Skip to content

                   

 

 

 

                                                                         PRIVACY POLICY

Last updated July 01, 2026

This Privacy Notice for World Broadband Association c/o FORVIS MAZARS SA (doing business as WBBA) (“we,” “us,” or “our”) describes how and why we might access, collect, store, use, and/or share (“process”) your personal information when you use our services (“Services”), including when you:

  • Visit our website at https://worldbroadbandassociation.com or any website of ours that links to this Privacy Notice
  • Use World Broadband Association (WBBA), an independent, Swiss-registered multilateral broadband industry association. WBBA supports members through research and white papers, working groups, industry events, and a knowledge centre, and website visitors can browse content, join as a member, register for events, and sign up for updates.
  • Engage with us in other related ways, including any marketing or events

Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at [email protected].

SUMMARY OF KEY POINTS

This summary provides key points from our Privacy Notice. You can find more detail on any of these topics in the table of contents below.

What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us, the choices you make, and the products and features you use.

Do we process any sensitive personal information? Some information may be considered “special” or “sensitive” in certain jurisdictions, for example racial or ethnic origin, sexual orientation, and religious beliefs. We do not process sensitive personal information.

Do we collect any information from third parties? We do not collect any information from third parties.

How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so.

In what situations and with which parties do we share personal information? We may share information in specific situations and with specific categories of third parties.

How do we keep your information safe? We have organisational and technical processes and procedures in place to protect your personal information. However, no electronic transmission or storage technology can be guaranteed 100% secure.

What are your rights? Depending on where you are located, applicable privacy law may give you certain rights regarding your personal information.

How do you exercise your rights? The easiest way is by submitting a data subject access request, or by contacting us. We will consider and act on any request in accordance with applicable data protection laws.

TABLE OF CONTENTS

  • 1. WHAT INFORMATION DO WE COLLECT?
  • 2. HOW DO WE PROCESS YOUR INFORMATION?
  • 3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?
  • 4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
  • 5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
  • 6. HOW LONG DO WE KEEP YOUR INFORMATION?
  • 7. HOW DO WE KEEP YOUR INFORMATION SAFE?
  • 8. DO WE COLLECT INFORMATION FROM MINORS?
  • 9. WHAT ARE YOUR PRIVACY RIGHTS?
  • 10. CONTROLS FOR DO-NOT-TRACK FEATURES
  • 11. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
  • 12. DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?
  • 13. DO WE MAKE UPDATES TO THIS NOTICE?
  • 14. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
  • 15. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You. The personal information we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use, and may include:

  • names
  • email addresses
  • job titles
  • contact preferences
  • contact or authentication data

Sensitive Information. We do not process sensitive information.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

Information automatically collected

In Short: Some information, such as your IP address and/or browser and device characteristics, is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, and information about how and when you use our Services. This information is primarily needed to maintain the security and operation of our Services, and for internal analytics and reporting.

Like many businesses, we also collect information through cookies and similar technologies. The information we collect includes:

  • Log and Usage Data. Service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services, recorded in log files (IP address, device information, browser type and settings, activity such as pages viewed and searches, and device event information such as crash reports).
  • Device Data. Information about the computer, phone, tablet, or other device you use to access the Services, such as IP address, device and application identification numbers, location, browser type, hardware model, internet service provider, operating system, and system configuration.
  • Location Data. Information about your device’s location, which can be precise or imprecise, depending on the type and settings of the device you use. You can opt out of location collection by disabling your device’s Location setting, though this may limit certain features.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes only with your prior explicit consent.

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

  • To deliver and facilitate delivery of services to the user.
  • To respond to user inquiries and offer support to users.
  • To send administrative information to you, such as changes to our terms and policies.
  • To enable user-to-user communications, where the Services allow this.
  • To request feedback and to contact you about your use of our Services.
  • To send you marketing and promotional communications, in accordance with your marketing preferences. You can opt out at any time — see ‘WHAT ARE YOUR PRIVACY RIGHTS?’ below.
  • To deliver targeted advertising tailored to your interests, location, and more.
  • To protect our Services, including fraud monitoring and prevention.
  • To identify usage trends and better understand how our Services are used.
  • To determine the effectiveness of our marketing and promotional campaigns.
  • To save or protect an individual’s vital interest, such as to prevent harm.

