International School of Monza is registered as a branch of the International School of Europe S.r.l. (I.S.E. S.r.l.) with headquarters in Via Manfredo Camperio 14, 20123 Milano, Italy, Fiscal Code/VAT n. 12932001006 in Via Solferino 23, 20900 Monza (MB), Italy and is authorised as a foreign Early Years, Elementary, Middle and High School by the Ministero dell’ Istruzione, dell’Università e
International School of Europe S.r.l. takes data protection and our responsibilities to correctly and lawfully treat personal data as a data controller seriously. We are committed to complying with legal obligations and
We process personal data about prospective, current and past: pupils and their parents; staff, suppliers and contractors; donors, friends and supporters; and other individuals connected to or visiting International School of Europe S.r.l.
The personal data we collect, process and store will be personally identifiable information related to pupils and their parents, staff, suppliers and contractors, donors, friends and supporters. The personal data processed includes recorded information that is true and correct and/or video and photographic images about an individual. Information such as;
Other types of data we collect, process and store is protected health information, criminal record information and other sensitive information related to an individual. Information such as;
International School of Europe S.r.l. collects information in several ways, including:
Our school has a Data Protection Standard in place to oversee the effective and secure processing of your personal data. We have policies around the use of technology and devices, and access to school systems. We try to ensure that all personal data held in relation to an individual is as up to date and accurate as possible.
Your Data processing will be carried out in accordance with GDPR.
In particular, your Data will be processed in accordance with the principles of lawfulness, fairness and transparency. Data will be processed in an adequate, relevant and limited way to what is necessary
Processing will be carried out with manual and/or paper and/or automated methods and with proper equipment, as far as it is reasonable and given the state of the art, to ensure the appropriate security and confidentiality by means of proper procedures avoiding, inter alia, the risk of loss of, or unauthorized access to, personal data.
In particular, the processing will be carried out:
in compliance with the legal limits set forth by the Italian Law n. 300/1970 (i.e. “Statuto
International School of Europe S.r.l. processes personal data to lawfully and legitimately support the school’s operation as an independent school. Our school collects information about students and their families when necessary to:
Our school collects information about staff, prospective staff and contractors when necessary for:
5. HOW LONG DO WE KEEP PERSONAL DATA
We retain personal data only for a legitimate and lawful reason and only for so long as necessary or required by law. Our Data Protection Officer can be contacted by email on email@example.com if you have any queries regarding the retention of your personal data.
6. YOUR RIGHTS
Under Data Protection Law you have rights regarding the collection, processing and storage of your personal data. These rights are, however, subject to certain exemptions and limitations.
You have the right to:
Our Data Protection Officer can be contacted by email on firstname.lastname@example.org if you have any queries regarding your rights. Any request for data we store and process about you must be completed in writing.
7. SUBJECT ACCESS REQUESTS
Under Data Protection Law you have the right to request information or request to delete information we store about you and/or your child without incurring costs. We are only obligated to provide information that is related to you and your child (depending on legal custody). Parents can request data on behalf of their child, however, depending on their age, a student can also submit a Subject Access Request form to obtain their own data. Access to personal data belonging to your child may require the child’s consent if the child is old enough to understand the implications of such a request. Any data access request is, however, subject to certain exemptions, limitations or contractual obligations. Data belonging to or identifying other individuals is exempt from
Any request for data we store and process about you or your child must be completed in writing. The Subject Access Request form can be obtained from our Data Protection Officer by email on email@example.com. Data Protection Law allows us to respond to any such written requests within one calendar month. Excessive requests or simultaneous requests for the same information may incur an administration fee or be refused where Data Protection Law allows us to do so.
Under Data Protection Law we are required to obtain consent to process an individual’s personal data. This is with limitations and exceptions as we may have lawful and legitimate reasons to process such data to support the school’s operation as an independent school or fulfil contractual or legal obligations, regardless of consent. When our school collects information about you, our school takes reasonable steps to advise you of certain matters. This includes the purpose of the collection, and how to access, update and correct information held about you. For information about students and their families, a consent form is provided to parents (or mature students) upon enrolment. In some cases, we may send out separate consent requests using:
9. PRIVACY NOTICE UPDATES
International School of Europe S.r.l. will update this Privacy Notice from time to time. Any substantial changes that affect how we process your personal data will be notified on our website. If required we will also notify you directly. This Privacy Notice should be read in conjunction with other school policies and any contract terms and conditions.
In order to enforce your rights, you can send at any time a request indicating in the subject “privacy –
It is understood that, should the request for access be filed by means of electronic media, the information can be provided in a commonly used electronic format.
Finally, we would inform you that if you consider that your data have been infringed by the Controller, the Data Protection Officer, a Responsible, an Officer or a third party, you can complain to the Privacy Guarantor and/or any other competent authority under GDPR.
11. COOKIES POLICY
Your enquiry was sent successfully.
Something went wrong
Your enquiry was not sent successfully.
Please try again.
Too many attempts
Your enquiry was not sent as you tried sending too many times. Plesae try again later.