This page is about privacy and describes the procedures of website management regarding the processing of users’ personal data. (Last modified: May 9, 2018.)
Associazione Progetto Venezia – CF 94023010278 – Mail: firstname.lastname@example.org
For any inquiries and/or to exercise your rights in compliance with section 7 of Legislative Decree n. 196/03, you can contact the Data Controller at the e-mail listed above.
The information provided only applies to this website and does not concern any websites which may be accessed through links.
The following list describes the contents that will be explained below:
- the types of data that can be collected
- how and for what purposes personal data will be handled/li>
- whether personal information provision is mandatory or optional
- the consequences of refusing to provide personal details
- who will be informed about personal data and if they will be disseminated
- user rights
CATEGORIES OF DATA COLLECTED
Among the data collected from this website, either independently or through third partes, there may be:
As part of their standard functioning, computer systems and software procedures relied upon to operate this website acquire personal data, whose transmission is implicit in the usage of Internet communication protocols.
Such information is not collected with the purpose of being associated with specific individuals; however its very nature might allow user identification, after being processed and matched with data held by third partes.
This category of data includes IP addresses or domain names of computers used by users connecting to the website, URI (Uniform Resource Identifier) addresses of requested resources, time of request, method used for submitting the request to the server, return file size, the numerical code indicating the server response status (successfully performed, error, etc.) and other parameters related to the user’s operating system and computer environment.
These data are only used to collect anonymous statistical information on the website usage as well as to check its correct functioning; they are deleted immediately after processing. The data may be used to ascertain responsibility in case computer crimes are committed against the website. Except for this circumstance, any data on web contacts is retained for no longer than seven days.
Data provided voluntarily by users
Among the data provided voluntarily in this website there can be: E-mail, First Name, Surname, Username, Password, Image, Gender, Date of Birth, Phone Number, Province, State, Country, Zip Code, City, Profession, VAT Number, Fiscal Code, Company Name, Workplace, Address, Fax Number, Data regarding Usage, Cookies.
An optional, explicit and voluntary sending of e-mail to addresses associated with this website entails the acquisition of the sender’s address, which is necessary to respond to requests, as well as of any other data voluntarily included in the message.
In case of specific summary information notices, they will be reported or displayed on the web pages dedicated to particular services on demand.
User’s failure to report certain personal data may prevent this website to provide its services.
The user is responsible for third partes’ personal information published or shared through this website and warrants to have the right to communicate or disseminate them, freeing the Data Controller from any liability towards third partes.
PROCESSING ARRANGEMENTS AND PLACE OF COLLECTED DATA
The Data Controller processes users’ personal data with the help of security measures designed to prevent unauthorized access, disclosure, modification or destruction of personal data. Data processing is performed with computer and/or telematic tools, organizational methods and following a logic that is strictly related to the purposes indicated. In addition to the Data Controller, data may be accessed, in some cases, by officers involved in the website organization or external partes (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies), which may be appointed as responsible for data processing by the Data Controller. The Data Controller can request an updated list of who is in charge of data processing.
Mode and place of processing the Data
Methods of processing
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
Legal basis of processing
The Owner may process Personal Data relating to Users if one of the following applies:
- Users have given their consent for one or more specific purposes. Note: Under some legislations the Owner may be allowed to process Personal Data until the User objects to such processing (“opt-out”), without having to rely on consent or any other of the following legal bases. This, however, does not apply, whenever the processing of Personal Data is subject to European data protection law;
- provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
- processing is necessary for compliance with a legal obligation to which the Owner is subject;
- processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
- processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.
In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
The Data is processed at the Owner’s operating offices and in any other places where the parties involved in the processing are located.
Depending on the User’s location, data transfers may involve transferring the User’s Data to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.
Users are also entitled to learn about the legal basis of Data transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the Owner to safeguard their Data.
If any such transfer takes place, Users can find out more by checking the relevant sections of this document or inquire with the Owner using the information provided in the contact section.
Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.
- Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
- Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.