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

In Short: We only process your personal information when we believe it is necessary and we have a valid legal basis to do so, such as your consent, compliance with law, performance of a contract, or our legitimate business interests.

If you are located in the EU or UK, this section applies to you.

The GDPR and UK GDPR require us to explain the valid legal bases we rely on to process your personal information. We may rely on the following:

  • Consent. Where you have given us permission to use your personal information for a specific purpose. You can withdraw your consent at any time.
  • Performance of a Contract. Where processing is necessary to fulfil our contractual obligations to you, including providing our Services.
  • Legitimate Interests. Where processing is reasonably necessary to achieve our legitimate business interests, for example to send information about offers, develop relevant advertising, analyse and improve our Services, support marketing, diagnose problems, prevent fraud, and understand how users engage with our products.
  • Legal Obligations. Where processing is necessary for compliance with our legal obligations, such as cooperating with a law enforcement or regulatory body, or exercising or defending our legal rights.
  • Vital Interests. Where processing is necessary to protect your vital interests or those of a third party, such as situations involving potential threats to safety.

We are generally the ‘data controller’ under European data protection laws of the personal information described in this Privacy Notice, since we determine the means and purposes of the processing we perform.

If you are located in Canada, this section applies to you.

We may process your information where you have given specific permission (express consent), or where your permission can be inferred (implied consent). You can withdraw your consent at any time.

In some exceptional cases, we may be legally permitted under applicable law to process your information without consent, including where:

  • Collection is clearly in the interests of an individual and consent cannot be obtained in a timely way
  • It is for investigations and fraud detection and prevention
  • It is for business transactions provided certain conditions are met
  • It is contained in a witness statement and collection is necessary to assess, process, or settle an insurance claim
  • It is for identifying injured, ill, or deceased persons and communicating with next of kin
  • We have reasonable grounds to believe an individual has been, is, or may be the victim of financial abuse
  • It is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province
  • Disclosure is required to comply with a subpoena, warrant, court order, or rules of court
  • It was produced by an individual in the course of their employment, business, or profession and the collection is consistent with the purpose it was produced for
  • The collection is solely for journalistic, artistic, or literary purposes
  • The information is publicly available and specified by regulation

We may disclose de-identified information for approved research or statistics projects, subject to ethics oversight and confidentiality commitments.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share information in specific situations described in this section and/or with the following categories of third parties.

Vendors, Consultants, and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors, or agents who perform services for us and require access to such information to do that work. We have contracts in place designed to safeguard your personal information; they cannot use it beyond our instructions, cannot share it with anyone else, and must protect and retain it only for the period we instruct.

The categories of third parties we may share personal information with are:

  • Data Analytics Services
  • Performance Monitoring Tools
  • Product Engineering & Design Tools
  • Sales & Marketing Tools

We may also need to share your personal information in the following situation: Business Transfers, i.e. in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or part of our business by another company.

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short: We may use cookies and other tracking technologies to collect and store your information.

We may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our Services. Some tracking technologies help us maintain security, prevent crashes, fix bugs, save preferences, and support basic site functions.

We also permit third parties and service providers to use online tracking technologies on our Services for analytics and advertising, including to help manage and display advertisements and tailor them to your interests. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Policy.

Google Analytics

We may share your information with Google Analytics to track and analyse use of the Services, including Google Analytics Demographics and Interests Reporting. To opt out of Google Analytics tracking, visit Google’s opt-out page. For more on Google’s privacy practices, see the Google Privacy & Terms page.

6. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfil the purposes outlined in this Privacy Notice, unless otherwise required by law.

We will only keep your personal information for as long as necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax or accounting requirements). When we have no ongoing legitimate business need to process your personal information, we will delete or anonymise it, or, where that is not possible (for example, because it is stored in backup archives), we will securely store it and isolate it from further processing until deletion is possible.

7. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through a system of organisational and technical security measures.

We have implemented appropriate and reasonable technical and organisational security measures designed to protect the personal information we process. However, no electronic transmission or information storage technology can be guaranteed 100% secure, so we cannot promise that unauthorised third parties will never be able to defeat our security. Transmission of personal information to and from our Services is at your own risk; you should only access the Services within a secure environment.

8. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect data from or market to children under 18 years of age, or the equivalent age as specified by law in your jurisdiction.

