Privacy Policy


  • This privacy policy (“this Privacy Policy”) describes the way personally identifying information (“PII”) is collected, stored, used and shared on the site at (the “XBMA Site”). The information and services that are made available to users of the XBMA Site, including but not limited to editorial content and email communications, will be referred to as the “Services.”
  • By providing the PII that is described below on or through the XBMA Site, you expressly consent to the collection, use, storing, sharing and transferring of that PII as provided in this Privacy Policy.
  • Further down in this Privacy Policy, you will see how you can manage, correct or delete your PII or require that your PII not be processed for certain purposes.

Data Controller

  • The International Institute for the Study of Cross-Border M&A, LLC (“XBMA,” “we” or “us”), which is a joint venture between the Guanghua School of Management at Peking University, the Stern School of Business at New York University, and Judge Business School at the University of Cambridge, owns the XBMA Site and is the “data controller” of PII as that term is used in the field of privacy law. Currently, we are based in the United States and are subject to applicable privacy laws in the United States.
  • XBMA is a Delaware limited liability company with a business address at c/o Wachtell, Lipton, Rosen & Katz 51 West 52 Street New York, NY 10019. We can be reached at If you are the citizen or resident of a country other than the United States, and if you have questions about our privacy practices, please contact us at this email address.

Collection of PII

  • If you “contact us” or ask to join our mailing list, which is the mailing list for the XBMA Forum, we will have your email address and whatever PII you include in that email.

Use of PII

  • If you have asked to join our mailing list, we will send you an email whenever a new memo has posted in the Forum.
  • If you contacted us with a question or request, we will use your PII to answer your question or fulfill your request.

Legal basis for processing your PII

  • We process your PII on the basis of consent, namely, your having voluntarily providing us with that PII when you contacted us or asked to join the mailing list. Further down in this Privacy Policy, you will see how you can withdraw that consent.

Disclosure of PII to third parties

  • Service Providers. We may provide your PII to service providers who perform or contribute to the Services, help us operate the XBMA Site and provide the Services (“Service Providers”). Examples of Service Providers include vendors and suppliers that provide us with technology, services or content for sending emails, analyzing the operation of the Services and data generated by user activity, research, and providing customer service. These Service Providers’ access to your PII is limited to the information reasonably necessary to perform their limited functions.

Disclosure for legal reasons

  • Safety. XBMA may disclose your personally identifiable information to protect the safety, rights, or property of the public, any person, XBMA, or its affiliated institutions; to investigate, prevent, or otherwise address suspected fraud, harassment or other violations of any law, rule or regulation; to detect, prevent or otherwise address security or technical issues; or as XBMA believes is required by law, regulation, or legal process.
  • Change in control. If XBMA engages in a merger, acquisition, disposition, change of control, bankruptcy, dissolution, reorganization, or similar transaction or proceeding, or otherwise transfers the operation of the Services to a successor, XBMA will transfer your PII to the successor entity.

Rights of California residents. If you are a California resident, and you want to find out the names of any information brokers or any other third parties with whom we share your PII in compliance with California Privacy Law (Cal. Bus. & Prof. Code § 22575 et seq.), please send an email request to and within thirty (30) days, we will provide you with that information.

Other kinds of identifying information collected. There are various ways in which we may collect information that is not PII (“Non-PII”) as a result of your use of the XBMA Site and the Services.

