iLabs, online labs solution is a platform made up of virtual machines that allows you to practice all the concepts and methodologies taught in EC-Council’s IT Security Certification courses in a safe, secure platform.
The LPT (Master) is the world’s first fully online, remotely proctored LPT (Master) practical exam, which challenges the candidates through a grueling 18 hours of performance based, hands-on exam categorized into three practical exams for six-hour duration each, which will test your perseverance and focus by forcing you to outdo yourself with each new challenge. The exam requires the candidates to demonstrate a methodical approach to test and validate security defenses. The LPT (Master) exam is developed with close collaboration with SMEs and practitioners around the world after a thorough job role, job task, and skills-gap analysis.
About the Exam
E|CIH allows cybersecurity professionals to demonstrate their mastery of the knowledge and skills required for Incident Handling
Exam Title: EC-Council Certified Incident Handler
Exam Code: 212-89
Number of Questions: 100
Duration: 3 hours
Availability: EC-Council Exam Portal
Test Format: Multiple Choice
Passing Score: 70%
Eligibility Criteria
To be eligible to sit the E|CIH Exam, the candidate must either:
Attend official E|CIH training through any of EC-Council’s Authorized Training Centers (ATCs) or attend EC-Council’s live online training via iWeek or join our self-study program.
OR
Candidates with a minimum of 1 year of work experience in the domain that would like to apply to take the exam directly without attending training are required to pay the USD100 Eligibility Application Fee. This fee is included in your training fee should you choose to attend training.
Training Options
iLearn (Self-Study)
This solution is an asynchronous, self-study environment which delivers EC-Council’s sought after IT Security training courses in a streaming video format.
iWeek (Live Online)
This solution is a live, online, instructor-led training course which means you can attend a course with a live instructor from anywhere with an internet connection.
Master Class
This solution offers you the opportunity to learn from world-class instructors and the opportunity to collaborate with top Infosecurity professionals.
Training Partner (In Person)
This solution offers “in-person” training so that you can get the benefit of collaborating with your peers and gaining real-world skills, conveniently located in your backyard.
Course Outline
Module 01: Introduction to Vulnerability Assessment and Penetration Testing
Module 02: Information Gathering Methodology
Module 03: Scanning and Enumeration
Module 04: Identify Vulnerabilities
Module 05: Exploitation
Module 06: Post Exploitation
Module 07: Advanced Tips and Techniques
Module 08: Preparing a Report
Module 09: Practice Ranges
At a glance
The Planet’s Most Advanced Penetration Testing Range
How do you create an Advanced Penetration Tester?
How do you ensure that students are trained on the secrets of the trade while being pushed to their limit?
The Advanced Penetration Testing course from EC-Council is built on the backbone of the Advanced Penetration Testing Cyber Range (ECCAPT) and this was designed by experts who each have more than 25 years of professional security testing across the globe.
More info
ADVANCED PENETRATION TESTING CYBER RANGE (ECCAPT)
THE RANGE IS DESIGNED TO PROVIDE CHALLENGES
THE FINAL RANGE
THIS IS NOT A TYPICOL FLAT NETWORK
The program comes with multiple ranges designed to hone a specific set of real life pen testing skills. The ECCAPT contains more than 180 machines with more than 250 GB RAM and more than 4000 GB of storage segregated in complex network ranges with multiple militarized and demilitarized zones. It facilitates learning and demonstration of current attack vectors, penetration testing methodology, and tools. A typical range consists of 5 to 8 subnets where each subnet represents a different business unit and comprises semi-hardened and hardened machines with more than 15 Windows and Linux OS flavors.
The range is designed to provide challenges across every level of the attack spectrum. Additionally, the range contains multiple layers of network segmentation, and once access is gained in one segment, the latest pivoting techniques are required to reach the next segment. Many of the challenges will require outside-the-box thinking and customization of scripts and exploits to get into the innermost segments of the network. The key to being a highly skilled penetration tester is to go up against a variety of targets that are configured in a variety of ways. The ECCAPT consists of entire network segments that replicate an enterprise network — this is not a computer game simulation, this is an accurate representation of an enterprise network that will present the latest challenges to the pen tester. Since the targets and technology continue to change, the ECCAPT is dynamic and machines and defenses will be added as they are observed in the wild. Finally, the targets and segments are progressive in nature, once you get into one machine and or segment, the next one will challenge you even more.
The final range consists of challenges that will require the skills and concepts that have been covered in the course and consist of multiple visible as well as hidden subnets to prepare you for the possible challenges of the LPT (Master) range.
Finally, the ranges are designed to teach professional-level skills to identify the attack surface of targets within a required time frame and, once this has been accomplished, to gain access to the machines and escalate privileges as required. The greater the variety of targets you encounter with and without defenses, the better of a professional penetration tester you will become.
The practical environment ranges progress in difficulty and reflect real enterprise network architecture. This environment includes defenses and challenges which you must defeat and overcome.
This is not your typical flat network! As you progress through the range levels, each encounter will present the top defenses of today and you will learn the best and latest evasion techniques.
This training format has helped thousands of penetration testers globally and is proven to be effective. The ECCAPT is 100% hands-on. Everything presented in the course is through an enterprise network environment that must be attacked, exploited, evaded, and defended.
LPT master exam
Privacy policy and personal data protection pursuant General Data Protection Regulation (UE) 2016/679
Revision No. 2-20/11/2018
Negg® S.r.l. (hereinafter Negg®), based in Rome, Piazza del Popolo, No. 18, as data controller for the processing of personal data pursuant to Legislative Decree 196/2003 Code regarding the protection of personal data (“Privacy Code”) and subsequent amendments – and to EU Regulation 2016/679 – General Data Protection Regulation (“GDPR”) (hereinafter the Privacy Code and the GDPR are collectively referred to as “Applicable Regulations”) recognizes the importance of the protection of personal data and considers their protection as one of the main objectives of its business.
