Website Privacy Policy
(DATACONTROLLER =) Trust-IT Srl, with registered offices in via Nino Bixio 25, 56125 Pisa (PI) Italy, VAT no. and Fiscal Code CF and PIVA: 01870130505, is committed to
protecting the online privacy of the users of this website (“Website”).
As such, this Privacy Policy has been written in order to allow you to
understand Trust-IT’s policy regarding your privacy, as well as how
your personal information will be handled when using the Website. This
Privacy Policy will also provide you with information so that you are able
to consent to the processing of your personal data in an explicit and
informed manner, where appropriate.
In general, any information and data which you provide to Trust-IT
over the Website, or which is otherwise gathered via the Website by
Trust-IT, in the context of the use of Website’s services (“Services”) as better defined in Section 3 below,
will be processed by Trust-IT in a lawful, fair and transparent
manner. To this end, and as further described below, Trust-IT takes
into consideration internationally recognised principles governing the
processing of personal data, such as purpose limitation, storage
limitation, data minimisation, data quality and confidentiality.
CONTENTS
1. Data controller
2. Personal Data processed
a. Name, contact details and other Personal Data
b. Special categories of Personal Data
c. Other persons’ Personal Data
d. Browsing data
e. Cookies
3. Purposes of processing
4. Grounds for processing and mandatory / discretionary nature of
processing
5. Recipients of Personal Data – Data Processors
6. Other Recipients of Personal Data
7. Retention of Personal Data
8. Data subjects’ rights
9. Amendments
Trust-IT, as identified at the top of this Privacy Policy, is the
data controller regarding all personal data processing carried out through
the Website. You can contact Trust-IT with any questions related to
this Privacy Policy or the Trust-IT’s personal data processing
practices by sending a written communication to info@ngi-atlantic.eu,
or via the contact forms available on the Website.
When you use the Website, Trust-IT will collect and process
information regarding you (as an individual) which allows you to be
identified either by itself, or together with other information which has
been collected. Trust-IT may also be able to collect and process
information regarding other persons in this same manner, if you choose to
provide it to Trust-IT, also via the Website.
This information may be classified as “Personal Data” and
can be collected by Trust-IT both when you choose to provide it
(e.g., when you subscribe to the newsletter or request other Services
provided by Trust-IT over the Website) or simply by analysing your
behaviour on the Website.
Personal Data which can be processed by Trust-IT through the Website
are as follows:
In various areas of the Website – including, in particular, if you decide
to create an account on the Website – you will be asked to submit
information about yourself, such as your name, professional title,
organisation name/type, primary (and secondary) domain of work/expertise,
e-mail address, city/country of residence, address, gender, Twitter handle,
LinkedIn profile, and picture. Mandatory fields will be marked as such in
the online registration forms – it is not possible to process your
registration if any of the mandatory fields are left incomplete.
In addition, whenever you communicate with Trust-IT by submitting a
general enquiry or a support ticket via the Website, as well as whenever
you participate in surveys which may be available on the Website,
Trust-IT may collect additional information which you choose to
provide.
Regarding any applications received, Trust-IT may assess the
professional social media accounts (e.g. LinkedIn, Twitter) or professional
websites of candidates, where publicly available or disclosed by the
candidate, as necessary to gain insight as to a candidate’s suitability for
the position/function to which the candidate applied.
When signing up for an event via the Website (such as a workshop organised
or promoted by the Website), you will also be asked to provide details such
as your name, your Twitter handle, the dates on which you will be attending
and other information of relevance for the management of your attendance.
Your payment details (including debit/credit card number and bank account
details as needed) will be processed via an external payment gateway.
b.
Special categories of Personal Data
When signing up for an event via the Website (such as a workshop organised
or promoted by the Website), you will also be asked whether you have any
special dietary/access requirements which might need accommodation. These
Personal Data may potentially qualify as “health data” or “data revealing
your religious/philosophical beliefs”, which are special categories of
personal data under Art. 9 GDPR, and will be processed only with your
explicit consent.
Certain areas of the Website may include free text fields, where you can
write messages to Trust-IT or otherwise allow you to post various
types of content on the Website, which may contain Personal Data. Where
these fields are completely free, you may use them to disclose
(inadvertently or not) more sensitive categories of Personal Data, such as
data revealing your racial or ethnic origin, political opinions, religious
or philosophical beliefs, or trade union membership. The content you upload
in these fields may also (inadvertently or not) include other types of
sensitive information relating to you, such as your genetic data, biometric
data or data concerning your health, sex life or sexual orientation.
Trust-IT asks that you do not disclose any sensitive Personal Data on
the Website, unless you consider this to be strictly necessary. As it is
totally optional to provide this information, if you nonetheless choose to
do so, please mind that Trust-IT requires your explicit consent to process this sort of Personal Data
(which can be provided, e.g., by declaring that you “explicitly consent to
the processing of my special categories of personal data for the purpose of
assessing my candidacy”).
As mentioned in the previous section, certain areas of the Website include
free text fields where you can write messages to Trust-IT, or
otherwise allow you to post various types of content on the Website. These
messages and content may (inadvertently or not) include Personal Data
related to other persons.
In any situation where you decide to share Personal Data related to other
persons, you will be considered as an independent data controller regarding
that Personal Data and must assume all inherent legal obligations and
responsibilities. This means, among other things, that you must fully
indemnify Trust-IT against any complaints, claims or demands for
compensation for damages which may arise from the processing of this
Personal Data, brought by the third parties whose information you provide
through the Website.
As Trust-IT does not collect this information directly from these
third parties (but rather collects them, indirectly, from you), you must
make sure that you have these third parties’ consent before providing any
information regarding them to Trust-IT; if not, then you must make
sure there is some other appropriate grounds on which you can rely to
lawfully give Trust-IT this information.
d.
Browsing data
The Website’s operation, as is standard with any websites on the Internet,
involves the use of computer systems and software procedures, which collect
information about the Website’s users as part of their routine operation.
While Trust-IT does not collect this information in order to link it
to specific users, it is still possible to identify those users either
directly via that information, or by using other information collected – as
such, this information must also be considered Personal Data.
This information includes several parameters related to your operating
system and IT environment, including your IP address, location (country),
the domain names of your device, the type of device, the URI (Uniform
Resource Identifier) addresses of resources you request on the Website, the
time of requests made, the method used to submit requests to the server,
the dimensions of the file obtained in response to a request, the numerical
code indicating the status of the response sent by the server (successful,
error, etc.), and so on.
These data are used to compile statistical information on the use of the
Website, to ensure its correct operation, as well as restore backup from
possible failures of the Website and identify any faults and/or abuse of
the Website. Save for this last purpose, these data are not kept for more
than 60 business days.
- Definitions, characteristics, and application of standards
Cookies are small text files that may be sent to and registered on your
computer by the websites you visit, to then be re-sent to those same sites
when you visit them again. It is thanks to these cookies that those
websites can “remember” your actions and preferences (e.g., login data,
language, font size, other display settings, etc.), so that you do not need
to configure them again when you next visit the website, or when you change
pages within a website.
Cookies are used for electronic authentication, monitoring of sessions and
storage of information regarding your activities when accessing a website.
They may also contain a unique ID code which allows tracking of your
browsing activities within a website, for statistical or advertising
purposes. Some operations within a website may not be able to be performed
without the use of cookies which, in certain cases, are technically
necessary for operation of the website.
When browsing a website, you may also receive cookies from websites or web
servers other than the website being visited (i.e., “ third-party cookies”).
There are various types of cookies, depending on their characteristics and
functions, which may be stored on your computer for different periods of
time: “session cookies”, which are automatically deleted
when you close your browser, and “persistent cookies”,
which will remain on your device until their pre-set expiration period
passes.
According to the law which may be applicable to you, your consent may not
always be necessary for cookies to be used on a website. In particular, “ technical cookies” – i.e. cookies which are only used to
send messages through an electronic communications network, or which are
needed to provide services you request – typically do not require this
consent. This includes browsing or session cookies (used to allow users to
login) and function cookies (used to remember choices made by a user when
accessing the website, such as language or products selected for purchase).
On the other hand, “profiling cookies” – i.e., cookies
used to create profiles on users and to send advertising messages in line
with the preferences revealed by users while browsing websites – typically
require specific consent from users, although this may vary according to
the applicable law.
- Types of cookies used by the Website
The Website uses the following types of cookies:
- Browsing or session cookies, which are strictly necessary for the Website’s operation, and/or to allow you to use the Website’s content and Services.
- Analytics cookies , which allow Trust-IT to understand how users make use of the Website, and to track traffic to and from the Website.
