Privacy Policy

Thank you for visiting the website operated by the Indian Institute of Management Ahmedabad (IIMA) Executive Education. Indian Institute of Management Ahmedabad, India’s best and Asia’s foremost Business School, continues to be ranked as one of the finest institutions in the world. IIMA has a long and proud history of being the change-maker and driver of innovation in business, management, strategy and policy in the Indian market. In 2008, IIMA also became the first business school in the country to be awarded EQUIS (European Quality Improvement System) accreditation. In 2019 IIMA established its first overseas branch, the Indian Institute of Management Ahmedabad Executive Education (IIMAEE), in the Dubai International Financial Center (DIFC) to provide high quality executive education programmes to professionals and corporations from the Middle East. Through the Dubai Branch, IIMA hopes to aid UAEs transition to a knowledge economy. IIMAEE offers high quality executive education programmes in two formats: (1) Open enrolment programmes and, (2) Customized corporate learning programmes.

The DIFC has its own data protection law, which is the Data Protection DIFC Law No.5 of 2020 (DPL). This privacy notice aims to give you information on how Indian Institute of Management Ahmedabad Executive Education (IIMAEE) collects and processes your personal data. It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them. DPL requires, as data controller for your data.

  • To process your data in a lawful, fair and transparent way; 
  • To only collect your data for explicit and legitimate purposes; 
  • To only collect data that is relevant, and limited to the purpose(s) we have told you about; 
  • To ensure that your data is accurate and up to date; 
  • To ensure that your data is only kept as long as necessary for the purpose(s) we have told you about; 
  • To ensure that appropriate security measures are used to protect your data.

IIMAEE is the controller and responsible for your personal data (referred to as IIMAEE, “we”, “us” or “our” in this privacy notice). If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the Data Protection Manager (DPM) using the details set out below.


Our full details are:

Full name of legal entity:              

Indian Institute of Management Ahmedabad Executive Education

Name of DPM:

Ashwin Joshi 

Email address:

Postal address:

Unit 03-OF-02-03-OF-26, Level3, Gate Village Building 08, Dubai International Financial Center, Dubai, United Arab Emirates.

You have the right to make a complaint at any time to Commissioner of Data Protection at DIFC, UAE on the email ID We would, however, appreciate the chance to deal with your concerns before you approach the Data Protection Commissioner so, please contact us in the first instance.


We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  1. Identity Data includes first name, last name, date of birth, gender, residential address, email address
  2. Contact Data including billing address, delivery address, email address and telephone numbers.
  3. Financial Data including bank account details.
  4. Professional Data includes academic qualifications and achievements, references, profession, job title, employer and professional history of the same.
  5. Sponsor Data: Information on financial sponsor for the programme.
  6. Technical Data including browser type, time zone setting and location and other technology on the devices you use to access our website.
  7. Marketing and Communications Data including your preferences in receiving marketing from us and our third parties and your communication preferences.
  8. Profile Data includesyour username and password to any IIMAEE online service, your interests, preferences, feedback and survey responses.
  9. Usage Data includes information about how you use our website and services.

We may, in exceptional circumstances, require the explicit consent of the data subject. Should such a need arise we will contact you. In such cases we will apply enhanced security measures to ensure that the privacy of the data is maintained and will only process it in accordance with the purposes as set out in [Paragraph C].

It is important that the personal data we hold about you is accurate and current. We may ask you to confirm updates to your personal data from time to time but please keep us informed if your personal data changes during your relationship with us in the meantime. Please inform IIMAEE of any changes in your data at the following email address:


We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to enrol you onto the programme of the Institute;
  • Where we need to support learning of the students;
  • To monitor and report on the progress of the students;
  • To assess the quality of our services;
  • Where we need to provide or in preparation for providing our services to you;
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
  • Where we need to comply with a legal or regulatory obligation;
  • To identify potential corporate clients who may be interested in our services;
  • To identify potential domain experts as guest lecturers, etc
  • To invite students for post training, networking or alumni engagement activities
  • To determine potential for new learning programmes

We have set out below, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. 

Generally, we do not rely on consent as a legal basis for processing your personal data other than when we need to process special category data or in relation to sending certain marketing communications to you via email in cases where we are not relying on the basis of legitimate interest. You have the right to withdraw consent to marketing at any time by unsubscribing from our emails (via the unsubscribe link within the email footer) or contacting our DPM via

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact our DPM if you need details about the specific legal ground, we are relying on to process your personal data where more than one ground has been set out in the table below.


