List of active policies

Name Type User consent
PRIVACY NOTICE Site policy All users

Summary

PRIVACY NOTICE FOR OUR USERS - UNISER SOC. COOP. O.N.L.U.S.

Full policy

1. INTRODUCTION 

UNISER SOCIETÀ COOPERATIVA SOCIALE O.N.L.U.S. («Uniser»), with headquarters in Forlì (FC), Piazzale della Vittoria 17, VAT n. IT 02622940407, enrolled in the Register of Companies in Forlì-Cesena at the n. FO-282271, that can be contacted per e-mail at the address privacy@uniser.net, will be processing the personal data provided by the participants (“Users”) in the learning mobility projects in connection with a participation contract included the pre-contractual stage (“Contract”) for the participation in training activities and/or learning services, unless a different notice on personal data processing (“Services”) has been provided in the framework of said activities and services. 


2. WHO AND WHAT DOES THIS PRIVACY NOTICE APPLY TO? 

Uniser is the controller with reference to the personal data provided by the User, which shall be processed in compliance with the terms of the present Notice and the applicable laws. Consequently, this Notice shall apply to all Users.


3. WHAT TYPE OF PERSONAL INFORMATION DOES UNISER COLLECT? 

Uniser collects the following categories of personal data: 

a) name, surname, gender, contact details (e-mail, phone number, home address);

b) place and date of birth;

c) tax identification number; 

d) identity document (identity card, passport, health insurance card and/or driver license); 

e) bank details (credit card details or bank account details);

f) information contained in the resume.


4. HOW DO WE USE THE USERS’ PERSONAL INFORMATION? 

Uniser collects and processes the Users’ personal data for the following purposes: 

a) to provide the Services included in the Contract;

b) to analyze and improve the Services; 

c) to comply with the Italian and European applicable laws, included the norms preventing money laundering and fraud;

d) to handle any complaint and dispute; 

e) to enforce and assert our rights, also in the framework of debt recovering procedures and the granting of duty credit to authorized companies, possibly through third parties; 

f) to complete a prospective merger, supply of goods, transfer of an enterprise or a branch thereof, disclosing and transferring the Users’ personal data to the third party/parties involved; 

g) with the prior consent of the User, to send communications related to services provided by Uniser (for example by sending advertising material, carrying our market research activities). Marketing communications can be sent both through traditional communication media, such as the post, or per e-mail, chat, SMS, MMS, instant message;

Purposes from letter a) to e) are jointly defined as “Contractual Purposes”.

Purpose from letter f) is defined as “Legitimate Interest Purpose”.

Purpose from letter g) is also defined as “Marketing Purpose”.

In no case will the Users’ personal data be subject to disclosure or any completely automatized decision-making process, profiling included.


5. WHAT LEGAL BASIS DOES UNISER HAVE FOR PROCESSING PERSONAL DATA? 

The processing of the Users’ personal data is needed with reference to the Contractual Purposes, since it is essential in order to:

a) execute the Contract with reference to the providing of the requested Services and/or the participation in the learning activities; 

b) comply with the requirements of the applicable laws according to Section 4, letters d) and e).

If the User does not provide the necessary personal data for the Contractual Purposes, it will not be possible for Uniser to enter in a Contract with the User.

The personal data processing for Legitimate Interest Purposes mentioned in Section 3, letter f) is carried out in compliance with art. 24, paragraph 1, letter d) of the Italian Legislative Decree 196/2003 (“Privacy Code”) and, as of the 25th of May 2018, in compliance with art. 6, letter f) of the European General Data Protection Regulation 2016/679 (“Privacy Regulation”) to pursue Uniser’s legitimate interest that is equally balanced by the User’s interest, since the personal data processing is limited to what is strictly necessary in order to carry out the requested economic operations.

The data processing for Legitimate Interest Purposes is not compulsory and the Users can oppose said processing with the modality later described in Section 9, but in case the Users oppose said processing their data cannot be used for pursuing a Legitimate Interest.

Lastly, the data processing is optional for Marketing Purposes. In case the Users deny their consent they will not be able to receive commercial communications mentioned in Section 4 letters h) and i). The Users can revoke their eventually previously given consent at any time with the modality later described in Section 9 of the present Privacy Notice.


6. HOW DOES UNISER PROCESS THE USERS’ PERSONAL DATA?

The Users’ personal data could be processed through manual or computerized tools which are apt to warrant their safety, confidentiality and to prevent unauthorized access, diffusion, modification and  removal of data thanks to the adoption of adequate safety measures under the technical, physical and organizational point of view.


7. WHO CAN ACCESS THE USERS’ PERSONAL DATA?

To pursue the aforementioned Contractual Purposes, the Users’ personal data can be transferred to the following types of recipient, which are situated inside and, within the restriction later mentioned in Section 8, outside of the European Union:

a) third-party assistance and advisory service providers for Uniser with reference to activities including, but not limited to, the technical, accounting, administrative, legal, insurance, IT and educational sectors;  

b) banks and institutes issuing credit cards;

c) public and private bodies which pursue educational purposes and which participate in the activities object of the Contract;

d) companies of the Uniser group;

e) Uniser’s commercial network; 

f) subjects and authorities that have a right of access to the Users’ personal data explicitly recognized by laws, regulations or measures issued by the relevant authorities. Said recipients shall process the personal data according to the circumstances as owners, controllers or processors of the data.

