WHO ARE WE AND WHAT DO WE DO WITH YOUR PERSONAL DATA?
The European House - Ambrosetti S.p.A. with registered office in Via F. Albani, 21 - 20149 Milan, Italy, (hereinafter also The Data Controller), as the data controller, is concerned about the confidentiality of your personal data and to ensure that they are protected from any event that may put them at risk of being breached.
The Controller implements to this end policies and practices having regard to the collection and use of your personal data and the exercise of your rights under applicable law. The Controller takes care to update the policies and practices adopted for the protection of personal data whenever necessary and in any case in case of regulatory and organizational changes that may affect the processing of your personal data.
The Controller has appointed a data protection officer or data protection officer (DPO) whom you can contact if you have questions about the policies and practices adopted.
You can contact the DPO/DPO at email@example.com
HOW DOES THE OWNER COLLECT AND PROCESS YOUR DATA?
Personal information about you will be processed for:
1) The navigation of the website https://www.innovatedesal.org/
The processing of your personal information, such as navigation data e.g. IP address and cookies issued through the navigation of the site https://www.innovatedesal.org/ are processed by the Owner to follow up on the management of the site and to collect information also of an aggregate nature.
Your personal data will not be disseminated or disclosed to unspecified parties in any way.
2) Communication to third parties and recipients
The communication of your personal data takes place mainly towards third parties and/or recipients whose activities are necessary to carry out the activities inherent to the aforementioned purposes, and also to respond to certain legal obligations. Any communication that does not respond to these purposes will be subject to your consent.
In particular, your data will be disclosed to third parties/recipients for:
1. the performance of the service (e.g., IT service providers);
2. communications towards the financial administration, and public supervisory and control bodies towards which the Controller must fulfill specific obligations arising from the specificity of the activity performed;
The personal data that the Controller processes for this purpose are:
- browsing data (IP address)
3) IT security reasons
The Data Controller processes, including through its suppliers (third parties and/or recipients), your personal data (e.g. IP address) or traffic data collected, or obtained, in the case of services displayed on the website to the extent strictly necessary and proportionate to ensure the security and ability of a network or servers connected to it to withstand, at a given level of security, unforeseen events or unlawful or malicious acts that compromise the availability, authenticity, integrity and confidentiality of personal data stored or transmitted.
For these purposes, the Owner provides procedures for handling personal data breaches (data breaches).
WHAT ARE COOKIES AND FOR WHAT PURPOSES THEY CAN BE USED
A "cookie" is a small text file created by some websites on the user's computer at the time the user accesses a particular site, for the purpose of storing and transporting information. Cookies are sent from a web server (which is the computer on which the visited website is running) to the user's browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and stored on the user's computer; they are, then, re-sent to the website on subsequent visits.
Cookies may remain in the system for long periods of time and may also contain a unique identification code. This allows the sites that use them to keep track of the user's navigation within the site itself, for statistical or advertising purposes, that is, to create a personalized profile of the user from the pages he or she has visited and then show and/or send him or her targeted advertising (so-called Behavioral Advertising).
WHAT COOKIES ARE USED AND FOR WHAT MAIN PURPOSE
The Owner reports below the specific categories of cookies used, the purpose and the consequence of de-selecting them:
Collect information in aggregate form about users' browsing to optimize the browsing experience and the services themselves.
It would no longer be possible for the Holder to acquire the aggregate information.
The cookie allows tweets from the Holder's account to be displayed.
Established by the third party
It would not be possible to allow tweets from the Holder's account to be displayed.
Cookie aimed at keeping the user's login active.
It would not be possible to maintain the login while browsing. Each page would require a login.
Site Management. They enable the safe and efficient operation and exploration of the website.
These are the cookies necessary for the use of the website, blocking them does not allow it to work.
