1. Personal Data collected from the Site
The Data Controller collects the following types of Personal Data:
A. Content and information voluntarily provided by the User
Contact data and contents: are those Personal Data that the User voluntarily provides to the Site during its use, such as for example personal data, contact details, access credentials to the services and / or products provided, personal interests and preferences and other personal content , etc. Failure by the User to provide Personal Data, for which there is a legal, contractual obligation or if they constitute a necessary requirement for the use of the service or for the conclusion of the contract, will make it impossible for the Data Controller to provide in all or in part its services. The User who communicates to the Owner Personal Data of third parties is directly and exclusively responsible for their origin, collection, treatment, communication or dissemination.
B. Data and content acquired automatically when using the Site
Technical data: the computer systems and software procedures used to operate this Application can acquire, during their normal operation, some Personal Data whose transmission is implicit in the use of internet communication protocols. This is information that is not collected to be associated with identified Users, but which by its very nature could, through processing and association with Data held by third parties, allow users to be identified. This category includes IP addresses, or domain names used by Users who connect to the Site, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server , the size of the file obtained, etc.
Usage data: Data relating to the use of the Site by the User may also be collected, such as for example the pages visited, the actions performed, the features and services used.
C. Personal data collected through cookies or similar technologies
The Personal Data collected can be used for the execution of contractual and pre-contractual obligations and for legal obligations as well as for the following purposes:
- sending emails or newsletters and managing mailing lists by communicating Data to MailChimp https://mailchimp.com/legal/
- statistics only with anonymous data by communicating the data to Google LLC https://policies.google.com/privacy
- communication and / or transfer for third party promotional and commercial purposes by communicating the Data to Data to Google
- LLC https://policies.google.com/privacy; Facebook Inc. https://www.facebook.com/privacy/explanation
- monitoring, analysis and tracking of User behavior by communicating Data to Google LLC https://policies.google.com/privacy
- registration and authentication of the User
- provision of legal, tax, tax, accounting consultancy services, etc. by communicating the data to external professionals
- comment and feedback
3. Processing methods
The processing of Personal Data is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In some cases, subjects involved in the organization of the Data Controller may also have access to Personal Data (such as, for example, personnel management personnel, commercial area employees, system administrators, etc.) or external subjects (such as IT companies, suppliers of services, couriers, hosting providers, etc.). If necessary, said subjects may be appointed Data Processors by the Data Controller, as well as accessing Users’ Personal Data whenever necessary and will be contractually obliged to keep Personal Data confidential. The updated list of Managers can be requested via email at firstname.lastname@example.org.
4. Legal basis of the treatment
The Data Controller processes Personal Data relating to the User if one of the following conditions exists:
- the User has given consent for one or more specific purposes
- processing is necessary for the execution of a contract with the User and / or for the execution of pre-contractual measures
- processing is necessary to fulfill a legal obligation to which the Data Controller is subject
- processing is necessary for the pursuit of the legitimate interest of the owner or third parties
However, it is always possible to request the Data Controller to clarify the concrete legal basis of each treatment.
The Data are processed at the Data Controller’s operating offices and in any other place where the parties involved in the processing are located. For more information, contact the Data Controller at the following email address email@example.com or at the following postal address Parco Bognar, 21- 80078 Pozzuoli (NA).
6. Security measures
The treatment is carried out according to methods and with suitable tools to guarantee the security and confidentiality of the data, having the owner adopted adequate technical and organizational measures that guarantee, and allow to demonstrate, that the treatment is carried out in compliance with the reference legislation.
7. Data retention period
The Data Controller will process the Personal Data for the time necessary to fulfill the purposes connected with the execution of the contract between the Data Controller and the User no longer than 11 years from the termination of the relationship with the User and in any case until the completion of the term. prescription provided by the standards in force. When the processing of Personal Data is necessary for the pursuit of a legitimate interest of the Data Controller, Personal Data will be kept until such interest is satisfied. If the processing of Personal Data is based on the User’s consent, the Data Controller may keep the Personal Data until revoked by the same. Personal Data may be kept for a longer period if necessary to fulfill a legal obligation or by order of an authority. All Personal Data will be deleted upon expiry of the retention period. At the end of this term, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
8. Automated decision-making processes
All the collected data will not be subject to any automated decision-making process, including profiling, which can produce legal effects for the person or which can significantly affect them.
9. User rights
Users can exercise certain rights with reference to the data processed by the owner. In particular, the User has the right to:
- withdraw consent at any time;
- oppose the processing of your data;
- access your data;
- verify and request correction;
- obtain the limitation of the treatment;
- obtain the cancellation of their Personal Data;
- receive your data or have it transferred to another holder;
- propose a complaint to the supervisory authority for the protection of personal data and / or act in court.
- To exercise their rights, Users can direct a request to the owner’s contact details indicated in this document. Requests are made free of charge and processed by the Owner as soon as possible, in any case within 30 days.
10. Data Controller
The Data Controller is ArtGarage Cultural Association, with registered office in Parco Bognar, 21 80078 – Pozzuoli (NA) – VAT number 06890840637, e-mail address firstname.lastname@example.org.
Last updated: 04/06/2020