Effective date: August 20, 2018
English 4 Life (“us”, “we”, or “our”) operates the www.english4life.it website (hereinafter referred to as the “Service”).
Service is the www.english4life.it website operated by English 4 Life
Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Cookies are small files stored on your device (computer or mobile device).
Information Collection and Use
We collect several different types of information for various purposes to provide and improve our Service to you.
Types of Data Collected
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code, City
We may also collect information how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Use of Data
English 4 Life uses the collected data for various purposes:
- To provide and maintain the Service
- To notify you about changes to our Service
- To allow you to participate in interactive features of our Service when you choose to do so
- To provide customer care and support
- To provide analysis or valuable information so that we can improve the Service
- To monitor the usage of the Service
- To detect, prevent and address technical issues
Transfer Of Data
Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside Italy and choose to provide information to us, please note that we transfer the data, including Personal Data, to Italy and process it there.
Disclosure Of Data
English 4 Life may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation
- To protect and defend the rights or property of English 4 Life
- To prevent or investigate possible wrongdoing in connection with the Service
- To protect the personal safety of users of the Service or the public
- To protect against legal liability
Goal of the data protection policy
The goal of the data protection policy is to depict the legal data protection aspects in one summarising document. It can also be used as the basis for statutory data protection inspections, e.g. by the customer within the scope of commissioned processing. This is not only to ensure compliance with the European General Data Protection Regulation (GDPR) but also to provide proof of compliance.
Brief description of the company and motivation to comply with data protection.
Security policy and responsibilities in the company
- For a company, in addition to existing corporate objectives, the highest data protection goals are to be defined and documented. Data protection goals are based on data protection principles and must be individually modified for every company.
- Determination of roles and responsibilities (e.g. representatives of the company, operational data protection officers, coordinators or data protection team and operational managers)
- Commitment to continuous improvement of a data protection management system
- Training, sensitisation and obligation of the employees
Legal framework in the company
- Industry-specific legal or conduct regulations for handling personal data
- Requirements of internal and external parties
- Applicable laws, possibly with special local regulations
- Conducted internal and external inspections
- Data protection need: determination of protection need with regard to confidentiality, integrity and availability. The BSI Standard 100-2 categories from the German Federal Office for Information Security [Bundesamt für Sicherheit in der Informationstechnik – BSI] are helpful, e.g.: ‘normal’, ‘high’ and ‘very high’.
Existing technical and organisational measures (TOM)
Appropriate technical and organisational measures that must be implemented and substantiated, taking into account, inter alia, the purpose of the processing, the state of the technology and the implementation costs.
The description of the implemented TOM can, for example, be based on the structure of ISO/IEC 27002, taking into account ISO/IEC 29151 (guidelines for the protection of personal data). The respective chapters should be substantiated by referencing the existing guidelines.
Examples of such guidelines include:
- Guideline for the rights of data subjects
- Access control
- Information classification (and handling thereof)
- Physical and environmental-related security for end users such as:
- Permissible use of values
- Guideline for information transfer based on the work environment and screen locks
- Mobile devices and telecommuting
- Restriction of software installation and use
- Data backup
- Information transfer
- Protection against malware
- Handling technical weak points
- Cryptographic measures
- Communication security
- Privacy and protection of personal information
- Supplier relationships: Noting regular inspection and evaluation of data processing, especially the efficacy of the implemented technical and organisational measures.
Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Links to Other Sites
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Our Service does not address anyone under the age of 18 (“Children”).
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
- By email: firstname.lastname@example.org