Information pursuant to art. 13 of EU Regulation 679/16 (GDPR)
Istituto Marangoni S.r.l. as the Data Controller, wants to inform you about what data it collects and how, so as to ensure that your fundamental rights and freedoms are respected, with particular reference to the confidentiality and security with which the data are processed.
Istituto Marangoni S.r.l. collects and stores your data:
We may ask social channels to send information about our courses based on the profiles of their users and in accordance with their data processing policy, but we are not aware of your name.
Istituto Marangoni S.r.l. uses your data for the following purposes:
In relation to the purposes under 3 (a), (b) and (c) the processing is necessary for the performance of a contract to which you are a party (Art. 6(1)(b) GDPR).
In relation to the purpose under d), processing is necessary for the pursuit of legitimate interest (Art. 6 par. 1, Lett. f) of the GDPR).
In relation to the purposes in (e), (f) (g) the legal basis for processing is your consent (Art. 6(1)(a) GDPR).
For the purposes under 3 (a) and (b) we keep your personal data for the duration of the contractual relationship being established and also beyond the ten-year limitation period from the termination of the relationship in order to fulfil legal obligations as well as for the purposes of legal protection.
For the purposes referred to in point (c) and (d) we keep your data for a period not exceeding 12 months from collection.
For the purposes of (e), (f) and (g) we will keep your data for up to 3 years, without prejudice to your right to revoke your consent at any time.
Once the retention period has expired, the data will be destroyed or made anonymous.
Please note: If, in the event of litigation, it is necessary to ascertain, exercise or defend the rights of the Data Controller, the retention period of the data collected, for the above-mentioned purposes, may be extended due to the possibility that it may be necessary to prepare defensive elements within this timeframe. In this case, the data will only be kept until the conclusion of the litigation.
The processing of your data will be carried out by means suitable to guarantee its confidentiality, integrity and availability. The processing is carried out by means of information systems and/or automated systems and will include all the operations or set of operations provided for in Article 4 of the GDPR and necessary for the processing in question, including communication to the persons in charge of the processing itself. The data in question will not be subject to dissemination; instead, it will or may be communicated to public or private entities operating within the scope of the purposes described above.
Only authorized persons within the scope of the tasks assigned by Istituto Marangoni S.r.l., including those located outside the European Union, can access your data.
Istituto Marangoni S.r.l. is part of Galileo Global Education Italia. Employees of Galileo Global Education Italia, as well as employees of NABA (Nuova Accademia S.r.l.) and Domus Academy, belonging to the same Galileo Global Education Italia Group, may also have access to some of your data.
Non-economic public entities (e.g. MIUR, Lombardy Region) may also have access to some of your data when the communication is necessary for the performance of the institutional functions of the requesting entity.
Personal data will not be disclosed in any way, it may also be communicated to and processed by third parties duly appointed as Data Processors, such as external collaborators and companies that provide specific instrumental services.
Personal data may also be accessible or may be communicated to parties whose right to access your personal data is recognized by provisions of law or secondary or EU regulations.
Your personal data will be managed and stored on servers located within the European Economic Area (EEA) and belonging to the Data Controller and/or to third party companies appointed and duly identified as Data Processors.
Your data may also be processed by the other companies belonging to the Istituto Marangoni group, located outside the European Economic Area (EEA), adopting appropriate security measures to ensure an adequate level of protection.
In addition, some third party companies appointed as Data Processors may transfer your personal data to servers located outside the European Economic Area (EEA). In this case, this will be done in compliance with articles 44 and following of the GDPR, using appropriate safeguards to ensure protection. Further information on these safeguards can be obtained from the Data Controller.
The provision of your data under point 3 a), b), c) e d) is necessary to enter into and execute the contract. For the purposes of point 3 e), f) and g) is optional, if you do not consent you will not be able to learn about our initiatives, events, courses that we will activate.
According to the provisions of the GDPR, Istituto Marangoni S.r.l. guarantees the following rights:
The above rights may be exercised in writing by sending an e-mail to dpo@istitutomarangoni.com The same contact person may be asked at any time for more information regarding the processing of personal data. It should also be noted that the exercise of one's rights must not prejudice and/or infringe upon the rights and freedoms of others.
Istituto Marangoni S.r.l. undertakes to respond to requests within a period of one month, except in the case of particularly complex requests, for which it may take up to 3 months. In any case, Istituto Marangoni S.r.l. will explain the reason for the wait within one month of the request.
The outcome of the request will be provided in writing (at the request of the interested party) or in electronic format (and, in this case, free of charge). Istituto Marangoni S.r.l. specifies that a possible contribution may be requested from the interested party if his requests are manifestly unfounded, excessive or repetitive: in this regard, Istituto Marangoni S.r.l. will keep track of the requests.
Istituto Marangoni S.r.l., in compliance with art. 19 of the EU Regulation, undertakes to report to the recipients to whom the personal data of the interested party have been communicated any rectification, cancellation or limitation of processing requested by the interested party, where this is possible.
If you believe that your rights have been compromised or infringed upon, or that the processing of your data is contrary to applicable law, you have the right to lodge a complaint with the Italian Data Protection Authority in the manner specified by the Authority at the following Internet address: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524
The Data Controller is: Istituto Marangoni S.r.l. - Via Pietro Verri, 4 20121 Milano MI
Mail: privacy@istitutomarangoni.com
The Data Protection Officer can be contacted at the following e-mail address: dpo@istitutomarangoni.com
This policy is subject to change. Any substantial changes will be communicated to you by email or through our website.