Privacy Policy

1.1 Class: these are the classes organized by University or by Partner of the University.

1.2 Data Controller: natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data referred to article 4 of the GDPR.

1.3 Data Subject: an identified or identifiable natural person whose Personal Data are processed pursuant to this Policy (i.e. Users and Partner).

1.4 General Conditions: the general conditions of the Services provided by University.

1.5 Form: the form uploaded on the Platform through which data Subject interact on the Platform.

1.6 GDPR: UE Regulation N. 2016/679 of April 27th, 2016.

1,7 Partner: these are project or commercial partner of the University.

1,8 Personal Data: any information relating to an individual, identified or identifiable, directly and indirectly, by reference to their name, identification number, location data, online identifier or elements characteristic of their physical, physiological, genetic, psychic, economic, cultural or social.

1.9 Policy: this document on the Profiling of Personal Data performed by Data Controller.

1.10 Platform: the online platform “Federica Web Learning”.

1.11 Processing: any operation or set of operations concerning Personal Data, such as, by way of example, the collection, organization, structuring, preservation, modification, extraction, consultation, use, communication, interconnection, limitation, cancellation and destruction.

1.12 Profile: the profile created by Users on Platform for the Registration.

1.13 Registration: creation of a Profile with compilation of Form and/or with link to Social Profile.

1.14 Sevices: the services offered by University to the User through la Platform, as defined in the General Conditions.

1.15 Social Profile: the Google, Facebook o Linkedin profiles of the Users with wich the Users do the Registration on Platform.

1.16 Users: user of the Platform.

2.1 Data Controller
The Data Controller is University degli Studi di Napoli Federico II, with registered office in Corso Umberto I n.40, 80138 – Naples,
represented by the Rettore pro tempore and the General Director, in relation to the specific provisions and to the Bylaws (“University”).

2.2 Data Processor
The Data processor is available at following (Contatti).

2.3 Place of the Processing
The Personal Data collects via Platform are perserved on server located in Irland.

2.4 Request of the Data Subject
Any request of the User concerning the Processing of Personal Data performed by University regarding their Personal Data (including the exercise of the rights referred to in paragraph 8 below), shall be addressed to Personal Data by registered letter at the legal office, or by e-mail to the following address: support@federica.eu.

University collects and uses User’s Personal Data for the following purposes:

a) Allowing to the Users to create a Personal Account and to use of the Services: the Profiling of Personal Data for the purpose referred to in letter a) is necessary for the creation of Personal Account and, consequently, to use the Services by the User, any refusal prevents the User from using Services described in General Conditions. This Processing is based on the General Conditions signed by the Users.

b) Sending of communication (e.g. newsletter, promotional communication) and invitation to the Classes to the Users: the Profiling of Personal Data for the purpose referred to in letter b) is optional and any refusal prevents the User from receiving communication related to University, Platform and/or Services, or invitations to the Classes. This Processing is based on the legitimate interest of University, constituted by the benefit that University can obtain from the sending of the communications, concerning the University, Platform and/or Services and/or invitations to the Classes in line with the interests expressed by User that University considers prevailing respect to confidentiality law of the Data Subjects. The right of opposition to this Processing (if possible) can be exercised at any time by following the indications in point 8 letter f) of this Policy. 

c) Managing the contact requests received by Users via e-mail: the Profiling of Personal Data for the purpose referred to in letter c) is necessary for the management of contact request sent by the User. This Processing is based on the legitimate interest of University, constituted by the benefit that University to manage the contact request that University considers prevailing respect to confidentiality law of the Data Subjects. The right of opposition to this Processing (if there are the conditions) can be exercised at any time by following the indications in point 8 letter f) of this Policy. 

d) Managing the information and contact request by Partner Users and Partner not Users via Form: the Profiling of Personal Data for the purpose referred to in letter d) is necessary for the management of contact request sent by the Partner User and Partner not User. This Processing is based on the legitimate interest of University, constituted by the benefit that University to manage the contact request that University considers prevailing respect to confidentiality law of the Data Subjects. The right of opposition to this Processing (if there are the conditions) can be exercised at any time by following the indications in point 8 letter f) of this Policy. 

e) Performing statistical analysis, market researches, improving the delivery of Services and the use of the Platform. Where possible, for this purpose we use anonymous Personal Data (Personal Data does not identified or are identifiable the Users): the Profiling of Personal Data for the purpose referred to in letter e) is optional and any refusal prevents the User to use the Service in line with his preferences, without prejudice for receiving the Services. This Processing is based on the legitimate interest of University, constituted by the benefit the University can obtain from the offer of Services in line with the preferences of the Users manifested during his browsing on the Platform and the use of the Services that University considers prevailing respect to confidentiality law of the Users. The right of opposition to this Processing (if possible) can be exercised at any time by following the indications in point 8 letter f) of this Policy.

