This information notice describes the processing of the personal data of visitors and users (collectively, "Users") of the website https://courses.h-farm.com (the "Site") by H-International School S.r.l. with registered office in Via Olivetti 1, 31056 - Roncade (TV), C.F. P.IVA 03888620261 (hereinafter "H-IS"). 

H-IS may modify this information to adapt it to future expansions or modifications of the Site or of the services offered. In the event of substantial modifications, H-IS will publish a notice on the Site and/or send a notification by e-mail to indicate the variations and to collect requests to exercise the rights recognised by the legislation on the protection of personal data. 

1. DATA CONTROLLER 

The controller of the personal data of Users collected through the Site (“Data”) is H-IS. 

1. DATA COLLECTED AND PURPOSE OF PROCESSING

Browsing data 

Each time the Site is accessed, the systems automatically record and analyse access data (e.g. IP address of the provider, information on the browser used, pages visited, date, time, and duration of each visit). This information is collected automatically by the Site and does not require any action on the part of the User. 

With regard to the processing of navigation data, please refer to the Site's cookie policy, available at the following link https://courses.h-farm.com/cookies/.  

Data communicated by Users 

By filling in the "Contact us" forms present on the Site, or by sending a request to H-IS through the addresses indicated on the Site, Users communicate to H-IS some personal data such as, for example: name, surname, e-mail address, telephone contact (optional), country of origin (optional), age and any other information voluntarily inserted by the User in the message box. 

Data that are absolutely necessary in order to perform the activities requested from time to time are marked with an asterisk. 

Users are requested not to communicate personal data of third parties to H-IS, unless it is necessary (for example, in the event that the User is a parent requesting more information on courses/school/labs in the interest of their minor child): in this case, we remind you that it is the User's responsibility to fulfil the legal requirements concerning the protection of personal data and, in particular, to inform third parties of the communication and to obtain their consent, if necessary. 

Data required for the purchase of courses/school/lab. 

The Site, in the event of the purchase of a course and/or workshop as well as in the event of the transmission of specific requests by Users, requires the latter to communicate specific personal data of the purchaser, such as: 

1. first name, surname, e-mail, telephone number, residential address, date of birth and social security number (the "Billing Data");
2. first name, surname, gender, age (or age bracket) and date of birth of the course/school/lab participant (the "Participant Data");
3. in addition, H-IS, where necessary, also requests the disclosure of data relating to the health of the course/school/lab participant, and, in particular, information regarding dietary and/or medical needs and/or the existence of certified educational needs (e.g. dyslexia) (the "Sensitive Data"). 

Data, if marked with an asterisk, are necessary in order to finalise the User's request for enrolment in the course/school/lab. 

We recommend that Users only communicate Data that are up-to-date, relevant, and not exceeding the specific purposes of the processing. 

Any unnecessary Data will be immediately deleted or anonymised. 

1. PURPOSE OF PROCESSING AND RECIPIENTS OF DATA 

The Data of the Site's Users may be processed by H-IS, in strict compliance with the applicable legislation and the indications of the Italian Data Protection Authority, for the following purposes. 

Navigation data    

Navigation data will be used:

1. in order to monitor the proper functioning of the Site;
2. in an anonymous and aggregate form, for statistical purposes related to understanding how Users use the Site, to improve the ease of access and increase its attractiveness,
3. as well as to detect technical problems as soon as possible. 

Such processing has its legal basis in the legitimate interest of H-IS in improving its digital services, especially in relation to the use of the Site. 

Responding to contact requests 

The Data provided by sending a request to H-IS by filling in the appropriate form in the "Contact Us" section of the Site will be processed to respond to requests for information on courses/schools/labs transmitted by the User and, if necessary, to provide assistance to H-IS Users. 

These data, if marked with an asterisk, are necessary in order to follow up and answer requests from Users. 

The processing, therefore, finds its legal basis in the need to implement pre-contractual measures at the request of the data subject.

Purchase and attendance of courses 

The Data collected by filling in the form on the Site (Billing Data and Participant Data) will be processed for the purpose of the User's purchase of the courses/school/lab. The Data communicated by Users may also be processed in order to allow the User to register an account on the Site, so that it can be stored in the event of subsequent purchases. 

The provision of Data is necessary in order to finalise the purchase of courses/schools/labs: therefore, in the event of refusal or failure to provide the requested Data, it will not be possible for H-IS to comply with the User's requests, including the request to register an account.

This processing has its legal basis in the need to execute a contract to which the data subject is a party (the contract signed between H-IS and the User with the acceptance of the Terms and Conditions relating to participation in the course/school/lab), pre-contractual measures taken at the request of the data subject and in compliance with legal obligations. 

Personal Data collected by filling in the form on the Website (Billing Data and Participant 

Data) will then be communicated to the software application "Glide" owned by Glide S.r.l. / S.p.A, https://www.glideapps.com/ - hello@glideapps.com and licensed to H-IS under the name of H-FARM Summer Academy ("App"). Such Data will be stored on the App in order to provide Users/Participants with an easy and accessible tool to have at hand organisational information, staff contact details, receive photos, projects, and final certificates of the experience. For information on the use of cookies and how personal data is processed through the App, please see the App's Privacy Policy. 

With particular reference to Sensitive Data, such data will be collected through a different platform to which the User will be redirected from the App in order to finalise the enrolment in the Course. Such platform is the Zoho platform ("Zoho Platform"), owned by the Zoho Group which includes all the companies listed herein ("Zoho"). After being redirected to the Zoho Platform, the User will receive by e-mail (on the address communicated during registration on the Site) a form to be completed in which the User will be asked to enter, subject to acceptance of the Zoho’s privacy policy, some additional personal data necessary for H-IS to guarantee the best use of the Course and the User's security. In particular, through the Zoho Platform will be collected, upon acceptance of the Zoho’s privacy policy, information relating to the dietary, medical and educational needs of the User enrolled in the Course and other data contained in the documents that are requested to be uploaded in order to finalise the enrolment, such as, purely by way of example, medical certificate, specific dietary needs, etc., will be collected. 

