Personal Data Processing Information for Newsletter

Information on the processing of personal data

Information Pursuant to Article 13 of the European Regulation on the Protection of Personal Data 2016/679 (Hereinafter the "GDPR") – Newsletters.

With this information notice, pursuant to the provisions of Art. 13 of the GDPR, we wish to inform you about the processing of your personal data for the purpose of sending newsletters by the Antonio Emanuele Augurusa Foundation, which will be carried out in compliance with the applicable legislation on personal data protection.

Data Controller and DPO

The “data controller” (hereinafter also referred to as the “Controller”), pursuant to Art. 4, paragraph 1, no. 7 of the GDPR, is the Fondazione Antonio Emanuele Augurusa, with registered office in Filogaso (VV) at Via Gallippi Antonio, 11.

Purposes, legal basis for processing and data retention times

Categories of processed data
For the purposes described in the following paragraph, the Data Controller will process the following data relating to you:

Contact data (email);
Personal data (name and surname);
IP addresses, cookie data. For more information, please consult the Cookie Policy.

No processing of special data or any kind of profiling will be carried out.

Purposes of Processing and Legal Bases

Personal data will be processed for the following purposes:

news regarding initiatives, activities, projects, services
communications relating to training courses, projects, initiatives, activities, conferences and informative, cultural or scientific events offered or sponsored by the Controller, using automated means of electronic mail, postal mail and other informative material.

The legal basis for the processing is your specific consent, which you are free to give or not and which can be revoked at any time.

Method of Processing and Data Retention

The processing of your Data will be carried out using appropriate paper, electronic and/or telematic tools in compliance with the regulatory provisions on personal data processing, adopting adequate security measures to ensure the security and confidentiality of the data itself. The processing of your Data will also be managed by specially designated, trained and instructed personnel.
The sending of communications will be managed through communication platforms for sending newsletters via the Brevo platform (https://www.brevo.com). Following consent to send communications, your identification data will be stored on their servers. For further information on this, we invite you to consult the privacy policy of https://www.brevo.com at the link https://www.brevo.com/legal/privacypolicy/.

Users can, at any time, modify their data by accessing https://www.brevo.com and clicking on “edit my profile” or by contacting customer service at support@brevo.com.

Dissemination and Categories of Data Recipients

The collected data will not be disseminated and will be processed by duly trained and authorized internal personnel.
The data may be communicated to third parties, contractually bound to the controller and exclusively for the achievement of the expressed purposes or in order to comply with contractual or legal obligations, belonging to the following categories: internal subjects in charge of managing IT systems, external subjects that provide services for the management of the information system and telecommunications networks, including electronic mail, newsletter and website management.
The data will be stored in Google Cloud (Google Drive).
The list of any external processors is constantly updated and available, upon request, at the Controller’s headquarters.

Period of data retention

Your Data will be kept for a period of time not exceeding the achievement of the purposes for which they are processed, in full compliance with the principle of storage limitation provided for by the Regulation.
Specifically, your Data will be kept for the entire duration of the newsletter service, unless you revoke your consent.

Rights of the Data Subject Chapter III of the GDPR

In the presence of the conditions provided for by the GDPR, you can exercise against the Data Controller the rights provided for by Articles 15 and following of the GDPR, if applicable, and, by way of example, you have the right to request:

access to your Data, in the cases provided for;
the rectification of inaccurate Data and the integration of incomplete Data;
The erasure of Data for the reasons provided, such as when they are no longer necessary for the purposes indicated above or are not processed in compliance with the Regulation;
The limitation of processing for the cases provided, such as when the accuracy of the Data is contested and it is necessary to verify its correctness;
The portability, meaning the right to receive, in the cases provided, in a structured, commonly used and machine-readable format, the Data and to transmit said Data to another data controller;
The objection to processing, in the cases provided.

To exercise the aforementioned rights, you may send a specific request to the email address: privacy@fondazioneagurusa.org.
Furthermore, pursuant to art. 77 of the GDPR, if you believe that the processing of personal data concerning you is not in compliance with EU Reg. 2016/679, you have the right to lodge a complaint with the Data Protection Authority as the supervisory authority, following the procedures and indications available on the website www.garanteprivacy.it.

Updates

This privacy notice is applicable from the moment of its publication. In order to best satisfy any informational needs regarding privacy and to accommodate the regulatory evolution in the sector, this notice may be subject to updates and modifications.