fondazione illimity, as Data Controller, ensures the greatest attention to confidentiality, protection and security of personal data of the people it comes into contact with.

The user of this website is encouraged to read in advance all of the sections of this document, where the website’s management procedures related the processing of users’ personal data are described. This also constitutes a privacy notice pursuant to EU Regulation 679/2016 (GDPR) provided to everyone who is interacting with illimity’s web services accessible through the internet at the following address: https://www.fondazioneillimity.com

This privacy notice applies only to fondazione illimity’s website and not to any other website the user could land on through links found on fondazione illimity’s website. fondazione illimity does not have any kind of control over those websites and over the procedures they put in place to guarantee data confidentiality and protection. Therefore, we strongly recommend reading privacy provisions of every entity you get in touch with before communicating personal information.


The Data Controller is fondazione illimity, via Soperga 9, 20124 Milano – e-mail address: info@fondazioneillimity.it.


Personal data fondazione illimity might have access to are exclusively those provided by you while surfing the website through the optional, explicit and voluntary sending of the modules found on this website or of e-mails to the addresses on this website. Moreover, with your consent, which you can withdraw at any time, your personal Data will be gathered and processed to send you newsletter and information material on initiatives and/or events organized by fondazione illimity. Failure to provide the data might determine the impossibility for illimity to provide the requested service.

The conditions for the lawfulness of the processing are the following:

(i) your consent;

(ii) fulfilment of legal obligations.

The processing of your personal data may be carried out through manual and telematic tools.

fondazione illimity adopts organizational and technical measures appropriate to guarantee security and confidentiality of your personal data.


fondazione illimity processes personal data directly gathered from the client or from third parties, including, for instance, personal details and information on device used (e.g. operating system installed, etc.).


Data are processed through manual and telematic tools, in order to achieve the specified purposes of the processing. Specific security measures are implemented to avoid the risk of data loss, unlawful or improper use and unauthorized access.


fondazione illimity won’t share your data with Third Parties unless that is necessary to comply with legal obligations.

Processing activities aimed at pursuing the purposes specified above will be performed entirely by fondazione illimity or by third parties explicitly appointed as Data Processors.


fondazione illimity favors data processing activities carried out within the European Union area. If data have to be transferred outside the European Union or outside the European Economic Area, fondazione illimity guarantees compliance with the standard clauses adopted by the European Commission and any relevant indication given by the Authorities.


fondazione illimity retains personal data in a form which allows to identify data subjects for a period strictly necessary to the achievement of the specified purposes of the processing. If you subscribed to the newsletter, your personal data will be retained throughout the subscription period and no later than 60 days from when you withdrew your consent, unless applicable legal obligations require a longer retention period.


    In accordance with articles from 15 to 21 of the Regulation (EU) 679/2016, data subject may exercise specific data protection rights set out in the list above:
  1. a) Right of access: right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and detailed information on the origin, the purposes, the categories of personal data concerned, the recipients and/or the transfer of data, and more;
  2. b) Right to rectification: right to obtain from the controller without undue delay the rectification of inaccurate personal data, as well as the right to have incomplete personal data completed, including by means of providing a supplementary statement;
  3. c) Right to erasure (“right to be forgotten”): right to obtain from the controller the erasure of personal data without undue delay when:
    1. i. the personal data are no longer necessary in relation to the purposes for which they were processed;
    2. ii. consent on which the processing is based is withdrawn, and there is no other legal ground for the processing;
    3. iii. the personal data have been unlawfully processed;
    4. iv. the personal data have to be erased for compliance with a legal obligation;
  4. d) Right to object: right to object at any time to the processing of personal data having as a legal basis a legitimate interest of the Controller and/or to the processing for marketing purposes, including profiling. In the case of objection to the processing for marketing purposes, the personal data are not processed for those purposes anymore;
  5. e) Right to restriction of processing: right to obtain from the Controller restriction of processing where the accuracy of the personal data is contested (for a period enabling the controller to verify the accuracy of the personal data), the processing is unlawful and/or the data subject has objected to processing;
  6. f) Right to data portability: right to receive the personal data in a structured, commonly used and machine-readable format, and the right to have the data transmitted from one Controller to another, where technically feasible, only where the processing is based on consent or on an agreement and only for the data processed through electronic means;
  7. g) Right to lodge a complaint with a supervisory authority: without prejudice to any other administrative or jurisdictional claim, the data subject that considers the processing that concerns him/her is violating the Regulation has the right to lodge a complaint with the supervisory authority of the member state in which he resides or is established, as well as in the state where the assumed violation occurred;
  8. h) Right not to be subject to an entirely automated profiling: when the profiling is entirely automated, the right to obtain human intervention on the part of the Controller, to express his or her point of view and to contest the decision.

Moreover, we hereby inform you that you have the right to revoke at any time your consent previously given to optional activities, notwithstanding the lawfulness of the processing activities carried out before the withdrawal.

To exercise your rights, you can send your request to:

- fondazione illimity mailing address: Via Soperga 9, 20124 Milano (MI);

- e-mail address: privacy@fondazioneillimity.it.

The content of this website – script code, graphics, texts, charts, images, sounds, and any other information available in any form – are protected within the meaning of legislation in the field of intellectual works. Any company and products referred to in this website are identified by their trademarks, that might be protected by patents and/or copyright granted or registered by the competent authorities. Software products and informative contents, unless specified otherwise, can be downloaded or used for personal use only, or eventually for non-commercial use citing the source.

© 2021 | fondazione illimity | Sede: Via Soperga 9 – 20127 Milano | CF 97891150159 | PEC: fondazione@pec.fondazioneillimity.it