Privacy Policy
Find out how we guarantee your Privacy in our Policy
Information prepared pursuant to art. 13 of Regulation (EU) 2016/679 “GDPR”
Dear Customer, We invite you to carefully read our Privacy Policy, which applies in all cases in which you access the ecomuseoriolo.it website and decide to browse it and use its services. The purpose of this document is to provide the necessary information regarding the processing of personal data (hereinafter also “data”) freely provided by you; in particular regarding the purposes and methods of processing of your personal data, as well as the scope of communication and dissemination of the same, the nature of the data in our possession, the period of conservation and the rights reserved to you. The information is not to be considered valid for other websites that may be consulted via links on the Website of the Owner, who is not to be held in any way responsible for third-party websites.
SUMMARY
• Data Controller
• Object of the processing
• Methods and storage of your data
• Purpose of the processing and legal basis of the processing
• Optional or mandatory nature of the provision of data; need for consent and consequences of failure to consent
• Subjects or categories of subjects to whom your data may be communicated
• Subjects who may process your personal data
• Security measures
• The rights of the interested parties
• Contacts for the exercise of the rights of the interested party
• Changes and updates to this Privacy Policy
DATA CONTROLLER
The Data Controller of the data collected through this Site is Ente di Gestione per i Parchi e la Biodiversità – Romagna, with registered office in Via Aldo Moro, 2, 48025 Riolo Terme RA, (hereinafter referred to as “The Controller”): the Controller decides independently on the purposes and methods of data processing, as well as on the security procedures to be applied to guarantee their confidentiality, integrity and availability.
OBJECT OF THE TREATMENT
The Data Controller processes personal, identifying and non-sensitive data (in particular, name, surname, email, telephone number – hereinafter, “personal data” or also “data”) communicated by you when requesting information and/or in order to use the newsletter/marketing services offered by the Data Controller. Browsing data may also be processed, personal data whose transmission is implicit in the use of internet communication protocols (such as IP addresses, type of browser, operating system, domain name and addresses of websites from which access or exit was made, information on the pages visited by users within the Site, access time, time spent on a single page, internal path analysis and other parameters relating to the operating system and the user’s IT environment), acquired by the IT systems and software procedures used to operate the Data Controller’s Website. In this regard, the Website uses cookies that collect your personal data. We invite you to read the Cookie Policy which describes the cookies used by the Site and the purposes of their use.
METHODS AND STORAGE OF YOUR DATA
The processing of your personal data is carried out by means of the operations indicated in art. 4 n. 2) of Regulation (EU) 2016/679 and in compliance with the principles of lawfulness, correctness and transparency and the other principles indicated in art. 5 of Regulation (EU) 2016/679. The Data Controller will process your data for service or pre-contractual purposes for the time necessary to fulfill the purposes of the processing. The data for newsletter/marketing purposes, where your explicit consent has been given, will be retained for the time necessary to pursue the purposes of the processing or for shorter periods, if you withdraw your consent.
PURPOSE OF THE PROCESSING AND LEGAL BASIS OF THE PROCESSING
The personal data voluntarily provided will be processed for the following purposes: 1) for browsing this Website; 1.1) – for the use of the services offered and to receive a response to your requests; 1.2) – for the possible compilation of data collection fields in dedicated areas; 1.3) – to fulfill the obligations established by the Law, by a Regulation, by community legislation or by an order of the Authority; 1.4) – to prevent or discover fraudulent activities or abuses harmful to the website; 1.5) – to exercise the rights of the Owner, for example the right of defense in court. The legal basis for processing for the purposes referred to above in point 1) is: data processing is necessary to allow correct navigation on the Website and for the execution of pre-contractual measures adopted at the request of the interested party (e.g. responding to your requests by filling in specific forms), to fulfill a legal obligation to which the Data Controller is subject and, finally, for the pursuit of the legitimate interest of the Data Controller (e.g. exercising the right of defense in court or preventing fraudulent activities). 2): subject to your explicit consent for any registration to the newsletter service, to receive promotional and commercial communication emails and/or for other direct marketing activities in order to receive, by automated means (e-mail, traditional mail or other means of communication) promotional, commercial and/or advertising information material relating to the services offered, as well as commercial initiatives, which will be organized by the Data Controller. The legal basis for processing for the purposes referred to in point 2) is: data processing is lawful only if the interested party has given his/her consent.
OPTIONAL OR MANDATORY NATURE OF DATA PROVISION; NEED FOR CONSENT AND CONSEQUENCES OF FAILURE TO CONSENT
Apart from what is specified for navigation data, you are free to provide your personal data. The provision of personal data for the purposes referred to in point 1) is optional but necessary to use the services requested from time to time from the Data Controller and to use the specific features of the Site. Failure to provide them may make it impossible to obtain what is requested or to use the services of the Data Controller. Consent to the processing of data for the purposes 2) – i.e. for promotional, commercial communication and/or marketing purposes in general – is always optional. In the absence of consent, the Data Controller may still provide the services referred to in point 1) and you may still complete the other requests and use the services provided by the Data Controller – point 1) (e.g. send a contact request, use other services, etc.). You may therefore decide not to provide any data or to subsequently and at any time revoke the possibility of processing data already provided, but the revocation will not affect the lawfulness of the processing based on consent before the revocation.
SUBJECTS OR CATEGORIES OF SUBJECTS TO WHOM YOUR DATA MAY BE COMMUNICATED
Your data will be communicated to third parties only with your express consent, except in cases where communication is mandatory by law or is necessary for purposes established by law for the pursuit of which the consent of the interested party is not required; in such cases, the data may be made available to third parties who will process them independently and solely for the aforementioned purposes (for example, in the case of a request made by the police or the judiciary or other competent bodies or to perform obligations arising from the contract concluded with you). Your data will not be disclosed in any way.
SUBJECTS WHO MAY PROCESS YOUR PERSONAL DATA
The Data Controller may use third parties to process your personal data, to carry out certain activities. The third parties who carry out these operations have been adequately selected and are experienced, capable, reliable and offer a suitable guarantee of full compliance with the provisions in force regarding processing, including data security. These third parties will be appointed as “Data Processors” and will carry out their activity according to the instructions given by the Data Controller and under his direct control. The updated list of Processors may be requested from the Data Controller. Your data will also be processed by persons authorised by the Data Controller to carry out activities strictly related to the provision of services or to the other purposes mentioned above, who are appropriately trained and are committed to confidentiality (e.g. the Data Controller’s employees).
SECURITY MEASURES
The Data Controller adopts adequate security measures in order to minimize the risks of destruction or loss – even accidental – of data, unauthorized access or processing that is not permitted or does not comply with the collection purposes indicated in this Privacy Policy.
THE RIGHTS OF THE INTERESTED PARTIES
Regulation (EU) 2016/679 “GDPR” recognizes the Data Subject the possibility of exercising the following rights:
• Right of access to data collected and processed (art. 15)
• Right to obtain rectification of data (art. 16)
• Right to obtain erasure of data and right to be forgotten (art. 17)
• Right to obtain restriction of processing (art. 18)
• Right to data portability to another Data Controller (art. 20)
• Right to object to processing (art. 21)
• Right not to be subjected to automated processing (art. 22)
• Right to lodge a complaint with the Supervisory Authority (art. 77);
• Right to lodge a judicial appeal against the supervisory authority (art. 78) and against the Data Controller and/or the Data Processor (art. 79);
• Right to withdraw consent at any time (art.7 paragraph 3), without prejudice to the lawfulness of the processing based on the consent given before the withdrawal.
In the event of a violation of the personal data of the interested party, taking into account the provisions of art. 34 GDPR, the Data Controller will communicate the violation to the interested party.
CONTACTS FOR THE EXERCISE OF THE RIGHTS OF THE INTERESTED PARTY
You may exercise your rights at any time by sending an email to: info@parchiromagna.eu
This Site and the Owner’s Services are not intended for minors under 16 years of age and the Owner does not intentionally collect personal information relating to minors. In the event that information on minors is inadvertently recorded, the Owner will delete it promptly, upon request of users.
CHANGES AND UPDATES TO THIS PRIVACY POLICY
The Owner may modify or simply update, in whole or in part, the Privacy Policy of the site, also in consideration of the modification of the provisions of Law or Regulation that govern this matter and protect your rights. The modifications and updates of the Privacy Policy will be binding as soon as they are adopted and published on the website.
Name and company name: Ente di Gestione per i Parchi e la Biodiversità – Romagna
Registered office: Via Aldo Moro, 2, 48025 Riolo Terme RA
Telephone: +39 0546 77404
Tax code: 90030910393
Discover Faenza Apennines Landscape Ecomuseum!