Privacy Policy

Your data protection is one of our main objectives.

"iCONS - Innovative Consulting Srl" with registered office in Galleria J.F. Kennedy 10/A, Seregno, Postal Code 20831 (hereinafter "iCONS") is constantly committed to protect the privacy of its users. This document will allow you to learn about our privacy policy in order to understand how your personal data is handled when using our services and to enable you to grant your expressed and informed consent to the processing of your personal data in those sections of our Websites that require you to provide personal data. We remind you that, in accordance with Article 13 of EU Regulation 2016/679 (hereinafter "Regulation"), in the various sections of iCONS Websites (in particular www.innovativegroup.eu, www.innovativeconsulting.it, www.innovativelearning.eu, hereinafter "Websites") where we collect your personal data, specific information (privacy notices) is published in order to acknowledge your awareness before the provision of the requested data. Information and data you provide or otherwise obtained as part of the registration to the various services delivered by iCONS (such as registration to online courses or to cloud application services, hereinafter "Services") will be processed in compliance with the provisions of the Regulation and with the confidentiality obligations that inspire the activity of ICONS.
According to the provisions of the Regulation, the data processing carried out by iCONS will be based on the principles of lawfulness, fairness, transparency, purpose and storage limitation, data minimization, accuracy, integrity and confidentiality.

NOTE:
TABLE OF CONTENTS

1. Controller
2. Personal data subject to the processing
a. Browsing data
b. Data provided voluntarily by the user
f. Cookies
3. Purposes of data processing
4. Legal basis and mandatory or optional nature of the processing
5. Recipients of personal data
6. Transfers of personal data
7. Retention of personal data
8. Rights of the data subject
9. Changes

1. Controller

The Controller of the data obtained on the Websites is iCONS as defined above. The Controller is available for any information regarding the processing of personal data of iCONS, including the list of data processors. It is possible to contact the Controller by writing to: [email protected].

2. PERSONAL DATA SUBJECT TO THE PROCESSING

Through the expression "processing of personal data" we mean any operation or set of operations, performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, retention, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or combination, restriction, erasure or destruction.
We inform you that the personal data subject to the processing will be constituted - also depending on your decisions on how to use the Services - by an identifier such as the name, the email address, an identification number, location data, an online identifier, the purchases made, and other data suitable to identify you or make you identifiable, depending on the type of Services requested (hereinafter "Personal data"). In particular, the Personal Data processed through the Websites are the following:

a. Browsing data

During their normal operation, the computer systems and software procedures used to operate the Website acquire certain Personal Data whose transmission is implicit in the use of internet communication protocols. This information is not collected with the intent of associating it with identified users but, by its nature, it could lead to the identification of users through processing and association with data held by third parties. This category of data includes IP addresses or domain names of computers used by persons who connect to the Websites, the URI (Uniform Resource Identifier) of requested resources, the time of request, the method used to submit the request to the server, the size of the file received in reply, the numerical code indicating the status of the reply given by the server (successful, error, etc.) and other parameters regarding the user's operating system and computer environment. This data is used only to obtain anonymous statistical information about the Websites usage and to check its correct functioning, to identify anomalies and/or abuses and it is deleted immediately after processing. The data could be used to ascertain liability in the event of any computer crimes against the Websites or third parties: currently, except for this possibility, data concerning web contacts shall not be kept for more than thirty days, unless differently requested by the user (ex: access to the user's reserved area on the Websites where the services used, the information published, etc. are summerized).

b. Data provided voluntarily by the user
Using particular Services (for example, the purchase of an online course or the subscription to an application), personal data of third parties (eg. the course candidate or the application administrator) that you communicate to the Service manager may be processed . With respect to these assumptions, you become the controller of said data, taking charge of all the legal obligations and liabilities. In the light of the above, you shall provide and give the widest indemnity with respect to any dispute, claim, claim for damages related to the processing of data, etc. that may be addressed to iCONS from third parties whose Personal Data has been processed through his/her use of the Services in violation of the applicable provisions on Personal Data protection. In any case, if you provide or otherwise process Personal Data of third parties while using the Service, you ensure from now - assuming full related liability - that this particular hypothesis of processing of data is based on a proper legal basis (for example, the consent of the user) as provided in Article 6 of the Regulation which legitimises the processing of said data.

