Information on the processing of personal data according to Article 13 of EU Regulation 2016/679
The Cultural Association A.d’A. Academy of Arts, with registered office in Via dei Pandolfini 46/r 50122 – Florence, CF 94098980488 (hereinafter “TITULAR”), as data controller, informs you according to the Art. 13 EU Regulation 2016/679 (hereinafter “GDPR”) that your data will be processed in the manner and for the following purposes:
1. Treatment object
The Data Controller processes personal data, identifying thereafter, “PERSONAL DATA” or even “DATA”, which you have communicated during the activities that provide it on the site or on pages linked to it for services or requests that you make (for example in the Contact us section, or for the brochure request).
2.Purpose of the treatment
Personal data voluntarily provided and only upon your specific and distinct consent (Article 7), will be processed for the following purposes, up to its opposition:
- navigation on this website
- any request for contact, with the sending of information requested by you
- possible subscription to newsletters
- possible compilation of data collection form in dedicated areas
- administrative-accounting activities in general. For the purposes of the application of the provisions concerning the protection of personal data, the processing performed for administrative-accounting purposes are those related to the performance of organizational activities in accounting, regardless of the nature of the data processed. In particular, these objectives pursue internal organizational activities, those functional for the fulfillment of contractual and pre-contractual obligations, and information activities
3. Method of treatment
The processing of your personal data is carried out by means of the operations indicated in art. 4 paragraph 2 of the Regulation, namely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data.
Your personal data are subjected to both paper and electronic and / or automated processing.
The Data Controller will process the personal data for the time necessary to fulfill the aforementioned purposes until your request for cancellation from the lists, which can be carried out freely at any time.
4. Access to data
Your data may be made accessible for the purposes referred to in art. 2.A) of this information note:
- to employees and collaborators of the Data Controller, in their capacity as persons in charge and / or internal managers of the processing and / or system administrators
- to other partner schools
5. Data communication
Without the need for express consent (Article 6), the Data Controller may communicate its data to Supervisory Bodies, Judicial Authorities, insurance companies for the provision of insurance services, as well as to those subjects to whom the communication is mandatory for law for the accomplishment of the said purposes These subjects will process the data in their capacity as independent data controllers. Your information will not be disseminated.
6. Data transfer
Personal data is stored on servers located within the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU. In this case, the Data Controller hereby ensures that the transfer of non-EU data will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission.
7. Nature of providing data and consequences of refusing to answer
The provision of data for the purposes referred to in art. 2.A of this information is optional, in its absence can not receive newsletters, information required for the educational courses offered by the owner.
8.Rights of the interested party
In your capacity as an interested party, you have the rights referred to in Article 15, namely the rights to:
1. Obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form.
2. Obtain the indication: a) of the origin of personal data; b) of the purposes and methods of the processing; c) of the logic applied in case of treatment carried out with the aid of electronic instruments; d) of the identification details of the owner, the managers and the designated representative pursuant to art. 3, paragraph 1; e) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of it in their capacity as designated representative in the territory of the State, managers or agents.
3. Obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case where such fulfillment is it proves impossible or involves a use of means manifestly disproportionate to the protected right.
4. To object, in whole or in part: a) for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of the collection; b) to the processing of personal data concerning you for the purpose of sending brochures or educational materials, through the use of automated systems of call without the intervention of an operator by e-mail and / or through traditional marketing methods by telephone and / or paper mail. It should be noted that the right of opposition of the interested party, set out in point b) above, for direct marketing purposes through automated methods extends to traditional ones and that in any case the possibility remains for the data subject to exercise the right to object even only partially.
Therefore, the interested party can decide to receive only communications using traditional methods or only automated communications or none of the two types of communication.
Where applicable, it also has the following rights:
- Right of rectification (Article 16)
- Right to cancellation (“right to be forgotten”) (Article 17)
- Right to limit processing (Article 18)
- Obligation to notify in case of rectification or cancellation of personal data or limitation of processing (Article 19)
- Right to data portability (Article 20)
- Right of opposition (Article 21)
as well as the right to complain to the Guarantor Authority.