Trust-IT also uses third-party cookies – i.e.cookies from websites / web servers other than the Website, owned by thirdparties. These third parties will either act as independent datacontrollers from Trust-IT regarding their own cookies (using the datathey collect for their own purposes and under terms defined by them) or asdata processors for Trust-IT (processing personal data onTrust-IT’s behalf).
For further information on how these third parties may use your information, please refer to their privacy policies:
- Privacy Policy: https://www.youtube.com/about/policies/#community-guidelines ;
- Youtube videos have privacy-enhanced mode enabled: therefore YouTube won’t storeinformation about our visitors, unless they play the video, according to the Google-Youtube guide: https://support.google.com/youtube/answer/171780?hl=en-GB
The list of installed cookies is available in the Cookie Policy on the Website
- Cookie settings
You can block or delete cookies used on the Website via your browser
options. Your cookie preferences will be reset if different browsers are
used to access the Website. For more information on how to set the
preferences for cookies via your browser, please refer to the following
instructions:
You may also provide set your preferences on third-party cookies by using
online platforms such as AdChoice.
CAUTION
If you block or delete technical and/or function cookies used by the Website, the Website may
become impossible to browse, certain services or functions of the Website
may become unavailable or other malfunctions may occur. In this case, you
may have to modify or manually enter some information or preferences every
time you visit the Website.
3.
Purposes of processing
Trust-IT intends to use your Personal Data, collected through the
Website, for the following purposes:
1. To allow you to create and maintain a registered user profile on the
Website, to allow you to participate in different areas over the
Website and exchange information/documents with other participants, to
verify your identity and assist you, in case you lose or forget your
login / password details for any of the Website’s registration
services, to send you informative newsletters and other communications
(linked to the collaborative areas which you participate in), to
respond to your enquiries and requests for support, and to provide any
other Services which you may request (“ Service Provision”);
2. To process your sign-up/registration forms for events and webinars
hosted or supported by the Website, process your payment details for
associated fees, track event attendance and publish attendee lists online
(“Events/Webinars”);
3. To assess applications submitted via the Website, such as collaborating
opportunities or for participating to events organised or sponsored by the
Website, among others (“Applications”);
4. For marketing, promotional and publicity purposes, including to carry
out direct marketing, market research and surveys, via e-mail, through push
notifications / pop-up banners, through the Website’s official social media
pages, […], regarding upcoming events organised by the Website, as well as
events hosted by selected third parties (“Marketing”);
5. To include information on you as a registered Member within the Website
database (“Database Publication”);
6. For future marketing, promotional and publicity purposes, by sending you
direct e-mail marketing communication regarding events hosted and Services
provided by the Website and which are of an identical or similar scope to
those which you have previously signed up for or acquired via the Website
(“Soft Opt-in”);
7. To create a profile of you as a Website user, through the use of
profiling cookies and by collecting and analysing information on the
preferences you select and choices you make in the Website, as well as your
general activities on the Website. This profile will be used to give you
information about other websites / services you may be interested in, and
to show you information and advertisements which may be relevant to you and
your interests. All algorithms involved in this processing are regularly
tested, to ensure the processing’s fairness and control for bias (“ Profiling”);
8. For compliance with laws which impose upon Trust-IT the collection
and/or further processing of certain kinds of Personal Data (“ Compliance”);
9. For development and administration of the Website, in particular by use
of data analytics regarding how you and other users make use of the
Website, as well as the information and feedback you provide, to improve
our offerings (“Analytics”);
10. To prevent and detect any misuse of the Website, or any fraudulent
activities carried out through the Website, including by carrying out
internal audits (“Misuse/Fraud”).
Trust-IT’s legal bases to process your Personal Data, according to
the purposes identified in Section 3 , are as
follows:
1. Service Provision
: processing for these purposes is necessary to provide the Services and,
therefore, is necessary for the performance of a contract with you – Art.
6(1)(b) GDPR. It is not mandatory for you to give Trust-IT your
Personal Data for these purposes; however, if you do not, Trust-IT
will not be able to provide any Services to you.
2. Events/Webinars: processing for
these purposes is generally necessary to allow the Trust-IT Team to
respond to your request to sign up for an event/webinar and, therefore, is
necessary for the performance of a contract with you – Art. 6(1)(b) GDPR.
However, the tracking of event attendance and publication of attendee lists
is done on the basis of the Website’s interests in managing events and
allowing other participants to become aware of persons taking part at the
event – Art. 6(1)(f) GDPR. It is not mandatory for you to give
Trust-IT your Personal Data for these purposes; however, if you do
not, Trust-IT will not be able to process your registration for an
event/webinar.
