top of page
Screenshot 2025-06-04 at 8.25.31 PM.png

PRIVACY POLICY – DI LUCCIA BUSINESS SCHOOL SRL
Effective Date:– last updated: July 2025

Legal disclaimer and data protection statement

Information notice pursuant to Article 13 of Regulation (EU) 2016/679 (GDPR)

 

This privacy policy is issued by Di Luccia Business School S.r.l. (hereinafter “DLBS”), in its capacity as Data Controller of the personal data collected through the website www.dilucciabs.com, pursuant to Article 13 of the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

 

This notice describes how personal data is collected, used, stored and protected, the purposes and legal bases of the processing, and the data subjects’ rights under applicable data protection law.

 

All processing activities are carried out in accordance with the principles of lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality.

1. Data Controller and Contact Information

The Data Controller is Di Luccia Business School S.r.l., with registered office at Corso Sempione 20, 20154 Milan, Italy.

 

For any privacy-related inquiries or to exercise your rights, please contact:

Email: d.diluccia@diluccia.com

2. Types of Data Processed

DLBS may collect and process the following personal data:

  • Full name

  • Professional title

  • Company or employer

  • Full address (street, zip code, city, country)

  • Mobile phone number

  • Email address

  • VAT number (if applicable)

  • Program of interest (information or registration request)

  • Date of birth

  • Any additional content voluntarily submitted in form fields

 

In addition, the website may collect technical and navigation data (e.g., IP address, browser type, session duration, referral source) using cookies and analytics tools provided by Wix.com.

3. Purposes and Legal Bases of Processing

Personal data is processed for the following purposes:

Purpose
a) Responding to contact requests and sending information brochures
b) Managing program applications and course registrations

c) Sending promotional communications (e.g., emails, phone calls, invitations to future courses)

d) Anonymous statistical analysis and service improvement

e) Collecting and publishing images/videos of course participants for promotional purposes (e.g. on the website, brochures, social media)

f) Fulfilling legal and fiscal obligations

Legal Basis

a) Pre-contractual measures (Art. 6.1.b GDPR)

b) Contract performance (Art. 6.1.b GDPR)

c) Consent (Art. 6.1.a GDPR)

d) Legitimate interest (Art. 6.1.f GDPR)

e) Consent (Art. 6.1.a GDPR)

f) Legal obligation (Art. 6.1.c GDPR)

4. Processing Methods and Data Security

Data is processed using electronic systems and software strictly aligned with the stated purposes. DLBS ensures data protection through appropriate technical and organisational measures to prevent unauthorized access, loss, misuse or disclosure.

 

Processing is carried out by authorized internal staff or external providers (e.g., hosting, CRM, consultants), formally appointed as Data Processors under Art. 28 GDPR.

5. Data retention periods

Your personal data will be retained only for the time strictly necessary to fulfil the purposes listed above. In particular:

 

  • Brochure/contact requests: up to 24 months

  • Course registrations and contractual documentation: 10 years (in line with fiscal and legal requirements)

  • Marketing/promotional use: until withdrawal of consent

  • Images and video materials: up to 5 years or until consent is withdrawn

  • Technical browsing data: according to Wix.com’s retention policies

6. Data Provision: Mandatory or Optional

  • Providing data is mandatory to receive services (e.g., course registration, billing). Failure to provide such data may prevent access to DLBS programs.

  • Providing data for marketing purposes is optional. Refusal does not affect your right to participate in courses.

7. Data Sharing and Recipients

  • Data may be shared with:

  • Internal staff authorised by DLBS

  • External providers (e.g., CRM, cloud, web)

  • Legal and tax consultants

  • Institutional or academic partners

  • Payment providers

  • Public authorities (if required by law)

  • Data will not be disclosed to the public unless explicit consent is given for use of photo/video content.

8. Transfers Outside the EEA

  • The site is hosted on Wix.com, which may involve data transfer outside the EEA (e.g., to Israel or the U.S.). Transfers comply with Art. 44–49 GDPR through:

  • Adequacy decisions

  • Standard Contractual Clauses (SCCs)

  • Other safeguards

9. Data Subject Rights

  • You have the right to:

  • Access your data (Art. 15 GDPR)

  • Rectify inaccurate data (Art. 16)

  • Erasure (“right to be forgotten”) (Art. 17)

  • Restrict processing (Art. 18)

  • Data portability (Art. 20)

  • Object to processing (Art. 21)

  • Withdraw consent at any time (Art. 7.3)

  • Requests may be addressed to d.diluccia@diluccia.com

10. Cookies and Tracking

  • The site uses essential cookies and analytics tools provided by Wix.

  • If marketing cookies (e.g., Google Ads, Facebook Pixel) are added in the future, a consent banner and dedicated Cookie Policy will be implemented.

11. Updates to this policy

  • This Privacy Policy may be updated over time. Users are invited to check the page periodically.

  • Last update: July 2025

Di Luccia Business School

Education for Private Equity

  • LinkedIn

© 2025 by Di Luccia Business School

bottom of page