9. How to use the rights
You can use your rights at any time by sending:
- a registered letter a.r. at Accademia d’Arte A.d’A. Via Via dei Pandolfini 46 / r – 50122 Florence (FI)
- an e-mail to firstname.lastname@example.org
- by accessing the website of the Privacy Guarantor http://www.garanteprivacy.it
Possible Existence of an Automated Decision Making Process
The owner informs the interested part that in this site there is no automated decision making process, so in particular there is no profiling system.
Cookie and web beacons
Our online services use so-called cookie browsers and web beacons. Cookies do not cause any damage to your computer. They are small files with configuration settings that help us make our online services easier to use, more effective and more secure. Furthermore, cookies are used to implement certain user functions.Our online services generally use “session cookies”, which are automatically deleted when the browser is closed. Occasionally, they also use “persistent cookies”, which remain on their device until they expire or are manually deleted. The latter allow us to recognize your browser on your next visit. For details on “third-party cookies”, or cookies from third-party providers, such as Google Inc., refer to the privacy rules of these providers.
You can adjust your browser or the privacy settings of your mobile devices to be notified whenever a cookie is sent to your device so that you can decide whether or not to allow a cookie on a case-by-case basis. You can also disable the acceptance of cookies, in some cases only or by default, and enable automatic deletion of copies every time you close the browser. However, it should be noted that some features of our online services may not be fully accessible if cookies are disabled.
In addition, we use web beacons, also called page tags, to analyze the effectiveness of our website or our newsletters. For example, our newsletters and HTML e-mail could contain a web beacon that determines whether e-mails or links sent via e-mail have been opened.This information helps us to improve our e-mail service and to adapt our contents to the needs of users. The cancellation of the e-mail also deletes the web beacon. Needless to say, our regular text emails do not contain web beacons.
For the purpose of continuous functional optimization and maximum ease of use, some of our online services use the web analytics and social networks listed below. The data used for this purpose are exclusively non-personal.
– Plugin di Facebook (“Share button”): it is possible to recognize the plug-ins of Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA with the Facebook logo or the “share” button. For an overview of Facebook plugins, click here: http://developers.facebook.com/docs/plugins/.When using our online services, the plug-in establishes a direct connection between the browser and the Facebook server. Therefore, Facebook is informed that it is using our online services with its IP address. When you click on the “share” button of Facebook while connected to your Facebook account, you can link the content of our online services to your Facebook profile. Facebook can therefore associate the use of our online services to your user account. We wish to emphasize that we, as providers of online services, do not acquire any knowledge of the content of transmitted data and their use by Facebook. For more information, see the Facebook privacy statement at https://www.facebook.com/policy.php.If you do not wish to allow Facebook to associate the use of our online services with your Facebook user account, please log out of your Facebook user account.
- YouTube:YouTube is operated by Google, namely YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you use one of our online services with a YouTube plug-in, a connection is established to YouTube’s servers and information about the online services you are using is communicated to the YouTube server. When signed in to your YouTube account, YouTube allows you to associate your browsing activity directly with your personal profile. You can avoid it by disconnecting from your YouTube account. For more information about YouTube’s use of user data, see the YouTube privacy statement at https://www.google.com/intl/en/policies/privacy/.
The Data Controller employs a wide variety of data security measures to ensure the confidentiality and integrity of personal information.
However, given the nature of the Internet, we would like to draw your attention to the fact that there may be gaps in the security of data transmission over the Internet (e-mail communication, for example) and that full data protection from access to data is not possible for third persons.
10. Owner, manager and agents
The Data Controller is Associazione Culturale academy d’Arte A.d’A.
The updated list of data processors is kept at the registered office of the Data Controller
Ad’A declines all responsibility (even in the event of negligence) for direct, indirect or consequential damages that could derive from access to the elements of the Web Zoom platform or from their use, respectively from the inability to access or use them, or from the connection with other websites.
Accademia d’arte A.d’A will also not be responsible for behavior or omissions of third parties that affect the operation of the Zoom Platform, including, for examples and not limited to, slowdowns in speed or failure of telephone lines and computers that host the platform or manage the electronic traffic between the user and the platform.
The user expressly recognizes that the use of the zoom platform, including all content, data or software distributed, downloaded or accessed through the system, is at his own risk. the user understands and agrees to be the only responsible for direct, indirect, specific, accidental and consequential damages to his activity and his system and for loss of data resulting from the download of such content, data and / or software.