We do not knowingly collect, solicit data from, or market to children under 18, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18, or the equivalent age specified by law in your jurisdiction, or that you are the parent or guardian of such a minor and consent to their use of the Services. If we learn that personal information from a user under 18 has been collected, we will deactivate the account and take reasonable steps to promptly delete such data. If you become aware of any data we may have collected from children under 18, please contact us at [email protected].

9. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: Depending on your state of residence in the US or region, such as the EEA, UK, Switzerland, and Canada, you have rights that allow you greater access to and control over your personal information.

In some regions (like the EEA, UK, Switzerland, and Canada), you have certain rights under applicable data protection laws. These may include the right to: (i) request access to and a copy of your personal information; (ii) request rectification or erasure; (iii) restrict processing of your personal information; (iv) data portability, where applicable; and (v) not be subject to automated decision-making. If a decision producing legal or similarly significant effects is made solely by automated means, we will inform you, explain the main factors, and offer a way to request human review. You may also have the right to object to processing in certain circumstances.

We will consider and act upon any request in accordance with applicable data protection laws. If you are located in the EEA or UK and believe we are unlawfully processing your personal information, you have the right to complain to your Member State or the UK data protection authority. If you are located in Switzerland, you may contact the Federal Data Protection and Information Commissioner.

Withdrawing your consent: Where we rely on your consent to process your personal information, you have the right to withdraw it at any time by contacting us using the details in ‘HOW CAN YOU CONTACT US ABOUT THIS NOTICE?’ below. This will not affect the lawfulness of processing before withdrawal.

Opting out of marketing communications: You can unsubscribe at any time via the unsubscribe link in our emails, or by contacting us. You will be removed from marketing lists, though we may still send service-related messages necessary for account administration or in response to service requests.

Cookies and similar technologies: Most browsers accept cookies by default; you can usually set your browser to remove or reject them, though this may affect certain features of our Services.

If you have questions or comments about your privacy rights, you may email us at [email protected].

10. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems include a Do-Not-Track (DNT) feature you can activate to signal a preference not to have your online browsing activity monitored and collected. No uniform technology standard for recognising and implementing DNT signals has been finalised, so we do not currently respond to DNT signals. If a standard is adopted that we must follow, we will inform you in a revised version of this Privacy Notice. California law requires us to disclose this: because there is no industry or legal standard for recognising DNT signals, we do not respond to them at this time.

11. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have the right to request access to and receive details about the personal information we maintain about you, correct inaccuracies, obtain a copy of, or delete your personal information, and to withdraw consent to our processing of it. These rights may be limited in some circumstances by applicable law.

Categories of Personal Information We Collect

The table below shows the categories of personal information we have collected in the past twelve (12) months. It includes illustrative examples and does not necessarily reflect every category collected from you specifically; for a full inventory, see ‘WHAT INFORMATION DO WE COLLECT?’ above.

Category Examples Collected
A. Identifiers Contact details, such as real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, IP address, email address, and account name YES
B. Personal information under the California Customer Records statute Name, contact information, education, employment, employment history, and financial information NO
C. Protected classification characteristics under state or federal law Gender, age, date of birth, race and ethnicity, national origin, marital status, and other demographic data NO
D. Commercial information Transaction information, purchase history, financial details, and payment information NO
E. Biometric information Fingerprints and voiceprints NO
F. Internet or other similar network activity Browsing history, search history, online behaviour, interest data, and interactions with our and other websites, applications, systems, and advertisements NO
G. Geolocation data Device location NO
H. Audio, electronic, sensory, or similar information Images and audio, video or call recordings created in connection with our business activities NO
I. Professional or employment-related information Business contact details in order to provide you our Services at a business level or job title, work history, and professional qualifications if you apply for a job with us YES
J. Education Information Student records and directory information NO
K. Inferences drawn from collected personal information Inferences drawn from any of the collected personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics NO
L. Sensitive personal information — NO

We may also collect other personal information outside of these categories through instances where you interact with us in person, online, or by phone or mail, in the context of receiving help through our customer support channels, participating in customer surveys or contests, or the delivery of our Services and responding to your inquiries.

We will use and retain collected personal information as needed to provide the Services, including for Category A and I — for as long as the user has an active relationship with WBBA, such as an ongoing membership or account.

