Notification on the use of personal data in accordance to articles 13-14 of Reg. (EU) 2016/679 GDPR (General Data Protection Regulation) and article 13 of Decree 196, June 30, 2003 (Privacy Code)
We at Mega Italia Media are aware of how important protecting our users' personal data and privacy is. Therefore, we handle all information provided to us with the utmost care; we guarantee privacy and security when processing our customers' sensitive information.
This communication explains how we manage the personal data we collect - directly or via third parties - for use on the eLearningNews website (www.elearningnews.it/en) and is valid for all visitors/users of this site. It does not apply to information received by any channel other than this site. This communication aims to provide maximum transparency in relation to the information the site collects and how this is used.
2. General information
Users (from here on in also "interested parties" as defined in the GDPR and the Privacy Code) are notified of the following general principles which apply to all aspects of data processing:
• all data is treated in a way that is legal, correct and transparent in relation to the interested party, in compliance with general GDPR principles and the Privacy Code;
• we only collect and process user data for the purposes explained in this communication or for the specific purposes that have already been communicated to them and/or users have already agreed on;
• our aim is to collect, process and use the least possible amount of personal data;
• when we collect your personal data, we ensure that it is accurate and up to date;
• if personal data is no longer used for any purpose and we are not required by law to store it, we will do all we can to delete, destroy or anonymise it;
• specific security measures are in place to prevent loss of data, incorrect/illegal use and unauthorised access;
• your data will never be shared, sold, made available or passed on to any subject other than those indicated in this notice.
3. Collected data and purpose
We wish to inform interested parties that the data collected will be processed using paper tools (subscription forms, order forms, etc.), software (admin/accounting software, etc.) and telematic tools with organisational and processing procedures that are directly linked to the data's specific purpose, and in any case with guaranteed security, integrity and privacy so as to comply with the organisational, physical and logical measures indicated in the relevant regulations. If the subject providing personal data is under the age of 16, data processing is licit only when its acceptance has been given or authorised by the legal custodian, whose personal data and copy of a document have also been acquired.
3.1 Browsing data
During standard use, the IT systems and software procedures that regulate the functioning of the above-mentioned websites collect certain personal data, the transmission of which is implicit in the use of Internet communication protocols. This information is not collected for a specific purpose but, due to their very nature, could enable third parties to profile users after processing and associating it with other data. This category of data includes IP addresses or domain names of PCs used to connect to the site, Uniform Resource Identifier addresses of users involved, time of requests, the path taken to submit a request, the code used to indicate the type of server reply (successful, error etc.) and other information linked with the operating systems and users' system information.
This data is used solely to get anonymous statistical information on the use of a website and its correct functioning. It may also be used to ascertain responsibility in case of cybercrimes against the site (site owner's legal rights).
Data is exclusively processed by internal staff who are authorised and trained to process data, and will not be communicated to external entities, distributed or transferred to non-EU countries. Only in case of a legal investigation they may be shared with the relevant authorities. Data is normally collected for short periods of time, save in case of prolonged investigative activities. This type of data is not actively provided by users, but instead automatically collected by the site's technical tools.
Cookies are text files which are stored in interested parties' computers or mobile devices and used by websites to enhance navigation and make it more effective.
In order to comply with EU regulations which require visitors to agree to the processing of their personal data via a direct, explicit, unequivocal action which is also required for "navigation cookies", we have created a "GDPR cookie" form which includes all technical tools to manage and revoke permissions and also provides a higher level of cloud security. With this form, interested parties are able to autonomously view all granted permissions and revoke their acceptance of one or more elements of cookie activity should they wish to do so.
3.3 Data collected after user acceptance and purposes of processing
The optional and voluntary sending of personal data via one of the site's forms, after accepting the privacy notice, results in the acquisition of the sender's name and email address, which are necessary to answer requests, as well as any other personal data inserted in the form. The company managing the IT infrastructure and its employees may be able to access this data for maintenance purposes only. The data will not be distributed or transferred to non-EU countries.
The collected data is processed for the following purposes:
- subscribe to eLearningNews newsletter containing information on e-Learning and product/service proposals; answer user enquiries about information on the services and products offered; insert comments and opinions within the articles; allow registration to the site as an author of articles; for marketing research and stats, references on advertisement, preferences on products and services, and so on.
Data is collected on the following pages:
The "Contacts and requests for info" page enables users to send various request. The form has a number of fields for personal data (Name, Surname, Email, Phone). The subscription is dependent on the explicit, free and informed acceptance of the policy. Data is processed exclusively by staff who are properly authorised and trained to process data. Based on the information requested, data is stored for a time that is appropriate for the specific purpose of its collection. Filling mandatory fields is required to receive a reply. Incomplete compilation of mandatory fields or lack of acceptance of the policy results in the services not being accessible.
