PRIVACY NOTICE ON THE PROCESSING OF PERSONAL DATA COLLECTED DURING THE SELECTION PROCESS

The ITS DIGITAL ACADEMY Foundation “Mario Volpato”, with registered office at Via Risorgimento 29, 35027 Noventa Padovana (PD), Italy – Tax Code: 92312760280 (hereinafter referred to as the “Data Controller”), provides this privacy notice to the Data Subject in accordance with European and Italian data protection regulations.

The Data Controller has appointed a Data Protection Officer (DPO), who can be contacted at: dpo@itsdigitalacademy.com.

This notice supplements the website’s privacy policy and explains how the Data Controller processes the data submitted through this contact form. Please also review our privacy policy:
https://itsdigitalacademy.com/privacy-policy/

Purpose and Legal Basis of Processing

The Data Controller processes personal data for the following purposes:

  1. Managing your application to participate in selection procedures for training programs of interest
    (legal basis: pre-contractual measures and legal obligations)
  2. Using your contact details (email address, phone number, postal address) to:
    • conduct surveys and satisfaction questionnaires
    • send information about services
    • share promotions or event invitations

(legal basis: your explicit consent, which can be given or withdrawn at any time by emailing privacy@itsdigitalacademy.com)

  1. Handling potential disputes
    (legal basis: legitimate interest)

Data Retention Period

Your data will be stored according to the following criteria:

  • For purpose (1): for the time necessary to manage your pre-enrollment request
  • For purpose (2): for 24 months from the last communication, regardless of the communication channel
    (you may withdraw consent or object at any time)
  • For purpose (3): for the time necessary to resolve any disputes

Provision of Data and Consequences of Refusal

  • Providing data for purpose (1) is mandatory. Failure to provide it may prevent the Data Controller from processing your application.
  • Providing data for purpose (2) is optional. If not provided, the Data Controller will not carry out those activities, but purposes (1) and (3) will still be fulfilled.

Categories of Recipients

The Data Controller will not publicly disclose your data but may share it with:

  • authorized internal staff, based on their roles
  • members of the Selection Committee appointed by the Data Controller
  • public and private entities, including during inspections or audits

Where necessary, these parties will be formally appointed as Data Processors.

Data Transfers Outside the EU

Your data may be transferred to countries outside the European Economic Area (EEA), for example when working with international partners or using IT services (such as cloud storage or backup systems).

In such cases, transfers will comply with the requirements of Articles 44 and following of EU Regulation 2016/679 (GDPR).

Rights of the Data Subject

You have the right to:

  • access your personal data
  • request correction of inaccurate data
  • request deletion or restriction of processing (when applicable)
  • object to processing based on legitimate interest
  • receive your data in a portable format (where applicable)
  • withdraw your consent at any time (without affecting prior lawful processing)

To exercise your rights, you can use the dedicated form available on the website and send it to:
privacy@itsdigitalacademy.com

You also have the right to lodge a complaint with the competent supervisory authority:
Italian Data Protection Authority (Garante per la protezione dei dati personali)
www.garanteprivacy.it