Sites may contain links to third party websites that are governed by their own terms and privacy policies. We do not bear any liability and responsibility for the content or your use of these websites.

The Sites may contain links to third party websites, including social network sites. Such websites are governed by their own terms of use and privacy policies, which you should review before browsing or submitting information to them. We are not responsible for the privacy practices of such websites. In addition, a link to a third-party website does not mean that we endorse or accept any responsibility for the content or the use of such website. We shall not bear any liability and responsibility for such content or for your use of these websites.

Security of your personal data

We have implemented appropriate technical and organizational security measures in order to protect your personal data from loss, misuse, alteration, or destruction.

We have implemented appropriate technical and organizational security measures in order to protect your personal data from loss, misuse, alteration, or destruction. Such measures include anonymizing [4] or pseudonymizing [5] data where possible. Our authorized personnel and third parties mentioned above will only have access to your personal data to the extent they need it to do their job or provide their services. Despite these precautions, however, we cannot guarantee that unauthorized persons will not obtain access to your information.

Links to other websites

Depending on where you reside you might have the right to request access to, rectification or erasure of your personal data and to object to or ask for the restriction of the processing of your personal data. You might also have the right to withdraw your consent and request that we stop processing or delete your personal data.

To exercise your rights, please submit your request by emailing [email protected].

Depending on where you reside, you may be entitled to certain rights regarding the personal data we hold about you. For instance, you may have the right to request access to your information, obtain a copy of it, as well as, information about how we use it. You have the right to request that we correct incorrect, inaccurate or out-of-date information about you. You may also have the right to request that we stop processing your information and/or withdraw your consent to such processing and to ask us to delete your information.

In the event that we hold personal data about you, and you no longer wish for this data to be processed as described in this Policy, or if you wish to access, rectify, cancel or oppose such processing, please submit your request by emailing [email protected].

If you receive marketing communications from us, you can opt out of receiving future emails from us or unsubscribe from participating in our programs. You can also submit an opt-out request by emailing [email protected].

If you think we are handling your information unlawfully, we encourage you to get in touch with us by emailing [email protected]. You may also have the right to lodge a complaint with your national supervisory authority.

Please note that we will take reasonable steps to check your identity before handling your request.

Children

Our Sites are not directed at children 16 years of age or younger. We, therefore, will not intentionally collect information about anyone under the age of 16, and request that no such information be submitted to us.

Contact

If you have any questions about this Privacy Policy or how we handle your personal data, please email us at [email protected]. You can also contact our Global Data Protection Officer:

Email: [email protected]
Post: 131 Dartmouth Street, Boston, MA, 02116

Country-specific information

China

This section applies to users in the People’s Republic of China (“PRC”) (for the purposes of this Privacy Policy, excluding Hong Kong SAR, Macau SAR, and Taiwan).

This section applies to you if you are resident in the PRC. The terms set out below are supplemental to, and should be read in conjunction with, the terms in this Privacy Policy. In case of any conflict or inconsistency between the Privacy Policy and this China section, this section shall prevail for residents of the PRC only. The data controllers of your personal data are We & Company, Inc. and We & Company China, Inc. Reference to personal data used in this section shall include references to sensitive personal information, where applicable, and shall have the same meanings given to those terms in relevant PRC data protection laws (as amended from time to time).

Information we collect and how we use it

Unless otherwise permitted by applicable PRC data protection laws, we will obtain consent from you if we wish to use your personal data (and sensitive personal information) for purposes other than those stated in this Privacy Policy.

Who we share your personal data with

With your consent, we may from time to time share or disclose your personal data as stated in this Privacy Policy.

With your consent, we may share, transfer or store your personal data outside of the PRC, as described in this Privacy Policy, where we are satisfied that adequate levels of protection are in place to protect the integrity and security of your personal data or adequate security measures are adopted and in compliance with applicable privacy and data protection laws.

Your Rights

You may ask us to provide you with access to, or a copy of, your personal data, or correct the personal data we have about you. In certain circumstances, you may request that we delete your personal data. We will obtain your consent prior to sending you any marketing material or conducting any direct marketing activities. You may also withdraw your consent to our processing of your personal data, unsubscribe from receiving marketing information at any time, request to de-register your account, or send us complaints or inquiries about our processing of your personal data. Please contact us at [email protected] if you would like to make such requests, or if you have any further questions about your rights and this Privacy Policy.

Children

Our Sites are not intended for minors under the age of 16. If you are under the age of 16, you may not use this Site. If you have concerns about your child’s privacy, or if you believe that your child may have provided us with their personal data, please contact us by completing the data subject request form or sending an email to [email protected]. We will take steps to delete the information as soon as possible should we learn that we have collected the personal data of a child without first receiving verifiable parental consent.

Changes

Changes may be made to this Section from time to time. We recommend that you check back regularly for updates to this Section. If there are any changes to this Section which require your consent under applicable law, we will obtain your prior notified consent accordingly.

USA – California

If you are a resident of California, you may have additional rights in relation to your personal data.

As required under the California Consumer Privacy Act (“CCPA”), the categories of personal data (referred to as “personal information” in the CCPA) collected and processed by us, the purposes for which they are processed and the third parties such data is shared with are described in this Privacy Policy. We have not sold and do not sell your personal data within the meaning of the CCPA. If you are a resident of the State of California, you may have the right to request that we disclose to you:

You may also have the right to request that we delete your personal data subject to the limitations of the CCPA. If you wish to exercise your rights, please email us at [email protected]. We may have to request additional information to verify your identity. We will not discriminate against you because you have exercised your rights under the CCPA.

Definitions

1. The data controller is the person or company that, together or jointly with others, determines the purposes (why) and means (how) of the processing of personal data.
2.Personal data is any information that relates to an individual who is identified or identifiable, for instance by reference to a name, an identification number or an online identifier.
3.Standard Contractual Clauses are an agreement that can be entered into by companies for transfers of personal data outside of the European Union. They are a mechanism approved by the European Commission to ensure adequate safeguards to personal data when it is transferred outside of the European Union.
4.Anonymizing means transforming data in such a way that it is no longer identifiable, i.e. the data can no longer be linked to an individual, even if combined with other information. Anonymous data is not considered "personal data".
5.Pseudonymizing means transforming data in such a way that it is no longer identifiable without the use of additional information. Pseudonymous data is still considered "personal data".