- Processing Personal data, etc.
“Personal data” means any data relating to an identified or identifiable natural person, including, without limitation, names, addresses, dates of birth, telephone numbers, e-mail addresses, and any other information collected in connection with providing the Services.
“Processing” means any operation or set of operations which is performed on personal data, etc. or on sets of personal data, etc., whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
(2) Purpose of use of personal data, etc.
The Comitato will process the Users’ personal data to provide, improve and develop the Services.
In the case of processing the Users’ personal data for purposes other than the above, the Comitato will notify Users in advance of such new purposes of use and other matters as required by applicable laws.
The personal data that Users are to provide is necessary in order for the Comitato to provide the Service to the Users, and there may be cases in which Users who have not provided such data will be unable to use the Service.
(4) Retention Period
The Comitato will retain the Users’ personal data as long as the Comitato requires such data for achieving the purpose of use specified above.
(a) In the case that the country in which the third party is located is outside the EEA, such country does not have the same data protection laws as EEA member countries, i.e., many of the rights provided to data subjects in the EEA may not be given;
(b) The Users’ personal data will be provided and processed for the purpose specified above; and
(c) The Users’ personal data will be provided to third parties located outside the EEA.
In addition to the above, in the case that the Comitato provides the Users’ personal data to a third party located in a country outside the EEA, the Comitato will ensure that adequate measures such as standard contract clauses based on the GDPR are taken concerning the protection of the Users’ personal data.
(6) Rights of Users
The Users may request from the Comitato access to, rectification or erasure of, and restriction of processing of their personal data, may object to the processing of the Users’ personal data, and may request data portability. The Comitato accepts such Users’ requests at the contact point set forth in “3. Contact” below.
The Comitato may refuse the Users’ requests if the Comitato deems that there is no basis for such Users’ requests or if they are deemed excessive.
The Users may raise objections with the data protection authorities having jurisdiction over the location of the Users’ domicile with regard to the processing of their personal data.
- Safety Management Measures
In order to protect from unauthorized access to personal data, loss, etc. of personal data, taking into account the type of personal data, the degree of sensitivity and the degree of economic influence and mental harm caused to Users in the case of a personal data breach, the Comitato comprehensively evaluates and judges the risks of personal data breaches, implements appropriate personal, organizational and technical safety management measures based on the risk of a personal data breach, if necessary, checks such safety management measures, sets up a process for correction, and constantly strives to improve security.
The Comitato shall strive to appropriately manage personal data by restricting the entry of outsiders into the offices which are processing personal data, conducting educational awareness activities for all officers and employees involved in the protection of personal data, and placing a manager in charge for each division processing personal data.
The contact information for The Comitato is as follows:
< Comitato Amministrativo Italiano Proficiency-Test di Lingua Giapponese>
[Via Antonio Gramsci 74 00197 Roma]