This document sets out the other information required to be given by law, including information on the data subject’s rights and how to exercise them.
Regulation (EU) 2016/679 on the protection of personal data lays down rules on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and safeguards individuals’ fundamental rights and freedoms, with particular regard to the data subjects’ rights to have their personal data protected.
Under Article 4, No. 1 of the Regulation, “Personal Data” means any information relating to an identified or identifiable natural person (the “Data Subject”).
Pursuant to Articles 12 et seq. of the Regulation, the Data Subject must also be made aware of the appropriate information concerning: (i) the Data Processing conducted by the Data Controller; (ii) the rights of Data Subjects.
Negg® confirms that the processing of personal data will be based on the principles of legality, fairness, transparency, purpose limitation and retention, data minimization, accuracy, integrity and confidentiality. Therefore, personal data will be processed in accordance with the legislative provisions of the Applicable Regulations and the confidentiality obligations set out therein.
1. Data Controller
In accordance with the Applicable Regulations, the data controller is Negg® S.r.l. based in Rome, Piazza del Popolo, No. 18.
For any information concerning the processing of personal data by the Data Controller, including a request for the list of data processor personnel working on behalf of the Data Controller, please contact privacy@negg.it.
2. Definition
“Personal Data” refers to any information concerning an identified or identifiable physical person with particular reference to an identifier such as a name, an identification number, location data, an online identifier or one or more elements pertaining their physical, physiological, psychic, economic, cultural or social identity.
“Particular Data” refers to personal data sufficient to reveal the racial and ethnic origin, religious or philosophical convictions, or membership of Trade Unions, as well as genetic and biometric data, data related to health or sex life or to the sexual orientation of the person.
“Judicial Data” refers to personal data relating to criminal convictions and crimes or related security measures.
“Data Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction (Article 4, No. 2 of the Regulation).
3. Types of data processed
The processing relates to personal and identification data provided voluntarily by the party concerned (for example but not limited to: name, surname, address, VAT number, tax code, phone or mobile number, e-mail address, bank account details, etc.).
4. Data Processing location
Data processing takes place at the aforementioned headquarters of the data controller, at the operational offices and at identified third parties.
5. The purposes of the processing and legal basis
Personal data voluntarily provided will be processed by the data controller for the following purposes:
(i) performing the activities that Negg® has been engaged to conduct;
(ii) fulfilling legal obligations generally imposed on Negg®;
(iii) administrative-accounting. For the purposes of the application of the provisions regarding the protection of personal data, the processing performed for administrative-accounting purposes are those related to the performance of organizational, administrative, financial and accounting activities, regardless of the nature of the data processed. In particular, these objectives are pursued by the internal organizational activities, those functional to the fulfilment of contractual and pre-contractual obligations, the management of the employment relationship in all its phases, bookkeeping and the application of the rules on tax matters, Trade Unions, social security, health, hygiene and safety at work.
(iv) Information and promotions. The use of e-mail coordinates provided by the customer in the context of the sale of a product or service for direct sales of its products and services or collected through the “Contact us” area of the institutional website negg.international, is permitted for the purpose of sending information and newsletters. The party concerned, at the time of collection and at the time of sending each communication, is informed of the possibility to object at any time to the processing, easily and free of charge (Article 130 paragraph 4 of Legislative Decree 196/03).
(v) Security, pursuant to Legislative Decree 81/2008. With particular reference to identification data freely given by the guest/visitor to our offices (name, surname, institution or company), the processing has the exclusive purpose of ensuring compliance with corporate security procedures formally applied, in compliance with the applicable regulations (i.e annotation in the register/visitor database, assignment of temporary identification badge, applications of legal obligations in the field of safety at work).
As the Personal Data has to be processed for the purposes indicated under points (i) and (ii), (iii) and (v) above so that Negg® may perform its contractual and/or pre-contractual obligations and fulfil specific legal obligations, respectively, the Data Subject’s consent is not required for those purposes.
6. Methods for processing and storing data
In compliance with the provisions of Article 5 of the Regulation, Personal Data processed by the Negg® is:
(i) processed lawfully, fairly and in a transparent manner in relation to the Data Subject;
(ii) collected and registered for specified, explicit and legitimate purposes, and further processed in a manner that is compatible with those purposes;
(iii) adequate, relevant and limited to what is necessary to the purposes for which they are processed;
(iv) accurate and, where necessary, kept up to date;
(v) processed in a manner that ensures appropriate security;
(vi) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the Personal Data are processed.
Personal Data will be processed by the Data Controller by automated and non-automated means. The Personal Data will be stored electronically on secure servers located in restricted areas with limited access.
Specific security measures are adopted so as to prevent data loss or data usage in an unlawful or improper manner, as well as to prevent unauthorised access thereto.
7. Provision of personal data
Personal Data must be provided so as to allow Negg® to conduct the activities referred to in points (i) and (ii) paragraph No. 5. Therefore, if a Data Subject does not provide the relevant Personal Data, Negg® will be unable to properly perform the commercial activities it has been engaged to conduct and to fulfil its specific obligations provided under the law.
The provision of Personal Data for the purposes provided for under point (iv) of paragraph 5 is, by contrast, optional. Lack of consent from a Data Subject would, however, mean Negg® is unable to send the Data Subject updates or material containing information of a commercial nature and information relating to Negg®’s activities.
The processing will be carried out in both an automated and manual manner, with methods and tools aimed at safeguarding maximum security and confidentiality, by persons appointed as responsible for and in charge of processing in accordance with the applicable legislation.
The data will be stored for a period not exceeding the purposes for which such data were collected and subsequently processed, and in any case for the duration of the contractual or commercial relationship.
It is understood, however, that, once the contractual relationship with Negg®, and with it the purpose for which the Data has been processed, has come to an end, the Data Controller will, in any event, be required and/or entitled to continue to store Personal Data, in whole or in part, for certain purposes, as expressly required by specific provisions of the law (such as the obligation to keep accounting records for a period of 10 years provided for under Article 2220 of the Italian Civil Code) or to assert or defend a right in court (for example, in the event of possible disputes in respect of the activities conducted by Negg®).
8. Disclosure of personal data
The data object of the processing will not be divulged unless explicit authorization of the interested party has been granted after appropriate information. The data may instead be communicated to companies contractually linked to the Data Controller. The data may be disclosed to third parties belonging to the following categories:
– subjects that provide services for the management of the information system used by the Data Controller and the telecommunications networks, and that are responsible for the maintenance of the technological areas (including e-mail and the newsletter service);
-individuals and entities that collaborate with the Data Controller to carry out training courses for example but not limited to: teachers, Interprofessional Funds;
– professionals, firms or companies in the field of assistance and consultancy;
– insurance, banking and financial companies;
– individuals that perform control, revision and certification of the activities carried out by the Data Controller;
– competent authorities for the fulfilment of legal obligations and/or provisions of public entities, upon their request.
The identification data processed in compliance with corporate security procedures are not subject to communication, without prejudice to express and specific requests on the part of the competent judicial and investigative Authorities.
The individuals belonging to the aforesaid categories perform the function of Data Processing Manager or operate in complete autonomy as separate Data Controllers. The list of data processor personnel and shared data controllers is constantly updated and available on request from the Data Controller’s headquarters.
Any further communication or divulgation will take place only with the explicit consent of the party concerned.
Moreover, during the ordinary processing activities, they will be able to access personal and identifying data and therefore become aware of the subjects expressly designated by the writer as responsible and/or in charge of processing, authorized according to their respective profiles.
9. Public disclosure of personal data
Personal Data is not subject to public disclosure.
10. Transfer of personal data abroad
Personal Data may be transferred to European Union Member States and third countries that are not part of the European Union for the purposes indicated in paragraph 5 above. If Personal Data is transferred outside the European Union without any decision having been taken by the European Commission on the adequacy of the protections provided in relation thereto, the applicable legislation on the transfer of Personal Data to third countries who are not part of the EU will still be observed.
11. Nature of conferral and refusal
With regard to the data that we are obliged to obtain in order to fulfil the obligations arising from existing contracts, and the obligations demanded by laws, regulations, Community legislation, or provisions issued by the Authorities legitimated to do so by law and by supervising and controlling entities, failure to provide such data will make it impossible to establish or continue the relationship, within the limits in which such data are necessary for the execution of the same. The provision of data to allow the Data Controller to send commercial communications is optional; the party concerned can object to the treatment at any time by exercising the rights provided for under the Applicable Regulations in the forms and methods indicated herein.
The Data Controller also states that any non-communication, or incorrect communication, of one of the mandatory information areas, will have the following consequences:
– the impossibility for the Data Controller to guarantee the adequacy of the processing itself to the contractual agreements for which it is performed;
-the possible lack of correspondence of the results of the processing to the obligations imposed by the fiscal, administrative and civil law to which it is addressed.
12. The data subject’s rights
Data Subjects can access their Personal Data at any time for the purpose of rectifying, erasing and generally exercising any and every right to which they are expressly entitled under the applicable legislation that protects their Personal Data. More specifically, they can exercise the following rights: to obtain confirmation as to whether or not Personal Data concerning them exists and to have it disclosed in an intelligible form, to know the source, purpose and manner in which Personal Data are processed; to know the identity of the Data Controller, as well as the identity of the data processors and the parties or categories of parties to whom Personal Data can be disclosed; verify whether or not the Personal Data is accurate or request that it be completed or updated or rectified; to request that Personal Data processed in violation of the law be erased, anonymised or blocked, as well as request the restriction of processing in accordance with the law, and object, in any event, in whole or in part, for legitimate reasons, to the processing thereof; to data portability; to file a complaint, report or petition with the Data Protection Authority, in those situations in which the required conditions are met. The applicable legislation also recognises the Data Subjects’ right to object to their Personal Data being processed for the purposes stated in point (iv) of paragraph 1 of this policy, as well as the right to revoke their consent to Data Processing at any time, without prejudice, however, to the lawfulness of the manner in which the Personal Data has been processed by the Data Controller on the basis of such prior consent.
13. Notices and data subject’s exercise of their rights
For the purpose of exercising their rights provided for under paragraph 12, Data Subjects can contact at any time the internal Data Processor by email to privacy@negg.it.
14. Career and job opportunities
Whenever a resume is submitted through the Negg®’s website and refers to personal data sufficient to reveal the racial and ethnic origin, religious or philosophical convictions, or membership of Trade Unions, as well as genetic and biometric data, data related to health or sex life or judicial situation to sexual orientation of the person, if it is not included an express consent to the processing of such data, this consent will be request explicitly in writing. In lack of reply, within 14 days starting from the request, the data will be permanently erased.
15. Updating
Negg® verifies regularly its own privacy policy and, where appropriate, reviews it according to regulatory, technological or organisational amendments. In the case of amendments, the new version will be published on this website section.
16. Consent to the processing of personal data
I, the undersigned, having read and understood the above policy describing the processing of my personal data, give my consent to such personal data being processed for the purpose of fulfilling the objectives provided for under point (iv) of paragraph 5 of such policy, namely that of communicating information about Negg® or about other activities organised by the Negg®.
User Login
Insert your email address to reset your password
Privacy policy
negg® s.r.l. (hereinafter negg®), based in Rome, Piazza del Popolo, No. 18, as data controller for the processing of personal data, takes your privacy very seriously. This Privacy Notice is intended to set out your rights and answer any queries you may have about your personal data. If you need more information, please contact: privacy@negg.it.
Our personal information handling policy and procedures have been developed in line with the requirements of the 1995 European Union Data Protection Directive (Directive 95/46/EC) and the General Data Protection Regulation (Reg. 679/2016 in force from 25 May 2018) and applicable national law (D.L. 196/2003 and subsequent modifications).
What information do we collect?
We collect and process personal data about you when you interact with us and our products and when you purchase goods and services from us. The personal data we process includes:
- your name;
- your username and password;
- your home address, email address and/or phone number;
- your job title;
- your payment and delivery details, including billing, delivery addresses and credit card details, where you make purchases from us;
- and/or any other information you provide.
negg® processes personal data in the following ways:
- processing of personal data with automatic equipment;
- processing of personal data without using automatic equipment (non-automated processing).
How do we use this information and what is the legal basis for this use?
We process the personal data listed above for the following purposes:
- as required to establish and fulfill a contract with you, for example, if you make a purchase from us or enter into an agreement to provide or receive services. This may include verifying your identity, taking payments, communicating with you, providing customer services and arranging the delivery or other provision of products or services. We require this information in order to enter into a contract with you and are unable to do so without it;
- to comply with applicable law and regulation;
- in accordance with our legitimate interests in protecting negg®’s legitimate business interests and legal rights, including but not limited to, use in connection with legal claims, compliance, regulatory and investigative purposes (including disclosure of such information in connection with legal process or litigation);
- with your express consent to respond to any comments or complaints we may receive from you, and/or in accordance with our legitimate interests including to investigate any complaints received from you or from others, about our website or our products or services;
- we may use information you provide to personalize (i) our communications to you; (ii) our website; and (iii) products or services for you, in accordance with our legitimate interests;
- if you provide a credit or debit card, we may also use third parties (such as POS payment providers) to check the validity of the sort code, account number and card number you submit in order to prevent fraud, in accordance with our legitimate interests and those of third parties;
- we may monitor any customer account to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law and our legitimate interests;
- in circumstances where you contact us by telephone, calls may be recorded for quality, training and security purposes, in accordance with our legitimate interests.
With whom and where will we share your personal data?
We share your personal data with the below third parties:
- our professional advisors such as our auditors and external legal and financial advisors;
- our suppliers, business partners, and sub-contractors;
- Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if needed for the legal protection of our legitimate interests in compliance with applicable laws. Personal data may also be shared with third-party service providers who will process it on behalf of negg® for the purposes above. Such third parties include but are not limited to, providers of website hosting, maintenance, call centre operation and identity checking.
- in order to grant access to platform and exams, with your express consent and even in the absence of an adequacy decision by the European Commission, we have to share your personal data with EC COUNCIL International Limited with its headquarter located at 1202 Capitol Centre 5-19, Jardine’s Bazaar, Causeway Bay, Hong Kong 987987. We need to share this information in order to grant you access to the content of the platform and we are unable to grant you the access to the portal if we do not share this information.
Your consent in order to process your data is necessary in the absence of your express consent we will not be able entering into a contract or following through on our business agreement.
How long will you keep my personal data?
We will not keep your personal information for any purpose for longer than is necessary and will only retain the personal information that is necessary in relation to the purpose. We are also required to retain certain information as required by law or for as long as is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions.
Where you are a customer, we will keep your information for the length of any contractual relationship you have with us and after that for a period of 12 months.
Where you are a prospective customer and you have expressly consented to us contacting you, we will only retain your data (a) while you interact with us and our content; or (b) for 12 months from when you last interacted with us or our content.
In the case of any contact you may have with our customer services team, we will retain those details for as long as is necessary to resolve your query and for two weeks after the query is closed.
We will retain your data for a short time beyond the specified retention period, to allow for information to be reviewed and any deletion to take place. In some instances, laws may require negg® to hold certain information for specific periods other than those listed above.
What are my rights in relation to my personal data?
Where you have consented to us using your personal data, you can withdraw that consent at any time.
If the information we hold about you is inaccurate or incomplete, you can notify us and ask us to correct or supplement it.
You also have the right, with some exceptions and qualifications, to ask us to provide a copy of any personal data we hold about you.
Where you have provided your data to us and it is processed by automated means, you may be able to request that we provide it to you in a structured, machine-readable format.
If you have a complaint about how we have handled your personal data, you may be able to ask us to restrict how we use your personal data while your complaint is resolved. In some circumstances you can ask us to erase your personal data (a) by withdrawing your consent for us to use it; (b) if it is no longer necessary for us to use your personal data; (c) if you object to the use of your personal data and we do not have a good reason to continue to use it; or (d) if we have not handled your personal data in accordance with our obligations.
Where can I find more information about handling of my data?
Should you have any queries regarding this Privacy Notice, about negg®’s processing of your personal data or wish to exercise your rights you can contact negg®’s Privacy Team using this email address: privacy@negg.it. If you are not happy with our response, you can contact the Italian Data Processing Supervisor https://www.garanteprivacy.it/.
Privacy policy
negg® s.r.l. (hereinafter negg®), based in Rome, Piazza del Popolo, No. 18, as data controller for the processing of personal data, takes your privacy very seriously. This Privacy Notice is intended to set out your rights and answer any queries you may have about your personal data. If you need more information, please contact: privacy@negg.it.
Our personal information handling policy and procedures have been developed in line with the requirements of the 1995 European Union Data Protection Directive (Directive 95/46/EC) and the General Data Protection Regulation (Reg. 679/2016 in force from 25 May 2018) and applicable national law (D.L. 196/2003 and subsequent modifications).
What information do we collect?
We collect and process personal data about you when you interact with us and our products and when you purchase goods and services from us. The personal data we process includes:
- your name;
- your username and password;
- your home address, email address and/or phone number;
- your job title;
- your payment and delivery details, including billing, delivery addresses and credit card details, where you make purchases from us;
- and/or any other information you provide.
negg® processes personal data in the following ways:
- processing of personal data with automatic equipment;
- processing of personal data without using automatic equipment (non-automated processing).
How do we use this information and what is the legal basis for this use?
We process the personal data listed above for the following purposes:
- as required to establish and fulfill a contract with you, for example, if you make a purchase from us or enter into an agreement to provide or receive services. This may include verifying your identity, taking payments, communicating with you, providing customer services and arranging the delivery or other provision of products or services. We require this information in order to enter into a contract with you and are unable to do so without it;
- to comply with applicable law and regulation;
- in accordance with our legitimate interests in protecting negg®’s legitimate business interests and legal rights, including but not limited to, use in connection with legal claims, compliance, regulatory and investigative purposes (including disclosure of such information in connection with legal process or litigation);
- with your express consent to respond to any comments or complaints we may receive from you, and/or in accordance with our legitimate interests including to investigate any complaints received from you or from others, about our website or our products or services;
- we may use information you provide to personalize (i) our communications to you; (ii) our website; and (iii) products or services for you, in accordance with our legitimate interests;
- if you provide a credit or debit card, we may also use third parties (such as POS payment providers) to check the validity of the sort code, account number and card number you submit in order to prevent fraud, in accordance with our legitimate interests and those of third parties;
- we may monitor any customer account to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law and our legitimate interests;
- in circumstances where you contact us by telephone, calls may be recorded for quality, training and security purposes, in accordance with our legitimate interests.
With whom and where will we share your personal data?
We share your personal data with the below third parties:
- our professional advisors such as our auditors and external legal and financial advisors;
- our suppliers, business partners, and sub-contractors;
- Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if needed for the legal protection of our legitimate interests in compliance with applicable laws. Personal data may also be shared with third-party service providers who will process it on behalf of negg® for the purposes above. Such third parties include but are not limited to, providers of website hosting, maintenance, call centre operation and identity checking.
- in order to grant access to platform and exams, with your express consent and even in the absence of an adequacy decision by the European Commission, we have to share your personal data with EC COUNCIL International Limited with its headquarter located at 1202 Capitol Centre 5-19, Jardine’s Bazaar, Causeway Bay, Hong Kong 987987. We need to share this information in order to grant you access to the content of the platform and we are unable to grant you the access to the portal if we do not share this information.
Your consent in order to process your data is necessary in the absence of your express consent we will not be able entering into a contract or following through on our business agreement.
How long will you keep my personal data?
We will not keep your personal information for any purpose for longer than is necessary and will only retain the personal information that is necessary in relation to the purpose. We are also required to retain certain information as required by law or for as long as is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions.
Where you are a customer, we will keep your information for the length of any contractual relationship you have with us and after that for a period of 12 months.
Where you are a prospective customer and you have expressly consented to us contacting you, we will only retain your data (a) while you interact with us and our content; or (b) for 12 months from when you last interacted with us or our content.
In the case of any contact you may have with our customer services team, we will retain those details for as long as is necessary to resolve your query and for two weeks after the query is closed.
We will retain your data for a short time beyond the specified retention period, to allow for information to be reviewed and any deletion to take place. In some instances, laws may require negg® to hold certain information for specific periods other than those listed above.
What are my rights in relation to my personal data?
Where you have consented to us using your personal data, you can withdraw that consent at any time.
If the information we hold about you is inaccurate or incomplete, you can notify us and ask us to correct or supplement it.
You also have the right, with some exceptions and qualifications, to ask us to provide a copy of any personal data we hold about you.
Where you have provided your data to us and it is processed by automated means, you may be able to request that we provide it to you in a structured, machine-readable format.
If you have a complaint about how we have handled your personal data, you may be able to ask us to restrict how we use your personal data while your complaint is resolved. In some circumstances you can ask us to erase your personal data (a) by withdrawing your consent for us to use it; (b) if it is no longer necessary for us to use your personal data; (c) if you object to the use of your personal data and we do not have a good reason to continue to use it; or (d) if we have not handled your personal data in accordance with our obligations.
Where can I find more information about handling of my data?
Should you have any queries regarding this Privacy Notice, about negg®’s processing of your personal data or wish to exercise your rights you can contact negg®’s Privacy Team using this email address: privacy@negg.it. If you are not happy with our response, you can contact the Italian Data Processing Supervisor https://www.garanteprivacy.it/.
Privacy policy
negg® s.r.l. (hereinafter negg®), based in Rome, Piazza del Popolo, No. 18, as data controller for the processing of personal data, takes your privacy very seriously. This Privacy Notice is intended to set out your rights and answer any queries you may have about your personal data. If you need more information, please contact: privacy@negg.it.
Our personal information handling policy and procedures have been developed in line with the requirements of the 1995 European Union Data Protection Directive (Directive 95/46/EC) and the General Data Protection Regulation (Reg. 679/2016 in force from 25 May 2018) and applicable national law (D.L. 196/2003 and subsequent modifications).
What information do we collect?
We collect and process personal data about you when you interact with us and our products and when you purchase goods and services from us. The personal data we process includes:
- your name;
- your username and password;
- your home address, email address and/or phone number;
- your job title;
- your payment and delivery details, including billing, delivery addresses and credit card details, where you make purchases from us;
- and/or any other information you provide.
negg® processes personal data in the following ways:
- processing of personal data with automatic equipment;
- processing of personal data without using automatic equipment (non-automated processing).
How do we use this information and what is the legal basis for this use?
We process the personal data listed above for the following purposes:
- as required to establish and fulfill a contract with you, for example, if you make a purchase from us or enter into an agreement to provide or receive services. This may include verifying your identity, taking payments, communicating with you, providing customer services and arranging the delivery or other provision of products or services. We require this information in order to enter into a contract with you and are unable to do so without it;
- to comply with applicable law and regulation;
- in accordance with our legitimate interests in protecting negg®’s legitimate business interests and legal rights, including but not limited to, use in connection with legal claims, compliance, regulatory and investigative purposes (including disclosure of such information in connection with legal process or litigation);
- with your express consent to respond to any comments or complaints we may receive from you, and/or in accordance with our legitimate interests including to investigate any complaints received from you or from others, about our website or our products or services;
- we may use information you provide to personalize (i) our communications to you; (ii) our website; and (iii) products or services for you, in accordance with our legitimate interests;
- if you provide a credit or debit card, we may also use third parties (such as POS payment providers) to check the validity of the sort code, account number and card number you submit in order to prevent fraud, in accordance with our legitimate interests and those of third parties;
- we may monitor any customer account to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law and our legitimate interests;
- in circumstances where you contact us by telephone, calls may be recorded for quality, training and security purposes, in accordance with our legitimate interests.
With whom and where will we share your personal data?
We share your personal data with the below third parties:
- our professional advisors such as our auditors and external legal and financial advisors;
- our suppliers, business partners, and sub-contractors;
- Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if needed for the legal protection of our legitimate interests in compliance with applicable laws. Personal data may also be shared with third-party service providers who will process it on behalf of negg® for the purposes above. Such third parties include but are not limited to, providers of website hosting, maintenance, call centre operation and identity checking.
- in order to grant access to platform and exams, with your express consent and even in the absence of an adequacy decision by the European Commission, we have to share your personal data with EC COUNCIL International Limited with its headquarter located at 1202 Capitol Centre 5-19, Jardine’s Bazaar, Causeway Bay, Hong Kong 987987. We need to share this information in order to grant you access to the content of the platform and we are unable to grant you the access to the portal if we do not share this information.
Your consent in order to process your data is necessary in the absence of your express consent we will not be able entering into a contract or following through on our business agreement.
How long will you keep my personal data?
We will not keep your personal information for any purpose for longer than is necessary and will only retain the personal information that is necessary in relation to the purpose. We are also required to retain certain information as required by law or for as long as is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions.
Where you are a customer, we will keep your information for the length of any contractual relationship you have with us and after that for a period of 12 months.
Where you are a prospective customer and you have expressly consented to us contacting you, we will only retain your data (a) while you interact with us and our content; or (b) for 12 months from when you last interacted with us or our content.
In the case of any contact you may have with our customer services team, we will retain those details for as long as is necessary to resolve your query and for two weeks after the query is closed.
We will retain your data for a short time beyond the specified retention period, to allow for information to be reviewed and any deletion to take place. In some instances, laws may require negg® to hold certain information for specific periods other than those listed above.
What are my rights in relation to my personal data?
Where you have consented to us using your personal data, you can withdraw that consent at any time.
If the information we hold about you is inaccurate or incomplete, you can notify us and ask us to correct or supplement it.
You also have the right, with some exceptions and qualifications, to ask us to provide a copy of any personal data we hold about you.
Where you have provided your data to us and it is processed by automated means, you may be able to request that we provide it to you in a structured, machine-readable format.
If you have a complaint about how we have handled your personal data, you may be able to ask us to restrict how we use your personal data while your complaint is resolved. In some circumstances you can ask us to erase your personal data (a) by withdrawing your consent for us to use it; (b) if it is no longer necessary for us to use your personal data; (c) if you object to the use of your personal data and we do not have a good reason to continue to use it; or (d) if we have not handled your personal data in accordance with our obligations.
Where can I find more information about handling of my data?
Should you have any queries regarding this Privacy Notice, about negg®’s processing of your personal data or wish to exercise your rights you can contact negg®’s Privacy Team using this email address: privacy@negg.it. If you are not happy with our response, you can contact the Italian Data Processing Supervisor https://www.garanteprivacy.it/.
Return & Refund Policy
Thank you for shopping at negg®! If you are not entirely satisfied with your purchase, we will do our best to help.
Returns
You have 14 calendar days to return an item from the date you received your personal credentials. Please consider that within 14 days we can grant you a total refund only if you never login in the portal with your personal credentials. On the contrary even one single login on the portal leads to losses of any refund. You can address your return and refund request toec-council@negg.it.
Refunds
Once we receive your request and we verify that you never get access to the portal you will receive your money back within 7 working days.
Any Other Issues
If there is anything wrong with your order, you have 14 calendar days from the date of order to contact us via email and raise an issue. Any issues beyond this date will not be considered.
Contact Us
If you have any questions on our return policy, please contact us!
Send an email to ec-council@negg.it and we will help the best we can.
Return & Refund Policy
Thank you for shopping at negg®! If you are not entirely satisfied with your purchase, we will do our best to help.
Returns
You have 14 calendar days to return an item from the date you received your personal credentials. Please consider that within 14 days we can grant you a total refund only if you never login in the portal with your personal credentials. On the contrary even one single login on the portal leads to losses of any refund. You can address your return and refund request toec-council@negg.it.
Refunds
Once we receive your request and we verify that you never get access to the portal you will receive your money back within 7 working days.
Any Other Issues
If there is anything wrong with your order, you have 14 calendar days from the date of order to contact us via email and raise an issue. Any issues beyond this date will not be considered.
Contact Us
If you have any questions on our return policy, please contact us!
Send an email to ec-council@negg.it and we will help the best we can.
Return & Refund Policy
Thank you for shopping at negg®! If you are not entirely satisfied with your purchase, we will do our best to help.
Returns
You have 14 calendar days to return an item from the date you received your personal credentials. Please consider that within 14 days we can grant you a total refund only if you never login in the portal with your personal credentials. On the contrary even one single login on the portal leads to losses of any refund. You can address your return and refund request toec-council@negg.it.
Refunds
Once we receive your request and we verify that you never get access to the portal you will receive your money back within 7 working days.
Any Other Issues
If there is anything wrong with your order, you have 14 calendar days from the date of order to contact us via email and raise an issue. Any issues beyond this date will not be considered.
Contact Us
If you have any questions on our return policy, please contact us!
Send an email to ec-council@negg.it and we will help the best we can.