  • Device information. When you access the XBMA Site or use the Services, we may collect information about your device, including the IP address (which provides non-precise information, e.g., city or zip code level, about the approximate physical location of the device), unique device identifier (which is different than the device’s serial number), cookie information, advertising ID (which is a unique, user-resettable identification number for advertising associated with a mobile device), browser information (including referring URL), operating system, mobile carrier, device settings and usage information, all of which we may associate with information about your use of the Services. When enabled by you, we collect precise location information provided by your mobile device, which you may disable through the device settings.
  • Cookies
    • What they are. “Cookies” are small data files that a website places on your browser when you visit the website. Cookies allow a website or third party to recognize your browser. There are three primary types of cookies:
      • Session cookies are specific to a particular visit and carry information as you view different pages within a website. Session cookies expire and delete themselves automatically in a short period of time, e.g., when you leave the website or when you close your browser.
      • Persistent cookies enable a website to recognize a user when the user visits the site. Persistent cookies are stored on your browser or mobile device until you choose to delete them, and otherwise typically delete themselves at expiration.
      • Third-party cookies are placed by someone other than the website operator. They may gather browsing activity across multiple websites and sessions. They are usually persistent cookies and are stored until you delete them or until they expire based on the time period set in each third-party cookie.
    • How they are used on the XBMA Site. The cookies used in connection with your use of the XBMA Site will generally fall within one of the following categories:
      • Necessary functionality: These cookies are essential to enable you to navigate the XBMA Site in a safe and secure manner.
      • Security: These cookies help us identify users by means of a security plugin to prevent attacks on the web (basic geography only).
      • Performance and Analytics: These cookies provide data on how the XBMA Site is functioning to help us improve the performance of the XBMA Site and the user experience.
    • Managing cookies
      • On the XBMA Site: Most browser software can be set to reject all cookies, including third-party cookies. If you choose to reject our cookies, however, your ability to access and use the XBMA Site and the Services may be limited. Typically the cookie settings are within the “options” or “preferences” menu in your browser. The links below provide information about cookie settings for some commonly used browsers:
        • Internet Explorer
        • Chrome
        • Safari
        • Firefox
      • On your mobile device. To see how you may opt out of cookies on your mobile device, check the settings on your mobile device to see whether and to what extent you can delete or disable tracking mechanisms.

Storage and disposal of information

  • We store PII and Non-PII that we collect on the XBMA Site on servers operated by third parties. Currently, these servers are located in the United States. If, in the future, we begin to use servers that are located in other countries or in other jurisdictions, we may update this Privacy Policy. You consent to have your PII, and Non-PII that may be collected when you use the XBMA Site or the Services collected, stored and processed on servers in the United States.
  • We will retain your PII until you unsubscribe from the Forum mailing list.
  • We will dispose of your PII by purging it when you ask to unsubscribe from the Forum mailing list.

Protection of PII

  • We use SSL certificates to protect your PII as you transmit it to and from the XBMA Site, and to try to protect your information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. We also use software to prevent or reduce the effect of certain kinds of online attacks. But no Internet transmission is ever 100% secure or error-free, and no online storage is ever 100% secure or error-free. In particular, e-mail sent to us via the XBMA Site may not be secure. You should not send us any confidential information or PII that we do not request or need.
  • We will retain your PII until you unsubscribe from the Forum mailing list.
  • The XBMA Site may contain links or references to other sites and services. Please be aware that we do not control such other sites or services, and, in any case, this Privacy Policy does not apply to those sites or services. We encourage you to read the privacy policy of every site or service you visit.

Transfer of information

  • We may transfer information that we collect about you, including PII, to affiliated entities, or to other third parties across borders and from your country or jurisdiction to other countries or jurisdictions around the world.

Linked sites

  • The XBMA Site links to each of the universities that is a member of XBMA. XBMA does not endorse and is not responsible for any content on any of those sites.

Contact information, management, correction and deletion of PII

  • You can change any of your PII that you have provided to us by emailing us at
  • If you are a citizen or resident of the European Economic Area, in accordance with applicable data protection law, you may have the right to (i) access PII that we have about you; (ii) have your PII corrected or deleted; (iii) in certain circumstances, object to our processing of your PII; (iv) withdraw consent previously provided; (v) in certain circumstances, request that your PII be transferred to another service provider, where feasible; or (vi) if you believe that we have not complied with applicable data protection law, lodge a complaint with your local supervisory authority. If you wish to exercise any of these rights, or have any other questions about our privacy practices, please contact our Privacy Office by email at
  • For questions about this Privacy Policy and how your PII may be collected, stored, used, and shared, please contact our Privacy Office by email at

Changes to this Privacy Policy

  • If this Privacy Policy changes, the revised policy will be posted here. We may also send registered users with a copy of any revised Privacy Policy.
  • This Privacy Policy was last updated on November 8, 2018.
  • Prior versions: none