Privacy Policy

Notice pursuant to EU Regulation 2016/679 and applicable national data protection laws

Indian Chamber of Commerce in Italy (ICCI)

This Privacy and Personal Data Protection Policy (“Policy”) has been prepared in accordance with Legislative Decree No. 196 of June 30, 2003 (Personal Data Protection Code, as amended) and Articles 13, 6, and 7 of Regulation (EU) 2016/679 (“GDPR”).

This Privacy Policy describes how the Indian Chamber of Commerce in Italy (“ICCI” or the “Data Controller”) collects, uses, stores, and protects the personal data of its members, prospective members, partners, event participants, and other interested parties.

  1. Data Controller

Indian Chamber of Commerce in Italy (ICCI)

VAT ID / Tax ID: 03399520968

Registered office: Piazza Eleonora Duse 2, 20122 Milan, Italy

Phone: +39 02 760797 400

Email: segreteria@icci.it

Certified Email: icci.milano@legalmail.it

Website: www.icci.it

The contact information provided above may be used to exercise your rights regarding the processing of your personal data in accordance with Articles 15–22 of the GDPR, as further detailed below.

  1. Categories of Personal Data Processed

ICCI processes personal data in connection with the provision of its services. Data is generally collected directly from the data subject, for example when registering with ICCI, at trade fairs and events, in connection with the services provided by ICCI, or when registering for restricted areas of the website. In specific cases, ICCI may process personal data provided by parties with whom it collaborates, including, in particular, its members, associations, or entities that perform functions strictly connected to or instrumental to ICCI’s activities.

The main categories of personal data processed include:

  • Contact information: name , title, position, company or organization, phone number, email address, tax ID number/VAT number, and mailing address;
  • Business data: personal identification information regarding the data subject in connection with the services provided by ICCI;
  • Contact information obtained from public sources, such as websites, LinkedIn, WhatsApp, and similar professional networks, directories, or online publications;
  • Authentication credentials for accessing the restricted area of the website;
  • Browsing data, including, but not limited to, IP address, device type, operating system, browser type and version, duration of the visit, and information about interactions with the site (scrolling, clicks, mouse movements), etc.;
  • Photographs and video recordings taken during institutional events, meetings, conferences, or promotional initiatives organized by ICCI.

We do not intentionally process special categories of personal data as defined in Article 9 of the GDPR. ICCI does not collect or process, on its own initiative, special categories of personal data, including information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or health status or health data.

  1. Purpose of the Processing

The data collected by ICCI will be processed in accordance with Article 6 of the GDPR in a lawful, fair, and transparent manner for the following purposes:

Management of Membership and Institutional Relations

ICCI collects and processes personal data for the purposes of managing membership applications, administering the membership relationship, and organizing institutional activities and events. This processing is necessary for the performance of pre-contractual or contractual measures to which the data subject is a party, pursuant to Article 6(1)(b) of the GDPR.

Registration for the website's members-only area

The provision of personal data is optional, and refusal to do so does not affect your ability to browse the site normally. However, in order to receive communications or financial reports, you must complete the registration process by providing a username and a valid email address to prevent fictitious registrations. The processing is based on the data subject’s request to access the service, pursuant to Article 6(1)(b) of the GDPR.

Sending informational and promotional communications and newsletters

ICCI, based on its legitimate interest, sends its members and other parties with whom it interacts periodic newsletters and informational or commercial communications consistent with the services it offers, without prejudice to the data subject’s right to object to the processing and to unsubscribe by sending a message to segreteria@icci.it. The processing is carried out on the basis of ICCI’s legitimate interest pursuant to Article 6(1)(f) of the GDPR, without prejudice to the data subject’s right to object at any time pursuant to Article 21 of the GDPR.

Invitations to events and business meetings organized, co-organized, or sponsored by ICCI and its partners

Based on its legitimate interest, ICCI offers individuals with whom it interacts the opportunity to participate in informational, educational, and networking events designed to foster knowledge and business opportunities within the Italy-India bilateral context. The data subject has the right to object to such processing. Legal basis: The processing is based on ICCI’s legitimate interest pursuant to Article 6(1)(f) of the GDPR.

Marketing, promotion, and institutional visibility on social media platforms, in publications, and on the ICCI website

ICCI may publish photographs and videos on its websites, social media, press releases, and institutional publications, or for the promotion of events, initiatives, and partnerships, subject to the data subject’s consent. The processing of photographs and video recordings for promotional purposes is carried out exclusively on the basis of the data subject’s prior and explicit consent, in accordance with Article 6(1)(a) of the GDPR.

Provision of services requested by the data subject or provided for under the membership agreement

As part of its ordinary business activities, ICCI processes personal data that is necessary and essential for the provision of its services and for the management and administration of its relationships with its members, partners, and users, as well as for the creation of historical archives and the documentation of ICCI’s activities. This processing is based on the fulfillment of contractual obligations and on ICCI’s legitimate interest pursuant to Article 6(1)(b) and (f) of the GDPR.

