European School of Economics

ESE Privacy policy

General Data Protection Regulation n. 679/2016 (hereinafter referred to as the “Regulation” or “GDPR”), with reference to use of the data subject’s personal data (hereinafter referred to as “Data”) provides for the protection of individuals with regard to the processing of personal data as a fundamental right.

This Privacy Policy covers the information collected by European School of Economics when you use our services or websites, or otherwise interact with us unless a different policy is displayed. European School of Economics, ESE, we and us refer to European School of Economics Italy LTD as Controller and any of our corporate affiliates that may have been appointed as Processors.

The types of information we collect

We may collect the following types of personal data about you:

your name, and contact information such as address, email address, mobile and telephone number, as well as your date and place of birth, tax identification number and your passport number or national identity card details, country of domicile and your nationality, as well as your bank data or the data related to the companies or firm where you work;
Information related to your education, position within the companies or firm where you work and other related professional information;
Data related to your geographical position limited to the ESE buildings or urban campus;
Data necessary for the subscription to the initiatives promoted by ESE, for the attendance to related events and to benefit from all the services provided such initiatives;
Contact Information you input in open text fields in help/contact us forms of our websites
Information passively collected during your visit to our websites that may include navigational data (like log files, cookies and other clickstream data – you can find more information about cookies reading our Cookie Policy) and device information (like IP address, hardware model, operating system version, unique device identifiers, and mobile network information).

Modality of the Treatment

The personal data are processed either in paper or electronic format. In the latter case, automatic instruments will be used. The Data will be kept strictly for the time and scope for which they were collected. Specific security measures are adopted for preventing data breaches, illicit or non-correct uses and non-authorised accesses

Purposes and Processing Data

Data will be processed for the following purposes:

for the supply of goods and services;
for management of academic and formative initiatives with ESE’s partner companies, including job placement, internships and any other related formative activity;
for the supply of research services, including research activities and formative products;
for the support of ESE activities;
under your consent, for the circulation of periodical publications and events to support ESE activities in any manner, and in both printed and electronic format to the email address you provide to us; other editorial/digital/paper activities for communication/promotion purposes of ESE requiring the use of images carried out on ESE campus, that might consist of the publication in social networks;
for security and internal organization purposes. Moreover, on the same grounds, Data collected may be used for research and statistical purposes on an anonymous and aggregate basis;
for the subscription to the ESE initiatives, the attendance to the related events and to benefit from all the services provided by such initiatives;
to meet logistic needs, we might process geo-localization data, to ensure more efficiency and to ensure safety;
for the compliance with contractual and legal obligations. Note also that ESE may pass some of your data to other organizations if necessary for the detection or prevention of crime or if it is required by law.

Sharing of Personal Information

Data may be accessed employees of ESE and those required by Law or for carrying out of the university career, that have the need in order to perform duties, as well as other entities providing services to ESE, who ESE has specifically nominated as responsible or qualified for the processing of the Data of such subjects, in relation to their duties, shall have access to the pertinent Data. The access of data is always linked to the purposes pointed out previously.

In addition, the Data subject’s data may be communicated to:

public entities both national and international such as Ministries and Public Administration Offices, in relation to the performance of the institutional tasks of ESE including those related to procedures for issuing the permit to stay;
bank institutes under the scope of the contract with the data subject;
public and private bodies to demonstrate the previous experience and skills and field of excellence of ESE and of its professors and researchers;
natural persons or legal entities, external bodies and associations, including public, professional studios and companies (also outside of the Republic of Italy / United Kingdom), for the scope of the contract with the data subject and legitimate ESE interests;
close relatives in the case where it could be necessary to inform them and provide them with urgent communications;
international entities, in relation to the participation in international programs activities when the destination country complies with the adequacy principle of the GDPR.

Granting of Data

The following Data will not be subject to your consent: Data processed for security and internal organization purposes; Data for the fruition of requested and subscribed goods and services and Data processing for the compliance of legal obligations. Data that is being processed upon your consent might not be needed necessarily but will be significant for us in order to provide some services for your interest.

The basis for processing your information and how we use it

We may process your personal data because:

it is necessary for the performance of a contract or a collaboration agreement with your company;
it is necessary to provide or receive the goods and services contained in the contract, as well as other ancillary activities;
it is necessary for the performance of our tasks carried out in the public interest as an academic institution;
it is necessary for our or a third party’s legitimate interests, including security and internal organisation measures and institutional communications;
your consent has been given;
it is necessary to comply with a legal obligation.

International Data Transfers

Some of the personal data we process about you will be transferred to and stored at a destination outside the European Economic Area (“EEA”), for example where it is processed by staff operating outside the EEA who work for us or for one of our suppliers or our partner, or where personal data is processed by one of our suppliers which are based outside the EEA or who use storage facilities outside of the EEA.

In these circumstances, your personal data will only be transferred on one of the following bases:

where the transfer is subject to one or more of the “appropriate safeguards” for international transfers prescribed by applicable law (e.g. standard data protection clauses adopted by the European Commission);
a European Commission decision provides that the country or territory to which the transfer is made ensures an adequate level of protection; or
there is another situation where the transfer is permitted under applicable law (e.g. where we have your explicit consent).

Data Subject´s Rights

Data subjects have the following rights:

to require correcting the personal data we hold about you if it is incorrect;
to require erasing your personal data;
to require restricting our data processing activities (and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal);
to receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller;
to object, on grounds related to your particular situation, to any of our particular processing activities where you feel this has a disproportionate impact on your rights.

Please note that the above rights are not absolute and we may be entitled to refuse requests where exceptions apply.

If you have given your consent and you wish to withdraw it, please contact the responsible using the contact details set out below. Please note that where our processing of your personal data relies on your consent and where you then withdraw that consent, we may not be able to provide all or some aspects of our services to you and/or it may affect the provision of those services.

Contact us

If you have any queries about this privacy notice or how we process your personal data, you can contact us at the following e-mail address: privacy@uniese.it

Cookie	Duration	Description
AWSALBCORS	7 days	For continued stickiness support with CORS use cases after the Chromium update, we are creating additional stickiness cookies for each of these duration-based stickiness features named AWSALBCORS (ALB).
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	First-party	This cookie name is associated with Google Universal Analytics - which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports.
_ga_33F7BZR9D9	2 years	This cookie is used by Google Analytics to persist session state.
_gat_UA-130481048-1	1 minute	This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It is a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
_gid	1 day	This cookie is set by Google Analytics. It stores and update a unique value for each page visited and is used to count and track pageviews.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	6 months	This cookie is set by Youtube to keep track of user preferences for Youtube videos embedded in sites;it can also determine whether the website visitor is using the new or old version of the Youtube interface.
YSC	Session	This cookie is set by YouTube to track views of embedded videos.