The Small & Medium Business (SMB) Mentor / Protégé Program is a business development component of the USAID Cybersecurity for Critical Infrastructure in Ukraine Activity designed to improve the performance and sustainability of small & medium sized Ukrainian cybersecurity service providers (Proteges) through structured association with larger multinational businesses with more mature cybersecurity capabilities (Mentors).
One of the objectives of the USAID Cybersecurity for Critical Infrastructure in Ukraine Activity is to develop and support small and medium businesses (SMBs) working in the cybersecurity sector in Ukraine, this objective includes SMB Acceleration Program and an SMB Mentor / Protégé Program.
Augment the cybersecurity preparedness and resilience of Ukraine.
Promote the rapid maturation of existing cybersecurity capabilities of Ukrainian small & medium cybersecurity providers
Stimulate increased interaction between Ukrainian small & medium business and multi-national companies.
Increase Government of Ukraine (GOU) public-private interaction with Ukrainian small & medium cybersecurity providers.
Review and Approval of Applications
Mentor Applicants that meet the following requirement criteria are considered eligible for the program:
Protégé Applicants that meet the following requirement criteria are considered eligible for the program:
Each Mentor and Protégé will apply for separately through the USAID Cybersecurity for Critical Infrastructure Mentor / Protégé Program web-portal for review and approval. Applicants should be prepared to provide the following information: points of contact, the legal name of the company, legal form of company, economic activity classifiers, address, and be willing to submit a cybersecurity self-assessment questionnaire.Switch to SMB Acceleration Program
USAID Cybersecurity for Critical Infrastructure in Ukraine Activity
DAI Global LLC ("DAI", "we", "us", or "our") recognizes the importance of protecting personal information and data. This policy outlines how and why we collect, process, and handle personal data. This policy also informs individuals ("you", "your", or "their") about their rights as data subjects regarding their data. This policy applies to personal data provided to us, both by individuals themselves or by third parties. Our policy is to be transparent about why and how we process personal data. To find out more about our specific processing activities, please go to the relevant sections of this policy.
As a global development firm, DAI maintains a legal presence in many different countries and we adhere to the regulations and requirements to each jurisdiction as applicable. For the purposes of personal information and data, DAI's policy is designed to meet the requirements and uphold the principles of the Ukrainian data protection laws (DP Laws), which include the following:
Given that DAI follows best practices in the area of data privacy, some provisions outlined by the European Union's (EU) General Data Protection Regulations (GDPR) may also apply to certain processing actions.
For the purposes of this policy, DAI uses the terms as defined by the DP Laws and GDPR. For the matter of convenience, some of these definitions are outlined below:
"Personal data" means any information relating to an identified or identifiable natural person ("data subject").
"Cookie" means a small text file that a website stores on your computer or mobile device when you visit the website.
"Consent" means any freely given, informed indication of the data subject's approval for the processing of their personal data for the specified purposes, made in writing or any other form allowing to confirm such approval.
"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
"Data controller" means a natural or legal person who (either alone or in common with the other persons) determines the purpose for which and the manner in which your personal data is or can be processed.
"Data processor" means any natural or legal person who processes the data on behalf of the data controller.
"SMB" means small and medium business.
Collection of Personal Data
We will only collect your personal data where it is necessary for a genuine business-related purpose. This data is typically collected directly from you for the agreed purposes, which include but are not limited to:
If we need to use your personal data for purposes other than outlined above, we will notify you of the same and obtain your consent prior to such processing.
The types of personal data we may collect include but may be not limited to:
We do not collect your sensitive personal data (e.g., racial or ethnic origin, health data, etc.). However, if this takes place, we will ask for your explicit consent for such processing, unless there are other legal bases for such processing, e.g., you explicitly make your sensitive personal data publicly available.
DAI collects personal data in a lawful and fair manner. We collect your personal data in a variety of ways, including but not limited to:
In the majority of cases, DAI collects personal data directly from you (e.g., when you subscribe to our mailout or submit a form for the participation in SMB Acceleration and/or Mentorship Program), and usually acts as the data controller and therefore has respective obligations towards you with regard to the processing of your personal data.
