PRIVACY POLICY

1. Data Controller

The data controller is ISOM – International School of Osteopathic Medicine, with registered office at CALEA MARTIRILOR 1989 Nr. 42, contact email: info@isomlearning.com

 

2. Types of Data Collected

ISOM collects and processes the following types of personal data:

Identification and contact data: first name, last name, email, phone number, address.

Payment and billing data: necessary for managing purchases, registrations, and courses.

Browsing data: IP address, access logs, technical and analytical cookies.

Other data voluntarily provided: for example through contact forms, newsletter subscriptions, or account creation.

 

3. Purpose of the Processing

The data is processed for the following purposes:

Administrative and contractual management: course registrations, payments, billing.

Communications: sending information related to ISOM courses and activities.

Direct marketing (with prior consent): sending newsletters, informational material, offers, and promotions.

Service analysis and improvement: monitoring website interactions and user preferences.

Legal obligations: tax, accounting, and regulatory compliance.

 

4. Legal Basis for Processing

Performance of a contract (Art. 6(1)(b) GDPR).

Compliance with legal obligations (Art. 6(1)(c) GDPR).

Consent of the data subject for optional marketing activities (Art. 6(1)(a) GDPR).

Legitimate interest of the controller for service improvement and security (Art. 6(1)(f) GDPR).

 

5. Processing Methods

Personal data is processed using electronic and paper-based tools, with appropriate technical and organizational measures adopted to ensure the security and confidentiality of the information.

 

6. Data Retention

Data relating to registrations, payments, and contracts is retained for the time necessary for administrative management and for the period required by tax laws (10 years).

Data used for marketing purposes will be retained until consent is withdrawn.

 

7. Disclosure and Sharing of Data

Data may be shared with:

Authorized ISOM staff and collaborators involved in the processing.

External service providers (management systems, e-learning platforms, hosting, payment providers).

Competent authorities where required by law.

Data will not be disclosed to the public without explicit consent.

 

8. Transfer of Data Abroad

If data is transferred to countries outside the EU, the controller guarantees the adoption of appropriate protection measures in compliance with the GDPR (for example, standard contractual clauses).

 

9. Rights of the Data Subject

As a data subject, the user may exercise the rights provided under Articles 15–22 of the GDPR, including:

• the right of access, rectification, and erasure;

• the right to restriction of processing and to object to processing;

• the right to data portability;

• the right to withdraw consent at any time;

• the right to lodge a complaint with the Data Protection Authority.

• Requests may be sent to: info@isomlearning.com

 

10. Cookie Policy

The ISOM website uses technical, functional, and analytical cookies to improve the browsing experience. For more details and to manage preferences, users may consult the dedicated Cookie Policy.

 

11. Changes to the Privacy Policy

ISOM reserves the right to update this notice at any time. Any changes will be published on this page with the updated revision date.

 

Last updated: 03/09/2025