1. Who is the data controller? How to contact him?
Pursuant to art. 4 ad 24 Reg UE the Data Controller is Associazione Data Protection Officer (ASSO DPO), with registered office in 20121 Milano – P.le Principessa Clotilde n. 6, P.IVA 08258580961, C.F. 97656960156, in person of its Legal Representative Dott. Matteo Colombo.
contacts: email firstname.lastname@example.org; telephone number: 800561720.
Signing-up to Associazione Data Protection Officer (specific policy available in the sign-up area)
Data disclosure, images included (photo, video, audio), for promotional activities aimed at advertise the activity, the services and the organization of the data Controller. The data diffusion will occur through data publication (images included), through different communication channels as, magazines, brochures, presentations, websites, social networks.
Data transfer to third parties (partners and sponsors of data Controller) for marketing purposes, namely to receive promotional and marketing/commercial communication from third parties acting in the following fields: insurance for the professional liability of Data Protection Officers, certification bodies, consultancy and trading firms, Universities, software house. The list of the predicted is available on demand.
Whether the data subject fills any forms for the data collection, in specific areas related to Direct Marketing purposes: prior consent and until opposition for direct marketing, market research, direct sales, surveys on satisfaction degree, newsletters and promotional, commercial and advertising material or regarding events and initiatives, through automated means of E-Mail, telefax, messages, SMS, MMS or other types, as well as operator-phone calls, paper mail or other information material.
The Data Controller does make use of reports relating to newsletters and promotional communication, aimed at comparing and possibly improving results. Thanks to reports, the Data Controller will be able to discover, for example: the number of readers, single openings, unique “clickers” and clicks; devices and operating systems employed to read the communication; user’s detailed activity; details of sent, delivered and forwarded emails; All these data are employed with the purpose of comparing, and possibly improving, the communication results.
Filling in of forms in order to use the “Sportello del Consumatore” service – art. 2, paragraph 4 of Law 4/2013 (see specific information notice in the Sportello per il consumatore Area)
3. Who the collected data will be communicated to?
Provided data will be shared with recipients who will treat them as data Processors (art. 28 Reg. UE 2016/679) and/or as natural person acting under the controller’s or processor’s authority (art. 29 Reg. UE 2016/679) for former purposes.
Namely, data will be shared with: companies contractually associated to the Data Protection Officer Association; – subjects who provide services for the management of the information system used by the Data Protection Officer Association and telecommunications networks; – professionals, studies or companies in the assistance and consultancy field; – subjects who provide services for the management of the activities indicated above in the purposes (subjects for communication, printing brochures, flyers, websites, videos); – platform managers for the services listed above (site hosting, YouTube); – Commercial Partners, with prior consent;- Competent authorities for compliance with legal obligations and / or provisions of public bodies, upon request; -other associated.
The list of the data Processors is constantly updated and available writing to email@example.com or sending a traditional mail to the Data Controller registered office.
4. Does Asso DPO transfer data to a third country and/or to international organisations?
Personal data may be transferred only with prior consent of the data subject and, in this case, they will be transferred to countries outside the EU exclusively for the purpose of transmission on social platforms; such transfer will then be managed as established in the general conditions and in the privacy policies of the related social networks. If it should be necessary to transfer your data to non-EU countries, this will be done in compliance with the limits and conditions of the articles 44 and s.s. of EU Reg. 2016/679. The data subject may obtain information about the guarantees for data transfer writing an email to the address firstname.lastname@example.org or at the registered office of the Data Controller.
5. Are personal data processed by an automated mean?
We do not process data by automated mean, profiling included.
6. Which rights am I entitled to? How can I exercise them?
You can exercise your rights, as required by art. 15, 16, 17, 18, 19, 20, 21 of the General Data Protection Regulation UE 2016/679 (GDPR) contacting the data Controller at the email address: email@example.com.
You have the right, at any time, to obtain from the data Controller the access to your personal data, request their rectification, erasure or processing restriction. Furthermore, you have the right to object anytime to your personal data processing as well as to data portability.
You have the right to oppose to the processing based upon consent and/or legitimate interest.
To unsubscribe from direct marketing updates (E-Mail or sms), please write to firstname.lastname@example.org (object: “cancellazione da automatizzato”) or use our automated unsubscribing tools.
To unsubscribe from traditional direct marketing updates (operator phone calls), please write to email@example.com (object: “cancellazione da tradizionale”).
Without prejudice to any other administrative or judicial remedy, in case you consider the processing conflicting with Reg. UE 2016/679, pursuant to article 15 lett. f) you have the right to lodge a complaint with a supervisory authority (www.garanteprivacy.it).
In case of request for data portability, the Data Controller will provide you with a structured format, commonly used and readable, by automatic device, the personal data concerning you, without prejudice to paragraphs 3 and 4 of the art. 20 of Reg. (EU) 2016/679.
Data controller retains the right to modify, update, add or remove parts of this statement at his own discretion, in any moment.
Date of review: 28/11/2019