The Small & Medium Business (SMB) Mentor-Protégé Program is a business development component of the USAID Cybersecurity for Critical Infrastructure in Ukraine Activity designed to improve the performance and sustainability of small & medium sized Ukrainian cybersecurity service providers (Proteges) through structured association with larger multinational businesses with more mature cybersecurity capabilities (Mentors).One of the objectives of the USAID Cybersecurity for Critical Infrastructure in Ukraine Activity is to develop and support small and medium businesses (SMBs) working in the cybersecurity sector in Ukraine, this objective includes SMB Acceleration Program and an SMB Mentor-Protégé Program.
Augment the cybersecurity preparedness and resilience of Ukraine.
Promote the rapid maturation of existing cybersecurity capabilities of Ukrainian small & medium cybersecurity providers:
◦ Small Business
◦ Woman owned
◦ Veteran owned
Stimulate increased interaction between Ukrainian small & medium business and multinational companies.
Increase Government of Ukraine (GOU) public-private interaction with Ukrainian small & medium cybersecurity providers.
◦ Improved cybersecurity preparedness and resilience of Ukraine
◦ Augmented economic opportunities for Ukrainian cybersecurity providers
◦ Exposure to increased base of Ukrainian cybersecurity providers with assessed capabilities
◦ Stimulated marketplace growth through increased competition
◦ Develop business relationships with small & medium businesses
◦ Exposure to innovative approaches and technology
◦ Enhance the cybersecurity capabilities of the enterprise
◦ Introduction to new market prospects
◦ Foster goodwill and corporate responsibility
◦ Opportunity for involvement with USAID Cybersecurity for Critical Infrastructure activities
◦ Increased technical and administrative assistance
◦ Connection to multi-national cybersecurity marketplace
◦ Develop business relationships with large business
◦ Exposure to potential subcontracting opportunities
◦ Improved competitive advantage
◦ Opportunity for involvement with USAID Cybersecurity for Critical Infrastructure activities
◦ Investment opportunity
MENTOR ELIGIBILITY
Mentor Applicants that meet the following requirement criteria are considered eligible for the program:
◦ Originate from a non-Ukrainian home of record
◦ Currently registered to conduct business in Ukraine
◦ Have conducted business within the borders of Ukraine within the last 3 years
◦ Are classified as a medium or large business according to EU or USA business classification standards
◦ Possess a dedicated cybersecurity business capability or similarly related Information Technology capability
◦ Willing to submit a Cybersecurity Maturity Self-Assessment Questionnaire
PROTÉGÉ ELIGIBILITY
Protégé Applicants that meet the following requirement criteria are considered eligible for the program:
◦ Originate from a Ukrainian home of record
◦ Currently registered to conduct business in Ukraine
◦ Have conducted business within the borders of Ukraine within the last 3 years
◦ Are classified as a small or medium business according to Ukrainian business classification standards
◦ Possess a dedicated cybersecurity business capability or similarly related Information Technology capability
◦ Willing to submit a Cybersecurity Maturity Self-Assessment Questionnaire
Each Mentor and Protégé will apply for separately through the USAID Cybersecurity for Critical Infrastructure Mentor-Protégé Program web-portal for review and approval. Applicants should be prepared to provide the following information: points of contact, the legal name of the company, legal form of company, economic activity classifiers, address, and be willing to submit a cybersecurity self-assessment questionnaire.
DAI Privacy Policy
DAI Global LLC ("DAI", "we", "us", or "our") recognizes the importance of protecting personal information and data. This policy outlines how and why we collect, process, and handle personal data. This policy also informs individuals ("you", "your", or "their") about their rights as data subjects regarding their data. This policy applies to personal data provided to us, both by individuals themselves or by third parties. Our policy is to be transparent about why and how we process personal data. To find out more about our specific processing activities, please go to the relevant sections of this policy.
Relevant Regulations
As a global development firm, DAI maintains a legal presence in many different countries and we adhere to the regulations and requirements to each jurisdiction as applicable. For the purposes of personal information and data, DAI's policy is designed to meet the requirements and uphold the principles of the Ukrainian data protection laws (DP Laws), which include the following:
Given that DAI follows best practices in the area of data privacy, some provisions outlined by the European Union's (EU) General Data Protection Regulations (GDPR) may also apply to certain processing actions.
Definitions
For the purposes of this policy, DAI uses the terms as defined by the DP Laws and GDPR. For the matter of convenience, some of these definitions are outlined below:
"Personal data" means any information relating to an identified or identifiable natural person ("data subject").
"Cookie" means a small text file that a website stores on your computer or mobile device when you visit the website.
"Consent" means any freely given, informed indication of the data subject's approval for the processing of their personal data for the specified purposes, made in writing or any other form allowing to confirm such approval.
"Processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
"Data controller" means a natural or legal person who (either alone or in common with the other persons) determines the purpose for which and the manner in which your personal data is or can be processed.
"Data processor" means any natural or legal person who processes the data on behalf of the data controller.
"SMB" means small and medium business.
Collection of Personal Data
We will only collect your personal data where it is necessary for a genuine business-related purpose. This data is typically collected directly from you for the agreed purposes, which include but are not limited to:
If we need to use your personal data for purposes other than outlined above, we will notify you of the same and obtain your consent prior to such processing.
