Cookie Policy
In compliance with article 13 of Legislative Decree 196/2003 and following the entry into force of the EU Regulation 679/2016 pursuant to provisions set forth in art. 13 of the foregoing European Regulation, this privacy statement aims at describing the methods adopted for processing personal data of the users in order to enable the online registration and/or entry to institutional and/or congress events organised and managed by the Center for Education Policy Making, Research and Development (CEPMRD).
Purpose of the processing:
Your personal data that are freely given and that we acquired because of the activity carried out by the Center for Education Policy Making, Research and Development (CEPMRD), will be processed lawfully and fairly for the following purpose: collection of entries and/or registrations in order to enable the Center for Education Policy Making, Research and Development (CEPMRD) to implement all the necessary steps to formalize the participation in the event organised by the Company itself.
Additional purposes:
Personal data provided by the users can be used by the Center for Education Policy Making, Research and Development (CEPMRD) for additional purposes, such as subsequent congress information, commercial promotions, market research. Such data shall be used solely for the foregoing additional purposes upon express and explicit consent given by the data subject.
Types of data processed:
At the time of the online registration, the user is asked to enter some personal data (personal details and contact details) as well as, if applicable, the personal data of the accompanying person. Personal data provided by the users during the online registration are used by the Center for Education Policy Making, Research and Development (CEPMRD) only in order to provide the service that has been requested. Please note that users may be requested to enter bank details or other information on methods of payment. The foregoing data – that are required in the event the payment of a fee is necessary or the participant wants to make also the hotel booking – can be disclosed to third parties for purposes strictly related to the performance of the contract obligations.
In order to perform the contractual activity, it may be appropriate and/or necessary, for the user making the online registration, to specify also sensitive data (e.g. specific dietary requirements, such as intolerances or allergies, or any physical disability or limitation). In the event the user does not provide such data or his consent to their processing, the Center for Education Policy Making, Research and Development (CEPMRD) shall not be able to guarantee the quality of the service offered to the user.
Personal data provided by the users can be used for additional purposes such as subsequent congress information, commercial promotions, market research. Such data shall be used solely for the foregoing additional purposes upon express and explicit consent given by the data subject.
Procedures for processing:
Data will be processed in a manner that ensures appropriate security and confidentiality by adopting the following procedures: data collection from the data subject, gathered and recorded for purposes that are specific, express and legitimate and used in subsequent processing operations in terms that are consistent with such purposes, processing carried out using electronic and automated means (data collection via the Internet, through the online registration on the event website, directly from the data subject).
Specific security measures are adopted in order to prevent data loss, unlawful or incorrect uses as well as unauthorized accesses. Processed data will be constantly updated and complete and, to this end, we invite users to send notification in order to carry out updates and correction where necessary. Access to personal data is limited to employees and contract workers who need such information to carry out their activity, as well to manage, develop and improve our services.
Legal basis of the processing:
The legal basis of the processing of your personal data relies on your choice of registration for the event, that is necessary in order to participate in it.
Mandatory or optional nature of the data and consequences in the event of refusal to reply:
The nature of the provision of your personal data is mandatory, in order for the Data Controller to proceed with the processing of your request to participate in the event. In case of refusal, it will not be possible to complete the registration procedure and the Controller cannot perform the contractual obligations.
Disclosure of data to third parties:
Your personal data will be processed by the Data Controller, by Data Processors appointed by the Controller and by people in charge of the processing who have been strictly authorised. Data can be disclosed to other companies belonging to Triumph Group and to companies commissioning the event in order to perform all contractual obligations.
Your personal data may be disclosed to third parties, once your consent has been received, such as sponsors, in the event these companies request such data.
Following inspections or controls your data may be disclosed to all the inspection bodies in charge of inspections and controls related to the legitimacy of legal obligations.
Your data will not be circulated.
Data retention periods:
Your personal data shall be kept for the amount of time that is strictly necessary in order to organise and manage the event and then filed in the database of the Center for Education Policy Making, Research and Development (CEPMRD)
Existence of an automated decision-making process (profiling):
No automated decision-making process is used.
Transfer of data to third countries or international organisations:
The Data Controller does not intend to transfer the data collected to third Countries or international organisations.
Processing operations related to data collection are carried out at the premises of The Center for Education Policy Making, Research and Development (CEPMRD) and are made by the staff of the company in charge of the processing, as well as by any person in charge of occasional servicing operations of the Company web platform.
Rights of the data subjects:
Art. 7 Legislative Decree 196/2003 and art. 15 EU Regulation 679/2016 – Right of access to personal data and other rights –
The data subject is entitled at any time to receive confirmation of the existence or otherwise of personal data that concern him, including where those data have not yet been recorded, and to have those data communicated in an intelligible form. The data subject is entitled to be informed of the source of the personal data; the purposes and methods of processing; the logic applied in the event that processing is carried out electronically; details identifying the Data Controller, the Data Processor and the representative appointed pursuant to article 5, paragraph 2 of Legislative Decree 196/2003 and to article 15 of the EU Regulation 679/2016; the entities or categories of entities whom or which the personal data may be communicated to or who or which may get to know such data. The data subject is entitled to have the data updated, rectified or, where he so wishes, supplemented; where data are processed in breach of the law, including data which, in light of the purposes for which they were collected or subsequently processed, do not necessarily need to be stored, to have those data deleted, made anonymous or blocked;to a statement confirming that the steps specified herein, and the contents of those steps, have been brought to the attention of parties to whom the data have been communicated or disseminated, save where this proves to be impossible or would require the use of resources that is manifestly disproportionate to the right being protected. The data subject is entitled to object – in whole or in part – on lawful grounds to the processing of personal data that concerns him, including where the processing is relevant to the purposes for which they were collected; to the processing of personal data that concern him in order to send advertising material or for the purposes of direct sales or to carry out market research or for the purposes of commercial communications. In particular, the data subject is entitled to ask at any time to the Data Controller the access to personal data and the rectification, erasure or limitation of the processing of data concerning him or to object to their processing, in addition to the right of data portability. Moreover, the data subject is entitled to withdraw his consent at any time without affecting the lawfulness of the processing based on the consent given before withdrawing it. The data subject is entitled to lodge a complaint with the supervisory Authority. Rights can be exercised by sending a notice to the e-mail address: info@gceds.org.