Privacy Policy

Data Controller

Franco Montaldo
VAT No.: 11706640965
Address: Via Cesare Battisti 29, 20021 Bollate (MI), Italy
Tax Code: MNTFNC84H25A940X
Email address of the Data Controller: montaldofranco@gmail.com

Types of Data Collected
Among the Personal Data collected by this Application, either independently or through third parties, are: Cookies; Usage Data; first name; last name; email address.
Complete details on each type of data collected are provided in the dedicated sections of this privacy policy or by specific information texts displayed before data collection.

Personal Data may be freely provided by the User, or, in the case of Usage Data, collected automatically during the use of this Application.
Unless otherwise specified, all Data requested by this Application is mandatory. If the User refuses to provide it, it may be impossible for this Application to provide the Service. In cases where this Application indicates certain Data as optional, Users are free to refrain from communicating such Data without affecting the availability or operation of the Service.

Users who have doubts about which Data is mandatory are encouraged to contact the Data Controller.
Any use of Cookies – or of other tracking tools – by this Application or by third-party service providers used by this Application, unless otherwise stated, is aimed at providing the Service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy, if available.

The User is responsible for any third-party Personal Data obtained, published, or shared through this Application and confirms that they have the right to communicate or disclose it, releasing the Data Controller from any liability towards third parties.

Methods and Place of Processing Collected Data
Processing Methods
The Data Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data.

The processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other parties involved in the organization of this Application (administrative, commercial, marketing, legal, or system administration staff) or external parties (such as third-party technical service providers, postal carriers, hosting providers, IT companies, communication agencies) may have access to the Data and, if necessary, be appointed as Data Processors by the Data Controller. The updated list of Data Processors can always be requested from the Data Controller.

Legal Basis for Processing
The Data Controller may process Personal Data relating to the User if one of the following applies:

The User has given consent for one or more specific purposes;
(Note: in some jurisdictions, the Data Controller may be allowed to process Personal Data without the User’s consent or another of the legal bases described below, until the User objects — “opt-out”. This does not apply when the processing of Personal Data is subject to European data protection legislation.)

Processing is necessary for the performance of a contract with the User and/or for any pre-contractual obligations thereof;

Processing is necessary for compliance with a legal obligation to which the Data Controller is subject;

Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;

Processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by a third party.

Users may request the Data Controller to clarify the specific legal basis that applies to each processing and to specify whether the processing is based on the law, required by a contract, or necessary to enter into a contract.

Place
The Data is processed at the Data Controller’s operating offices and in any other place where the parties involved in the processing are located.
Personal Data of the User may be transferred to a country other than the one in which the User is located. To obtain further information on the place of processing, Users may refer to the section detailing the processing of Personal Data.

Users are entitled to obtain information regarding the legal basis for the transfer of Data outside the European Union or to an international organization governed by public international law or established by two or more countries, such as the UN, as well as regarding the security measures taken by the Data Controller to protect the Data.

Users can check whether such a transfer occurs by examining the relevant sections of this document or by inquiring with the Data Controller using the contact details provided at the beginning.

Retention Period
Data is processed and stored for as long as required by the purposes for which it was collected.

Therefore:

Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until such contract has been fully performed.

Personal Data collected for purposes related to the legitimate interests of the Data Controller will be retained as long as needed to fulfill such purposes. Users may obtain specific information regarding the legitimate interests pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.

When processing is based on the User’s consent, the Data Controller may retain Personal Data for longer until such consent is withdrawn. Furthermore, the Data Controller may be obliged to retain Personal Data for a longer period to comply with a legal obligation or upon order of an authority.

Once the retention period expires, Personal Data will be deleted. Therefore, after this period, the rights of access, erasure, rectification, and data portability can no longer be exercised.

Purposes of Processing Collected Data
The User’s Data is collected to allow the Data Controller to provide its Services, as well as for the following purposes:
Platform and hosting services, Displaying content from external platforms, and Contacting the User.