Privacy policy and personal data protection pursuant General Data Protection Regulation (UE) 2016/679
Revision No. 2-20/11/2018
Negg® S.r.l. (hereinafter Negg®), based in Rome, Piazza del Popolo, No. 18, as data controller for the processing of personal data pursuant to Legislative Decree 196/2003 Code regarding the protection of personal data (“Privacy Code”) and subsequent amendments – and to EU Regulation 2016/679 – General Data Protection Regulation (“GDPR”) (hereinafter the Privacy Code and the GDPR are collectively referred to as “Applicable Regulations”) recognizes the importance of the protection of personal data and considers their protection as one of the main objectives of its business.
This document sets out the other information required to be given by law, including information on the data subject’s rights and how to exercise them.
Regulation (EU) 2016/679 on the protection of personal data lays down rules on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and safeguards individuals’ fundamental rights and freedoms, with particular regard to the data subjects’ rights to have their personal data protected.
Under Article 4, No. 1 of the Regulation, “Personal Data” means any information relating to an identified or identifiable natural person (the “Data Subject”).
Pursuant to Articles 12 et seq. of the Regulation, the Data Subject must also be made aware of the appropriate information concerning: (i) the Data Processing conducted by the Data Controller; (ii) the rights of Data Subjects.
Negg® confirms that the processing of personal data will be based on the principles of legality, fairness, transparency, purpose limitation and retention, data minimization, accuracy, integrity and confidentiality. Therefore, personal data will be processed in accordance with the legislative provisions of the Applicable Regulations and the confidentiality obligations set out therein.
1. Data Controller
In accordance with the Applicable Regulations, the data controller is Negg® S.r.l. based in Rome, Piazza del Popolo, No. 18.
For any information concerning the processing of personal data by the Data Controller, including a request for the list of data processor personnel working on behalf of the Data Controller, please contact privacy@negg.it.
2. Definition
“Personal Data” refers to any information concerning an identified or identifiable physical person with particular reference to an identifier such as a name, an identification number, location data, an online identifier or one or more elements pertaining their physical, physiological, psychic, economic, cultural or social identity.
“Particular Data” refers to personal data sufficient to reveal the racial and ethnic origin, religious or philosophical convictions, or membership of Trade Unions, as well as genetic and biometric data, data related to health or sex life or to the sexual orientation of the person.
“Judicial Data” refers to personal data relating to criminal convictions and crimes or related security measures.
“Data Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction (Article 4, No. 2 of the Regulation).
3. Types of data processed
The processing relates to personal and identification data provided voluntarily by the party concerned (for example but not limited to: name, surname, address, VAT number, tax code, phone or mobile number, e-mail address, bank account details, etc.).
4. Data Processing location
Data processing takes place at the aforementioned headquarters of the data controller, at the operational offices and at identified third parties.
5. The purposes of the processing and legal basis
Personal data voluntarily provided will be processed by the data controller for the following purposes:
(i) performing the activities that Negg® has been engaged to conduct;
(ii) fulfilling legal obligations generally imposed on Negg®;
(iii) administrative-accounting. For the purposes of the application of the provisions regarding the protection of personal data, the processing performed for administrative-accounting purposes are those related to the performance of organizational, administrative, financial and accounting activities, regardless of the nature of the data processed. In particular, these objectives are pursued by the internal organizational activities, those functional to the fulfilment of contractual and pre-contractual obligations, the management of the employment relationship in all its phases, bookkeeping and the application of the rules on tax matters, Trade Unions, social security, health, hygiene and safety at work.
(iv) Information and promotions. The use of e-mail coordinates provided by the customer in the context of the sale of a product or service for direct sales of its products and services or collected through the “Contact us” area of the institutional website negg.international, is permitted for the purpose of sending information and newsletters. The party concerned, at the time of collection and at the time of sending each communication, is informed of the possibility to object at any time to the processing, easily and free of charge (Article 130 paragraph 4 of Legislative Decree 196/03).
(v) Security, pursuant to Legislative Decree 81/2008. With particular reference to identification data freely given by the guest/visitor to our offices (name, surname, institution or company), the processing has the exclusive purpose of ensuring compliance with corporate security procedures formally applied, in compliance with the applicable regulations (i.e annotation in the register/visitor database, assignment of temporary identification badge, applications of legal obligations in the field of safety at work).
As the Personal Data has to be processed for the purposes indicated under points (i) and (ii), (iii) and (v) above so that Negg® may perform its contractual and/or pre-contractual obligations and fulfil specific legal obligations, respectively, the Data Subject’s consent is not required for those purposes.
6. Methods for processing and storing data
In compliance with the provisions of Article 5 of the Regulation, Personal Data processed by the Negg® is:
(i) processed lawfully, fairly and in a transparent manner in relation to the Data Subject;
(ii) collected and registered for specified, explicit and legitimate purposes, and further processed in a manner that is compatible with those purposes;
(iii) adequate, relevant and limited to what is necessary to the purposes for which they are processed;
(iv) accurate and, where necessary, kept up to date;
(v) processed in a manner that ensures appropriate security;
(vi) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the Personal Data are processed.
Personal Data will be processed by the Data Controller by automated and non-automated means. The Personal Data will be stored electronically on secure servers located in restricted areas with limited access.
Specific security measures are adopted so as to prevent data loss or data usage in an unlawful or improper manner, as well as to prevent unauthorised access thereto.
7. Provision of personal data
Personal Data must be provided so as to allow Negg® to conduct the activities referred to in points (i) and (ii) paragraph No. 5. Therefore, if a Data Subject does not provide the relevant Personal Data, Negg® will be unable to properly perform the commercial activities it has been engaged to conduct and to fulfil its specific obligations provided under the law.
The provision of Personal Data for the purposes provided for under point (iv) of paragraph 5 is, by contrast, optional. Lack of consent from a Data Subject would, however, mean Negg® is unable to send the Data Subject updates or material containing information of a commercial nature and information relating to Negg®’s activities.