University collects Personal Data in the following ways:

a) Personal Data entered into the Platform by Users: these are Personal Data provided, included, but not limited to, for the registration on the Platform and use the Services;

b) Personal Data expressly communicated by the Users to University: these are Personal Data provided, by way of example, to the University help desk service (in case of contact request) or collects during the Class and/or events organized by University;

c) Personal Data of the Users communicated by Partner: these are Personal Data communicated to University directly by Partner

Personal Data are processed by University and/or third parties, selected for reliability and competence, and to which such Personal Data may be disclosed, if necessary or appropriate. In particular, University informs Users that Personal Data may be processed by, and/or communicated to:

a) employees and/or collaborators of University;
b)Partner of University;
c) companies of the same University corporate group;
d) third parties’ suppliers of services necessary to guarantee the functioning of the Platform (by way of example: a company that deals with hosting services);
e) third parties’ suppliers of services necessary to guarantee the performance of the Services (by way of example, payment processor);
f) third parties that provide consulting and analysis services (e.g. tax consultant);
g) third parties that provide analysis services of browsing data on the Platform and/or providing automatic services for sending newsletters.

Personal Data are kept by University for the terms strictly necessary to achieve the purposes for which they were collected, as indicated in previous point 3. Without prejudice to exercise the right to withdraw at the following point 8 letter a) or to object referred to point 8 letter f), University retains Personal Data for the following retention periods:

a) Personal Data for creation of a personal account and use the Services: for the purpose referred to in section 3 letter a), for the length set forth in the General Conditions and for an additional period of 5 years, without prejudice to section 6 letter d);

b) Persona Data for communications and invitations to Classes to the Users: for the purpose referred to in section 3 letter b), for a period of 24 months from the last interaction of the User with the Platform, suitable to show an interest for the Services and/or Classes; 

c) Personal Data for managing the contact request by Users and Partner Users/Partner not Users: for the purpose referred to in point 3 letters c) and d), for a period of 6 months from the receipt of the contact request sent by the User by filling in the designated form on the Platform. By way of exception from this deadline, in case of a complaint or a claim being sent by e-mail to the address support@federica.eu, the User's Personal Data will be kept for the period referred to in letter d) below; 

d) in any case, University is authorized to keep, in whole or in part, Personal Data for a maximum period of 10 years from their collection (or for a longer period of the potential litigation, where applicable), limited to the information necessary to comply with legal obligations and allowing University itself to investigate, exercise and defend, where applicable, its own rights.

Once the above terms have expired, University will automatically delete the Personal Data collected, or irreversibly transform them into anonymous data.

The Personal Data collects by University for the purpose referred to point 3 of this Policy, are submitted by University, pursuant to Articles 44 and following of GDPR, in accordance of appropriate safeguards to ensure the protection of Personal Data, to:

a) ActiveCampaign (ActiveCampaign Inc.) is a management service of Users database, with registered office in 1 North Dearborn Street, 5th floor Chicago, IL 60602, in accordance of adherence to agreement between United States and European Union called “Privacy Shield” (pending of the clarifications by the Competent Authorities ).

More information about the safeguards adopted may be required to the University.

Pursuant to and for the purposes of the GDPR, for the period of time specified in section 6 of this Policy, each User has the right to:

a) withdraw the consent at any time, without prejudice to the lawfulness of the Processing, by sending an email to the University or by opting out from the commercial communications of Mobil Service (see Article 7 of the GDPR);

b) ask University to access to Personal Data and information regarding the Processing, and to any copy in electronic format, unless otherwise specified by the User (see Article 15 of the GDPR);

c) request the correction and/or integration of Personal Data, without undue delay (see Article 16 of the GDPR);

d) for specific reasons (for example, unlawful processing, withdrawal of consent, non-existence of the purpose of the Processing), request cancellation of Personal Data, without unjustified delay (see Article 17 of the GDPR);

e) with reference to specific cases (for example, inaccuracy of Personal Data, unlawful Processing, exercise of a right in court), request the limitation of Processing (see Article 18 of the GDPR);

f) with reference to the Processing referred to in point 3 letters b), c), d) e e) object at any time to Processing of Personal Data (where Personal Data are not used in anonymous form), by sending an email to the University (see Article 21 of the GDPR);

g) in case of automated Processing, receive Personal Data in a readable format, in order to allow their communication to a third party, or, where technically feasible, to request the transmission of Personal Data by University directly to such third party (so-called portability of Personal Data - see Article 20 of the GDPR);

h) be informed by University without undue delay of any violations or unauthorized access by third parties to their systems containing Personal Data (so-called data breach - see Article 34 of the GDPR);

i) propose a complaint to the supervisory authority of the EU country in which the User resides, works, or in which they believe the violation of their rights has occurred (see Article 77 of the GDPR).

For further information on the terms and conditions for the exercise of the rights granted to the User, the latter may consult the text of the GDPR published at the following link: http://eur-lex.europa.eu/legal-content/IT/TXT/PDF/?uri=CELEX:32016R0679&from=IT, or contact University in the forms provided for by section 2 of this Policy.

The request cancellation or any request of the Data Subject referred of this point shall be sent to by e-mail to the following address: support@federica.eu.