If we receive your personal data for processing from a third party, it is likely that we act as the data processor on behalf of such a third party acting as the data controller.
The key legal basis for collecting and further processing of your data by DAI is your consent. When DAI acts as the data controller, we collect your consent directly from you. If DAI acts as the data processor by receiving your data from a data controller, it is the obligation of such data controller to obtain your consent for your personal data being transferred and processed by DAI.
You can withdraw your consent at any time. This, however, can result in the practical impossibility of DAI to further provide you with some of our services. Please note that the withdrawal will impact only the future processing of your personal data.
There may be cases when your personal data may be processed under other legal bases as defined by the applicable laws.
Use of Personal Data
We use your personal data for the following processing activities: recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Sharing of Personal Data
DAI may share your personal data with third parties only when we are legally permitted or required to do so.
Personal data processed by DAI may be transferred to the following third parties:
Where your data is transferred to processors (if DAI acts as the data controller) or sub-processors (if DAI acts as the data processor), DAI requires the receivers of your personal data to implement measures for ensuring the security of your personal data by way of imposing respective contractual obligations.
If we transfer your data to third parties other than outlined in this policy, we will notify you of the same within 10 business days unless we are prohibited from doing so by applicable laws.
Your personal data may and will be transferred to and further processed outside of Ukraine to the jurisdiction in which data protection laws may be different from the DP Laws and may not provide adequate protection to your personal data. DAI takes the necessary steps to ensure that your personal data is secured and is not transferred outside of Ukraine unless the receiving party has adequate controls in place.
Your consent to this policy followed by your submission of your personal data represents your familiarization with the outlined potential transfers.
If your personal data is to be transferred outside of Ukraine, it can be done under one of the following legal bases:
Retention of Personal Data
DAI aims at not keeping your personal data for longer than reasonably required for the purposes for which personal data was collected. The retention period of your personal data may be subject to legal or regulatory requirements of the location of the data processing.
When your personal data is processed for reasons other than a legal requirement or contractual engagement (e.g., for the newsletters), we will maintain that data until your request for its erasure.
We may also keep your personal data for resolving potential disputes within the statute of limitation established by applicable laws.
Upon the expiration of the retention period, we erase your personal data.
Security of Your Personal Data
DAI ensures the implementation of proper technical and organizational measures to secure the processing of your personal data. Processing of personal data by our employees or other authorized persons is subject to their confidentiality obligations.
Please remember that despite all the implemented measures, any processing of your personal data by electronic means cannot guarantee 100 percent security of your personal data.
Your Rights Regarding Your Personal Data
DAI respects and supports your rights as the data subject and applies them to personal data held by us. These rights include:
For ensuring the execution of your data subject rights, DAI may need to request additional information regarding the specifics of the request, as well as confirm your identity. We will respond to these requests in accordance within one month once we confirm the validity of the request by either satisfying your request or providing a justified refusal to the same.
You can submit a request for the execution of your data subject rights through the channels outlined in the "Contact for Requests and Complaints" section below.
Breaches of Personal Data
DAI applies best business practices and security systems to protect personal data. If a personal data breach occurs, DAI would respond to the breach as required by the relevant regulations. If you are aware of a breach of personal data that involves DAI, please contact Info_USAIDCybersecurity@dai.com immediately.
Information Collected by DAI's Website
By using cookies, DAI does not collect or process identifiable data of our website visitors – all collected data is anonymized.
We use several types of cookies – necessary and optional ones. You can opt in the optional cookies. You can also opt-out of necessary cookies. However, we cannot guarantee the correct work of our website in this case.
Images Utilized by DAI
DAI may use photos with your image therein to demonstrate the nature and impact of our work. DAI notifies you of taking your pictures by way of, e.g., placing clear, informative signs. In other cases, to the extent possible, DAI seeks your consent to publish the photos with your image, where we have the necessary information to identify you. If you object to your image being placed by DAI, please contact Info_USAIDCybersecurity@dai.com to raise your concern in this regard.
Contact for Requests and Complaints
Email communication to the above address is the quickest way to receive a response from DAI. However, you may also submit requests and/or complaints in writing to the contacts below: