Information on the processing of personal data

Information on the processing of personal data.
(Articles 13 and 14 of European Regulation No. 679/2016)

The undersigned FENICE ONLUS FOUNDATION – FENICE GREEN ENERGY PARK, based in Lungargine Rovetta 25 in Padua, Cod. Tax 92181230282 – VAT 04152340289 as “Data Controller” informs you, pursuant to articles 13 and 14 of the European Regulation no. 679/2016 (hereinafter “EU Regulation”), that your data will be processed as indicated below:

 

1. Object of the Treatment

The Data Controller informs you that the personal, identification data (for example, name, surname, company name, address, telephone number, e-mail address, bank and / or payment details, etc.), hereinafter referred to as “personal data” or even simply “data” relating to you, also acquired verbally directly or through third parties in the past, such as those that will be collected in the future, may be processed in full compliance with the EU Regulation. The Data Controller carries out the processing in a lawful manner specifically for the execution of a contract of which you are a party or for the execution of the pre-contractual measures (e.g. preparation of an offer, etc.) requested by you (art. 6 of the EU Regulation).
Data processing means any operation or set of operations relating to the collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, destruction of the data.

 

2. Legal basis and purpose of the processing

Legal basis: EU Regulation no. 679/2016
A) without your express consent (Article 6 letter b), c), e) of the EU Regulation), for the following purposes:
– fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships with you;
– fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority (such as in the field of anti-money laundering);
– exercise the rights of the Data Controller, for example the right to defense in court;
– for keeping the general accounts;
– for management purposes (invoicing, any document management, etc.);
– for credit management;
– for statistical analysis and quality control;
– for insurance management;
– for technical assistance.
In particular, your data will be processed for purposes related to the implementation of the following obligations, relating to legislative or contractual obligations:
– Technical and functional access to the site no data is kept after closing the browser;
– Advanced navigation purposes or personalized content management;
– Statistical and analysis purposes of navigation and users.
B) Only with your specific and distinct consent (Article 7 of the EU Regulation), for the following commercial and / or marketing and / or profiling purposes:
– sending via e-mail, post and / or sms and / or telephone contacts of newsletters, commercial communications and / or advertising material on products or services offered by the Data Controller and / or detection of the degree of satisfaction with the quality of what is carried out at your request ;
– sending via e-mail, post and / or sms and / or telephone contacts of commercial and / or promotional communications of third parties (for example, business partners).

 

3. Processing methods

The processing of your personal data is carried out by means of the operations indicated in art. 4 n.2) of the EU Regulation and more precisely: the collection, registration, organization, structuring, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction, blocking. Your personal data are subjected to both paper and electronic and / or automated processing (in any case suitable for guaranteeing the security and confidentiality of the data).

 

4. Data retention times and other information

The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes and in any case for no later than the terms of the law from the termination of the relationship for the purposes referred to in the existing relationship.
With reference to the personal data subject to processing for marketing purposes or processing for profiling purposes, the same will be kept in compliance with the principle of proportionality and in any case until the purposes of the processing have been pursued or until the revocation takes place. specific consent from the interested party.
Specifically, the Data Controller will process the data for no more than 2 years from the collection of the data for the purposes of Marketing and one year for the data collected for profiling purposes.
The personal data you provide will be treated “lawfully, according to correctness and transparency”, protecting your privacy and your rights.

 

5. Access to data

Your data may be made accessible for the purposes referred to in points 2.A) and 2.B) above:
– to shareholders, employees and collaborators of the Data Controller in Italy and abroad, in their capacity as persons in charge and / or internal managers of the processing and / or system administrators;
– to third-party companies or other subjects that carry out outsourced activities on behalf of the Data Controller, in their capacity as external data processors (by way of example: associated firms, lawyers, data processing companies, certifying bodies, accounting consultant / tax and in general to all the Bodies responsible for checks and controls regarding the correct fulfillment of the aforementioned purposes, credit institutions, professional firms, consultants, insurance companies for the provision of insurance services, financial offices, Municipal Bodies and / or Municipal Offices , to consultants and service companies and for safety in the workplace, who will in turn be able to communicate the data, or grant access to them within their own members, users and their successors in title for specific market research. The data collected and processed may also be communicated, in Italy and abroad, to subcontractors, suppliers, for the management of systems. information, to transporters, freight forwarders and customs agents).
For the sake of brevity, the detailed list of these figures is available at our office and is at your disposal.

 

6. Communication of data

Without the need for express consent (Article 6 letter b) and c) of the EU Regulation), the Data Controller may communicate your data for the purposes referred to in point 2.A) above to supervisory bodies, judicial authorities , to insurance companies for the provision of insurance services, as well as to those subjects to whom communication is mandatory by law for the accomplishment of the aforementioned purposes.
These subjects will process the data in their capacity as independent data controllers.
During and after browsing, your data may be disclosed to third parties, in particular to:
– Google: Advertising service, Advertising target, Analytics / Measurement, Content customization, Optimization;
– Google AdWords: Advertising service, Advertising target, Analytics / Measurement, Content customization, Optimization;
– Google Analytics: Advertising target, Analytics / Measurement, Optimization.
Your information will not be shared.

 

7. Data transfer

Personal data are stored on devices located at the headquarters of the Data Controller or at providers, within the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the data even to non-EU countries. In this case, the Data Controller ensures from now on that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the contractual clauses and standard checks provided for by the European Commission.
Both with regard to the data on their devices and for any data present at the provider, the Data Controller has implemented appropriate technical and organizational measures to ensure an appropriate level of security, in full compliance with the provisions of art. 32 of the EU Regulation.
Browsing: your browsing data may also be transferred, limited to the purposes indicated above, in the following states: – EU countries, – United States.
Cookie management: in the event that you have doubts or concerns about the use of cookies, you can always intervene to prevent them from being set and read, for example by changing the privacy settings in your browser in order to block certain types.
Since each browser, and often different versions of the same browser, also differ significantly from each other, if you prefer to act independently through your browser preferences, you can find detailed information on the necessary procedure in your browser’s guide.

 

8. Nature of the provision of data and consequences of refusing to respond

The provision of data for the purposes referred to in point 2.A) above is mandatory. In their absence, we will not be able to guarantee the Services as indicated in 2.A).
The provision of data for the purposes referred to in point 2.B) above is optional. You can therefore decide not to provide any data or subsequently deny the possibility of processing data already provided: in this case, you will not be able to receive newsletters, commercial communications and advertising material and / or anything else related to the Services offered by the Data Controller.
However, you will continue to be entitled to the Services referred to in point 2.A).

 

9. Rights of the interested party

In your capacity as an interested party, you have the rights referred to in art. 15 of the EU Regulation reported below and precisely:
1. has the right to obtain from the Data Controller confirmation that personal data concerning him is being processed and, in this case, to obtain access to personal data and the following information:
a) the purposes of the processing;
b) the categories of personal data in question;
c) the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if they are recipients of third countries or international organizations;
d) when possible, the retention period of the personal data envisaged or, if not possible, the criteria used to determine this period;
e) the existence of the right of the interested party to ask the Data Controller to correct or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;
f) the right to lodge a complaint with a supervisory authority (the Guarantor for the protection of personal data);
g) if the data are not collected from the data subject, all available information on their origin;
h) the existence of an automated decision-making process, including profiling pursuant to art. 22, paragraphs 1 and 4 of the EU Regulation, and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the data subject.
2. If your personal data are transferred to a third country or to an international organization, you have the right to be informed of the existence of adequate guarantees pursuant to art. 46 of the EU Regulation relating to the transfer.
3. The Data Controller will provide you with a copy of your personal data being processed if you request it.
If you request further copies, the Data Controller may charge you a reasonable fee based on administrative costs. If you submit your request electronically, and unless otherwise indicated, the information will be provided to you in a commonly used electronic format.
4. The right to obtain a copy referred to in paragraph 3 must not affect the rights and freedoms of others.
Furthermore, where applicable, you can enjoy the rights referred to in articles 16 to 22 of the EU Regulation and precisely you have:
– the right to rectify personal data;
– the right to be forgotten (right to cancellation);
– the right to limitation of processing;
– the right to data portability;
– the right to object;
– the right to complain to the Guarantor Authority.
You also have the right to revoke any consent already given at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation.

 

10. Procedures for exercising rights

You can exercise your rights at any time by sending:
– a registered letter with return receipt to the writer (see the address indicated on the letterhead);
– an e-mail to info@fondazionefenice.it.

 

11. Minors

What is offered by the Data Controller and the subject of the existing relationship with you does not provide for the intentional acquisition of personal information relating to minors. In the event that information on minors is unintentionally registered, the Data Controller will delete it in a timely manner, at the request of the interested party.

 

12. Personal data not obtained from the interested party

It may happen that the writer is not the Data Controller to whom you have given your personal data, but turns out to be co-data controller or external data processor and that therefore your data has reached the writer in second place due to of a contract that governs the parties. In this case, it is specified that the writer will do everything possible to ensure that you have been informed and have given your consent to the processing. You can ask the writer for the origin of the acquisition of your data at any time.

 

13. Owner, Manager, D.P.O. (R.P.D.) and Distributors

Below we provide you with some information that you need to bring to your knowledge, not only to comply with legal obligations, but also because transparency and fairness towards our customers is a fundamental part of our business.
Holder of the treatment. The Data Controller of your personal data is the FENICE ONLUS FOUNDATION – FENICE GREEN ENERGY PARK on behalf of which the Company signs Mr. Alberto Cecolin, responsible towards him for the legitimate and correct use of his personal data and whom he can contact for any information. or request at the following addresses: telephone +39 049 8021850, e-mail: privacy@fondazionefenice.it.

 

Responsible for the treatment. The Data Controller has appointed Mr. Andreas Spatharos as Data Processor who is also responsible towards you for the legitimate and correct use of your personal data and who you can contact for any information or request at the following addresses: telephone + 39 049 8021850, e-mail: privacy@fondazionefenice.it.

 

D.P.O. (Data ProtectionOfficer) – R.P.D. (Data Protection Officer). You can also contact the Data Protection Officer for information and requests regarding your data or to report inefficiencies or any problem that may be encountered.
The Data Controller has appointed Mr. Nicola Ghinello, who can be contacted at the following addresses: telephone +39 348 3165267, e-mail: nicola.ghinello@dpo-rpd.com.

 

Appointees. The updated list of data processors is kept at the headquarters of the Data Controller.