Privacy Policy

Privacy protection – information pursuant to Article 13 of the EU Regulation 679/16

Updated: 05/12/2019
The data requested from you, as the interested party, is processed by The International Studies Institute LLC (VAT number 06820750484), with registered office in Delaware-Dover, Kent County The Green, Ste A 8 (USA) and operational headquarters in Florence, Via della Vigna Nuova n.18, Data controller (pec: [email protected], e-mail address: [email protected] – Tel. 055 2645910), hereinafter referred to as ISI Abroad.

The Data Protection Officer (DPO) is engr. Marco Turri (VAT number 04854420488 – registered email address (pec) [email protected], email address [email protected])

The processing of personal data, carried out in full compliance with current legislation (Legislative Decree No. 196 of June 30, 2003 and EU Regulation 679/16), is executed for the management of the contractual relationship between the parties and, in particular, to respond to any requests for information and in any case, to communicate in print, through IT and by telephone, so as to satisfy all contractual and legal obligations (Purpose of the processing).

Our company will therefore treat the identification data (e.g. name and surname, e-mail address), for the aforementioned purposes, as this data is necessary to provide the commercial service itself and to respond to any requests for information. The legal basis of the relative processing is therefore the execution of pre-contractual measures adopted at Your request and the execution of any contractual obligations, as well as the fulfillment of the related legal obligations. In the event of disputes relating to this relationship, the legal basis is the legitimate interest of the Data Controller in the right of defense.

The provision of the aforementioned personal data does not constitute a legal obligation, but is contractually necessary, as such, it is obligatory for our company to be able to respond to Your requests and for the purposes indicated above. In the event of refusal to provide such information, ISI Abroad may not be able to perform the requested service.

The processing of personal data will consist in the collection, recording, organization, structuring, storage, adaptation or modification, extraction, selection, consultation, use, communication by transmission or other forms of provision, comparison or interconnection, the limitation, cancellation or destruction of the same. The data processing will be carried out with the aid of electronic, computerized and telematic tools suitable for guaranteeing its confidentiality, in compliance with the provisions of current legislation.

Personal data is processed in written form, on paper, magnetic and telematic format, with appropriate tools to guarantee its security, and entered in the data bank of the Data Controller.

Personal data is processed exclusively by subjects appointed by the Data Controller, who is specially trained in the field.

Personal data can be communicated to all the subjects (recipients) to whom the right of access is recognized by the current legislation and for purposes related to legal obligations (e.g. Guarantor Authority, Public Authorities), as well as to employees assigned to processing by our company.

They can also be communicated to professionals, IT experts, companies that manage cloud and telephone services, companies in charge of processing data connected with the fulfillment of administrative, accounting and management obligations related to the ordinary performance of our business (e.g. website management, accounting and tax  compliance, verification of economic relations with the customer) which may be designated as Data Processors pursuant to Article 28 of EU Regulation 679/16. Personal data will not be disseminated.

The list of subjects appointed as Data Processors is available at our registered office.

Personal data is stored on servers located in Italy, within the European Union.

ISI Abroad uses the Google Drive service. The data is therefore also processed by the Google Inc data processor, 1600 Amphitheater Parkway Mountain View, CA 94043 USA, at its operating offices, in compliance with the applicable legal provisions, and with the provisions of the articles 44 and following of EU Regulation 679/16.

ISI Abroad uses the Cloudflare service. The data is therefore also processed by the Cloudflare Data Processor, Inc.101 Townsend St. San Francisco, CA 94107 (represented in Europe by Cloudflare Germany GmbH Rosental 7 – 80331 München under Art 27 GDPR), at its operating offices, in compliance with the applicable legal provisions, and with the provisions of articles 44 and following of EU Regulation 679/16

It is understood that the undersigned Data Controller, if necessary, will have the right to move servers even outside the EU. In this case, the extra-EU data transfer will take place in compliance with the applicable legal provisions, and with the provisions of articles 44 and following of EU Regulation 679/16.

