Skip to content

Privacy Policy

Context

This Privacy Policy discloses the privacy practices for the https://celtaflorence.com (CELTA
Florence) and various related services (together referred to as the “site” from this point onwards). We are committed to protecting the processing of your data fairly and lawfully.

The site celtaflorence.com is a platform developed for the advertising of Europass SRL CELTA courses (our collaborator, supplier and ultimate seller of the courses). All data collected via the CELTA Florence web platform is for the sole purpose of promoting Europass SRL CELTA courses and the liaising with CELTA candidates interested in Europass CELTA programmes.

The user information collected via this webpage belongs to the site owner, and will ultimately only be shared with Europass SRL in Florence, Italy, with the processing of course bookings as the main purpose for the sharing of the data.

The owner and designer of the site is Koeakoea Creative Studio in Cambridge, United Kingdom.

The privacy policy of the site has been updated due to the full application of EU Regulation 2016/679.

Your privacy is important to us. We have therefore developed a Privacy Policy that regulates the way we collect, use, transfer and store your personal data.

Collection and use of personal information

Personal information is data that can be used to identify or contact a specific person. You may be asked to provide your personal information whenever you come into contact with the site. The site may share this data and use it in accordance with this Privacy Policy. They may also combine this information with other data to provide and improve products, services, content and advertising materials. You are not required to provide the personal data requested by us; if you decide not to provide it, however, in many cases we will not be able to offer you our products or services or answer your questions.

Here are some types of personal data that the site may collect and use.

What personal data we collect

When you browse the site celtaflorence.com, if you fill out our online contact form or course
application forms, we may collect a series of data that are necessary for the correct registration of your query and/or booking. This data may include among other things, your
name, address, telephone number, email address, contact preferences, etc.

The admin team of the site will use this information to satisfy your requests, provide you with the product or service relevant to your needs.

How we use your data personal

We may process your personal data for the purposes described in this Privacy Policy with your consent, for compliance with legal obligations to which the site is subject or in case we deem it necessary for legitimate interests pursued by the site or by third parties to whom it is necessary to provide data.

The personal data collected by us allows us to keep you updated on the announcements of some of the latest courses of EUROPASS SRL and on upcoming events.

We also use personal data to develop, provide and improve our courses, services, content and advertising materials, as well as to prevent losses and fraud. In addition, we can use them to ensure network and account security, and to protect our services for the benefit of
all our users.

Personal data, including the date of birth, can be used to verify identity, facilitate user identification and determine which services are appropriate.

We may periodically use your personal information to send important notices, such as
communications relating to the services offered, as well as our conditions and policies.
Since this data is important for your interaction with EUROPASS SRL and its courses, you cannot request not to receive such communications.

We may also use personal data for internal purposes, for verification, data analysis and research to improve products, services and communications with customers,

Collection and use of non-personal data

We also collect data that is in a form that does not permit direct association with a specific individual. We may collect, use, transfer and disclose non-personal information for any purpose. The following are some examples of non-personal data collected by us and their use:

  • We can, for example, collect data on language, unique device identification code, reference URL, etc., in order to better understand customer behaviour and improve our products, services and advertising materials.
  • We may collect data about customer activities on our website and from our other products and services. This data is aggregated and used to help us provide more useful information to our customers and to understand which parts of our website and our products and services are of greatest interest. Under this Privacy Policy, aggregated data is considered non-personal information.
  • We may collect and store details about the use that users make of our services, including searches. This information can be used to improve the relevance of the results provided by our services.
  • Disclosure to third parties

The site periodically makes certain personal data available to Europass SRL who collaborate with the site for the supply of products and services acting as the ultimate seller of the products. Personal data will be shared with EUROPASS SRL only to provide or improve its products, services and advertising materials; they will not be shared by the site
with third parties for the commercial purposes of the latter.

Others

It may be necessary the site (by law, court proceedings, litigation and / or requests by public and governmental authorities within or outside your country of residence) to disclose your
personal data. We may also disclose your information if we believe that, for purposes of national security, compliance with the law or other matters of public importance, it is
necessary or appropriate to do so.

We may disclose your information if we believe that disclosure is reasonably necessary to apply our terms and conditions or to protect our activities or users. Furthermore, in the event of reorganization, merger or sale, we may transfer all personal data collected by us to third parties affected by such transactions.

Data protection personal

The site takes care of the security of your personal information. For the storage of personal data by the site, information systems with limited access are used.

Integrity and retention of personal data. The site facilitates the retention of your personal data in an accurate, complete and updated manner. We will retain your personal information for the period necessary for the purposes outlined in this Privacy Policy. In deciding these periods, we carefully evaluate our actual
need to collect personal data and if we believe that there is a decisive necessity, we keep them only for the shortest possible period necessary to achieve the purpose of collection,
unless a conservation period greater is required by law.

