In order to process your registration, Cortellini Perio Academy collect personal details and information for you. Cortellini Perio Academy follows strict security procedures in the storage and disclosure of your personal details. Your rights are protected in accordance with any applicabile laws and regulation. Please read carefully the details of our Privacy Policy on our Privacy Policy below.

Privacy notice

This Privacy Notice relates to:

• How we handle information received or collected about you as an individual
• How we communicate with you; and
• Your rights as an individual in respect of such information and communications

Who we are

In this Privacy Notice, references to:

• "we", "us" or "our" are to Cortellini Perio Academy, Via Carlo Botta 50136 Firenze (Italy)
• and the trading office at: TangramOdis srl, Via Carlo Botta 50136 Firenze (Italy)
• "Website" is to cortelliniperioacademy.com and any other website owned or operated by us

We are the data controller.

You can contact our Data Protection Officer (DPO), Daniele Bonaccini, by email at perioacademy@cortellini.org

How do we collect your data?

Your personal data is collected directly from yourselves. We collect and process data when:

• You register online for any of our products or services, including completing a registration form for any of our congresses, workshops or webinars or subscribe to our newsletters or publications
• You contact us via email
• You interact with us through any social media platform

What data do we collect?

We will collect personal details about you as an individual, which is provided to us through:

• Your full name
• Your postal address
• Your telephone number
• Your job title
• Your email address
• Your payment details
• Your preferences and use of email updates as recorded by emails that we send you
• Your IP address, a string of numbers unique to your computer that is recorded by our web server when you request any page or component of our website. This information may be used to monitor your usage of the website

How do we use your data?

Any information collected about you as an individual will be used in accordance with the General Data Protection Regulation ("GDPR"), the UK GDPR, the Data Protection Act 2018 ("DPA 2018"), the Privacy and Electronics Communications (EC Directive) Regulations 2003 (as amended from time to time) ("PECR") and any other applicable laws and regulations.

We collect and process your personal data under the lawful grounds of Legitimate Interest, Consent and Contract so that we can:

• Process any orders and manage your account - contract & legitimate interest
• Email you with details of and updates on our products and services - legitimate interest and consent
• Enter into and process any contracts with you or your company - contract

If we use your email address to send information about our products or services you will be offered the option to opt out of receiving such emails.

Should you request digital or postal communications to cease there will be a time period of up to 30 days before contact stops.

Who do we share your data with?

In certain circumstances we will need to pass your personal data to appropriate third parties for administrative purposes to carry out certain activities, such as processing and sorting data, monitoring how our website is used and issuing our emails in order to supply or deliver the products or services you or your company have purchased.

The third parties with whom your personal data is shared with are:

• TangramOdis srl
• Stripe
• SharEvent

Third parties are not allowed to use your personal information for their own purposes.

We will not sell your personal information to any other person or company.

We will only pass your personal data to those third parties noted in this Privacy Notice unless we are required to do so by common law or statutory obligations.

We will not hold any payment details such as your card number, expiry date and security code. Where payments are handled through an accredited payment bureau, you should visit their website or contact them to view their Privacy Notice.

In order to effectively process credit or debit card transactions it may be necessary for the bank or card processing agency to verify your personal information for authorisation with an entity outside the EEA or a country with an EU approved adequacy decision. Such information will not be transferred outside those jurisdictions for any other purpose.

How do we store your data?

We securely store your personal data on SharEvent System which is accessed through our website.

Information that you share on the website is kept strictly confidential and fully secure. Your encrypted information is protected using SSL (Secure Socket Layers) as it passes between your browser and our website. We follow generally accepted industry standards to protect the personal data submitted to us both during transmission and once we receive it.

However, no method of transmission over the internet or electronic storage is 100% secure. Therefore, whilst we have taken appropriate technical and organisational measures to ensure we have protected your data against risks such as loss, unauthorised access, destruction, use, modification or disclosure, we cannot guarantee its absolute security. Only authorised personnel are permitted to access your personal data and they abide by security, privacy and confidentiality agreements, rules and laws.

We will hold your personal data for no longer than necessary. The length of time we retain it will depend on any legal obligations we have (such as tax recording purposes) and the nature of any contracts we have in place with you.

We will, however, keep your personal data for a period of 5 years (see our Data Processing Agreement) from your last membership renewal date in order to verify your member status to third parties or to allow you to re-join as a member.

What are your data protection rights?

We would like to ensure you are fully aware of all your data protection rights. Subject to certain limitations you are entitled to:

• Request a copy of the information we hold about you and be told how we use it
• Request that your personal data is deleted
• Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete
• Right to object – you have the right to object to certain types of processing such as direct marketing
• Restrict processing if you have concerns about your information's accuracy, deletion or fair and lawful use or do not wish your data to be processed for marketing, research or statistical purposes
• Withdraw consent to the use of your personal data
• Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling
• Receive your personal data in a commonly used, machine readable format to transfer to another data controller

If you exercise any of your rights, we will respond within 30 days.

To access personal data that is being held, identification will be required. We will accept the following forms of ID when information on your personal data is requested: a copy of your ID Card, driving licence, passport, birth certificate and a utility bill not older than three months. A minimum of one piece of photographic ID listed above and a supporting document is required. If we are dissatisfied with the quality, further information may be sought before personal data can be released.

Changes to our Privacy Notice

We regularly review our Privacy Notice and any changes will be placed on our website. This Privacy Notice was last updated on January 6 2023.

How to contact us

If you have any questions about our Privacy Notice, the data we hold on you or you would like to exercise one of your data protection rights, please do not hesitate to contact us at:

Email: perioacademy@cortellini.org

Post: Cortellini Perio Academy, Via Carlo Botta 50136 Firenze (Italy)