Pursuant to EU Regulation 679/16, you can exercise the following rights as an interested party:

  1. the right to obtain confirmation from the Data Controller that Your personal data is being processed and whether or not, in this case, to obtain access to the personal data and information provided by art. 15 (e.g. information relating to the purposes of the processing, to the categories of personal data in question, to the recipients or categories of recipients to whom the personal data has been or will be communicated, to the retention period, to their rights, to the origin of the data if not collected from the interested party, to the existence of an automated decision-making process, etc.);
  2. the right to obtain, if inaccurate, the correction of personal data concerning you, as well as the integration of the same if deemed incomplete, always in relation to the purposes of the processing (art. 16);
  3. the right to delete data (“right to be forgotten”), when one of the cases referred to in art. 17 applies;
  4. the right to limit the processing, in the cases provided for by art. 18;
  5. the data portability right pursuant to art. 20;
  6. the right to object to the processing pursuant to art. 21;
  7. when the legal basis of the processing is consent, the right to revoke the consent at any time without jeopardizing the lawfulness of the processing based on the consent given before the revocation.

The Data Controller does not adopt automated decision-making processes; the rights pursuant to Article 22 of the EU Regulation 679/16 apply to the interested party.

The interested party is also entitled to be informed, when applicable, of the intention of the Data Controller to transfer the data to a third country or to an international organization. This right also applies to the existence or absence of a decision of adequacy of the Commission or in the hypothesis of transfers, pursuant to art. 46, 47 and 49 c.2, related guarantees and the means to obtain a copy of such data or the place where they were made available.

All the aforementioned rights can be exercised through a request addressed to the Data Controller (e.g. by contacting us by e-mail or by telephone).

As an interested party, finally, you are entitled to file a complaint with a supervisory authority (Art 77 EU Regulation 679/16 – Art 140 bis and ss. of Legislative Decree 196/2003).

Personal data will be stored only for the time strictly necessary to carry out the aforementioned purposes and to fulfill the obligations provided for by law (e.g. administrative, fiscal and accounting up to ten years pursuant to Article 2220 and 2946 of the Italian Civil Code), without prejudice to any issues of an accounting or contentious nature that may extend this period.

Subsequently, your personal data will be deleted or transformed into an anonymous form and used for statistical purposes only.

We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.


Cookies Policy

Last updated: 18/02/2023

The website www.umbra.org uses cookies. By using the website, you consent to the use of cookies.

Our Cookies Policy explains what cookies are, how we use cookies, how third-parties we may partner with may use cookies on the Service, your choices regarding cookies and further information about cookies.

What are cookies

Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is stored in your web browser and allows the Service or a third-party to recognize you and make your next visit easier and the Service more useful to you.

Cookies can be “persistent” or “session” cookies.

How Umbra uses cookies

You’ll notice this term used across the Internet to describe bits of information that some websites create when you visit their sites, which are then stored on your computer. A cookie is uniquely yours and can only be read by the website that gave it to you. Cookies are a basic way to identify the computer you happen to be using at the time and do not identify you personally. They cannot be used to obtain data from your hard drive, your e-mail address or personal information stored on your computer.

  • Cookies remain active only while you have your Internet browser open.
  • Cookies expire as soon as you close your browser.
  • Cookies are not used to collect and store any personally identifying information.
  • Cookies do not contain viruses.

Through the use of cookies, our web server automatically recognizes your domain name but not your email address. Your domain name is generally the address of your web browser — “msn.com,” for example.

Our websites use the following types of cookies:

  • Browsing or session cookies, which are strictly necessary for the website’s operation, and/or to allow you to use the website’s content and services.
  • Google Analytics cookies, which allow us to understand how users make use of the website, and to track traffic to and from the website.
  • Function cookies, which are used to activate specific website functions, in order to improve your experience.

Third-party cookies

In addition to our own cookies, we may also use various third-parties cookies to report usage statistics of the website.

What are your choices regarding cookies

If you’d like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser.

Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.

If you have set your browser options to allow cookies on your computer, we treat the information supplied through those cookies with the same comprehensive security and privacy protections as any other customer information we receive.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since each browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies. If you turn cookies off, some of the features that make your site experience more efficient may not function properly.

Where can you find more information about cookies

You can learn more about cookies and the following third-party websites:


Contacting Us

If there are any questions regarding this privacy policy, you may contact us at [email protected]