Photo and Video Privacy Information

Information on the processing of personal data - articles 13 and 14 of EU Regulation 2016/679 ("GDPR")

Versione italiana

Download the policy and disclaimer

John Cabot University systematically undertakes to comply with the current legislation on data protection and user privacy protection.

The following information describes the provisions of articles 13 and 14 of GDPR.

Upon you giving your consent for JCU to use your image, we are committed to using it only for the purpose of promoting JCU’s courses and initiatives.

Your image might be published:

1)  on the following websites:

2) on social media platforms such as Facebook, LinkedIn, Instagram, YouTube, Snapchat, Twitter, TikTok, and Pinterest.

3) in print and electronic publications, brochures, and other forms of communication such as CDs, DVDs and other multimedia platforms.


John Cabot University (hereinafter “JCU” or just “University”), with registered office in Via della Lungara, 233, 00165 Rome, Italy, is the Data Controller.


John Cabot University uses the following subjects as Data Processors:

Data processor


Modern Campus, 1320 Flynn Road Suite 100 Camarillo, CA 93012

Software as Service provider for content management

Higher Education Marketing: 6560 de l'esplanade, suite 204 Montreal, Quebec, H2V 4L5

Partner of OmniUpdate for IT services

SiteImprove Italia srl Via Motta Emilio, 10, 20144 Milano

Software as Service provider for website improvement

Microsoft Ireland Operations Limited  (IE8256796U), South County Business Park, Leopardstown, Dublin 18

Email service provider in Cloud

WordPress Automattic Inc. 60 29th Street #343, San Francisco, CA 94110

Software provider for creating and managing websites and blogs

Dude Solutions, 11000 Regency Parkway, Suite 110, Cary, NC 27518

Software provider for events management, web calendar

HubSpot, 25 First Street, 2nd Floor Cambridge, MA 02141 United States

Software as Service provider in support of marketing activities

However, it is possible that JCU identifies other subjects designated as Data Processors but not included in the table above, in any case these subjects will be functional to the processing operated by JCU and bound to the principle of purpose as well as to the respect of the current legislation on the protection of personal data.


We may process your image based on your consent. You may revoke your consent at all times by sending an email to [email protected] .


The personal data of the data subject are processed in paper or electronic format.

Once obtained your consent to the processing of your image, JCU will store it in its Content Management System and may publish it on its websites or social media.

To protect the personal data processed, JCU has adopted adequate organizational, technical and physical measures - in accordance with the provisions of article 32 of GDPR - in order to maintain the confidentiality, availability and integrity of the information collected.

All information provided within the Website is encrypted using the 128-bit Secure Sockets Layer (SSL) system and public-key encryption.

The Website is certified as "Comodo secure site". To learn more about the safety certification program, we recommend that you visit the sites.

Notwithstanding the foregoing, users and visitors of the JCU Website shall keep in mind that the Website and all associated services are managed on software, hardware, and networks systems, whose components may, from time to time, require maintenance or be subject to inefficiencies (which JCU will try to resolve promptly).

Processed data are kept for the time necessary for the above purpose, after which they are deleted.

TRANSFER OF EXTRA EU DATA                        

The personal data of the data subjects may be transferred to (i) Canada for which the European Commission has expressed its Adequacy Decision on December 20, 2001, in compliance with the European Parliament and Council Directive 95/46/EC and regarding adequacy of the protection provided by the Canadian Personal Information Protection and Electronic Documents Act, to (ii) the United States of America through a certified data controller pursuant to the Privacy Shield Agreement, as well as (iii) to California (USA) in this case adopting the clauses "EU controller to non-EU or EEA processor" referred to in decision 2010/87 / EU with the controller.


In the case provided, the data subject has the right to obtain access to personal data from JCU and the rectification or erasure of them or the restriction of the processing that concerns him/her or to object to processing (articles 15 to 22 of GDPR).

Data subjects have the right to lodge a complaint with the Supervisory Authority.

The data subject can provide his/her requests to JCU by writing to the Referent for the protection of the data subject’s rights (also known as DPO – Data Protection Officer) located in Via della Lungara, 233, 00165 Rome, Italy, or by sending a communication to the address [email protected].

If you believe that we have collected information on an under 14 years old, without the consent of or in contrast with the will of the person that exercises the parental responsibility, please contact us at [email protected] so that we can either manage the complaint or delete the information.


JCU reserves the right to modify the information entered on this page/document, by publishing the changes on the website, therefore we advise the data subject to periodically check this information.