Information ex art. 13 of EU Regulation n. 679/2016

Dear User,

We wish to inform you that the EU Regulation (GDPR) No 679/2016 on the protection of personal data provides for the protection of persons and other subjects regarding the processing of personal data. According to the indicated regulation, this treatment will be based on the principles of correctness, lawfulness and transparency and protection of your privacy and your rights. According to current legislation, therefore, we provide the following information:
The information is provided only for the site https://www.gesuitieducazione.it, and not to other Web sites accessed via links.

Purpose of the treatment

The collection and processing of data may be carried out for:

• Contractual requirements and for the consequent fulfilment of legal and contractual obligations deriving from the same, as well as the achievement of an effective management of relations for registrations to events organized by the institution. In particular, for the acquisition and management of your requests, and related fiscal and civil obligations.
• Promotion of the activity
• Promotion of the activities of the Association, aimed at the promotion and dissemination of knowledge on economic matters, carried out by means of institutional communication and dissemination tools (website, Facebook profile, newsletters, brochures, newspapers, magazines, periodicals or communications by regular mail or e-mail) relating to the activities promoted by the Association
• Various purposes, relating to the evaluation of requests for work or collaboration (recruiting), the processing of specific requests and inquiries, etc..

Lawfulness of Processing

Contractual relationships – service purposes

The personal data provided by users who purchase tickets for events or other commercial activities on the site indicated are used, in accordance with contractual obligations, for the sole purpose of executing the order placed and are communicated for the sole purpose of order processing, to third parties responsible for delivery or similar ancillary services.

Data provided voluntarily by the user – promotional and other purposes

The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.

Specific information summaries are reported or displayed on the pages of the site prepared for special services on request, for which, therefore, the legal basis of treatment is the consent of the person concerned.

Contractual relationships – service purposes

The personal data provided by users who purchase tickets for events or other commercial activities on the site indicated are used, in accordance with contractual obligations, for the sole purpose of executing the order placed and are communicated for the sole purpose of order processing, to third parties responsible for delivery or similar ancillary services.

Data provided voluntarily by the user – promotional and other purposes

The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.

Specific information summaries are reported or displayed on the pages of the site prepared for special services on request, for which, therefore, the legal basis of treatment is the consent of the person concerned.

Confidentiality of data conferment

Apart from that specified for navigation data, the user is free to provide personal data contained in the registration forms, in those confirming the purchase process or otherwise required to request information material or other communications.

The lack of their conferment, however, could involve the impossibility to obtain what requested, where the treatment of the personal data requested is indispensable for the conclusion and the execution of the contract and in their absence the orders made could not be executed.

Manner and duration of treatment

Personal data are subject to both paper and electronic and / or automated processing for the time strictly necessary to achieve the purposes for which they were collected.

Special security measures are taken to prevent loss of data, illicit or incorrect use and unauthorized access.

Without prejudice to the requirements of art. 17 c. 3 and the needs of the owner of the treatment to have them available for evidentiary purposes to be used in case of inspections of supervisory bodies and / or in litigation, the data will be deleted (as well as at the request of the person concerned) at the end of treatment, or when the purpose for which they were collected.

Access, communication, diffusion and transfer of data

The data can be accessed by employees and collaborators of the owner, in their capacity as officers and / or internal managers and / or system administrators.

The data may be communicated to:

1. subjects that provide services for the management of the company’s information system and telecommunications networks (including e-mail);
2. service companies for the acquisition, recording and processing of data from documents, or supports provided and originated by the same customers and having as their object massive processing relating to payments, bills, checks and other securities;
3. subjects that carry out activities of transmission, enveloping, transport and sorting of communications with customers
4. subjects that carry out activities of assistance to customers (eg.
5. subjects that carry out activities of transmission, enveloping, transport and sorting of communications with customers;
6. subjects that carry out activities of control, review and certification of the activities carried out by the company also in the interest of customers;

The data are not subject to dissemination.

In consideration of the existence of telematic, informatic or correspondence connections, the data can also be transferred abroad, within the European Union. In case of transfer to non-EU countries, the Data Controller assures as of now that the transfer of data outside the EU will take place in compliance with the applicable legal provisions by entering, if necessary, into agreements that guarantee an adequate level of protection and/or by adopting the standard contractual clauses provided for by the European Commission.

Rights of data subjects (Articles. 15-21 GDPR)

Subjects to whom the personal data refer have the right at any time to:

1. obtain the confirmation of the existence or not of personal data concerning them, even if not yet recorded, and their communication in intelligible form;
2. obtain the indication of: a) the origin of personal data; b) the purposes and methods of treatment; c) the logic applied in case of treatment with the aid of electronic instruments; d) the identity of the owner, manager and the representative appointed under Art. 3, paragraph 1, GDPR; e) the subjects or categories of persons to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or agents;
3. obtain: a) the updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;
4. to oppose, in whole or in part a) for legitimate reasons to the processing of personal data concerning them, even if pertinent to the purpose of collection; b) to the processing of personal data concerning them for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by email and / or through traditional marketing methods by telephone and / or mail. It should be noted that the right of the interested party to object, as set out in point b) above, for the purposes of direct marketing using automated methods is extended to traditional methods and that, in any case, the interested party may exercise the right to object even partially. Therefore, the person concerned may decide to receive only communications by traditional means or only automated communications or neither of the two types of communication.

Where applicable, they also have the rights referred to in Articles 16-21 GDPR (Right of rectification, right to be forgotten, right to restriction of processing, right to data portability, right to object, right to withdraw consent), as well as the right to complain to the Guarantor Authority.

The owner of the data processing is

COMPANY OR OF THE PROCESSING

The Data Processor, who can be contacted to exercise the rights under Art. 12 and/or for any clarifications regarding the protection of personal data, can be reached at the address:

COMPANYING EMAIL OF THE TREATMENT

Minors

This Site and the Owner’s Services are not intended for children under the age of 18, and the Owner does not knowingly collect personal information from children. In the event that information about minors is unintentionally recorded, the Owner will delete it in a timely manner upon user request.

Modifications to this Statement

This Policy may be subject to change. Therefore, we recommend that you check this Policy regularly and refer to the most up-to-date version.