Privacy Data Protection Policy
"MIP BUSINESS GAME"
pursuant to Regulation (EU) n. 679 of 27/04/2016 of the European Parliament and of the Council
The non-profit association SEA – Student Events Association (“SEA”) informs that, pursuant to art. 13 of the General European Regulation on Data Protection, n. 2016/679 (“Regulation” or “GDPR”), Legislative Decree 196/03 and subsequent amendments and additions, the personal data provided by interested parties in relation to the Event will be processed in accordance with the provisions of the Privacy Code and the Regulation, for the purposes set out in point 4 below.
1. Source of data
The personal data object of the processing are collected directly from the interested subject
This Policy applies to all those who will register to the MIP Business Game website.
In the following text, the subjects indicated above are indicated as “interested parties” in the processing of personal data.
3. Types of data processed
The data to be processed will be: personal data (personal details and contact details) and curriculum vitae attached during the registration process.
In relation to navigation data, please refer to the cookie information on the website available at https://mipbusinessgame.com/cookie-policy/.
4. Purpose, legal basis of the Processing and data retention period
The personal data collected at the website www.mipbusinessgame.com will be processed for the purposes listed below:
- Application for the “MIP Business Game” Event
- Management and organization of the “MIP Business Game” Event
- Statistical analysis
- Communication and advertising of the Event “MIP Business Game” and its future editions through the use of images and video clips collected during the event
- Sending the CV of the interested parties selected to attend the “MIP Business Game” Event to partner companies of the Event.
- Each interested party will always have the right to request to do not share his/her data with partner companies by sending an official written request to the email address email@example.com. The decision to do not share the resume will not affect in any way the opportunity to be selected as a participant of the Event.
For the different types of processing, a specific period of data retention has been defined equal to 12 months from the end of the edition of the Event for which the interested party has shared his/her data. Only for the purposes of communication and publicity of the Event and its future editions through the use of images and video recordings is an unlimited retention period.
5. Methods of Processing
In relation to the above mentioned purposes, the data processing will be carried out both through computer and telecommunication tools, both on paper and by means of telematic means and in any case by means of instruments suitable to guarantee its security, confidentiality, integrity and availability through the adoption of adequate security measures, as prescribed by the Regulations.
6. Categories of data recipients
Your personal data may be disclosed – within the limits of the above mentioned – to the people authorized and duly instructed by the Owner or by the Managers of the processing referred to at point 8, or to the members of the MIP Business Game Team in charge of relations with the interested parties referred to at point 2.
Moreover, only if the interested party has given his/her free consent, the personal data contained in the CVs sent to the organization of the event will be shared with the partners companies of the Event
7. Dissemination of data
Your personal data, without your specific authorization, will in no way be disseminated outside the association except in cases expressly provided by law.
8. Owners and Data Processors
The Data Controller, i.e. the subject who determines the purposes, is the non-profit association “SEA – Student Events Associations” with headquarters in Milan (MI), via Trebazio 4, 20145.
The Data Processors, i.e. the subjects who perform the processing on behalf of the Data Controller, are the service providers appointed as such pursuant to Regulation 2016/679 by the Data Controller.
9. Exercise of rights
Pursuant to Reg. 2016/679, the interested party has the right to access his or her data, in particular to obtain at any time confirmation of their existence or otherwise and to know their content, origin and geographical location, as well as to request a copy. He also has the right to verify the accuracy or request the integration, updating, rectification, limitation of processing, cancellation, transformation into anonymous form or blocking of data processed unlawfully, and to oppose in any case to their treatment. Moreover, the interested party has the right to request the portability of the data, to lodge a complaint to the Supervisory Authority.
The interested party may exercise his/her rights by writing by e-mail to firstname.lastname@example.org