Third-party cookies, i.e. cookies created by a website other than the one the user is currently visiting, are also operational on this website. In particular, users are informed that the website uses the following services that issue cookies:
On the website https://www.innovatedesal.org/ there are special "buttons" (called "social buttons/widgets") that depict the icons of social networks (e.g. Facebook, linkedin, etc.) and other web services (e.g. Youtube, etc.). The same allow users who are browsing the Controller's web page to access the relevant social networks with a "click". In this case, the social network and web services acquire data about the user, while the Owner will not share any browsing information or user data acquired through its site with the social networks and web services accessible thanks to the social buttons/widgets. Such services issue "third-party cookies." Below are links to the privacy policies of the most commonly used social networks and websites to which the buttons link:
- for Facebook: www.facebook.com/help/cookies
- for Linkedin: www.linkedin.com/legal/cookie_policy
- for Instagram: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect&__coig_consent=1
- for Twitter: https://twitter.com/it/privacy
WHAT HAPPENS IF YOU DON'T PROVIDE YOUR DATA?
Please see the consequences of deselecting individual cookies as listed in the table above.
HOW WE PROCESS YOUR DATA
The processing of personal data is carried out through computer procedures by specially authorized and trained internal persons. They are allowed access to your personal data to the extent and to the extent that it is necessary for the performance of the processing activities concerning you.
The Data Controller periodically verifies the means by which your data are processed and the security measures provided for them, the constant updating of which it provides for; verifies, also through the authorized persons in charge of the processing, that no personal data whose processing is not necessary are collected, processed, archived or stored; verifies that the data are stored with the guarantee of integrity and authenticity and their use for the purposes of the processing actually carried out.
WHERE WE PROCESS YOUR DATA
The data are stored in computer and telematic archives also located outside the European Economic Area. In particular:
USA, SOUTH KOREA, TAIWAN: Standard contractual clauses for the transfer of personal data to third countries under Regulation (EU) 2016/679 of the European Parliament and of the Council;
ISRAEL: Commission Decision of January 31, 2011 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequate protection of personal data by the State of Israel with regard to automated processing of personal data.
HOW LONG WE PROCESS YOUR DATA
Please review the personal data retention terms as outlined in the table above.
Personal data are retained for the time necessary to allow you to browse the site and, in any case, no longer than 36 months, except in cases where events occur that involve the intervention of the competent Authorities, including in collaboration with third parties/recipients entrusted with the Owner's data security activities, to carry out any investigations into the causes that led to the event, as well as to protect the interests of the Owner relating to possible liability related to the use of the site and its services.
WHAT ARE YOUR RIGHTS?
Basically, you, at any time and free of charge and without special charges and formalities for your request, can:
- obtain confirmation of the processing carried out by the Data Controller;
- access your personal data and know their origin (when the data are not obtained from you directly), the purposes and aims of the processing, the data of the subjects to whom they are communicated, the storage period of your data or the criteria useful to determine it;
- update or rectify your personal data so that they are always exact and accurate;
- delete your personal data from the databases and/or archives, including backup archives of the Data Controller in the event, among others, that they are no longer necessary for the purposes of the processing or if the processing is assumed to be unlawful, and always if the conditions provided for by law are met; and in any case if the processing is not justified by another, equally legitimate reason;
- limit the processing of your personal data in certain circumstances, such as where you have disputed its accuracy, for the period necessary for the Controller to verify its accuracy. You must also be informed, in a reasonable time, when the period of suspension has expired or the cause for the restriction of processing has ceased to exist, and thus the restriction itself lifted;
- obtain your personal data, if received or processed by the Controller with your consent and/or if their processing is on the basis of a contract and by automated means, in electronic format also for the purpose of transmitting them to another data controller.
The Controller must do so without delay and, in any case, no later than one month after receipt of your request. The deadline may be extended by two months if necessary, taking into account the complexity and number of requests received by the Controller. In such cases, the Controller will, within one month of receipt of your request, inform you and make you aware of the reasons for the extension. To exercise your rights, write to firstname.lastname@example.org
HOW AND WHEN CAN YOU OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA?
For reasons relating to your particular situation, you may object at any time to the processing of your personal data if it is based on legitimate interest by sending your request to the Controller, at email@example.com
You have the right to the deletion of your personal data if there is no legitimate reason overriding the one that gave rise to your request.
WHO CAN YOU COMPLAIN TO?
Without prejudice to any other action in administrative or judicial proceedings, you may lodge a complaint with the competent supervisory authority or the one that performs its duties and exercises its powers in Italy where you have your habitual residence or work or if different in the member state where the violation of Regulation (EU) 2016/679 occurred.