INFORMATION ON PRIVACY POLICY AND COOKIES PURSUANT TO EU REGULATION 2016/679 (GDPR)
Why this information
To illustrate in a concise, transparent, intelligible and simple language how we process your personal data when you connect to the site https://www.telaiodellearti.org and interact with it.
This information is valid only for our website and not for other external sites that you may eventually reach and consult via links.
1. Data Controller
The Data Controller of personal data is the association The Frame of the Arts A.P.S. (hereinafter also, the “Association”) with registered office in Milan, Via Osculati 5, C.F. 97680800154.
2. Purpose and legal basis of the processing
We process personal data collected through the site exclusively for the achievement of the social purposes indicated in the Statute (Read Statute) and for carrying out related activities. In particular for:
a) Provide you with information on our Association, on how to join as well as on the activities and initiatives we promote;
b) Subscribe to the newsletter by entering your e-mail address;
c) Make a donation.
The personal data provided for the aforementioned purposes are used to satisfy requests for services or allow you to make payments and will be disclosed to third parties only if this is necessary.
The legal basis of the processing therefore arises from the need to give feedback or execution to what you requested.
DONATIONS
The personal data provided by filling out the online donation form will be processed, manually and electronically, only by us or by persons appointed and authorized by us to manage relations with payment recipients and information systems. In any case, we will not transfer your personal data to third-party organizations for their economic benefit.
For the execution of the donation, depending on the payment method, it may be necessary to communicate personal and bank data (such as credit card and current account) to external intermediaries, banks and / or post offices as well as to the Revenue Agency for any formalities required by law.
With regard to the donation activity carried out by you, the legal basis of the processing is also constituted by our legitimate interest in keeping you informed, an interest connected with your reasonable expectation to maintain the relationship you wanted to establish with us by making the donation.
The legal basis is therefore identified pursuant to art. 6 par. 1 letter f) and recital 47 of the GDPR. For this reason, we may use the data you have provided us to keep you informed about the social activities in progress and about our other solidarity initiatives.
3. Methods and period of data retention
Your data will be processed in both automated and non-automated ways.
In light of the statute and our corporate mission which justifies our legitimate interest in maintaining the relationship established with you by updating you on awareness-raising actions, the data collected will be stored and processed, unless revoked, until we believe that you may be interested in acquiring information.
In any case, the data will be kept for the time necessary to fulfill legal obligations or for legal protection needs.
However, we inform you that, as better indicated below, at any time you can request the cancellation of your data.
Where there are no conditions justifying the aforementioned legitimate interest, the processing of data for the aforementioned purposes will be carried out only if you have given specific consent.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
4. Place of data processing
The treatments connected to the web services of this site take place at our registered office and are handled by the technical staff authorized to process.
In case of need, the connected data can also be processed by the staff of third-party companies that take care of the maintenance of the technological part of the site as data processor, at their offices.
The server hosting the site is located in Italy.
5.Types of data processed
a) Navigation data
This category of data includes: your IP addresses, the type of browser used, the operating system, the domain name and the addresses of websites from which access or exit was made, information on the pages visited within the site, the time of access, the stay on the single page, the analysis of the internal path and other parameters relating to your operating system and the IT environment.
These are personal data whose transmission is implicit in the use of Internet communication protocols acquired by the computer systems and software procedures used to operate our site during normal operation.
These technical / IT data are collected and used exclusively in an aggregate and non-identifying manner and could be used to ascertain responsibility in the event of hypothetical computer crimes against the site.
b) Data provided voluntarily
This is all the personal data that you have freely released, for example by requesting subscription to the newsletter, making a donation, sending an email or making a phone call to ask for information.
The explicit and voluntary sending of an email to the addresses indicated in the different access channels of our site entails the subsequent acquisition of your address, necessary to respond to your requests, as well as any other personal data communicated.
In the aforementioned cases, the provision of your personal data is optional and any refusal does not entail any consequences, except for the impossibility of responding to or executing your request.
C) Cookie
6. Communication and dissemination of data
Your personal data will not be disclosed but may be disclosed to the employees and collaborators of the Association who deal with the specific activities in which the data is processed, as well as to those who deal with the development and maintenance of IT tools. . These subjects, in any case, will operate as Data Processors or Authorized to the same by the Association in compliance with the provisions of the GDPR.
Furthermore, your personal data, always in compliance with the provisions of the GDPR, may be communicated to any qualified external subjects, appointed from time to time as Data Processors, who provide the Association with services or instrumental services, including subjects and the companies that manage and / or participate in the management and / or maintenance of this website and the newsletter. Your personal data may be transferred to countries of the European Union and to third countries, in compliance with the provisions in this regard by the GDPR.
7. Redirect and link to external sites
At the bottom of the pages there are the sharing buttons on social networks marked with the respective owned logo.
When you interact with the plug in (for example by clicking the like button) the information will be transmitted from the browser directly to the social network platform (in this case Facebook) which will save the data in the cloud on the respective servers that may also reside outside the EU and they use their own cookies to recognize you if you are browsing after connecting to your accounts. For more information, browse to the respective privacy policies (inserire collegamento ipertestuale), LinkedIn (per LinkedIn e Slideshare), Google (per GooglePlus e YouTube, Instagram).
In this regard, the Association cannot be held responsible for any management of personal data by third party websites and for the management of authentication credentials provided by / to third parties.
8. Rights of interested parties
We assure you at any time the exercise of the rights provided for by art. 15 et seq. of the GDPR and in particular:
– to know if the Data Controller holds and / or processes personal data relating to his person and to access it in full also by obtaining a copy (Article 15 Right to access);
– request the correction of inaccurate personal data or the integration of incomplete personal data (Article 16 Right of rectification);
– request the cancellation of personal data held by the Data Controller if one of the reasons provided for by the GDPR exists (Article 17 Right to Cancellation);
– ask the Data Controller to limit the processing to only some personal data, if one of the reasons provided for by the Regulation exists (Article 18 Right to limit the processing);
– request and receive all your personal data processed by the Data Controller, in a structured format, commonly used and readable by an automatic device or request transmission to another Data Controller without impediments (Article 20 Right to Portability);
– object in whole or in part to the processing of data, including for marketing purposes (Article 21 Right to object);
– withdraw the consent at any time without affecting the lawfulness of the processing based on consent before the withdrawal (Article 7 Conditions for consent).
– propose a complaint to the Privacy Guarantor (Article 77 Right to lodge a complaint with a supervisory authority).
To exercise the aforementioned rights provided for by the EU Reg. 2016/679, you can send a specific written request addressed to “The Frame of the Arts APS”, via Osculati n. 5, 20164 – Milan (MI), or send an e-mail to: cornicedellearti@gmail.com.