Compliance with regulatory, administrative, and tax obligations

The processing is necessary to comply with legal obligations pursuant to Article 6(1)(c) of the GDPR.

  1. Methods of Processing

ICCI processes personal data in compliance with the provisions of privacy laws, using paper-based, computerized, or electronic means; such processing is based on the principles of fairness, lawfulness, transparency, and proportionality.

The technical and organizational security measures adopted are commensurate with any threats that could compromise the confidentiality, integrity, and availability of the data, in order to reduce the risk of unauthorized processing and accidental damage.

  1. Cookie Policy

The ICCI website may collect browsing data, which is processed solely for the purpose of providing services to users. The site uses cookies—small text files sent to the user’s device (computer, smartphone, tablet) and stored in the browser—to optimize the browsing experience, maintain the application session, and share content on social networks.

Specifically, the website uses the following types of cookies:

  • Session cookies: These are stored temporarily and have a limited lifespan; therefore, they do not permanently store any information on the user’s device. These cookies allow us to store information related to the start of each user session.
  • Analytical/performance cookies: These are used to count the number of visitors to the website and to track how they navigate and use the site, with the aim of improving its functionality and user experience (for example, to help users find the information they are looking for more easily). These cookies do not collect information that could identify the user, and the data collected is anonymous and processed in aggregate form.
  • Technical cookies: These are used to ensure the transmission of communications between the user and the website over the internet, to the extent strictly necessary to ensure an optimal browsing experience.
  • Third-party cookies: These are managed by third parties in accordance with their own policies. Specifically, the site uses:
  • Google Analytics cookies, used to collect information and data in anonymous and aggregated form. Further information about these cookies and the related privacy policy is available at the following link: www.google.it/analytics/learn/privacy.html
  • Social media cookies, used for sharing content on major social media platforms (LinkedIn, X, Facebook, Instagram, YouTube, WhatsApp). The data is collected and processed independently by the operators of these social media platforms; for further information, please refer to the privacy policies provided by those entities.

No profiling cookies are used.

For more information on how to disable cookies, please visit the following links, depending on the browser you are using:

  • Firefox
  • Chrome
  • Internet Explorer
  • Safari
  • Opera
  1. Disclosure of Data to Third Parties

Without prejudice to disclosures made to comply with legal obligations, ICCI may disclose data, exclusively for the purposes indicated above, to the following entities or categories of entities:

  • Employees, interns, and collaborators expressly authorized by ICCI
  • ICCI Members
  • External consultants (administrative, legal, accounting, organizational)
  • Third parties of interest to members, including foreign delegations, foreign business operators, and other potential business partners
  • Freight forwarders
  • IT service providers and system administrators
  • Newspapers and publishing houses
  • Newsletter and CRM service providers
  • Photographers and videographers involved in institutional events
  • Banks, insurance companies, and payment service providers
  • Public authorities or judicial bodies in cases provided for by law

Subject to your explicit consent, your contact information may be transferred to companies and business partners in India. Where applicable, these recipients are formally designated as Data Processors pursuant to Article 28 of the GDPR. An updated list of Data Processors is available upon request from the ICCI offices.

  1. Data Retention

Personal data is retained for as long as necessary to fulfill the purposes described above and is made inaccessible once the purpose of the processing no longer applies. The criteria used to determine the retention period take into account the obligations arising from applicable law and any legitimate interests of ICCI in pursuing the described purposes.

  • Membership and accounting data: for the duration of the membership and for up to 10 years thereafter, in compliance with civil and tax obligations;
  • Data on prospective members: up to 6 months if they do not register;
  • Institutional archives and yearbooks: no predefined time limits;
  • Marketing data and newsletters: for the duration of the relationship and up to 24 months after its termination, unless consent is revoked earlier.
  1. Automated Decision-Making Processes

Personal data is not subject to automated decision-making, including profiling, pursuant to Article 22 of the GDPR.

  1. Rights of the Data Subject

If you wish to exercise your rights—including the right to request confirmation of the existence of your personal data, to access, correct, or delete such data—or if you would like further information about this Privacy Policy, please contact ICCI at segreteria@icci.it.

This does not affect the data subject’s right to lodge a complaint with the Supervisory Authority, the Italian Data Protection Authority, located at Piazza di Monte Citorio 121, Rome.

  1. Withdrawal of Consent

Where processing is based on consent, such consent may be withdrawn at any time without affecting the lawfulness of the processing carried out prior to the withdrawal.

  1. Mandatory and Optional Nature of Data Provision

The provision of data for association-related, contractual, and legal purposes is mandatory; failure to provide such data may prevent ICCI from establishing or continuing the relationship.

The provision of data for communication purposes, newsletters, and the use of photographs and videos in marketing materials and publications is optional and subject to the data subject’s consent.

 

Italy

2 Piazza Eleonora Duse, 20122 Milan

+39 02 760797 400

segreteria@icci.it – www.icci.it