For detailed information about the purposes of processing and the specific Personal Data used for each purpose, Users may refer to the relevant sections of this document.

Details on the Processing of Personal Data
Online Course Purchase Platform
By filling out the registration form with their Data, the User consents to its use to respond to the requests indicated in the form header.
Personal Data collected: first name; last name; email address.

These services are intended to host and operate key components of this Application, making it possible to provide this Application from a single platform. Such platforms provide the Data Controller with a wide range of tools such as analytics tools, user registration management, comment management, database management, e-commerce, payment processing, etc. The use of such tools involves the collection and processing of Personal Data. Some of these services operate through servers located in different geographical areas, making it difficult to determine the exact location where the Personal Data is stored.

WordPress.com (Automattic Inc.)
WordPress.com is a platform provided by Automattic Inc. that allows the Data Controller to develop, operate, and host this Application.
Personal Data collected: various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy.

Google Fonts
Google Fonts is a font visualization service provided by Google LLC or by Google Ireland Limited, depending on the location from which this Application is accessed, that allows this Application to incorporate such content into its pages.
Personal Data collected: Usage Data; various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy; Ireland – Privacy Policy. Privacy Shield participant.

User Rights
Users may exercise certain rights regarding their Data processed by the Data Controller.
In particular, Users have the right to:

Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.

Object to processing of their Data. Users have the right to object to the processing of their Data if it is carried out on a legal basis other than consent.

Access their Data. Users have the right to learn if Data is being processed by the Data Controller, obtain disclosure regarding certain aspects of the processing, and obtain a copy of the Data being processed.

Verify and seek rectification. Users have the right to verify the accuracy of their Data and request it be updated or corrected.

Restrict the processing of their Data. Under certain circumstances, Users have the right to restrict the processing of their Data. In this case, the Data Controller will not process the Data for any purpose other than storing it.

Have their Personal Data deleted or removed. Under certain circumstances, Users have the right to obtain the erasure of their Data from the Data Controller.

Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used, and machine-readable format and, if technically feasible, to have it transmitted to another controller without any hindrance.

Lodge a complaint. Users have the right to lodge a complaint before their competent data protection authority or take legal action.

Details on the Right to Object
When Personal Data is processed for a public interest, in the exercise of an official authority vested in the Data Controller, or for the purposes of the legitimate interests pursued by the Data Controller, Users may object to such processing for reasons related to their particular situation.
Users should know that, where their Personal Data is processed for direct marketing purposes, they can object to that processing at any time without providing any justification.

How to Exercise Rights
To exercise their rights, Users may send a request to the Data Controller using the contact details provided in this document. Requests are free of charge and will be processed by the Data Controller as soon as possible and always within one month.

Additional Information on Processing
Legal defense
The User’s Personal Data may be used for legal purposes by the Data Controller in court or in the stages leading to possible legal action arising from improper use of this Application or related Services. The User declares to be aware that the Data Controller may be required to reveal Personal Data upon request of public authorities.

Specific information
Upon request, in addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information regarding specific Services or the collection and processing of Personal Data.

System logs and maintenance
For operation and maintenance purposes, this Application and any third-party services may collect system logs, i.e., files that record interactions and which may also contain Personal Data, such as the User’s IP address.

Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Data Controller at any time.

“Do Not Track” Requests
This Application does not support “Do Not Track” requests.
To determine whether any third-party services it uses honor “Do Not Track” requests, Users are advised to consult their respective privacy policies.

Changes to This Privacy Policy
The Data Controller reserves the right to make changes to this privacy policy at any time by giving notice to Users on this page and possibly within this Application, as well as, where technically and legally feasible, sending a notice to Users via any contact information available to the Data Controller.
Please check this page frequently, referring to the date of the last modification listed at the bottom.

Where changes affect processing activities whose legal basis is consent, the Data Controller shall collect new consent from the User, where required.

Legal References
This privacy policy has been prepared based on multiple legal systems, including Articles 13 and 14 of Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR).
Unless otherwise stated, this privacy policy applies solely to this Application.