c. Cookies
Cookies are small text files that the sites visited by the user send and record on his/her personal computer or any other device, even mobile, to then be re-transmitted to the same sites at the next visit. Thanks to cookies, a site remembers the user's actions and preferences (such as login data, the chosen language, font size, other display settings, etc.) so that they do not have to be re-indicated when the user returns to visit said site or browse from one page to another. Cookies, therefore, are used to perform computer authentication, monitoring sessions and storing information regarding the activities of users accessing a site and may also contain a unique identification code that allows to track the user's navigation within the site for statistical or advertising purposes. When browsing a website, the user may also receive on his/her computer or mobile device, cookies from websites or web servers that are different from the one he/she is visiting (so-called "third-party" cookies). Some operations may not be able to be performed without the use of cookies, which in some cases are therefore technically necessary for the functioning of said site.
There are various types of cookies, depending on their characteristics and functions, and these can remain in the user's computer or mobile device for different periods of time: so-called session cookies, which are automatically deleted when the browser is closed; so-called persistent cookies, which remain on the user's equipment until a predetermined deadline.
According to the legislation in force in Italy, the user's express consent is not always required for the use of cookies. In particular, "technical cookies", namely those used for the sole purpose of transmitting a communication over an electronic communications network, or to the extent strictly necessary to provide a service explicitly requested by the user, do not require such consent. In other words, these are cookies that are essential for the operation of the site or necessary to perform activities requested by the user.
Among the technical cookies, which do not require express consent for their use, the Italian Data Protection Authority (See Measure Identification of simplified procedures for the information and the acquisition of consent for the use of cookies of May 8, 2014, hereinafter referred to as "Measure") also includes:

  • browsing or session cookies (to authenticate the user)
  • "Cookies Analytics", when used directly by the Website manager to gather aggregated information about the number of users and how they visit the website,
  • "Functional Cookies", that allow the user to browse according to a set of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided to the latter.

Except for browsing or session cookies whose loading is mandatory to be able to use the sites, the cookies are loaded only with the prior consent of the user who can always change the loading preferences later.

Please note that, for Google Analytics cookies, IP masking is active and data sharing is disabled. For this reason, according to the Italian Data Protection Authority indication, they are to be fully considered technical and not profiling cookies.

The Websites provide information about active cookies, their classification and they allow to manage loading preferences. When logging in, a warning allowing you to manage settings for cookies appears. Subsequently, the Websites remember the preferences set. These may always be modified on such Websites through the cookie preferences management tool, accessible from the Websites themselves (in particular, from the cookies policy page). Please note that preferences are managed separately for each site of the Websites.

ATTENTION: by disabling technical and/or functional cookies, the Websites may not be available or certain services or certain functions of the Websites may not be available or may not work correctly and you may be forced to change or manually enter some information or preferences each time you visit the Websites.

3. Purpose of the data processing

The processing of data we intend to carry out, upon your specific consent where necessary, has the following purposes:
a. to allow the delivery of the Services you request and the subsequent and autonomous management of your Dashboard, to which you will access by registering and creating your user profile to be able to benefit from the Services. It allows also the collection, storage and the processing of data having the purpose of initiating and subsequently managing the operative, technical and administrative relationship connected to the delivery of the Services, including the communications related to the established relationship;
b. to allow the browsing and cosultation of iCONS Websites;
c. to answer to requests for assistance or information, which we will receive via e-mail, telephone or chat through the "Contact Us" page of our Website. With particular reference to the replies to requests for assistance that come to ICONS via telephone, we inform you that the calls will not be recorded.
d. to fulfill legal, accounting and tax obligations;
e. to conduct direct marketing via e-mail for services similar to those signed by you, unless you have objected to such processing initially or in case of subsequent communications, for the pursuit of the legitimate interest of iCONS to promote products or services to which you can reasonably be interested;
f. to elaborate studies, researches, market analysis; to send you advertising and informative material, commercial information or surveys to improve the service ("customer satisfaction") via e-mail or text message and/or through the use of telephone with an emplyee and/or through the official pages of iCONS on social networks;
g. with reference to certain services only, data may be processed for purposes related to communication to third parties for their marketing purposes; in concrete, to provide information and/or make offers on products, services or initiatives offered or promoted by others business partners;
h. to make personalized business quotations based on the products or services you purchased or you are interested in after browsing our Websites or on the basis of the group of customers you belong to (profiling). This means that, for example, if you are a retailer, you will receive commercial quotations for retailers; if you have browsed our Website looking for information on certain services, you will receive quotations related to these services; finally, if you are using a service, on the basis of your use of the service, you will receive targeted communications from iCONS (for example, if the service capacity is reaching the limit, you will be warned and invited to increase the capacity of the service itself; or you will be proposed complementary and/or compatible services with the one you purchased). This type of analysis is typically carried out on purchase data relating to both natural bodies and legal persons and the related decisions are not based on a solely automated processing. This processing is necessary for the pursuit of the legitimate interest of the Controller to customize its business proposals. 
i. for exclusive security and prevention of fraudulent conducts purposes, the Controller establishes an automatic control system that involves the detection and analysis of users behavior on the website associated with the processing of Personal Data, including the IP address. The consequences of this processing are that if a person attempts to engage in fraudulents conduct on the ICONS website, for example to benefit several times from the same promotion without having the right, iCONS reserves the right to exclude this subject from the promotion or to adopt any another appropriate measure for its protection.

