Who We Are and How We Handle Your Personal Data
The European House – Ambrosetti S.p.A, located at Via Francesco Albani 21 – (20149) Milan, referred to as the Data Controller, is committed to preserving the confidentiality and security of your personal data from any potential breaches. To this end, the Controller adheres to policies and practices governing the collection, use, and protection of your personal data in compliance with applicable laws. These policies are subject to updates reflecting regulatory and organizational changes impacting the processing of personal data. Additionally, the Data Controller has designated a Data Protection Officer (DPO) available for inquiries at [email protected].
How We Collect and Process Your Data
Your personal information will be processed for the following purposes:
Informational communications related to the GPID project. Upon your request, we may process your data to send informational communications regarding the GPID project, such as registration details, via email.
Commercial promotion activities of services offered by the Owner. With your consent, we may process your personal data, including your name and email address, to send promotional material about services offered by the Data Controller via email. This processing requires your explicit consent and acknowledgment of communication methods.
Communication to Third Parties and Recipients
The processing of your personal data aligns with relationship obligations and legal requirements. Your data will not be shared with third parties/recipients unless authorized by you or necessary for fulfilling legal obligations or specific operational activities.
Information Security Purposes
We process your personal data, including computer and traffic data, to ensure the security and resilience of our network and servers against unforeseen events or malicious acts. We adhere to legal obligations for handling personal data breaches.
Consequences of Withholding Data or Consent
Your personal data are essential for processing your requests through the “Sign up” section. Failure to provide required data impedes the Controller’s ability to fulfill your request. Non-consent to data processing for commercial promotion purposes does not affect processing for primary purposes or previously granted consent.
Storage and Transfer of Data
Data processing occurs through electronic and manual means with adequate security measures. Data may be stored in paper, computer, and telematic archives, including locations outside the European Economic Area, adhering to relevant legal frameworks.
Retention periods vary based on the purpose of processing. Personal data processed for registration requests and communications are retained for 12 months after the GPID project’s conclusion, unless extended due to regulatory requirements or investigations. Data processed for commercial promotion purposes are retained for 24 months, subject to deletion upon your request.
Your Rights and How to Exercise Them
You have rights concerning your personal data, including access, rectification, deletion, restriction of processing, objection to processing, and data portability. These rights are exercised free of charge and without formalities, with responses provided within one month, extendable up to two months under justifiable circumstances.
For further information or requests, contact [email protected].
Complaints and Supervisory Authority
You have the right to lodge complaints with the competent supervisory authority, especially in Italy, concerning violations of Regulation (EU) 2016/679.