MWEC is required to comply with Macau privacy and data protection laws. We are committed to protecting the privacy and rights of our students and candidates accordingly.
Such personal data include the following:
i. Lawful Processing
We are required to rely on one or more lawful grounds to collect and use the personal information we have outlined above. We consider the grounds listed below to be relevant:
Where applicable law allows us to collect and use personal information for our or another person’s legitimate interests, and the use of your personal information is fair, balanced and does not unduly impact your rights.
Where we ask for your consent for our use of your personal information for a specific purpose. For example, we will ask for your consent to send you marketing materials via email. You always have the right to withdraw your consent.
Where it is necessary to use your personal information to fulfil a contract with you or to take steps at your request prior to entering into one.
Where the processing of your personal information is necessary for us to comply with a legal obligation to which we are subject.
ii. Special Categories of Personal Information
Data protection law recognises certain categories of personal information as sensitive and therefore requiring more protection. These categories of data include information about health, ethnicity, and political opinions.
We may collect and/or use special categories of data in connection with the provision of our services, for example in order to make adjustments for any disabilities or dietary requirements you may have. We will only process these special categories of data if there is a valid reason for doing so and where the data protection laws allow us to do so.
iii. Marketing Communications - Opt-in and Opt-out
In general, MWEC will not send you any marketing information unless you have requested to receive e-mail/text/social media message updates from us. However, if you have made a purchase from us in the past or contacted us in relation to one of WSET qualifications, we may contact you in the future about similar items or qualifications. We will always provide you with an opportunity to opt out of any further communication, as discussed more below.
For legal entities, such as companies, limited liability partnerships and other incorporated organisations, MWEC operates, in compliance with the relevant data protection laws, an ‘opt-out’ policy. This means that we will continue to contact such businesses with news and information of our goods and services until we are informed that this communication is no longer required.
If you (whether an individual or a legal entity) wish to be removed from our direct marketing list and do not wish to receive any further information from us (opt-out) you can inform us of this by emailing to firstname.lastname@example.org. Once this information is received we will remove you from our direct marketing database.
iv. Sharing Your Personal Information with Third Parties
For us to provide you with products and services, we on occasion share some of your personal information with certain approved third parties. For example, when you register for WSET exam, we will pass your personal information to WSET Awards and related third parties for exam registration and processing. Moreover, such sharing of data with WSET Awards will be handled in accordance with WSET Awards’ Data Protection Policy.
We reserve the right to disclose your personal information to third parties:
If we share your information with any other third party, we will let you know in advance.
The personal data that students and candidates provide to us by means of the registration form to a course, and all communication with students and candidates, such as e-mail or written request, are stored in a safe location and only accessible by authorized users. In more detail, the electronic version will be strictly saved in the authorized users’ computers while the hardcopies will be stored under lock and key in cabinet(s) of the authorized users.
Should the personal data be leaked to or be used by unauthorized person or organization, we will notify the individual concerned immediately for his/her precaution. The individual concerned aware of such an incident, by any chances before our contact, can also approach our Data Protection Officer at email@example.com the soonest possible. We will then communicate with that individual particularly the contingency plan how to remedy the situation without delay and reassess our whole operating procedure to prevent the event from happening again.