4. Legal basis and mandatory or optional nature of the processing

The legal basis for the processing of Personal Data for the purposes set out in Section 3 (a-b-c) is art. 6 (1) (b) of the Regulation as the processing is necessary and essential for the delivery of the contracted services. The missed provision of Personal Data for these purposes make it impossible to activate the requested Services.
The purpose of section 3 (d) represents a lawful processing of Personal Data pursuant to art. 6 (1) (c) of the Regulation. Once the Personal Data has been provided, the processing may indeed be necessary to comply with the legal obligations to which ICONS is subjected.
The processing of data carried out for marketing purposes described in section 3 (f) and for communication to third parties described in section 3(g) are based on the release of your consent pursuant to art. 6 (1) (a) of the Regulation. The provision of your Personal Data for these purposes is entirely optional and does not affect the use of the Services. The processings set out in section 3 (e), carried out for the purpose of e-mail marketing on products or services similar to those purchased by you, find instead its legal basis under art. 6.1.f of the Regulation, in the legitimate interest of ICONS to promote its products or services in a context in which the interested party can reasonably expect this type of processing. The profiling processing set out in section 3 (h), to which you can oppose at any time, is based on the legitimate interest of the Controller, set out in article 6.1.f. of the Regulation, to customize his commercial communications. The processing set out in section 3 (i) is also based on the legitimate interest of the Controller to detect frauds committed against him, in compliance with art. 6.1.f of the Regulation. You can oppose to the processing of your data in every moment by emailing [email protected]. You can manage your consents for processing of your data for marketing purposes, as set out in sections 3 (f) and 3 (g), directly from the Websites reserved area or by sending a request from here or again through the proposed mechanism in the footer of commercial emails. 

5. Recipients of personal data

Your Personal Data may be shared, for the purposes set out in Section 3 above, with:
a. subjects that typically act as Controllers, that is: i) persons, companies or professional firms that provide assistance and advice to iCONS in accounting, administrative, legal, tax, financial and debt collection with regard to the delivey of the Services; ii) subjects with whom it is necessary to interact for the delivery of the Services (for example the Examination Institute that manage the certification exams), subjects that provide the payment service by credit card, etc. iii) subjects delegated to perform technical maintenance activities (including maintenance of hardware and software infrastructures and electronic communications networks) (collectively "Recipients");
b. subjects, entities or authorities of whom is mandatory to disclose your personal data by virtue of provisions laid down by law or by orders of the authorities (for example, in the course of criminal investigations iCONS may receive requests from the judicial authority to provide log of telematic traffic);
c. persons authorized by iCONS to process Personal Data necessary to perform activities strictly related to the provision of the Services, which are committed to confidentiality or have an appropriate legal obligation of confidentiality, such as iCONS employees;
d. business partners for their own purposes, autonomous and distinct, only if you have given a specific consent. 
The complete list of Controllers is available by sending a written request from here.

6. Transfers of personal data

Some of your Personal Data are shared with Recipients that could be found outside the European Economic Area for technical support purposes. ICONS ensures that the processing of your Personal Data by these Recipients takes place in compliance with the Regulation. Indeed, transfers can be based on an adequacy decision or on the Standard Contractual Clauses approved by the European Commission. Further information is available from the Controller.

7. Retention of personal data

Personal Data processed for the purposes set out in section 3 (a-b-c) will be kept for the time strictly necessary to achieve those same purposes. In any event, being these processings conducted for the delivery of Services, iCONS will process Personal Data up to the time allowed by the Italian law to protect its interests (Article 2946 of the Italian Civil Code).
Personal Data processed for the purposes set out in Section 3 (d) will be kept until the time set out by the specific obligation or applicable law. By way of example, as already specified, traffic data will be kept for justice purposes for six years from their generation; otherwise, they will be kept for six months.
For the purposes set out in section 3 (e) (f), your Personal Data will be instead processed until your consent is revoked or up to three years after you have ceased to be a customer of iCONS or in case you have simply registered on the Website without making any purchase of products or services. It is therefore subject to the possibility for iCONS to keep your Personal Data until the time allowed by Italian law to protect its own interests (Art. 2947 (1) (3) cc). Further information about the data retention period and the criteria used to determine this period can be requested by writing to the Controller.

8. Rights of the data subject

At any time, you have the right to ask iCONS to access your Personal Data, to rectificate or cancel them or to oppose to their processing in the cases provided by Article 20 of the Regulation. You have the right to request the limitation of the processing in the cases provided by the art. 18 of the Regulation and to obtain your data(portability) in a structured and of common use format and in a format readable by automatic devices, as provided by art. 20 of the Regulation.

Article 20 of the Regulation introduces the right to data portability, which allows you to receive the personal data you have provided on iCONS in a structured, commonly used and mechanically readable format and to transmit them to a different Controller.

All requests must be sent in writing from [email protected].

In any case, you are always entitled to lodge a complaint with the competent supervisory authority (Guarantor for the Protection of Personal Data), under art. 77 of the Regulation, if you consider that the processing of your data violates the applicable law.

9. Changes

This Privacy Policy is effective as of 20th August 2018. iCONS reserves the right to modify or simply update its content, wholly or partially, also due to changes in the applicable law. If the changes related to this Policy involve substantial changes in the processing of data or produce a significant impact on the data subjects, iCONS will take care to notify them to these subjects.