To pursue the aforementioned Legitimate Interest Purposes, the Users’ personal data can be transferred to the following types of recipient, which are situated inside and, within the restriction later mentioned in Section 8, outside of the European Union:

a) third-party assistance and advisory service providers for Uniser with reference to debt recovering procedures and granting of duty credit;

b) companies of the Uniser group;

c) prospective purchasers of Uniser and bodies resulting from the merger, demerger or any other type of transformation related to Uniser;

d) relevant authorities.

To pursue the aforementioned Marketing Purposes, the Users’ personal data can be transferred to the following types of recipient, which are situated inside and, within the restriction later mentioned in Section 8, outside of the European Union:

a) third-party assistance and advisory service providers for Uniser with reference to the transmission of commercial communications;

b) public and private bodies which pursue educational purposes and which participate in the activities object of the Contract;

c) companies of the Uniser group.

The external controller of the data appointed by Uniser can be contacted upon request through the modalities later indicated in Section 9.


8. ARE THE USERS’ PERSONAL DATA TRANSFERED INTERNATIONALLY? 

The Users’ personal data shall be freely transferred outside of the Italian territory to Member States of the European Union. With reference to the transfer outside of the EU to countries that were not considered apt by the European Commission, Uniser shall adopt the appropriate and adequate safety measures to protect the Users’ personal data. Consequently, the potential transfer of the Users’ personal data to countries outside of the EU will be carried out in any case in compliance with the appropriate and adequate warranties to pursue the transfer itself, like the sample contractual clauses for data protection, in compliance with the relevant laws and in particular with the articles 45 and 46 of the Privacy Regulation.


9. WHAT ARE THE USERS’ RIGHTS IN RELATION TO THEIR PERSONAL DATA? 

The Users can at any time and free of any costs send an e-mail to the address privacy@uniser.net, in order to exercise the following rights:

a) to obtain from Uniser the confirmation of the existence or otherwise of data that concern themselves and to be informed about the content and the source of the data, to verify their accuracy and request their integration, up-dating or modification;

b) to obtain the deletion, transformation into anonymous form or the blocking of data potentially processed in breach of the relevant laws;

c) to object to their processing in whole or in part, for legitimate reasons;

d) to withdraw the consent at any time to the processing of data (in relation to the processing for which said consent is potentially necessary), without affecting in any way the lawfulness of the processing based on the consent given before its withdrawal;

e) to ask Uniser for the limitation of the processing of their own data in case: the Users question the exactness of their own personal data for the period needed by Uniser to verify the exactness of said data; the processing is unlawful and the Users oppose the deletion of their own personal data and ask instead for a limited use thereof; although Uniser does not need the data to pursue the processing, they are needed by the Users to ascertain, exercise or protect a right in judicial settings; the Users have opposed the processing according to article 21, paragraph 1 of the Privacy Regulation awaiting the verification of the possible preponderance of the legitimate compelling reasons to continue the processing. 

f) to oppose the processing of their own personal data;

g) to ask for the deletion of the personal data concerting themselves without undue delay;

h) to receive a copy in electronic form of their own personal data, whereas the Users want to transfer the their own personal data to themselves or to a different service provider, in the event that Uniser carries out the processing of personal data on the basis of the Users’ consent or on the basis of the circumstance that the processing is needed to provide services and the personal data are processed through automatized tools;

i) to submit a complaint to the Data Protection Commissioner (www.garanteprivacy.it). 


The data protection commissioner is not appointed by Uniser, since this appointment is not compulsory in the case described by the present notice. According to article 37 of the GDPR, the processors and the controllers of personal data shall appoint a data protection commissioner every time that: a) the processing is carried out by a public authority or body; b) the core activities of the controller or the processor consist in processing operations which require regular and systematic monitoring of data subjects on a large scale; c) the core activities of the controller or the processor consist in processing on a large scale of special categories of data pursuant to Article 9 (“Processing of special categories of personal data”) or personal data relating to criminal convictions and offences referred to in Article 10 (“Processing of personal data relating to criminal convictions and offences”). 


10. DATA RETENTION PERIODS APPLICABLE TO THE USERS

The Users’ personal data will be retained for the period of time needed in order to pursue the purposes for which these data have been collected, as stated in the present notice. In any case, the following retention periods are applicable with reference to the processing of the Users’ personal data for the purposes mentioned below:

a) for Contractual and Legitimate Interest Purposes, as in Section 4, letters from a) to g), the Users’ personal data are retained for a period equal to the duration of the Contract (including possible renewals) and for ten years after its expiration, termination or withdrawal from it, except where the data retention for a later period is required to resolve potential disputes, to comply with requests by the relevant authorities or according to the applicable laws:

b) for Marketing Purposes, the Users’ personal data are retained for the duration of the Contract and for a period of twenty-four months after its expiration.


11. MODIFICATION AND UPDATING 

This Privacy Policy was last updated on May 25, 2018 and can be subject to modifications and integrations, also as a consequence of the applicability of the Privacy Regulation and potential following modifications and/or integrations of the laws that will be promptly made available on the website www.uniser.net. 

The constantly updated privacy notice can be found on the website www.uniser.net