Register now

Privacy Notice pursuant to Article 13 of EU Regulation 2016/679 (GDPR) and Consent

Pursuant to Article 13 of Regulation (EU) 2016/679 (“GDPR”), we hereby provide you with the following information.

Joint Data Controllers

The Joint Data Controllers are Leonardo – Educazione Formazione Lavoro, with registered office in Rome, Via Parigi no. 11, and United Network Europa, with registered office in Rome, Via Parigi no. 11.

An updated list of Data Processors can be requested from the Joint Data Controllers by writing to: info@unitednetwork.it.

Activities and Types of Data Processed

The Companies process personal data provided by the User in connection with training activities and tour operator services in Italy and abroad.

The data processed may include:

• Data relating to the parent or legal guardian: first and last name, gender, tax code, date, place and province of birth, residential address, postal code and province, email address, phone number, certified ISEE bracket, any additional data provided for Financial Aid requests, bank details or other payment identifiers.
• Data relating to the minor or traveling student: first and last name, gender, tax code, date, place and province of birth, disability status (if applicable), travel document details, citizenship.
• Any health-related information or other information necessary for travel organization.

Purposes and Methods of Data Processing

Personal data, including images contained in photographs and videos taken during public events and training activities, are processed for the following purposes:

1. purposes strictly related to participation in the selected training programs;
2. informational, promotional and marketing activities, including the sending of promotional material regarding our services and those of affiliated entities;
3. publication on United Network Europa’s social media and digital channels, including Instagram, Facebook, Twitter/X and YouTube;
4. data storage and archiving.

Data processing is carried out using electronic, telematic and/or paper-based tools, in accordance with appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of personal data.

Legal Basis for Processing

Personal data are processed lawfully and exclusively for the purposes indicated above, based on Article 6(1)(a) and (b) of Regulation (EU) 2016/679.

Consequences of Failure to Provide Personal Data

Failure to provide personal data prevents the establishment of a contractual relationship and the delivery of the requested services.

Data Retention

Personal data will be retained for no longer than necessary to achieve the purposes for which they were collected and processed.

Data may also be retained for a longer period:

1. as required by applicable laws and regulations;
2. in accordance with legal obligations, including tax and accounting requirements;
3. for the time necessary to protect the rights of the Data Controllers in case of disputes.

Personal data processed for profiling purposes will be retained for a maximum period of ten (10) years, after which they will be deleted or permanently anonymized.

Data Disclosure

The collected data will be accessible only to authorized personnel, employees, collaborators and appointed Data Processors.

Data may be disclosed to:

1. individuals, companies or professional firms providing IT, accounting, administrative, legal or logistical support;
2. entities, authorities or bodies to whom disclosure is required by law or by official order.

Data will not be publicly disclosed, except where required for the purposes stated above and based on an appropriate legal basis.

Transfer of Data to Third Countries

Personal data may be transferred outside the European Union. In such cases, appropriate safeguards will be adopted, including adequacy decisions and Standard Contractual Clauses approved by the European Commission.

Data Subject Rights

The data subject has the right to:

• request access to their personal data and related information;
• request rectification of inaccurate data or completion of incomplete data;
• request erasure of personal data;
• request restriction of processing;
• receive personal data in a structured, commonly used and machine-readable format, and transmit them to another controller;
• object to processing where applicable;
• withdraw consent at any time, where processing is based on consent, without affecting the lawfulness of prior processing;
• lodge a complaint with the Data Protection Authority.

How to Exercise Your Rights

For any questions regarding the processing of personal data or to exercise your rights, you may contact the Joint Data Controllers at: info@unitednetwork.it.

You also have the right to lodge a complaint with the competent supervisory authority: www.garanteprivacy.it.