We may disclose your personal information to our service providers pursuant to a written contract between us and each provider. We have not sold or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months.

Your Rights

You have rights under certain US state data protection laws, though these are not absolute and we may decline a request as permitted by law. These include the right to:

  • Know whether or not we are processing your personal data
  • Access your personal data
  • Correct inaccuracies in your personal data
  • Request the deletion of your personal data
  • Obtain a copy of the personal data you previously shared with us
  • Non-discrimination for exercising your rights
  • Opt out of the processing of your personal data if used for targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects

Depending on your state, you may also have the right to:

  • Access the categories of personal data being processed (e.g. Minnesota)
  • Obtain a list of categories of third parties to which we have disclosed personal data (e.g. California, Delaware, Maryland)
  • Obtain a list of specific third parties to which we have disclosed personal data (e.g. Minnesota, Oregon)
  • Obtain a list of third parties to which we have sold personal data (e.g. Connecticut)
  • Review, understand, question, and correct how personal data has been profiled (e.g. Connecticut, Minnesota)
  • Limit use and disclosure of sensitive personal data (e.g. California)
  • Opt out of the collection of sensitive or biometric data collected through voice or facial recognition (e.g. Florida)

How to Exercise Your Rights

To exercise these rights, you can contact us by submitting a data subject access request, by emailing us at [email protected], or by referring to the contact details at the end of this document.

Under certain US state laws, you can designate an authorised agent to make a request on your behalf. We may deny a request from an agent who does not submit proof of valid authorisation.

Request Verification

Upon receiving your request, we will need to verify your identity to confirm you are the person about whom we hold information. We will only use the information provided in your request for this purpose, and may request additional information if we cannot verify your identity from records already held.

Appeals

Under certain US state laws, if we decline to act on your request, you may appeal by emailing us at [email protected]. We will inform you in writing of any action taken, including reasons for the decision. If your appeal is denied, you may submit a complaint to your state attorney general.

California ‘Shine The Light’ Law

California Civil Code Section 1798.83 permits California residents to request, once a year and free of charge, information about the categories of personal information (if any) we disclosed to third parties for direct marketing purposes, and the names and addresses of those third parties, in the preceding calendar year. To make such a request, please submit it in writing using the contact details in ‘HOW CAN YOU CONTACT US ABOUT THIS NOTICE?’ below.

12. DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: You may have additional rights based on the country you reside in.

Republic of South Africa

At any time, you have the right to request access to or correction of your personal information, by contacting us using the details in ‘HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?’ below.

If you are unsatisfied with how we address any complaint regarding our processing of personal information, you can contact the Information Regulator (South Africa):

13. DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this Privacy Notice from time to time. The updated version will be indicated by a new ‘Last updated’ date at the top. If we make material changes, we may notify you by prominently posting a notice or by directly notifying you. We encourage you to review this Privacy Notice periodically.

14. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may contact our Data Protection Officer by email at [email protected], or by post at:

World Broadband Association c/o FORVIS MAZARS SA

Data Protection Officer

2 Chem. de Blandonnet, Vernier, Genève 1214, Switzerland

If you are a resident in the European Economic Area or Switzerland, we are the ‘data controller’ of your personal information. We have appointed Forvis Mazars as our representative in the EEA and Switzerland. You can contact them directly by email at [email protected], by visiting forvismazars.com/ch/en, or by post to: Chemin de Blandonnet 2, 1214 Vernier, Switzerland.

If you are a resident in the United Kingdom, we are the ‘data controller’ of your personal information. As WBBA operates as a fully remote organisation with no physical UK office, we have appointed Penny McCullough as our representative for UK enquiries; you can contact her directly by email at [email protected]. Postal correspondence relating to UK data protection matters should be sent to our corporate address in Switzerland below.

If you have any further questions or comments, you may also contact us by post at our corporate address:

World Broadband Association c/o FORVIS MAZARS SA

2 Chem. de Blandonnet

Vernier, Genève 1214

Switzerland

15. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

You have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law. To request to review, update, or delete your personal information, please submit a data subject access request using the contact details above.

Sign Up to Receive News Updates

    Have a question about membership, working groups, or WBBA more broadly? We’d love to hear from you. 

    Email us at [email protected] and we’ll get back to you shortly.