Contact forms privacy
the legislation on Privacy (in particular the EU Regulation 2016/679, the “General Data Protection Regulation” – known by the English acronym “GDPR”) requires us to provide you with the following information on the data processing of your Personal Data, pursuant to art. 13 of the GDPR.
The “Processing of Personal Data”, in simple terms, is any operation concerning any “information relating to an identified or identifiable natural person”. By way of example, name and surname, or an e-mail address with a “username” that identifies you (e.g. mariorossi@….), is considered “Personal Data”; the act of collection and registration, as well as the communication to other subjects and the cancellation, is considered “Data Processing”.
Our Company is defined as the “Data Controller”, because it establishes how and for what purposes to process information relating to natural persons; Company employees are bound to respect the privacy legislation.
You, as the “natural person to whom the Personal Data refer”, are defined as the “Interested”.
In the text below we answer your questions about who we are, how, why and for how long we process personal data, as well as your rights and obligations in this regard.
|Who are you?||Shield Higher Education Ltd, Company Registration Number C-102836, VAT MT29530419, with registered offices in Level 5, Carolina Court, Giuseppe Cali Street, Ta’Xbiex, XBX 1425, Malta|
|What data do you process?||The common personal data collected in the form (e.g. name and surname, telephone number, e-mail address) and the type of user (student, parent, other), and other types of information.|
|What is the origin of the data?||The data is provided directly by you by filling in the form|
|For what purpose do you process the data (purpose) and what authorizes you to process them (legal basis)?||We process personal data for the following purposes:
1) to satisfy your requests regarding the Company and its services;
2) set up a follow-up call with one of our representatives.
In these cases, the data processing is based on the need to fulfill pre-contractual measures adopted at your request – art. 6 § 1.b GDPR.
1) allow you to download the brochure relating to our services, on the basis of our legitimate interest (art. 6.1.f GDPR) to convey training and information content useful for any subsequent contacts;
2) Marketing, consisting of: sending of advertising material, commercial communication, contents for direct sales, carrying out market research, administration of satisfaction questionnaires, recall campaigns (“Direct Marketing” purposes) concerning issues related to education, also through the Newsletter, on the basis of our legitimate interest (art. 6.1.f GDPR) to consolidate the commercial relationship with you.
3) Fulfill the obligations established by the Applicable Regulations and/or orders given by Authorities, on the basis of the need to fulfill legal obligations (Article 6 § 1.c GDPR);
4) ascertain, exercise and/or defend a right in the competent offices, on the basis of our legitimate interest in defending our right against the interested party (art. 6 § 1.f GDPR).
|Do you share data with anyone?||To the minimum extent necessary for the achievement of each of the Purposes, on one of the assumptions of legitimacy described above and on the basis of the applicable legislation and/or a contractual agreement with the Data Controller, we will communicate or we may communicate the data to:
a) subjects necessary for the execution of the activities connected and consequent to the provision of the site and the services requested (e.g. IT service providers), who act as Data Processors;
b) internal personnel authorized by us, committed to confidentiality or subject to a legal obligation of confidentiality;
c) organizations and Authorities, if and within the limits in which this is required by the applicable legislation or by their orders, or for the exercise, assessment and/or defense of a right in court.
|Is the data transferred outside the European Union?||Yes, as follows.
1) The Company’s site is located on servers hosted on S3 servers of Amazon Web Services EMEA sarl (“AWS Europe”) based in Paris, specifically in the “Ireland (Dublin) eu-west-1” sub-zone. AWS Europe is a Luxembourg company, controlled by Amazon Web Services Inc., a US company based in Seattle (WA); any transfer of Personal Data in the context of the AWS services is carried out on the basis of the Standard Contractual Clauses – pursuant to art. 46 § 3 of the GDPR; for more information see https://aws.amazon.com/it/compliance/data-privacy-faq/.
2) to manage customer relationships we use Zoho’s “CRM” (Customer Relationship Manager), managed by Zoho Corporation BV (Beneluxlaan 4B, 3527 HT Utrecht, The Netherlands), controlled by https://www.zoho.com/privacy /zoho-group.html and https://www.zoho.com/legal/zoho-contracting-entities.html; any transfer of Personal Data in the context of the services is carried out on the basis of the Standard Contractual Clauses – pursuant to art. 46 § 3 of the GDPR; see https://www.zoho.com/crm/gdpr/.
In any case, we ensure that the transfer of Personal Data outside the European Union takes place only to countries that guarantee an adequate level of protection, for which there is an adequacy decision by the European Commission, or on the basis of one of the other guarantees provided for by chapter V of the GDPR.
|How long do you keep the data?||The maximum storage time for the Personal Data collected through the form will not exceed two years, unless you ask us to delete them beforehand or the applicable legislation requires us to keep them for a longer period or allows it to protect our rights and/or legitimate interests.
We process the Data for ancillary purposes until you object to the data processing (initially or subsequently).
|Am I obliged to provide data?||For the purposes referred to in nos. A.1 and A.2, you are not obliged to communicate them, but in this case we will not be able to fulfill your requests.
For accessory purposes (B) refusal to provide data is not envisaged but it is possible to object the data processing directly against the Company, as indicated in the “rights” (see below).
if I don’t?
|If you refuse to do so for the purposes referred to in nos. A.1 and A.2, we will not be able to satisfy your requests.
If the refusal is in relation to accessory purposes, the only consequence is that we will not be able to send you the brochure or contact you for marketing communications.
In any case, the refusal to provide data for other purposes is not foreseen.
|What rights do I have?||You have the right to:
a) access your data in our possession, and request a copy, except where the exercise of the right harms the rights and freedoms of other natural persons;
b) request the rectification of any incomplete or inaccurate data;
c) request the deletion of data, subject to the exclusions or limitations established by the Applicable Regulations (e.g. by art. 17 § 3 GDPR);
d) request the limitation of data processing, where the conditions are met and subject to the exclusions established by art. 18 § 2 GDPR;
e) request data portability (i.e. receive them in a structured format, commonly used and readable by an automatic device, in order to be able to transmit them to another Data Controller without impediments), to the extent that the Data Processing is based on consent or on the need to execute a contract where technically possible and except where the exercise of the right harms the rights and freedoms of other natural persons;
f) lodge a complaint with the Data Protection Authority of your country, or of the place where the alleged violation occurred.
Right to objection
You can object to the data processing based on legitimate interest for the ancillary purposes (B), upon simple request, even initially, or for reasons connected to your particular situation (e.g. damage to honor, reputation, decency), save the demonstration by the Data Controller of a binding and prevailing legitimate interest pursuant to art. 21.1 GDPR, and unless the data processing is necessary for the assessment, exercise or defense of a right in court, by sending an email to firstname.lastname@example.org.
|Who can I contact for questions or to exercise my rights?||You can contact us at the following email address: email@example.com|
Shield Higher Education Ltd does not intentionally collect personal information relating to individuals under the age of fourteen. In the event that information on minors of this age is recorded, Shield Higher Education Ltd will delete it in a timely manner, at the request of the interested party or of those who exercise parental authority over it.
Check our Modern Computer Science courses
- EU accredited
- Fully remote
- Fully remote