Access to personal data

On request, we will let you know the personal data about you stored by us so that you can perform any operation you require, for example requesting to correct the data if it is
inaccurate or delete it if the site is not held to keep them as required by law or for legitimate business purposes. We may refuse to respond to requests that are futile / harassing,
damaging the privacy of others, extremely difficult to meet or where access to data is not otherwise covered by local law. The site may also refuse to comply with requests for deletion or access to data if it considers that fulfilling this request is contrary to the legitimate use of data for anti-fraud purposes and to ensure security, as described previously.

Third party websites and services

The websites, products, applications and services of the site may contain links to websites, products and services of third parties.

Data collected by third parties, which may include geographic or contact information, are governed by their respective privacy policies. We encourage you to review the privacy
policies of those third parties.

Consent to the processing of personal data

Your information will be treated in a certain manner and for the following purposes:

  1. Object of the treatment
    The holder treats personal identification data (in particular, your name, social security
    number, name, p. Iva, e-mail, PEC, telephone number, IBAN and any information
    capable of identifying the person concerned, following “Personal data” or “data”)
    communicated through the first processing.
  2. Purpose of the processing
    The personal data will be processed for the following purposes:
  • Fulfil the pre-contractual, contractual and tax obligations deriving from existing
    relationships with the site and supplier (i.e. Europass SRL);
  • Fulfil the obligations established by law, by a regulation, by community legislation or
    by an order of the Authority;
  • To send data to external managers nominated by the owner of the site, corresponding to the categories of persons (physical or legal) listed in the treatment register;
  • Allow any registration to the website, if any;
  • Preventing or discovering fraudulent activities or harmful abuses committed by third
    parties;
  • Exercise the rights of the owner of the site, for example the right to defend in court;
  • Send commercial communications relating to services and products of the owner of the site and Europass SRL similar to those already used, unless expressly disagree.
  1. Methods of processing
    The processing of personal data is carried out by means of the operations indicated in art. 4 n. 2 GDPR and more precisely: collection, registration, organization, storage,
    consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. The personal data of the person of interest shall be processed in both paper and
    electronic and / or automated.
  2. Duration of treatment
    The Holder will process your personal data for as long as necessary to fulfil the purposes of Article 2. with this information and no later than 10 years from the
    termination of the relationship and not over 2 years from the collection of personal
    data for any marketing purposes as per article 2, point 7 of this statement
  3. Access to data
    Your data may be made accessible for the purposes referred to in Article 2:
  • to employees and collaborators of the Data Controller as Data Processors and / or
    Data Processors, as well as to the DPO (Data Protection Officer), if appointed;
  • to third parties (for example: servers, providers for the management and maintenance of the website, suppliers, lenders, professional offices, service co-operatives, etc. ) who carry out outsourcing activities on behalf of the Owner, in their capacity as external controllers, appointed by the owner.
  1. Storage and Data Transfer
    The management and storage of personal data will be carried out on servers located within the European Union of the owner of the site and / or third-party companies appointed and duly appointed as Data Processors. In any case, it is understood that
    the Data Controller, where necessary, will have the right to move the server location
    to the European Union and / or non-EU countries.
  2. Communication of data
    Without express consent (Art. 7 GDPR), the owner of the site can communicate your data for the purposes of art. 2. to Supervisory Bodies, Judicial Authorities and to all the other subjects to whom the communication is mandatory by law for the accomplishment of said purposes.
  3. Rights of the interested party
    Under certain circumstances, by law you have the right to:
    – Request access to your personal data (commonly known as a “data subject access
    request”). This enables you to receive a copy of the personal data we hold about you
    and to check that we are lawfully processing it.
    – Request correction of the personal that we hold about you. This enables you to have
    any incomplete or inaccurate information we hold about you corrected.
    – Request erasure of your personal data. This enables you to ask us to delete or
    remove personal data where there is no good reason for us continuing to process it.
    You also have the right to ask us to delete or remove your personal data where you
    have exercised your right to object to processing (see below).
    – Object to processing of your personal data where we are relying on a legitimate
    interest (or those of a third party) and there is something about your particular
    situation which makes you want to object to processing on this ground. You also have
    the right to object where we are processing your personal information for direct
    marketing purposes.
    – Request the restriction of processing of your personal data. This enables you to ask
    us to suspend the processing of personal data about you, for example if you want us
    to establish its accuracy or the reason for processing it.
    – Request the transfer of your personal data to another party.
  4. How to exercise rights
    If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us or email the Data Protector Officer for the site on administration@celtaflorence.com