Privacy protection – information pursuant to Article 13 of the EU Regulation 679/16
The data requested from you, as the interested party, is processed by The International Studies Institute LLC (VAT number 06820750484), with registered office in Delaware-Dover, Kent County The Green, Ste A 8 (USA) and operational headquarters in Florence, Via della Vigna Nuova n.18, Data controller (pec: [email protected], e-mail address: [email protected] – Tel. 055 2645910), hereinafter referred to as ISI Florence.
The Data Protection Officer (DPO) is engr. Marco Turri (VAT number 04854420488 – registered email address (pec) [email protected], email address [email protected])
The processing of personal data, carried out in full compliance with current legislation (Legislative Decree No. 196 of June 30, 2003 and EU Regulation 679/16), is executed for the management of the contractual relationship between the parties and, in particular, to respond to any requests for information and in any case, to communicate in print, through IT and by telephone, so as to satisfy all contractual and legal obligations (Purpose of the processing).
Our company will therefore treat the identification data (e.g. name and surname, e-mail address), for the aforementioned purposes, as this data is necessary to provide the commercial service itself and to respond to any requests for information. The legal basis of the relative processing is therefore the execution of pre-contractual measures adopted at Your request and the execution of any contractual obligations, as well as the fulfillment of the related legal obligations. In the event of disputes relating to this relationship, the legal basis is the legitimate interest of the Data Controller in the right of defense.
The provision of the aforementioned personal data does not constitute a legal obligation, but is contractually necessary, as such, it is obligatory for our company to be able to respond to Your requests and for the purposes indicated above. In the event of refusal to provide such information, ISI Florence may not be able to perform the requested service.
The processing of personal data will consist in the collection, recording, organization, structuring, storage, adaptation or modification, extraction, selection, consultation, use, communication by transmission or other forms of provision, comparison or interconnection, the limitation, cancellation or destruction of the same. The data processing will be carried out with the aid of electronic, computerized and telematic tools suitable for guaranteeing its confidentiality, in compliance with the provisions of current legislation.
Personal data is processed in written form, on paper, magnetic and telematic format, with appropriate tools to guarantee its security, and entered in the data bank of the Data Controller.
Personal data is processed exclusively by subjects appointed by the Data Controller, who is specially trained in the field.
Personal data can be communicated to all the subjects (recipients) to whom the right of access is recognized by the current legislation and for purposes related to legal obligations (e.g. Guarantor Authority, Public Authorities), as well as to employees assigned to processing by our company.
They can also be communicated to professionals, IT experts, companies that manage cloud and telephone services, companies in charge of processing data connected with the fulfillment of administrative, accounting and management obligations related to the ordinary performance of our business (e.g. website management, accounting and tax compliance, verification of economic relations with the customer) which may be designated as Data Processors pursuant to Article 28 of EU Regulation 679/16. Personal data will not be disseminated.
The list of subjects appointed as Data Processors is available at our registered office.
Personal data is stored on servers located in Italy, within the European Union.
ISI Florence uses the Google Drive service. The data is therefore also processed by the Google Inc data processor, 1600 Amphitheater Parkway Mountain View, CA 94043 USA, at its operating offices, in compliance with the applicable legal provisions, and with the provisions of the articles 44 and following of EU Regulation 679/16.
ISI Florence uses the Cloudflare service. The data is therefore also processed by the Cloudflare Data Processor, Inc.101 Townsend St. San Francisco, CA 94107 (represented in Europe by Cloudflare Germany GmbH Rosental 7 – 80331 München under Art 27 GDPR), at its operating offices, in compliance with the applicable legal provisions, and with the provisions of articles 44 and following of EU Regulation 679/16
It is understood that the undersigned Data Controller, if necessary, will have the right to move servers even outside the EU. In this case, the extra-EU data transfer will take place in compliance with the applicable legal provisions, and with the provisions of articles 44 and following of EU Regulation 679/16.
Pursuant to EU Regulation 679/16, you can exercise the following rights as an interested party:
- the right to obtain confirmation from the Data Controller that Your personal data is being processed and whether or not, in this case, to obtain access to the personal data and information provided by art. 15 (e.g. information relating to the purposes of the processing, to the categories of personal data in question, to the recipients or categories of recipients to whom the personal data has been or will be communicated, to the retention period, to their rights, to the origin of the data if not collected from the interested party, to the existence of an automated decision-making process, etc.);
- the right to obtain, if inaccurate, the correction of personal data concerning you, as well as the integration of the same if deemed incomplete, always in relation to the purposes of the processing (art. 16);
- the right to delete data (“right to be forgotten”), when one of the cases referred to in art. 17 applies;
- the right to limit the processing, in the cases provided for by art. 18;
- the data portability right pursuant to art. 20;
- the right to object to the processing pursuant to art. 21;
- when the legal basis of the processing is consent, the right to revoke the consent at any time without jeopardizing the lawfulness of the processing based on the consent given before the revocation.
The Data Controller does not adopt automated decision-making processes; the rights pursuant to Article 22 of the EU Regulation 679/16 apply to the interested party.
The interested party is also entitled to be informed, when applicable, of the intention of the Data Controller to transfer the data to a third country or to an international organization. This right also applies to the existence or absence of a decision of adequacy of the Commission or in the hypothesis of transfers, pursuant to art. 46, 47 and 49 c.2, related guarantees and the means to obtain a copy of such data or the place where they were made available.
All the aforementioned rights can be exercised through a request addressed to the Data Controller (e.g. by contacting us by e-mail or by telephone).
As an interested party, finally, you are entitled to file a complaint with a supervisory authority (Art 77 EU Regulation 679/16 – Art 140 bis and ss. of Legislative Decree 196/2003).
Personal data will be stored only for the time strictly necessary to carry out the aforementioned purposes and to fulfill the obligations provided for by law (e.g. administrative, fiscal and accounting up to ten years pursuant to Article 2220 and 2946 of the Italian Civil Code), without prejudice to any issues of an accounting or contentious nature that may extend this period.
Subsequently, your personal data will be deleted or transformed into an anonymous form and used for statistical purposes only.
The International Studies Institute LLC