The Sensitive Data collected through the Zoho Platform will be processed solely to enable the participant in the course/school/lab to take part in it profitably and to enable H-IS to provide him/her with adequate learning aids as well as any related services (e.g. canteen) in respect of the participant's health, according to the specific needs indicated at the time of purchase. 

With regard to the processing of Sensitive Data, including the communication thereof to the above-mentioned third parties, this has its legal basis in the need to protect a vital interest of the participant, as well as in the explicit consent of the participant who is of age, or of the exercising parental responsibility in the case of a minor participant, at the time of purchase of the course and/or workshop. 

In this context, Data, including Sensitive Data, may be disclosed to the following categories of persons: 

(A) company owning and managing the App and its employees and collaborators duly instructed to process personal data in compliance with the applicable legislation;
(B) educators, employees and/or collaborators of H-IS directly involved in the organisation and management of the courses/workshops in order to meet the educational and personal needs of the registered Participant;
(C) with reference also to Sensitive Data, public and private entities involved in the relevant organisational and management activities and/or providers of accessory and necessary services to protect the specific needs of the Participants (e.g. dietary needs). 

These parties will process Data, as the case may be, in their capacity as autonomous data controllers, or as data processors; in the latter case, these parties will act by virtue of a specific written mandate conferred on them by H-IS. 

The full list of recipients of the Data is kept at the H-IS premises and is available upon request, which may be forwarded to the addresses indicated in section 5 below. 

Receipt of newsletters 

The Data supplied by sending a request to H-IS by means of filling in the specific form in the "Subscribe to our newsletter" section may be used, subject to the consent of the User, to allow the User to benefit from the newsletter service and, therefore, to send the newsletter with commercial and promotional contents (which will be transmitted by e-mail) concerning the activity of H-IS and its most important news, courses/schools/labs offered by H-IS, as well as fairs and events in which H-IS will participate. 

For the same purpose, the Data will be communicated to the company Zoho ("Zoho") which includes all the companies listed herein ("Zoho Group") The Rocket Science Group (located at 1526 DeKalb Ave NE, Atlanta, GA 30307, United States), which provides the newsletter transmission service called "MailChimp" and, for this reason, will process the Data under a specific mandate given by H-IS. In this context and within the companies of the Zoho Group, the User's name, surname and e-mail address may be transferred outside the European Union, and this on the basis of the adoption by H-IS, as data controller, of appropriate measures in compliance with applicable laws and regulations to ensure that the Data are adequately protected such as, in particular, the signing of standard contractual clauses as required by the European Commission. 

Data communication is on a voluntary basis: any refusal will make it impossible for H-IS to send the newsletter to the User but will not affect navigation on the Site and/or the purchase of courses/school/lab. 

Data will be stored and processed for up to 24 months after receipt of the last contact request and, in the event that the User has consented to receive the newsletter, from the provision of consent. 

The processing of Data for sending newsletters with commercial content has its legal basis in the consent of the person concerned (User). 

Users may revoke their consent at any time and cancel their subscription to the newsletter service by following the procedure indicated in each newsletter or by sending a specific communication to H-IS, at the address indicated in article 5 below, expressing their wish to unsubscribe from the newsletter service and to cancel the Data held by H-IS. 

1. PROCESSING METHODS and DATA STORAGE TIMES 

The Data shall be processed by manual and computerised means by staff and collaborators of H-IS and/or of the companies expressly appointed as data processors, and to whom H-IS has given detailed operating instructions with particular reference to the adoption of adequate technical and organisational security measures. 

Browsing data do not persist for more than 7 (seven) days and are deleted immediately after their aggregation (except in the event of the need to ascertain criminal offences by the competent judicial authorities). 

Billing Data will be stored on Zoho and processed for the period necessary to fulfil tax, accounting and regulatory obligations related to the sale of H-IS courses/schools/labs. 

Participant's Data and Sensitive Data will be stored on Zoho and processed for the duration of the course and/or workshop and for the following 24 months at the end for archival purposes. 

The account will be deactivated if no access is made for a period exceeding 36 months from the date of the last purchase. 

 

1. USER RIGHTS AND CONTACT DETAILS 

The User may, at any time and to the extent that the rights are applicable: 

1. obtain access to their personal data; 
2. request the rectification, deletion or restriction of the processing of personal data; 
3. where applicable, receive in a structured, commonly used and machine-readable format the personal data concerning him/her that he/she has provided to H-IS, as well as request that such data be transmitted to another data controller (right to data portability); 
4. where applicable, withdraw consent, at any time and without prejudice to the lawfulness of the processing based on the consent previously given; 
5. file a complaint with the Data Protection Authority, or appeal to the competent judicial authority. 

Requests to exercise the above rights should be sent to one of the following addresses: 

• via e-mail, at: summeracademy@h-farm.com; 
• via registered mail with return receipt, to H-International School S.r.l., 31056 - Roncade (TV), Via Olivetti 1. 

Requests concerning the recipients of the Data, as well as requests for clarification of this information notice, may also be addressed to the same addresses. 

1. LINKS TO OTHER WEBSITES 

This information on the processing of personal data is provided exclusively in relation to the Data collected through the Site and with reference to the purposes identified in point 3, and not also for any other websites consulted and/or consultable through links and/or widgets (e.g. social networks): these Information on data processing.