Logo CSIL

Privacy Policy

We are committed to complying with any data protection regulations that may apply in personal processing data, including the GDPR. The key ingredients of our privacy policy are listed in what follows.

1. Contact information

CSIL's administrator is responsible for processing personal data at CSIL.

CSIL, Centre for Industrial Studies
Corso Monforte 15, 20122 Milan ITALY
Tel: +39 02796630
Email: csil@csilmilano.com

2. Types of data we collect and how we use it

We only use personal data to the extent permitted by law. Depending on your relationship with us and the channels used to collect personal data, our use of such data will differ.

Website Cookies
Cookies in use at the CSIL's websites are not associated with any personal data about that visitor.

Google Analytics
Google Analytics collects CSIL number of visitors to the various pages of the site. This information is anonymously processed. We do not make and do not allow Google to make any attempt to find out the identities of those visiting our website.

Interviews and surveys
We anonymise and aggregate personal information collected through interviews and surveys and use it only for the purposes described in the invitation. We will not use your data unless you authorised us to do so and specified it at the time of collection.
We use a third-party provider, Survey Monkey, for managing surveys and other consultation. For more information, please see Survey Monkey's privacy notice.

Use of personal data of job applicants and consultants
The provision of your personal data is necessary to assess your application, offer you a job, or participate in a project or contract. If you apply to us, we will process your data as an applicant:

  • For handling and evaluating your (job) applications in the context of the pre-contractual relationship and for the administrative duties required by the management of your contract.
  • To maintain a database of experts. Keeping a database allows us to contact you later for a job or contract opportunity arising from a specific project. If you do not wish to be included in the recruitment reserve, you may let us know by contacting us via any of the means indicated at the beginning of the privacy policy.

3. Consenting to Data processing

As a general principle, you will provide us with your data entirely voluntarily; there are generally no detrimental effects for you if you choose not to consent or provide personal data. However, there are circumstances in which CSIL cannot take action without certain of your personal data. For example, because this personal data is required to process your instructions or orders, provide you with access to an e-survey or newsletter to carry out a legally required compliance screening. In these cases, it will unfortunately not be possible for us to provide you with what you request without the relevant personal data, and we will notify you accordingly.

4. Processing methods

We store personal data in electronic archives and, on a residual basis, on paper. The processing of personal data is carried out in compliance with GDPR principles.

5. How we share information

We may share information about you with those managing and maintaining our information system, with other consultants and professionals who support us carrying out the purposes mentioned above, and for the fulfilment of legal and fiscal obligations.
We do not sell or otherwise disclose personal information about you.

We may share your data with Third Parties with your consent or as necessary for the performance of a contract to which you are a party or to take steps, at your request, before entering into an agreement.
When we share your data with third parties, CSIL will ensure that the data is only processed according to our specific instructions and that the same standards of confidentiality and security are maintained.
We also may disclose personal information:

  • if we are required or permitted to do so by applicable law, regulation or legal process;
  • to law enforcement authorities or other government officials to comply with a legitimate legal request;
  • when we believe disclosure is necessary to prevent physical harm or financial;
  • to establish, exercise or defend our legal rights, and
  • in connection with an investigation of suspected or actual fraud, illegal activity, security or technical issues.

6. Storing and transferring personal data outside the EEA

Data are processed within the European Economic Area (EEA), as our main external suppliers are based in Italy and the EU. However, should we need to use services from external third parties based outside the European Economic Area (EEA), involving the transfer of data outside the EEA, we will ensure a similar degree of protection is afforded to it by implementing safeguards.

7. Data retention

Your personal data will be deleted when it is no longer reasonably required for the Permitted Purposes, or you withdraw your consent (where applicable), and we are not legally required or otherwise permitted to continue storing such data.
In some circumstances, we may anonymise your data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

8. Security

We take appropriate technical and organisational measures to keep your personal data confidential and secure in accordance with our internal procedures covering the storage, disclosure of and access to personal data. We maintain a system of appropriate administrative, physical and technical safeguards to secure such information. We have made a contractual arrangement with our third-party service providers that require them to take appropriate security measures to ensure the confidentiality and security of your personal data and process your data for specified purposes only and according to our instructions and comply with applicable privacy laws.

9. Data subject rights

Under GDPR, you are entitled to exercise the following rights:

  • Right of Access. You have the right to obtain from us confirmation as to whether or not personal data concerning you are processed, and, where that is the case, you have the right to request and get access to that personal data.
  • Right to Rectification. You have the right to obtain from us the rectification of inaccurate personal data, and you have the right to provide additional personal data to complete any incomplete personal data.
  • Right to Erasure ("Right to be Forgotten"). In certain cases, you have the right to obtain from us the erasure of your personal data.
  • Right to Restriction of Processing. You have the right to obtain from us restriction of processing, applicable for a certain period and/or for certain situations.
  • Right to Data Portability. You have the right to receive from us in a structured format your personal data, and you have the right to (let) transmit such personal data to another controller.
  • Right to Object. In certain cases, you have the right to object to the processing of your personal data, including with regards to profiling. You have the right to object to further processing your personal data so far as such data have been collected for direct marketing purposes.
  • Right to be Not Subject to Automated Individual Decision-Making. You have the right not to be subject to a decision based solely on automated processing.
  • Right to Filing Complaints. You have the right to file complaints with the applicable data protection authority on our processing of your personal data.

You can contact us at csil@csilmilano.com or at the following address
CSIL, Centre for Industrial Studies
Corso Monforte 15, 20122 Milan ITALY
Responses to requests shall normally be made within one month of receipt; however, this may be extended if the request is complex and/or numerous requests are made.

10. Amendments

This Privacy Policy was last updated on April 2021. We reserve the right to update and change this Privacy Policy from time to time to reflect any changes to how we process your personal data or changing legal requirements. In case of any such changes, we will post the changed Privacy Policy on our website or publish it otherwise. The changes will take effect as soon as they are posted on this website.