Privacy policy

Notice relating to the processing of personal data

Pursuant to the GDPR (EU Regulation 2016/679 on data protection, hereinafter "GDPR"), we inform you that the personal data provided by those participating in the course on the Fimap Academy online training platform will be processed as explained below.

1. Data controller

The data controller is Fimap S.p.A., VAT no. 02520310232, tax code 09224090150, with registered office in Via Invalidi del Lavoro 1, Santa Maria di Zevio, 37059 Verona, Italy.

2. Type of personal data processed

In particular, the following personal data may be processed: first name, surname, company name, email address, job and telephone number of the data subject.

3. Purposes and legal basis for the data processing

The personal data provided by the data subject requesting the services are used for the sole purpose of providing the service requested, and are passed on to third parties for institutional purposes only. Personal data collected with the data subject's specific consent are used - in compliance with the aforementioned rules - mainly for the following purposes:

  1. to allow participation in the course on the Fimap Academy online training platform;
  2. to prepare new courses;
  3. to inform those who have already participated in the previous Fimap Academy online training platform course about similar initiatives, and to send them the program of any subsequent courses.

The personal data collected may also be passed on to the managing body of the platform, if the Fimap Academy online training course is not carried out directly by the data controller. They will also be processed anonymously via statistics, for the purposes referred to in the aforementioned point b.

The Fimap Academy online training platform course will focus on the following areas (this list is intended merely as an example): product, services, culture, organisation, market analysis and evolution, technicians, training in use, FAQs and presentation of new models.

Every time the data subject accesses the course on the Fimap Academy online training platform, he/she will be tracked in all the details, so the data controller will be able to see the date and time of access and the time spent on the platform.

At the end of the course on the Fimap Academy online training platform, the data controller will issue the person concerned with a training certificate, which may be requested and used by the person's employer to verify his/her suitability. The legal basis for the processing of the personal data is the legitimate interest of the data controller and the consent of the data subject.

4. Place of processing

The data are processed and stored at the registered office of the data controller. They may also be processed and stored, on behalf of the data controller, by professionals and/or external companies in their role as data processors. The personal data are managed only by technical personnel specifically appointed for processing, or by persons appointed for occasional platform maintenance work.

5. Provision of personal data and consequences in case of non-consent to processing

The provision of personal data is always discretionary. It should be remembered, however, that consent to the processing of personal data is essential to provide the requested service and therefore to participate in the course on the Fimap Academy online training platform. If the data subject denies consent, the data cannot be processed for this specific purpose.

6. Processing method

The data are processed primarily with the aid of electronic (or in any case automated) tools or, alternatively, manually and in paper format, using suitable methods and means to guarantee their security and confidentiality in accordance with the provisions of the GDPR. The personal data will also be protected against any third parties.

7. Data retention period

The personal data will be stored in the archives of the data controller - in relation to their use for the purposes indicated - as long as they are needed for the legitimate purposes for which they were collected. This does not include personal data that cannot be controlled by the data controller.

8. Limitation of liability

The data controller has the right to modify the contents of this Notice at any time and without prior warning.

9. Divulgation of personal data

The personal data may be passed on to: - the data controller's own personnel who, on the basis of their specific roles, will process the data as persons explicitly authorised to do so (e.g. employees and/or collaborators); - personnel outside the data controller's own sphere but purposely appointed to process the data in their role as data processors: companies, consultants or professionals appointed for the installation, maintenance, updating and, in general, for the management of the hardware and software of the data controller, or who the data controller depends on for the provision of services; companies, consultants or professionals (e.g. legal, administrative and tax consultancy firms, etc.), if divulgation is necessary or functional to the correct fulfilment of the contractual obligations assumed in relation to the services provided, or the legal obligations; - third parties acting as autonomous data controllers for any possible legal obligations or for specific requests of the Judicial Authority and/or Public Authorities.

10. Data transfer abroad

At the current time, there is no possibility that your personal data may be processed on behalf of the data controller in countries outside the EU. If this should happen in the future, the processing will be carried out with your consent and according to the relevant requisites of Item V of the GDPR.

11. The rights of the data subject

With regard to personal data, the data subject has the right to: access his/her personal data (art. 15 GDPR), update or rectify personal data (art. 16 GDPR), request the erasure of the personal data - right to be forgotten (art. 17 GDPR), restrict the processing of the personal data (art. 18 GDPR), obtain the personal data in electronic format, obtain data portability (art. 20 GDPR), object - for legitimate reasons - to the processing of the personal data (art. 21 GDPR) (without prejudice to any dissemination that cannot be controlled by the data controller); following this request, the Data Controller will no longer be able to proceed with the processing of the personal data in question, except in cases allowed by laws or regulations. The data subject may assert his/her rights by writing to the data controller at [email protected]. The data subject has also the right to lodge a complaint with the data protection officer appointed to protect personal data.