If you are an alumnus of IIMAEE, this section will be relevant to you.


We do not sell your personal data to third parties. We will only share your personal data with third parties where we are allowed or required to do so by law. We set out in the relevant table the identity and purpose of such disclosure where it is possible for us to do so.  We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third parties to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. Third parties who process your data on our behalf are subject to contracts under which their processing activities are managed. Where your personal data is shared with third parties, we will seek to share the minimum amount of information necessary to fulfil the purpose.


We are a branch office of Indian Institute of Management Ahmedabad and some of our external third parties based outside the DIFC. Therefore, processing of your personal data will involve a transfer of data outside the DIFC subject to one of the following conditions being applicable:

  • One of the appropriate safeguards is in place under Article 27(2) of the DPL.
  • The country to which the personal data are transferred ensures an adequate level of protection for your rights and freedoms.
  • You have given us consent.
  • The transfer is necessary for one of the reasons set out in the DPL including the performance of a contract between us.
  • The transfer is legally required on important public interest grounds or for the establishment, exercise or defence of legal claims.
  • The transfer is authorised by the relevant data protection authority where we have adduced adequate safeguards with respect to the protection of your privacy.

Changes to this Notice

We may change this Notice from time to time and without notice. If we make significant changes in the way we treat your Personal Data, or to the Notice, we will endeavor to provide you notice through the Website or by some other means, such as email. Your continued use of the Website after such notice constitutes your acceptance of the changes. We encourage you to periodically review this notice for the latest information on our privacy practices. We provide links to it through:

  • Our Website
  • Incorporating it into our contracts, agreements, and other documents as necessary or appropriate


We have in place, appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.


Legitimate Interest means the interest of our organisation in conducting and managing our organisation to enable us to give you the best service and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us at [Insert email address]

Performance of Contract means processing your data where it is necessary for the performance of a contract or agreement to which you are a party or to take steps at your request before entering into such a contract.

Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.


You have the right to:

Request access  to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.

Object to any direct marketing (for example, email marketing or phone calls) by us, and to require us to stop such marketing. Object to automated decision-making about you which produces legal effects or otherwise has serious impactful consequences for you.

External Links
IIMA Executive Education site contains links to other independently run websites within our network and to some sites outside domains that are not controlled by IIMA Executive Education. Non-IIMA sites are not covered by this privacy policy. IIMA Executive Education is not responsible for the privacy practices, security or content of such websites. IIMA Executive Education cannot be responsible for the contents of external third-party sites, and by using such links, the user relieves IIMA Executive Education of any and all liability arising from the use of such third-party websites.

Contacting Us
If you have any questions about this privacy statement, the practices of this site, or your dealings with this Website, you may contact the official functionaries of the institute whose contact details are provided in “Contact Us” page.

IIMA does not guarantee the accuracy of the content contained in its website. The users of this site are fully responsible for their actions when using the content of this website. IIMA Executive Education will not be liable for damages of any kind for any consequences arising out of or in connection with the use, or the inability to use, or the performance of the information, services, contents or materials contained in this website. No person working with IIMA Executive Education or on this website will be liable for any damages arising out of the use of the content contained in this website.

IIMA Executive Education reserves the right to periodically update, add to, delete or revise the content in this website, without any prior notice. IIMA Executive Education also reserves the right to make changes to the technical aspects of this website without any prior notice. The technical aspects include, but are not limited to, the front-end look and feel, the architecture, the site map, the tools and functionalities, the applications and features, and the platform.

The material on this website, including the design, text, audio-visual content, photographs, graphics, Institute logo, etc., is subject to copyright protection, unless indicated otherwise. IIMA Executive Education prohibits the reproduction of material in this website, its modification or distribution, without prior written permission of the authorities of IIMA Executive Education. All marks including “Indian Institute of Management Ahmedabad” “IIM Ahmedabad” and “IIMA” are the property of IIMA.

Prior permission is to be obtained by external parties desiring to provide a hyperlink on their sites to the IIMA Executive Education website. Please state the nature of the content of your website (the website from where the link will be given) and the language of the hyperlink, and write to


By agreeing to the privacy policy, you also explicitly agree and give us consent to transfer of your personal data outside DIFC, including to Organisations in India and UAE and that you understand the possible risks of such transfer due to the absence of an adequacy decision or appropriate safeguards in such jurisdictions