The processing will be carried out in both an automated and manual manner, with methods and tools aimed at safeguarding maximum security and confidentiality, by persons appointed as responsible for and in charge of processing in accordance with the applicable legislation.
The data will be stored for a period not exceeding the purposes for which such data were collected and subsequently processed, and in any case for the duration of the contractual or commercial relationship.
It is understood, however, that, once the contractual relationship with Negg®, and with it the purpose for which the Data has been processed, has come to an end, the Data Controller will, in any event, be required and/or entitled to continue to store Personal Data, in whole or in part, for certain purposes, as expressly required by specific provisions of the law (such as the obligation to keep accounting records for a period of 10 years provided for under Article 2220 of the Italian Civil Code) or to assert or defend a right in court (for example, in the event of possible disputes in respect of the activities conducted by Negg®).
8. Disclosure of personal data
The data object of the processing will not be divulged unless explicit authorization of the interested party has been granted after appropriate information. The data may instead be communicated to companies contractually linked to the Data Controller. The data may be disclosed to third parties belonging to the following categories:
– subjects that provide services for the management of the information system used by the Data Controller and the telecommunications networks, and that are responsible for the maintenance of the technological areas (including e-mail and the newsletter service);
-individuals and entities that collaborate with the Data Controller to carry out training courses for example but not limited to: teachers, Interprofessional Funds;
– professionals, firms or companies in the field of assistance and consultancy;
– insurance, banking and financial companies;
– individuals that perform control, revision and certification of the activities carried out by the Data Controller;
– competent authorities for the fulfilment of legal obligations and/or provisions of public entities, upon their request.
The identification data processed in compliance with corporate security procedures are not subject to communication, without prejudice to express and specific requests on the part of the competent judicial and investigative Authorities.
The individuals belonging to the aforesaid categories perform the function of Data Processing Manager or operate in complete autonomy as separate Data Controllers. The list of data processor personnel and shared data controllers is constantly updated and available on request from the Data Controller’s headquarters.
Any further communication or divulgation will take place only with the explicit consent of the party concerned.
Moreover, during the ordinary processing activities, they will be able to access personal and identifying data and therefore become aware of the subjects expressly designated by the writer as responsible and/or in charge of processing, authorized according to their respective profiles.
9. Public disclosure of personal data
Personal Data is not subject to public disclosure.
10. Transfer of personal data abroad
Personal Data may be transferred to European Union Member States and third countries that are not part of the European Union for the purposes indicated in paragraph 5 above. If Personal Data is transferred outside the European Union without any decision having been taken by the European Commission on the adequacy of the protections provided in relation thereto, the applicable legislation on the transfer of Personal Data to third countries who are not part of the EU will still be observed.
11. Nature of conferral and refusal
With regard to the data that we are obliged to obtain in order to fulfil the obligations arising from existing contracts, and the obligations demanded by laws, regulations, Community legislation, or provisions issued by the Authorities legitimated to do so by law and by supervising and controlling entities, failure to provide such data will make it impossible to establish or continue the relationship, within the limits in which such data are necessary for the execution of the same. The provision of data to allow the Data Controller to send commercial communications is optional; the party concerned can object to the treatment at any time by exercising the rights provided for under the Applicable Regulations in the forms and methods indicated herein.
The Data Controller also states that any non-communication, or incorrect communication, of one of the mandatory information areas, will have the following consequences:
– the impossibility for the Data Controller to guarantee the adequacy of the processing itself to the contractual agreements for which it is performed;
-the possible lack of correspondence of the results of the processing to the obligations imposed by the fiscal, administrative and civil law to which it is addressed.
12. The data subject’s rights
Data Subjects can access their Personal Data at any time for the purpose of rectifying, erasing and generally exercising any and every right to which they are expressly entitled under the applicable legislation that protects their Personal Data. More specifically, they can exercise the following rights: to obtain confirmation as to whether or not Personal Data concerning them exists and to have it disclosed in an intelligible form, to know the source, purpose and manner in which Personal Data are processed; to know the identity of the Data Controller, as well as the identity of the data processors and the parties or categories of parties to whom Personal Data can be disclosed; verify whether or not the Personal Data is accurate or request that it be completed or updated or rectified; to request that Personal Data processed in violation of the law be erased, anonymised or blocked, as well as request the restriction of processing in accordance with the law, and object, in any event, in whole or in part, for legitimate reasons, to the processing thereof; to data portability; to file a complaint, report or petition with the Data Protection Authority, in those situations in which the required conditions are met. The applicable legislation also recognises the Data Subjects’ right to object to their Personal Data being processed for the purposes stated in point (iv) of paragraph 1 of this policy, as well as the right to revoke their consent to Data Processing at any time, without prejudice, however, to the lawfulness of the manner in which the Personal Data has been processed by the Data Controller on the basis of such prior consent.
13. Notices and data subject’s exercise of their rights
For the purpose of exercising their rights provided for under paragraph 12, Data Subjects can contact at any time the internal Data Processor by email to privacy@negg.it.
14. Career and job opportunities
Whenever a resume is submitted through the Negg®’s website and refers to personal data sufficient to reveal the racial and ethnic origin, religious or philosophical convictions, or membership of Trade Unions, as well as genetic and biometric data, data related to health or sex life or judicial situation to sexual orientation of the person, if it is not included an express consent to the processing of such data, this consent will be request explicitly in writing. In lack of reply, within 14 days starting from the request, the data will be permanently erased.
15. Updating
Negg® verifies regularly its own privacy policy and, where appropriate, reviews it according to regulatory, technological or organisational amendments. In the case of amendments, the new version will be published on this website section.
16. Consent to the processing of personal data
I, the undersigned, having read and understood the above policy describing the processing of my personal data, give my consent to such personal data being processed for the purpose of fulfilling the objectives provided for under point (iv) of paragraph 5 of such policy, namely that of communicating information about Negg® or about other activities organised by the Negg®.