The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
PURPOSE OF COLLECTED DATA PROCESSING
User’s personal data are collected to allow the Data Controller to provide its services, as well as for some of the following purposes:
- Protection against SPAM
- Contents’ comment
- Registration and authentication
- Interaction based on location
- Content’s visualization from external platforms
- Contact the user
- Management of addresses and sending e-mail
- Interaction with Social Networks and external platforms
For more information, see the section “In-depth information on the Processing of Personal Data”.
Providing personal data is not compulsory, except for using the contact form or registering on the website where it is required to access certain services.
In the two cases mentioned above, failure to provide the required personal data may block the functioning of the contact form and/or the Registration process. The data provided during the Registration process are not granted to third partes. Their collection is intended only for sending informative e-mail.
Defence in court
User’s personal data may be used by the Data Controller for defence in court or in the stages leading to possible legal acton, from user’s usage abuses or related services.
The user declares to be aware that the Data Controller may be required to disclose data on public authorities’ request.
The types of personal data used for each purpose are provided in the section “In-depth information on the Processing of Personal Data” of this document.
Cookies are pieces of code installed in the browser that assist the Data Controller in providing a service according to the described purposes. In some cases, the installation of cookies may also require the user’s consent.
These cookies are used to fulfil the navigation or to provide a service requested by the user. They are not used for other purposes and are normally installed directly by the owner of the website. Certain operations might not be performed without such cookies.
To install these cookies users are not required to give their prior consent, while it is compulsory to provide the information pursuant to article 13 of the Code, which the website manager may provide in the ways considered as most appropriate – in case he/she uses only such devices.
Data profiling cookies
These cookies are used to track the users’ web navigation and to create profiles on their tastes, habits, choices, etc. Advertising messages can be transmitted with these cookies to users’ terminal according to the preferences they have already expressed when navigating online.
article 122 of the Code refers to these cookies, where it considers that “the storage of information in a contractor’s or user’s terminal, or the access to information already stored are only allowed under the condition that the contractor or the user has given the consent – after being informed with the simplified arrangements pursuant to article 13, paragraph 3″(art. 122, paragraph 1, of the Code).
The collected data do not identify the user of the website, but they are used only to obtain statistical information about navigation: visited pages, time spent on the website, browser used, geographic data.
In case the user wants to deny cookies installation performed by Google Analytics on his/her terminal, it is possible to install thefollowing additional browser.
The rights of Users
Users may exercise certain rights regarding their Data processed by the Owner.
In particular, Users have the right to do the following:
- Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
- Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
- Access their Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
- Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
- Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
- Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Owner.
- Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
- Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.
Details about the right to object to processing
Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.
Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification. To learn, whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.
How to exercise these rights
Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Owner as early as possible and always within one month.
Users’ Rights regarding Cookies
In addition to what is stated in this document, the user can manage cookies preferences directly within his/her own browser and prevent, for example, third partes from installing them.
Through browser preferences the user can also delete cookies that were installed in the past, including the ones in which the installation consent was saved by this website.
It is important to note that disabling all cookies may mean to compromise the functioning of this website.
It is possible to find information about how to manage cookies in one’s browser at the following addresses:
- Chrome, type “chrome://settings/content” in the address bar (without quotation marks) and change cookies settings as preferred.
- Safari, select “Preferences” and then “Privacy”. In the section Block Cookie, specify how Safari has to accept cookies from websites.
- Internet Explorer: click on “Tools” in the menu bar and then on “Internet Options”. afterwards, access the “Privacy” tab settings to change preferences regarding cookies.
- Firefox, click on “Tools” in the menu bar and then on “Options”. afterwards, access “Privacy” to change preferences regarding cookies.
- Safari Mobile, go to “Settings” and then find “Safari” on the lef menu. From here, click on “Privacy and Security” to manage Options on cookies.
To disable cookies from external services it is necessary to operate on their settings.
The following list describes the major services used; for other ones please consult the list of services in the section “In-depth information on the Processing of Personal Data” and access each individual policy to disable cookies:
In-depth information on the Processing of Personal Data
What follows is a detailed explanation of the purposes for which personal data and the services used for their collection can be requested:
This service allows users to formulate and publish their comments about the contents of this website.