3. Applications: processing for this purpose is
needed in order for Trust-IT to be able to consider your application
and, therefore, is necessary to take steps at your request before
(potentially) entering into a contract – Art. 6(1)(b) GDPR. It is not
mandatory for you to give Trust-IT your Personal Data for these
purposes; however, if you do not, Trust-IT will not be able to
consider your applications.
4. Marketing: processing for these purposes is
based on your consent – Art. 6(1)(a) GDPR. It is not mandatory for you to
give consent to Trust-IT for use of your Personal Data for these
purposes, and you will suffer no consequence if you choose not to give it
(aside from not being able to receive further marketing communications from
Trust-IT). Any consent given may also be withdrawn at a later stage
(please see Section 8 for more
information).
5. Database Publication: processing for this
purpose is based on your consent – Art. 6(1)(a) GDPR. It is not mandatory
for you to give consent to Trust-IT for use of your Personal Data for
these purposes, and you will suffer no consequence if you choose not to
give it. Any consent given may also be withdrawn at a later stage (please
see Section 8 for more
information).
6.
Soft Opt-In
: processing for these purposes is based on Trust-IT’s interest in
sending you direct e-mail marketing communication regarding events and
Services provided by Trust-IT and which are identical or similar to
those you have previously signed up for or acquired through the Website –
Art. 6(1)(f) GDPR. You can block these communications, and you will suffer
no consequence if you do so (aside from not being able to receive further
communications from the Website), by objecting through the link provided at
the bottom of all such communications.
7. Profiling: processing for this purpose is based
on your consent, collected by means of the cookie pop-up banner and/or a
specific tick box – Art. 6(1)(a) GDPR. It is not mandatory for you to give
consent to Trust-IT for use of your Personal Data for this purpose,
and you will suffer no consequence if you choose not to (aside from not
being able to benefit from greater personalisation of your user experience
regarding the Website). Any consent given may also be withdrawn at a later
stage (please see Section 8 for more
information).
8. Compliance: processing for this purpose is
necessary for Trust-IT to comply with its legal obligations – Art.
6(1)(c) GDPR. When you provide any Personal Data to Trust-IT,
Trust-IT must process it in accordance with the laws applicable to
it, which may include retaining and reporting your Personal Data to
official authorities for compliance with tax, customs or other legal
obligations.
9. Analytics: Information
collected for this purpose is used to allow Trust-IT to understand
how users interact with the Website and to improve the Website accordingly,
with the aim to providing a better user experience – Art. 6(1)(f) GDPR.
10. Misuse/Fraud: Information collected for this
purpose is used exclusively to prevent and detect fraudulent activities or
misuse of the Website (for potentially criminal purposes) – Art. 6(1)(f)
GDPR.
5.
Recipients of Personal Data – Data Processors
Your Personal Data may be shared with the following list of entities (“ Data Processors”):
-
The following entities are engaged in order to provide or support the
Website and Services (e.g., hosting providers, e-mail platform
providers, technical maintenance providers Website administrators and
Website user administrators):
- Waterford Institute of Technology, Main Campus Cork Road, Waterford City, Co. Waterford, Ireland
- COMMpla srl, via Nino Bixio 25, 56125 Pisa (PI) Italy. CF and PIVA: 01958380501
6.
Other Recipients of Personal Data
Your Personal Data may be shared with the following list of persons /
entities (“Recipients”):
-
Persons, companies or professional firms providing the Trust-IT
with advice and consultancy regarding accounting, administrative,
legal, tax, financial and debt collection matters related to the
provision of the Services and which act typically as data processors on
behalf of the Trust-IT;
-
Persons authorised by Trust-IT to process Personal Data needed to
carry out activities strictly related to the provision of the Services,
who have undertaken an obligation of confidentiality or are subject to
an appropriate legal obligation of confidentiality (e.g., members of
the team operating the Website, and other functions with access to
Personal Data processed via the Website);
-
Public entities, bodies or authorities to whom your Personal Data may
be disclosed, in accordance with the applicable law or binding orders
of those entities, bodies or authorities.
Additionally, with your consent, some of your Personal Data may be
published in the webpages available online at the Website. Furthermore,
when you sign-up for an event, you will be listed in attendee lists made
available on the Website.
More information on these transfers is available upon written request to
the Website Managing Team at the following address:
info@ngi-atlantic.eu.
