Knowledge, innovation, entrepreneurship: the ingredients of economic development.

Our contribution: careful analysis, global perspective, feasible projects

Privacy Policy

At CSIL – Centre for Industrial Studies, we are committed to complying with any data protection regulations that may apply in processing personal data, including the GDPR. This Privacy Policy describes the types of personal information we obtain, how we may use that personal information, with whom we may share it and how you may exercise your rights regarding our processing of that information. The Privacy Policy also describes the measures we take to safeguard the personal information we obtain and how you can contact us about our privacy practices.

1. Contact information

CSIL's administrator is responsible for processing personal data at CSIL. These are our data and how you can contact us:
CSIL, Centre for Industrial Studies
Corso Monforte 15, 20122 Milan ITALY
Tel: +39 02796630

2. Types of data we collect and how we use it

We only use personal data to the extent permitted by law. Depending on your relationship with us and the channels used to collect personal data, our use of such data will differ.
Website Cookies
A cookie is a small file which is placed on the user's hard drive following a visit to This file subsequently allows the user to move quickly and easily around our site by keeping a record of your previous visit(s). Cookies in use at the CSIL's websites are not associated with any personal data about that visitor.
Cookies can be deleted from a PC's hard drive at any time by the user. Further information on the use of cookies can be found on
Google Analytics
When someone visits we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make and do not allow Google to make, any attempt to find out the identities of those visiting our website.
Mailing Lists
As part of the registration process for our newsletter, we collect personal information. We use that information to send updates about our activities, to contact you if we need to obtain or provide additional information; and to check our records are right.
We do not rent or trade email lists with other organisations and businesses.
We use a third-party provider, Mailup, to deliver our newsletter and e-surveys. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our newsletter. For more information, please see Mailup's privacy notice. You can unsubscribe to general mailings at any time of the day or night by clicking the unsubscribe link at the bottom of any of our emails or by emailing CSIL's administrator


If you take part to interviews or surveys managed by us or which were contracted out to third parties, we process your personal data based on a contract, your consent or our legitimate interest:
• to build databases of stakeholders as a part of our project contracts,
• for analysis.
We may anonymise or aggregate personal information and use it for the purposes described in the Survey description and for other purposes to the extent permitted by applicable law. We will not use your personal data unless you authorise us to do so. We also may use personal information for additional purposes that we specify at the time of collection. We will obtain your consent for these additional uses to the extent required by applicable law.
We use a third-party provider, Survey Monkey for managing surveys and other consultation. For more information, please see Survey Monkey's privacy notice.
Use of personal data of job applicants and consultants
The provision of your personal data is necessary to be able to assess your application, to offer you a job or to participate in a project or contract. If you apply to us, we will process your data as an applicant:
• For handling and evaluation of your (job) applications in the context of the pre-contractual relationship and for the administrative duties required by the management of your contract.
• To maintain a database of experts. Keeping a database allows us to contact you later for a job or contract opportunity arising from a specific project. If you do not wish to be included in the recruitment reserve, you may let us know by contacting us via any of the means indicated at the beginning of the privacy policy.

3. Consenting to Data processing

As a general principle, you will provide us with your personal data entirely voluntarily; there are generally no detrimental effects for you if you choose not to consent or to provide personal data. However, there are circumstances in which CSIL cannot take action without certain of your personal data, for example, because this personal data is required to process your instructions or orders, provide you with access to an e-survey or newsletter or to carry out a legally required compliance screening. In these cases, it will unfortunately not be possible for us to provide you with what you request without the relevant personal data and we will notify you accordingly.

4. Processing methods

We store personal data in electronic archives and, on a residual basis, on paper. The processing of personal data is carried out in compliance with the principles of the GDPR.

5. How we share information

We may share information about you with those managing and maintaining our information system, with other consultants and professionals who support us carrying out the purposes mentioned above, and for the fulfilment of legal and fiscal obligations.
We do not sell or otherwise disclose personal information about you.

We may share your data with Third Parties with your consent or as necessary for the performance of a contract to which you are a party or to take steps, at your request, before entering into an agreement.
When we share your data with the third parties, CSIL will ensure that the data is only processed according to our specific instructions and that the same standards of confidentiality and security are maintained.
We also may disclose personal information:

  • if we are required or permitted to do so by applicable law, regulation or legal process;
  • to law enforcement authorities or other government officials to comply with a legitimate legal request;
  • when we believe disclosure is necessary to prevent physical harm or financial;
  • to establish, exercise or defend our legal rights, and
  • in connection with an investigation of suspected or actual fraud, illegal activity, security or technical issues.

6. Storing and transferring personal data outside the EEA

Data are processed within the European Economic Area (EEA), as our main external suppliers are based in Italy and the EU. However, should we need to use services from external third parties based outside the European Economic Area (EEA), involving the transfer of data outside the EEA, we will ensure a similar degree of protection is afforded to it by implementing safeguards.

7. Data retention

Your personal data will be deleted when it is no longer reasonably required for the Permitted Purposes, or you withdraw your consent (where applicable), and we are not legally required or otherwise permitted to continue storing such data.
In some circumstances, we may anonymize your data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

8. Security

We take appropriate technical and organisational measures to keep your personal data confidential and secure in accordance with our internal procedures covering the storage, disclosure of and access to personal data. We maintain a system of appropriate administrative, physical and technical safeguards to secure such information. We have made a contractual arrangement with our third party service providers which require them to take appropriate security measures to ensure the confidentiality and security of your personal data and process your data for specified purposes only and in accordance with our instructions and comply with applicable privacy laws.

9. Data subject rights

Under GDPR, you are entitled to exercise the following rights:

  • Right of Access. You have the right to obtain from us confirmation as to whether or not personal data concerning you are processed, and, where that is the case, you have the right to request and get access to that personal data.
  • Right to Rectification. You have the right to obtain from us the rectification of inaccurate personal data and you have the right to provide additional personal data to complete any incomplete personal data.
  • Right to Erasure (“Right to be Forgotten”). In certain cases, you have the right to obtain from us the erasure of your personal data.
  • Right to Restriction of Processing. You have the right to obtain from us restriction of processing, applicable for a certain period and/or for certain situations.
  • Right to Data Portability. You have the right to receive from us in a structured format your personal data and you have the right to (let) transmit such personal data to another controller.
  • Right to Object. In certain cases, you have the right to object to the processing of your personal data, including with regards to profiling. You have the right to object at further processing of your personal data in so far as such data have been collected for direct marketing purposes.
  • Right to be Not Subject to Automated Individual Decision-Making. You have the right to not be subject to a decision based solely on automated processing.
  • Right to Filing Complaints. You have the right to file complaints with the applicable data protection authority on our processing of your personal data.

You may file your request by sending an e-mail to or writing us to our address
CSIL, Centre for Industrial Studies
Corso Monforte 15, 20122 Milan ITALY
Responses to requests shall normally be made within one month of receipt, however this may be extended if the request is complex and/or numerous requests are made.

10. Amendments

This Privacy Policy was last updated on October 2018. We reserve the right to update and change this Privacy Policy from time to time in order to reflect any changes to the way in which we process your personal data or changing legal requirements. In case of any such changes, we will post the changed Privacy Policy on our website or publish it otherwise. The changes will take effect as soon as they are posted on this website.