Information on the treatment of personal data
This page describes how to manage this site with reference to the processing of personal data of users who consult it. This is an information that is made in compliance with current legislation, regarding personal data, for users who interact with the services of this site within the framework of the EU Regulation 2016/679. The information is provided only for this site and not for other websites that may be consulted by the user through our links.
The "owner" of the treatment
Following consultation of the site, data relating to identified or identifiable persons may be processed. The "owner" of their treatment is Patrizio Paoletti Foundation with headquarters in Rome, Via Nazionale 230 - Cap: 00184. The person responsible for the protection of personal data (Data Protection Officer) pursuant to art. 37 of the GDPR is D.ssa Ilaria Sterpa. We remind you that you can contact the DPO at any time and send any question or request regarding your personal data and respect for your privacy by writing to the address Fondazione@fondazionepatriziopaoletti.org
Place of data processing
treatments related to web services are handled only by technical staff of the Office in charge of processing, or by any persons in charge of occasional maintenance operations. No data deriving from the web service is communicated or disclosed.
Purpose of the treatment and legal basis of the treatment
The personal data provided by users who submit requests or intend to use services or products offered through the site, as well as receive further specific contents, are used for the sole purpose of responding to requests or performing the service or provision requested and are communicated to third parties in the only if this is necessary for this purpose. The legal basis for these treatments is the need to respond to the requests of the interested parties or perform activities provided for in the agreements defined with the interested parties.
With the express consent of the user, the data may be used for commercial communication activities relating to offers of further products or services of the owner. The legal basis for this treatment is the consent freely expressed by the interested party.
Apart from these hypotheses, users' browsing data are kept for the time strictly necessary for the management of processing activities within the limits established by law.
Types of data processed
During their normal operation, the IT systems and software procedures used to operate the site acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning; are deleted after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
Data voluntarily provided by the user
The optional, explicit and voluntary sending of e-mails to the addresses indicated on the site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services on request.
Third party data
If you provide personal data of third parties, such as those of your family or friends, you must be sure that these subjects have been adequately informed and have consented to their treatment in the manner described in this statement.
Data of minors under 16
If you are under 16 you cannot provide us with any personal data nor can you register on Subito, and in any case we do not assume responsibility for any false statements you provide. If we become aware of the existence of untruthful declarations, we will proceed with the immediate cancellation of any personal data acquired.
For cookies we mean a textual element that is inserted in the hard disk of a computer only after authorization. Cookies have the function of streamlining the analysis of web traffic or of signaling when a specific site is visited and allow web applications to send information to individual users. No personal user data is acquired by the site in this regard. Cookies are not used to transmit personal information, and so-called are not used. persistent cookies of any type, or systems for tracking users. The use of so-called Session cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the site. The so-called session cookies used on the site avoid the use of other IT techniques that are potentially detrimental to the confidentiality of user navigation and do not allow the acquisition of the user's personal identification data.
Optional supply of data
Apart from what is specified for navigation data, the user is free to provide personal data to request the services offered by the Owner. Their absence can make it impossible to obtain what is requested.
Processing methods and data retention times
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
The data are kept for the time strictly necessary for the pursuit of the purposes indicated in this statement and will be deleted at the end of this period, unless the data itself must be kept for legal obligations or to assert a right in court.
Rights of the interested parties
Within the limits and under the conditions provided by law, the owner has the obligation to respond to the requests of the interested party regarding the personal data concerning him. In particular, based on current legislation:
1. The interested party has the right to obtain from the data controller confirmation that personal data concerning him or her is being processed and in this case, to obtain access to personal data and to the following information:
the purposes of the treatment;
the categories of personal data in question;
the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if recipients from third countries or international organizations;
when possible, the expected retention period of personal data or, if not possible, the criteria used to determine this period;
the existence of the right of the interested party to ask the data controller to rectify or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;
the right to lodge a complaint with a supervisory authority;
if the data are not collected from the data subject, all available information on their origin;
the existence of an automated decision-making process, including profiling
2. The interested party has the right to obtain from the data controller the correction of inaccurate personal data concerning him without undue delay. Taking into account the purposes of the processing, the interested party has the right to obtain the integration of incomplete personal data, also by providing an additional declaration.
3. The interested party has the right to obtain from the data controller the cancellation of personal data concerning him without undue delay and the data controller has the obligation to delete personal data without undue delay within the limits and in the cases provided for by the current legislation. legislation. The data controller informs each of the recipients to whom the personal data have been transmitted of any corrections or cancellations or limitations of the treatment within the limits and in the forms provided for by current legislation.
4. The interested party has the right to obtain the limitation of the processing from the data controller.
5. The interested party has the right to receive in a structured format, commonly used and readable by an automatic device, the personal data concerning him, provided to a data controller and has the right to transmit such data to another data controller unimpeded treatment by the data controller to whom you have provided them.
To exercise the rights listed above, the interested party must submit a request using the following contact points through which the Data Protection Officer can also be contacted.
Requests should be addressed to the Data Controller at the following email address Fondazione@fondazionepatriziopaoletti.org, through which the data protection officer designated by the Data Controller may be contacted.
This version of the information on the processing of personal data was updated on 07 May 2018.
This information may be subject to changes. If substantial changes are made to the use of user data by the Owner, the latter will notify the user by publishing them with the utmost evidence on their pages or through alternative or similar means.
Categories of third parties to whom the communication can be made for the pursuit of the purposes set out in the Information.
The Data Controller may need to communicate your personal data to third parties, belonging, by way of example, to the following categories:
a) subjects who provide support services for the execution of the activities arranged by you in relation to the existing relationship;
c) subjects who handle the packaging, shipping and archiving of the documentation relating to the relations with the interested party;
d) additional subjects which the Body uses for various reasons for the supply of the product or service requested;
e) subjects that provide services for the management of the institution's IT system;
f) subjects that provide professional services of tax, legal and judicial consultancy and assistance;
g) subjects that manage the audit and certification of the financial statements;
h) authorities and supervisory and control bodies and in general subjects, public or private, with advertising functions;
Furthermore, for natural persons whose data are held by the Data Controller for reasons other than just support for projects (donors), in light of the institution's particular activity and in compliance with sector regulations, the Patrizio Paoletti Foundation may have to communicate your personal data also to the following categories of subjects: j) subjects adhering to the Exchange System established by the Ministry of Economy and Finance and / or subjects involved in the processes of transmission of electronic invoices.
For more detailed information, the interested party can contact the DPO of Fondazione Patrizio Paoletti, D.ssa Ilaria Sterpa, at the following addresses:
c / o Patrizio Paoletti Foundation
230, Via Nazionale
Phone +39 06.8082599