7.
Retention of Personal Data
Personal Data processed for Service Provision and Events/Webinars will be kept by Trust-IT for the
period deemed strictly necessary to fulfil such purposes – in any case, as
these Personal Data are processed for the provision of the Services,
Trust-IT may continue to store this Personal Data for a longer
period, as may be necessary to protect Trust-IT’s interests related
to potential liability related to the provision of the Services.
Personal Data processed for Applications will be kept by
Trust-IT for up to 5 years.
Trust-IT may contact applicants before the expiration of this period,
in order to request an extension of the retention period.
Personal Data processed for Database Publication, Marketing and Profiling will be kept by
Trust-IT from the moment you give consent until it is withdrawn.
Where it is not withdrawn, consent will be renewed at fixed intervals. Once
consent is withdrawn (or not given, following a renewal), Personal Data
will no longer be used for these purposes, although it may still be kept by
Trust-IT in particular as may be necessary to protect
Trust-IT’s interests related to potential liability related to this
processing.
Personal Data processed for Soft Opt-In will be kept by
Trust-IT from the moment where it is provided by you to
Trust-IT (in the context of registrations for events or Services
requested via the Website) until you object to this processing. Once you
have objected, Personal Data will no longer be used for these purposes,
although it may still be kept by Trust-IT, in particular as may be
necessary to protect Trust-IT’s interests related to potential
liability related to this processing.
Personal Data processed for Compliance will be kept by
Trust-IT for the period required by the specific legal obligation or
by the applicable law.
Personal Data processed for preventing Misuse/Fraud will
be kept by Trust-IT for as long as deemed strictly necessary to
fulfil the purposes for which it was collected.
More information on applicable retention periods is available upon written
request to the Website Managing Team at the following address:
info@ngi-atlantic.eu.
As a data subject, you are entitled to exercise the following rights before
Trust-IT, at any time:
1. Access your Personal Data being processed by Trust-IT (and/or a
copy of that Personal Data), as well as information on the processing of
your Personal Data;
2. Correct or update your Personal Data processed by Trust-IT, where
it may be inaccurate or incomplete;
3. Request erasure of your Personal Data being processed by Trust-IT,
where you feel that the processing is unnecessary or otherwise unlawful;
4. Request the restriction of the processing of your Personal Data, where
you feel that the Personal Data processed is inaccurate, unnecessary or
unlawfully processed, or where you have objected to the processing;
5. Exercise your right to portability: the right to obtain a copy of your
Personal Data provided to Trust-IT, in a structured, commonly used
and machine-readable format, as well as the transmission of that Personal
Data to another data controller;
6. Object to the processing of your Personal Data, based on relevant
grounds related to your particular situation, which you believe must
prevent Trust-IT from processing your Personal Data; or
7. Withdraw your consent to processing (forMarketing, Database Publication, Soft Opt-in, and Profiling).
Please note that most of the Personal Data you provide to Trust-IT
can be changed at any time, including your e-mail preferences, by
accessing, where applicable, your user profile created on the Website.
You can also withdraw consent for Marketing (for
communications received via e-mail) or object to Soft Opt-In by selecting the appropriate link included at
the bottom of every marketing e-mail message received. The same applies to
the Website’s newsletter which you may have subscribed to and receive as a
Service.
Consent for Profiling carried out by cookies may be
withdrawn as described in Section 2(e).
Where consent for Profiling was given via a specific tick
box, you may withdraw this consent by changing your preferences, at any
time, within your user profile created on the Website, where applicable.
Aside from the above means, you can always exercise your rights described
above by sending a written request to the Website Managing Team at the
following address: info@ngi-atlantic.eu.
In any case, please note that, as a data subject, you are entitled to file
a complaint with the competent supervisory authorities for the protection
of Personal Data, if you believe that the processing of your Personal Data
carried out through the Website is unlawful.
9. Amendments
This Privacy Policy entered into force on 20/01/2020
Trust-IT reserves the right to partly or fully amend this Privacy
Policy, or simply to update its content, e.g., as a result of changes in
applicable law. The Website Managing Team will inform you of such changes
as soon as they are introduced, and they will be binding as soon as they
are published on the Website. The Website Managing Team therefore invites
you to regularly visit this Privacy Policy in order to acquaint yourself
with the latest, updated version of the Privacy Policy, so that you may
remain constantly informed on how Trust-IT collects and uses Personal
Data.
