1.About this Notice
Please take the time to read this notice carefully.
The Italian Chamber of Commerce and Industry UK (the Chamber) recognises that protecting Personal Data, including special categories of data (sometimes referred to as sensitive Personal Data), is very important to you.
We have published this document to clearly outline, in a transparent way, how we will collect, use, store, protect and retain your Personal Data.
2. Definitions
Data Protection Laws means (i) any applicable legislation in force from time to time which implement European Community Directive 95/46/EC and Directive 2002/58/EC and (ii) the General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) and any applicable legislation in force from time to time which implement the GDPR and any amendments, revisions or replacement in respect of the foregoing, including the Data Protection Act 2018 and the UK GDPR;
“Personal Data”, “Data Subject”, “Processing”, “Data Controller”, Supervisory Authority and “Data Processing” shall have the same meaning ascribed to them under applicable Data Protection Laws.
3. Data Controller
For the purposes of Data Protection Laws, the Chamber is the Data Controller for Personal Data in scope of this notice.
Identity of the Data Controller
The Italian Chamber of Commerce in UK
1 Princes St,
Mayfair,
London W1B 2AY
Tel: +44 (0)20 74958191
VAT Number: 510352988.
4. Data Protection Officer
The Chamber has not appointed a Data Protection Officer but has a data protection team that can be contacted in relation to any data protection queries. The privacy team can be contacted at: privacy@italchamind.org.uk
5. Personal Data We Collect (What, How, Why)
Save for employee (including interns) related data processing, the Chamber does not process special categories of data.
The Chamber may collect and process the following data about you:
- When you become a member
- When you contact us using one of our online forms
- When you sign up for our email newsletters
- When you engage with us on social media
- When you contact us by any means with queries, complaints, etc
- When you register or attend one of our meeting or hosted events
- When you apply or participate in our Masters programmes
Categories of Data
- Individuals
- Identification Data including
- name, address, contact details, date of birth
- Financial Data
- IBAN
- Billing Address
- Employment and Recruitment Details
- CVs
- Other information related to work employees during the course of employment e.g. HR file
- Electronic data
- Email address
- Travel Arrangements and Bookings Information
- Destination
- Accommodation
- Passport Information
- Businesses
- Company/Details of Business
- including business type, address, business history, contact details
- Owners/Director’s and Employee Personal Details: including, names address, contact details, date of birth,
- Electronic data: Email address and IP address
Source of Data
- Chamber Members
- Enquiries relating to prospective membership
- Membership forms (electronic and paper)
- Emails
- Other correspondences including letters
- Business Cards
- Chamber Newsletter Subscribers
- Website registration
- Job Applicants
- Employees
- Master Students
- Enquiries
- Applications
- Enrolment
- Chamber Hosted and Other Events
- Business Cards
- Forms
- Day to Day Business Administration Activities
- Contracting with service suppliers to the Chamber
- Communicating and meeting with UK Buyers and Italian businesses, professionals, and organisations
6. Who do We Share Personal Data With?
For the ongoing management of our business and for business operation, we may share your data with the following recipients:
- IT companies who support our website and business applications
- Other Chambers of Commerce , trade organisations and similar institutions
- Event Organisers
- Travel Agents
- Hotels
- Airlines
- Government and State Agencies
- Service Suppliers
7. Lawful Basis for Processing Personal Data
Members:
- Consent
- Necessary for the Performance of a Contract
- Legitimate Interest
Employees
- Consent
- Necessary for the Performance of a Contract
- Legal Obligation
Website Visitors
- Consent
UK and Italian businesses, professionals, and organisations
- Consent
- Necessary for the Performance of a Contract
- Legitimate Interest
Note: You have the right to withdraw your consent at any time for any processing activities that you have consented to.
Marketing Consent
In certain situations, we may obtain, collect, and process your Personal Data to send you marketing communications. We will only send you such materials if you have consented and in accordance with your preferences for receiving marketing communications. You may withdraw your consent at any time by contacting us at privacy@italchamind.org.uk .
8. Your Data Protection Rights
You have data rights which allow you to address any concerns or queries regarding the processing of your Personal Data. Please contact us if you have any queries in relation to your rights.
You have the following rights (subject to limitations depending on the processing).
- Access
- Rectification
- Erasure
- Restriction
- Objection
- Portability
We will respond to your request within 1 (one) month of receipt of your request.
All your rights may be exercised freely and at no cost.
Please contact privacy@italchamind.org.uk
9. Enforcing Your Data Protection Rights
If you feel that the processing of your Personal Data is not in line with our data protection obligations, you can complain to a Data Protection Supervisory Authority. The Chamber is registered as a Data Controller with the Information Commissioners Office (ICO).
Information Commissioner’s Office,
Wycliffe House,
Water Lane,
Wilmslow,
Cheshire SK9 5AF,
UK
+44 0303 123 1113
10. Security of Processing
We have implemented technical and organisational measures to ensure the security of your personal data. This includes technical measures such as encrypting data in transit and at rest, anti-virus, access controls and firewalls. We also require our vendors to implement robust security measures to ensure the safety of personal data.
11. Data Retention
The Chamber will only retain your Personal Data for as long as necessary and in accordance with our retention policy.
Member details will generally be retained for 18 months post account inactivity.
Employee details will be retained as long as is necessary under Employment Law and other related acts (Taxes, Companies etc.)
Marketing contacts can be erased upon request from individuals.
12. Brexit and International Transfer of Personal Data
Personal Data is primarily processed within the EU/EEA. Where personal data is transferred outside of the EU to Data Processors, we will implement data processing agreements and standard contractual clauses to safeguard data protection rights. Currently, data transfers between the UK and the EU are covered under the GDPR and the transition arrangement between the two parties. Depending on the outcome of the UK withdrawal negotiations, the UK and the EU may not share the same data protection regime. In the event of no data protection agreements between the UK and the EU, we will implement appropriate safeguards, such as standard contractual clauses for data transfers.
13. Changes to this Notice
We may change and update this notice from time to time, in whole or in part, at our sole discretion or to fulfil a legal obligation. We encourage you to check our website periodically to view the most recent version of this statement.
If, at any time, we decide to use your Personal Data for a purpose that is different from the original purpose of collecting it, you will be advised of this change.