The types of personal data we may collect include but may be not limited to:
We do not collect your sensitive personal data (e.g., racial or ethnic origin, health data, etc.). However, if this takes place, we will ask for your explicit consent for such processing, unless there are other legal bases for such processing, e.g., you explicitly make your sensitive personal data publicly available.
DAI collects personal data in a lawful and fair manner. We collect your personal data in a variety of ways, including but not limited to:
In the majority of cases, DAI collects personal data directly from you (e.g., when you subscribe to our mailout or submit a form for the participation in SMB Acceleration and/or Mentorship Program), and usually acts as the data controller and therefore has respective obligations towards you with regard to the processing of your personal data.
If we receive your personal data for processing from a third party, it is likely that we act as the data processor on behalf of such a third party acting as the data controller.
The key legal basis for collecting and further processing of your data by DAI is your consent. When DAI acts as the data controller, we collect your consent directly from you. If DAI acts as the data processor by receiving your data from a data controller, it is the obligation of such data controller to obtain your consent for your personal data being transferred and processed by DAI.
You can withdraw your consent at any time. This, however, can result in the practical impossibility of DAI to further provide you with some of our services. Please note that the withdrawal will impact only the future processing of your personal data.
There may be cases when your personal data may be processed under other legal bases as defined by the applicable laws.
Use of Personal Data
We use your personal data for the following processing activities: recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Sharing of Personal Data
DAI may share your personal data with third parties only when we are legally permitted or required to do so.
Personal data processed by DAI may be transferred to the following third parties:
Where your data is transferred to processors (if DAI acts as the data controller) or sub-processors (if DAI acts as the data processor), DAI requires the receivers of your personal data to implement measures for ensuring the security of your personal data by way of imposing respective contractual obligations.
If we transfer your data to third parties other than outlined in this policy, we will notify you of the same within 10 business days unless we are prohibited from doing so by applicable laws.
Your personal data may and will be transferred to and further processed outside of Ukraine to the jurisdiction in which data protection laws may be different from the DP Laws and may not provide adequate protection to your personal data. DAI takes the necessary steps to ensure that your personal data is secured and is not transferred outside of Ukraine unless the receiving party has adequate controls in place.
Your consent to this policy followed by your submission of your personal data represents your familiarization with the outlined potential transfers.
If your personal data is to be transferred outside of Ukraine, it can be done under one of the following legal bases:
Retention of Personal Data
DAI aims at not keeping your personal data for longer than reasonably required for the purposes for which personal data was collected. The retention period of your personal data may be subject to legal or regulatory requirements of the location of the data processing.
When your personal data is processed for reasons other than a legal requirement or contractual engagement (e.g., for the newsletters), we will maintain that data until your request for its erasure.
We may also keep your personal data for resolving potential disputes within the statute of limitation established by applicable laws.
Upon the expiration of the retention period, we erase your personal data.
Security of Your Personal Data
DAI ensures the implementation of proper technical and organizational measures to secure the processing of your personal data. Processing of personal data by our employees or other authorized persons is subject to their confidentiality obligations.
Please remember that despite all the implemented measures, any processing of your personal data by electronic means cannot guarantee 100 percent security of your personal data.
Your Rights Regarding Your Personal Data
DAI respects and supports your rights as the data subject and applies them to personal data held by us. These rights include:
For ensuring the execution of your data subject rights, DAI may need to request additional information regarding the specifics of the request, as well as confirm your identity. We will respond to these requests in accordance within one month once we confirm the validity of the request by either satisfying your request or providing a justified refusal to the same.
You can submit a request for the execution of your data subject rights through the channels outlined in the "Contact for Requests and Complaints" section below.
Breaches of Personal Data
DAI applies best business practices and security systems to protect personal data. If a personal data breach occurs, DAI would respond to the breach as required by the relevant regulations. If you are aware of a breach of personal data that involves DAI, please contact Info_USAIDCybersecurity@dai.com immediately.
Information Collected by DAI's Website
DAI aims at improving performance of our website and making your use of our website more comfortable. For this, we use cookies. Their usage allows DAI to understand how you interact with the content of our website, e.g., cookies may keep information about your language preference so that you do not need to select your language when visiting our website next time.
By using cookies, DAI does not collect or process identifiable data of our website visitors – all collected data is anonymized.
We use several types of cookies – necessary and optional ones. You can opt in the optional cookies. You can also opt-out of necessary cookies. However, we cannot guarantee the correct work of our website in this case.
Our website may also use cookies of third parties. Third party cookies are operated by such third parties and DAI is not responsible for the data collected through such cookies.
Images Utilized by DAI
DAI may use photos with your image therein to demonstrate the nature and impact of our work. DAI notifies you of taking your pictures by way of, e.g., placing clear, informative signs. In other cases, to the extent possible, DAI seeks your consent to publish the photos with your image, where we have the necessary information to identify you. If you object to your image being placed by DAI, please contact Info_USAIDCybersecurity@dai.com to raise your concern in this regard.
Contact for Requests and Complaints
If you have questions with regard to the DAI's Privacy Policy or how your personal data is being processed by us, you can submit your request and/or complaint to Info_USAIDCybersecurity@dai.com.
Email communication to the above address is the quickest way to receive a response from DAI. However, you may also submit requests and/or complaints in writing to the contacts below: