This website uses cookies to ensure an optimal navigation experience. For more information, please check out our Cookie Policy.

Privacy Policy

The below describes the processing of personal data carried out as part of the services of ENGLISH WITH EMILY DI CARIDI EMILY and, specifically, of the site https://www.englishwithemily.org ("Site").

In accordance with EU Regulation 2016/679 (“GDPR”) and current national legislation on the protection of personal data, ENGLISH WITH EMILY DI CARIDI EMILY, with registered office in Uggiate Trevano (CO), via Mulini n. 19, tax code CRDMLY90S52C933P, VAT number 04076430133 as data controller (hereinafter "Data Controller" or "ENGLISH WITH EMILY DI CARIDI EMILY"), informs you that your data will be processed in the manner and for the following purposes. Unless otherwise indicated, the contents of this information must be considered applicable to personal data processed in the context of using the Site. It is understood that for the processing of personal data carried out for purposes other than those indicated below, the information on the treatment will apply. relating to the services considered from time to time.

  1. Treatment of data

    The Data Controller only processes identification and non-particular/sensitive personal data communicated by users when requesting services from the Data Controller through or using the Site, and in particular:

    • Name, surname, email address, profession, IP address and session ID;

    The Data Controller also processes, exclusively in anonymous form, the data relating to the use of the Site (including the most viewed screens).

  2. Purposes and legal bases of the treatment

    Personal data is processed for the purposes and legal bases described below:

    1. "Service Purposes" such as:
      1. To satisfy user requests (for example, to be contacted after completing the contact form on the Site);
      2. To allow the user to use the Site, allow the user the technical management of the Site and its operational functions.
    2. "Purpose of fulfilment of legal obligations of the Data Controller"

      Personal data will be processed to ensure that the Data Controller complies with the obligations established by laws, regulations or national and community legislation or imposed by the competent authorities. This treatment is necessary to fulfil a legal obligation to which the Data Controller is subject and does not require the user's consent.

    3. "Purposes related to the pursuit of a legitimate interest of the Data Controller", in particular:
      1. prevention and repression of unlawful acts as well as the exercise of the rights of the Data Controller in court and the management of disputes: the interest of the Data Controller corresponds to the constitutionally guaranteed right of action (Article 24 of the Constitution) and, as such, is socially recognized as prevailing over the interests of the individual interested party;
      2. management and maintenance of the Site: the interest of the Data Controller is based on the general interest of a company to ensure company operations, also through the operation of the Site, and possible improvements in the efficiency of the service offered;
      3. prevention and detection of fraudulent activities or abuses harmful to the Site: the interest of the Data Controller is based on the legitimate, real and current interest not to suffer damage as a result of the illegal conduct of others;
      4. sending of commercial communications via e-mail relating to the Data Controller's services and products similar to those which the user has already used: the interest of the Data Controller is based on the general interest of a company to promote its services and is considered legitimate because in line with the reasonable expectations of the interested parties, taking into account the relationship between them and the Data Controller. Each e-mail sent will allow the user, by clicking on the appropriate link, to refuse further mailings.

        5. For the pursuit of the "Purposes related to the pursuit of a legitimate interest of the Data Controller" referred to in this letter C, personal data will be processed to pursue a legitimate interest of the Data Controller, therefore without the need for prior express consent from the user.

  3. Processing methods

    The processing of personal data is carried out, electronically and on paper, by means of collection, registration, updating, organization, conservation, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, cancellation and destruction operations of personal data. Personal data is protected in such a way as to minimize the risk of destruction, loss (including accidental loss), unauthorized access/use or use incompatible with the initial purpose of collection. This is achieved with the technical and organizational security measures implemented by the Data Controller.

  4. Retention of personal data

    The Data Controller processes personal data for the time necessary to fulfil its purposes, and in any case no later than the periods of time indicated below. It is understood that, at the end of these periods, the Data Controller will nevertheless be entitled to further store personal data, in whole or in part, for certain purposes, as expressly required by specific legal provisions or to assert or defend a right in court within the ten-year limitation period provided for by article 2946 of the civil code (for example, in case of disputes by the user).

  5. Provision of personal data

    In the context of using the Site, the provision of personal data:

    • for the "Service Purposes" the use is mandatory. These data are necessary for the relationship with the Owner and the use of the services. However, the user can decide not to provide personal data; however in the absence of these personal data it will not be possible to use the services of the Data Controller;
    • for the "Purpose of fulfilment of legal obligations of the Data Controller" it is mandatory. This processing is necessary to fulfil a legal obligation to which the Data Controller is subject and does not require the user's consent;
  6. Access to personal data

    Personal data will be processed by our staff responsible for processing personal data and by the following categories of subjects (including, but not limited to):

    • employees and/or collaborators of the Data Controller in their capacity as data processors and/or internal managers and/or system administrators (by way of example, consultants authorized to manage the Site and provide the related services in the context of using the Site);
    • employees and consultants of the legal, finance, administration and accounting departments and our other departments, in their capacity as processors and/or internal processors;
    • third parties (e. IT service providers, hosting providers etc.,) to whom we, as Data Controller, outsource some services, including processing operations, as external data processors.
  7. Communication of personal data

    In the context of the use of the Site, the Owner can communicate the personal data of users without the need for consent from the user:

    • to control bodies, law enforcement or judiciary Ministry of Finance, Revenue Agency, ministerial bodies and competent Authorities, Local Authorities (regions, provinces, municipalities), Regional and provincial Tax Commissions, upon their express request that will treat them as of independent data controllers for institutional purposes and/or by virtue of the law in the course of investigations and controls.
  8. Transfer of personal data

    In the context of the use of the Site, personal data will not be disclosed in any way nor will they be transferred to a non-EU country.

  9. User rights

    The Data Controller informs you that, as an interested party, if the limitations established by law do not apply, the user has the right to:

    • obtain confirmation of the existence or otherwise of your personal data, even if not yet registered, and that such data is made available to the user in an intelligible form;
    • obtain indication and, where appropriate, copy: a) of the origin and category of personal data; b) of the logic applied in case of treatment carried out with the aid of electronic instruments; c) the purposes and methods of processing; d) of the identification details of the Owner and of the managers; e) of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them; f) when possible, of the data retention period or the criteria used to determine this period; g) the existence of an automated decision-making process, and in this case of the logic used, the importance and the consequences envisaged for the interested party;
    • obtain, without unjustified delay, the updating and correction of inaccurate data or, when interested, the integration of incomplete data;
    • obtain the cancellation, transformation into anonymous form or blocking of data: a) processed unlawfully; b) no longer necessary in relation to the purposes for which they were collected or subsequently processed; c) in case of revocation of the consent on which the treatment is based and in case there is no other legal basis, d) if the user has opposed the treatment and there is no overriding legitimate reason to continue the treatment; e) in case of fulfilment of a legal obligation; f) in the case of data referring to minors. The Owner can refuse the cancellation only in the case of: (1) exercise of the right to freedom of expression and information; (2) fulfilment of a legal obligation, performance of a task carried out in the public interest or exercise of public authority; (3) reasons of public health interest; (4) archiving in the public interest, scientific or historical research or for statistical purposes; (5) exercise of a right in court;
    • obtain the limitation of the treatment in the case of: a) disputing the accuracy of the personal data; b) unlawful treatment of the Data Controller to prevent its cancellation; c) exercise of a user right in court; d) verification of the possible prevalence of the legitimate reasons of the Data Controller with respect to those of the interested party;
    • receive, if the treatment is carried out by automatic means, without impediments and in a structured, commonly used and readable format, the personal data concerning you to transmit them to another owner or - if technically feasible - to obtain direct transmission by the Owner to another owner;
    • oppose, in whole or in part: a) for legitimate reasons, connected to the particular situation of the user, to the processing of personal data concerning him; b) to the processing of personal data concerning him for the purpose of sending communication material, through the use of automated call systems without the intervention of an operator by e-mail and/or with traditional methods by telephone and/or paper mail;
    • lodge a complaint with the Personal Data Protection Authority.

    In the above cases, where necessary, the Data Controller will inform the third parties to whom the user's personal data are communicated of the possible exercise of rights by the latter, with the exception of specific cases (e.g. when such performance proves impossible or involves the use of means manifestly disproportionate to the protected right).

  10. Methods of exercising rights

    The user may at any time exercise the rights referred to in Section 9 (Rights of the interested party) above by sending an email to info@englishwithemily.org

  11. Data controller

    The Data Controller is ENGLISH WITH EMILY DI CARIDI EMILY, with registered office in Uggiate Trevano (CO), via Mulini n. 19.

Uggiate Trevano, 15 January 2023