Users can leave comments anonymously, depending on the settings chosen by the Data Controller. If there is an e-mail address among the personal data provided by the user, this data can be used to send notifications of comments concerning the same content. Users are responsible for the content of their comments.
In case a third party comment service is installed, it is possible that, even when the users do not use it to comment, the service collects traffic data relating to the pages where the service is installed.
Commenting system run directly – This website has its own system of contents’ comment. Personal data collected: Surname, Cookies, Data regarding Usage, E-mail, Name and Username.
These services analyze this web-site’s traffic, which may contain personal data, and filter parts of the traffic, messages and contents recognized as SPAM.
Registration and authentication
By registering, users allow the website to identify them and give them access to special services.
Registration and authentication services may be provided by third partes. In case they are provided by third partes, this website can access certain data held by the third party service used for Registration or identification.
These services allow the Data Controller to monitor and analyze traffic data and are used to track the user’s behaviour.
Interactions based on location
Non-continuous geolocation – The user’s geographical location occurs in a non-continuous way if requested by the user or when the user does not indicate the place where he/she is in the specific entry and does not allow the Application to Automatic detect the position. Personal data collected: Geographic location.
Displaying content from external platforms
These services allow to view contents hosted on external platforms directly from the pages of this website as well as to interact with them.
In case this type of service is installed, it is possible that, even if the users do not use it, the service collects traffic data relating to the pages in which it is installed.
Addresses and sending e-mail
These services enable the management of a database containing e-mail, phone or any other types of contacts used to communicate with the user.
They may collect data relating to the date and time the user displays messages, as well as user’s Interaction with them – such as information on the clicking of links included in the messages .
Mailing List or Newsletter
By registering to the mailing list or newsletter, the user’s e-mail address is Automatically added to a list of contacts, to which e-mail messages that contain information related to this website may be sent – including commercial and promotional messages.
The user’s email address may be added to the list as a result of Registration to this website or after having made a purchase.
Personal data collected: Zip Code, City, Surname, Cookies, Date of Birth, Data regarding Usage, E- mail, Country, Name, Phone Number, Profession, Province, Gender and State .
Interaction with social networks and external platforms
These services enable the pages of this website to directly interact with social networks or other external platforms.
Interactions and information acquired by this website are in any case subject to the user’s privacy settings related to each social network.
In case a service of Interaction with social networks is used, it is possible that, even if users do not use it, the service collects traffic data about the pages in which it is installed.
Tweet button and social widgets of Twitter – The Tweet button and social widgets of Twitter are services of Interaction with the social network Twitter, provided by Twitter Inc. Personal data
Additional information on data processing
System log and maintenance
Out of necessities related to functioning and maintenance, this website and any third party services it uses may collect system Log – these are files that record interactions, which may also contain personal data, such as the user’s IP address.
Information not included in this policy
In relation to the processing of personal data, further information can be requested to the Data Controller by using the contact information mentioned above.
Definitions and legal references
Personal Data (or Data)
Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.
Information collected automatically through this Application (or third-party services employed in this Application), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.
The individual using this Application, which must coincide with or be authorized by the Data Subject, to whom the Personal Data refers.
The legal or natural person to whom the Personal Data refers.
Data Processor (or Data Supervisor)
Data Controller (or Owner)
The natural person, legal person, public administration or any other body, association or organization with the right, also jointly with another Data Controller, to make decisions regarding the purposes, and the methods of processing of Personal Data and the means used, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.
This Application (web site)
The means by which the Personal Data of the User is collected and processed.
Small sets of data stored in the User’s device.
How to manage the cookies and oppose to their use
Please follow the instructions provided by your browser’s producer to discover how to manage, disable or remove all the cookies (technical, analytics and profiling):
Notice to European Users: this privacy statement has been prepared in fulfillment of the obligations under Art. 10 of EC Directive n. 95/46/EC, and under the provisions of Directive 2002/58/EC, as revised by Directive 2009/136/EC, on the subject of Cookies and Directive 2016/679/EC (GDPR -GENERAL DATA PROTECTION REGULATION) .