Privacy Policy of Lapampamanagua Finance Academy

This Privacy Policy explains how Lapampamanagua Finance Academy (“we”, “us”, “our”) collects, uses and protects personal data of visitors, prospective participants and clients of our learning platform in Italy.

Last updated: 01 February 2025 Rome, Italy

We are committed to handling personal data in a transparent and responsible way, in line with Regulation (EU) 2016/679 (“GDPR”) and applicable Italian data protection law. This document describes what information we collect, why we collect it, how we use it and which rights you have.

1 Data controller and contact details

The data controller responsible for processing your personal data in connection with this website and our learning programs is:

Lapampamanagua Finance Academy

Via Antonio Bertoloni, 1
00197 Roma RM, Italy

Phone: +39 02 7711 2900
Email: Lapampamanagua@gmail.com

If you have any questions related to this Privacy Policy or your personal data, you can contact us using the contact details above.

2 Personal data we collect

Depending on how you interact with us and which services you use, we may collect and process the following categories of personal data:

Identification and contact data – such as your name, email address, phone number, job title, company name and country.
Professional information – information about your role, responsibilities, team structure, areas of interest and the type of business you represent.
Communication data – content of messages you send through our contact forms, email exchanges and notes from calls or meetings.
Website usage data – technical information and usage data such as IP address, device type, browser type, pages visited, time spent on pages and interactions with our content. This may be collected through cookies and similar technologies.
Program-related data – information about your participation in learning tracks or sessions, feedback you provide, materials we share with you and your progress within the academy.

We generally do not request or intentionally collect special categories of personal data (such as health data, religious beliefs or political opinions). Please avoid including such information in the forms or messages you send us.

3 How we obtain personal data

We obtain personal data through the following sources:

directly from you, when you fill in a form on our website, contact us by email or phone;
through your employer or colleagues, if they register you or introduce you to our academy;
automatically, when you browse our website, through cookies and similar technologies implemented on the platform;
from publicly available professional sources (for example, LinkedIn or company websites) where this is appropriate and in line with the law.

4 Purposes and legal bases for processing

We process personal data only for specific, explicit and legitimate purposes. Under the GDPR, we rely on the following legal bases:

Providing our services and responding to requests

We use your contact and communication data to respond to your messages, provide information about our programs, prepare proposals and deliver learning tracks and sessions you choose to join.

Legal basis: performance of a contract or steps taken at your request prior to entering a contract (Art. 6(1)(b) GDPR).

Managing our relationship with you

We keep records of interactions, participation and feedback to manage our ongoing relationship, handle questions, invoicing and provide relevant follow-up.

Legal basis: performance of a contract and our legitimate interest in maintaining relationships (Art. 6(1)(b) and 6(1)(f) GDPR).

Improving our website and content

We analyse aggregated website usage data to understand how visitors interact with our content, improve navigation and ensure the platform remains secure and reliable.

Legal basis: our legitimate interest in running and improving an online service (Art. 6(1)(f) GDPR).

Newsletters and learning updates

When you subscribe to our newsletter or request learning updates, we use your email and preferences to send you relevant content such as the “Financial Check-in” email.

Legal basis: your consent (Art. 6(1)(a) GDPR). You can withdraw your consent at any time using the unsubscribe link or by contacting us.

We may also process personal data to comply with legal obligations (for example, accounting or tax requirements) and to establish, exercise or defend legal claims.

5 Cookies and similar technologies

Our website uses cookies and similar technologies to function properly, to remember your preferences and to understand how visitors interact with our educational content.

Some cookies are strictly necessary for the operation of the website (for example, to ensure basic security and page navigation). Other cookies, such as analytics or performance cookies, help us improve the platform by collecting aggregated information about usage.

When required by law, we will ask for your consent before placing non-essential cookies on your device. You can manage your preferences through the cookie panel on our website and by adjusting your browser settings.

For more detailed information about the types of cookies we use, their purposes and lifetimes, please see our Cookie Policy.

7 International data transfers

Our primary operations are based in Italy and we aim to store data within the European Economic Area (EEA) whenever possible. However, some of our service providers may be located outside the EEA or use infrastructure in other countries.

Where personal data is transferred outside the EEA, we take appropriate safeguards to protect it, such as:

using countries that have been recognised by the European Commission as providing an adequate level of protection, or
entering into Standard Contractual Clauses approved by the European Commission and evaluating additional safeguards where needed.

8 Data retention

We keep personal data only for as long as it is necessary for the purposes for which it was collected, or as required by legal obligations.

Contact and communication data are generally retained for the duration of our relationship with you and for a reasonable period afterwards to handle questions or potential claims.
Program-related data may be stored for the duration of the learning track and for a limited period to maintain records and improve our content.
Data needed for accounting or tax purposes may be retained for the legally required periods under Italian law.

When data is no longer needed, we will delete it or anonymise it so that it can no longer be associated with you.

9 Your rights under GDPR

As a data subject in the European Union, you have a number of rights regarding your personal data. These include:

Right of access – to obtain confirmation whether we process your personal data and to receive a copy of it.
Right to rectification – to request correction of inaccurate or incomplete data.
Right to erasure – to request deletion of your data where there is no valid reason for us to continue processing it (“right to be forgotten”).
Right to restriction – to request that we limit the processing of your data in certain circumstances.
Right to data portability – to receive your data in a structured, commonly used and machine-readable format and to transmit it to another controller where technically feasible.
Right to object – to object to processing based on our legitimate interests, including profiling; we will stop processing unless we demonstrate compelling legitimate grounds.
Right to withdraw consent – where processing is based on your consent, you may withdraw it at any time, without affecting the lawfulness of processing before withdrawal.

To exercise these rights, please contact us at Lapampamanagua@gmail.com or using the postal address provided above. We may need to verify your identity before responding to your request.

You also have the right to lodge a complaint with the competent supervisory authority, in particular in the EU Member State of your habitual residence, place of work or place of the alleged infringement. In Italy, the supervisory authority is the Garante per la protezione dei dati personali.

10 How we protect personal data

We implement appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.

These measures include access controls, secure communication channels, limited retention periods and working only with service providers that commit to adequate data protection standards.

However, no online transmission or storage system can be guaranteed to be 100% secure. If you suspect any misuse, loss or unauthorised access to your personal data, please contact us immediately.

11 Children’s data

Our website and learning programs are intended for professionals, entrepreneurs and adult leadership teams. We do not intentionally offer services to or collect personal data from children under 18 years of age.

If you believe that we may have collected personal data from a child, please contact us so that we can take appropriate steps to delete such information.

12 Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, applicable law or technical developments. When we make material changes, we will indicate this at the top of the policy and, where appropriate, provide a more prominent notice (for example, on the website or by email).

We encourage you to review this page periodically to stay informed about how we protect your personal data.

13 How to contact us about privacy

For any questions, comments or requests regarding this Privacy Policy or our processing of personal data, you can contact us at: