This policy explains how mba-dba-online.com (the “Website”) uses cookies and similar technologies to ensure the proper operation of the service, deliver an optimal user experience, and improve our educational content and features.
1) What is a cookie?
A cookie is a small text file placed on your device (computer, tablet, smartphone) when you visit a website. For as long as it remains valid, it allows us to recognize your device, remember certain information, and make your browsing easier. Similar technologies may also be used: local storage, web beacons, SDKs, pixel tags.
2) Why do we use cookies?
- Ensure essential operation of the Website: authentication, session maintenance, security, fraud prevention.
- Provide a smooth learning experience: resume courses where you left off, remember language settings, display preferences, and video quality/bitrate.
- Measure audience and understand how the platform is used so we can improve our content and performance.
- Personalize certain learning recommendations (where you consent).
3) Categories of cookies
- Strictly necessary cookies (consent not required): essential to use the Website and access services (login, security, load balancing, etc.).
- Functionality / preference cookies: improve convenience (language, video player, remembering settings).
- Audience measurement cookies: help us understand Website usage (aggregated statistics). Some may be exempt when strictly limited to our internal analytics; others require your consent.
- Third‑party content cookies: e.g., when videos (YouTube/Vimeo) or third‑party fonts/players are embedded, those services may set their own cookies (subject to your consent where required).
4) Indicative table of cookies that may be used
Note: the list below is indicative and may vary depending on enabled modules. It will be updated as our setup evolves.
| Category | Cookie name | Provider | Purpose | Duration | Legal basis |
|---|---|---|---|---|---|
| Strictly necessary | PHPSESSID / ci_session | mba-dba-online.com | Application session (authentication, seamless navigation) | Session | Legitimate interest / Service performance |
| Strictly necessary | XSRF-TOKEN (or equivalent) | mba-dba-online.com | Security (CSRF protection) | Session | Legitimate interest |
| Strictly necessary | cookie_consent | mba-dba-online.com | Store your consent choices | 6 months | Legal obligation / Legitimate interest |
| Preferences | lang / ui_prefs | mba-dba-online.com | Language, themes, video player preferences | 12 months | Consent |
| Audience measurement (1st‑party) | _pk_id.*, _pk_ses.* | Matomo (self‑hosted) [if enabled] | Aggregated audience statistics | 13 months / 30 min | Possible exemption* or Consent |
| Audience measurement (3rd‑party) | _ga, _ga_*, _gid | Google Analytics 4 [if enabled] | Audience & journey statistics | 13 months / 24 h | Consent |
| Third‑party content | player, vuid | Vimeo [if videos embedded] | Video playback, performance measurement | 13 months | Consent |
| Third‑party content | VISITOR_INFO1_LIVE, YSC | YouTube [if videos embedded] | Video playback, fraud prevention, stats | 6–13 months / Session | Consent |
* Possible exemption only where configuration strictly meets regulatory criteria (limited analytics, no cross‑matching, truncated IPs, etc.).
5) Legal basis & consent management
- Without consent: deposit of strictly necessary cookies required for the Website to function.
- With your prior consent: preference cookies, non‑exempt analytics, and third‑party content cookies.
6) Browser settings
You can configure your browser to accept, refuse, or delete cookies. Settings vary by browser (Chrome, Edge, Firefox, Safari, etc.). Refusing certain cookies may degrade your experience on the Website.
7) Retention periods
- Session cookies: deleted when the browser is closed.
- Preference cookies: up to 12 months.
- Analytics: cookie lifetime ≤ 13 months; associated data retention ≤ 25 months (where applicable).
- Proof of consent/refusal: 6 months.
8) Data processed via cookies
Depending on the category, cookies may collect: session identifier, pseudonymized user ID, device and browser information, display settings, browsing events (page views, course progress, errors), truncated IP address, approximate geolocation, timestamps.
9) Recipients & transfers
- Internal access limited to Nestor Ai’s technical, education, and support teams (need‑to‑know basis).
- Processors (hosting, analytics, video players) acting under our contractual instructions.
- Where applicable, transfers outside the EU/EEA with appropriate safeguards (standard contractual clauses, supplementary measures).
10) Your rights
Under the GDPR, you have rights of access, rectification, erasure, restriction, objection, portability, and the right to withdraw consent at any time. You may also lodge a complaint with the competent supervisory authority.
11) Contact
Data controller: Nestor Ai, Doctoral School of Business
DPO / privacy contact email: dpo@mba-dba-online.com [to be confirmed]
Postal address: [To be completed]
12) Changes to this policy
We may update this policy to reflect technical, legal, or functional changes. The most recent version is published on this page with its update date.
Practical integration notes
- Provide a cookie preferences panel accessible from the initial banner and the footer.
- Document the cookies actually set and maintain a register of parameters (duration, purpose, legal basis).
- If using self‑hosted Matomo, verify settings to potentially benefit from exemption rules.
- If using Google Analytics 4 or third‑party embeds, obtain prior consent before setting cookies.