3.3.2 – Newsletter subscription
This page consists of a form which enables interested parties to subscribe to eLearningNews' newsletter. The newsletter offers information on the e-Learning training field. The form asks for a number of personal information (Company Name, Name, Surname, Email, City). The subscription is dependent on the explicit, free and informed acceptance. Data are processed exclusively by staff who are properly authorised and trained to process data. Data are stored until the time when "unsubscription" from the newsletter service occurs through the link at the bottom of any sent message. The absence of an email address or the lack of acceptance results in the newsletter service non-being available.
3.3.3 – Insert comments
Users can insert comments and opinions within the articles by entering a nickname and an email (only to receive any answers) exclusively in order to insert comments. The inclusion of comments is subject to acceptance of the comments policy. The posting of comments is dependent on the explicit, free and informed acceptance. Data are processed exclusively by staff who are properly authorised and trained to process data. Data are stored, depending on the type of user, for times compatible with the specific purpose of the collection. Failure to give consent to the comments policy makes impossible to insert the comment.
3.3.4 – Become author Login
The "Become Author" page enables users to access the login area of the site for the authors of the articles. Access to the reserved area is for those who already have access credentials (username and password), or those who register as authors by filling out the form. The form requires a series of personal data (Business Name, Name, Surname, Email) and the inclusion of exclusive Username and Password. Registration is subject to acceptance of explicit, free and informed acceptance. Data are processed exclusively by staff who are properly authorised and trained to process data. Data are stored for times compatible with the specific purpose of the collection. The provision of data is necessary in order to obtain a specific response to your request and failure to give consent to the comments policy makes impossible to insert the comment.
4. Recipient groups
Communications related to legal and contractual obligations notwithstanding, all data collected and processed may be communicated exclusively for the purposes mentioned above to the following interested parties: companies or professional studies that provide consulting or collaboration in accounting, tax, legal, commercial matters; Public administrations for the performance of institutional functions within the limits established by law; to third party service providers to whom communication is necessary for the performance of the contracted services.
5. Length of storage
Data that is required to be stored to comply with contractual and accounting regulations are kept for the time needed to complete the relative contractual or accounting relationship. The data of customers who do not buy products or services after being in contact with a company representative will be immediately deleted or used exclusively anonymously, unless its retention is justified, and unless the customers in question have agreed to be part of subsequent promotional activities or marketing research.
6. Legal requirements
7. User rights
In accordance to EU regulation 679/2016 (GDPR) and national regulations, interested parties can exercise the following rights in the ways and with the limitations allowed by the law:
- request confirmation of the existence of personal data related to them (right of access);
- be informed about its origin;
- receive intelligible communication on the matter;
- be informed about the logic, modes and purposes of its processing;
- request its update, rectification, integration, deletion, transformation into anonymous data, block of data used against the law, including data that is no longer necessary for the purposes it was collected;
- in the case of acceptance-based processing, receive all data provided in a structured and readable form from a data processor and in a commonly-used format;
- the right to make a complaint to the controlling Authority.
Exercising customer rights can take place via emails sent to the data processing officer.
8. Transfer of personal data out of the EU area
Personal data will be stored and handled by the Company holding the data and/or specifically-delegated companies on servers located in the European Union. Data will not be transferred out of the EU. It is in any case implied that the Company, whenever it is deemed necessary, will be entitled to move the servers to non-EU locations. Should this occur, the Company will ensure that the transfer of data is executed in compliance with applicable legal requirements, stipulating agreements to guarantee an adequate level of protection whenever necessary.
9. Holder of data and contacts
The company in charge of holding and processing data is Mega Italia Media S.p.A., legally represented by Luigi Meroni (tel. 030/2650661 email: firstname.lastname@example.org) who can be contacted for any issue related to the implementation of all user rights indicated in the GDPR and the Privacy Code (right of access, change, rectification, deletion, restriction, portability, opposition), or to revoke any acceptance previously granted; should a request go unanswered, interested parties can submit a complaint to the Authority in charge of protecting personal data. The Data Protection Officer (DPO) can be contacted at this address: email@example.com
10. Policy updates
This notice was most recently updated on May 22nd, 2018 and may be subject to periodic revision, also in relation to the referring laws and jurisprudence. In the event of significant variations, these will be clearly shown on the site's homepage for a reasonably extended time. Users are nonetheless encouraged to regularly check this page.