© artlab 2023
Legal Notice
LEGAL NOTICE - pursuant to art.13 of Regulation (EU) 2016/679
1) Parties involved
DATA SUBJECT: The person who provides their personal data and to whom this notice is addressed; DATA CONTROLLER: Entity that collects the data and processes, stores or transmits it; DATA PROCESSOR: Any person appointed for processing; THIRD PARTY RECEIVING THE DATA: The person to whom the data is provided. 2) Processing methods
The collection and processing of your personal data will take place after your consent. Processing may also be carried out using paper, electronic, IT or web-based means for the operations indicated by art. 4 of the Code and art. 4 no.2 of the GDPR such as: registration, organization, consultation, processing, modification, extraction, use, communication, deletion. They will be stored in locked places, the key to which will be kept by the President, and on a Personal Computer located at the APS headquarters, equipped with a firewall, antivirus, and periodic backup. Processing will consist of the collection, registration, processing, use, blocking, communication, deletion, and destruction of data.
3) Purpose of processing
Processing, following your consent, is aimed at managing your application for membership to the APS pursuant to the Statute, inclusion in the Members' Register, and participation in activities proposed by APS/ASD/SSD/EPS/Associative Networks. All communications relating to institutional and statutory activities, including notices of ordinary and extraordinary members' meetings, will be sent to the email address provided at the time of application.
4) Sensitive data
Processing will mainly concern personal data not included among sensitive data (racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership in parties, unions or associations, as well as personal data suitable for revealing health status and sexual life). The APS will limit itself to the mere storage of data for the period of membership status, after which, upon your formal request, to be sent via PEC to: assoartlab@pec.it or by REGISTERED MAIL to: ARTLAB-APS via Piazza D'Armi, 12 - 06049 - Spoleto (PG), the APS will proceed with their destruction.
5) Mandatory provision
Dear prospective Member, we inform you that the social promotion association ARTLAB-APS (hereinafter referred to as APS), as Data Controller and Processor, pursuant to EU Regulation 2016/679, which is immediately applicable in Italy pending the Decree provided for by Community Law no. 163/2017, which provides for the protection of individuals and other subjects with regard to the processing of personal data, will process your personal, identifying and registry data in accordance with the principles of fairness, lawfulness, transparency, and protection of your privacy and rights. Pursuant to art. 13 of the GDPR, as follows: Provision is necessary and mandatory for the aforementioned purposes and refusal will make it impossible to proceed with your admission as a Member of our APS.
6) Data communication The data you provide will be processed by the APS and communicated exclusively for the purposes indicated by the processing and for the related institutional purposes necessary for carrying out the institutional and statutory activities of the APS and the Associative Networks connected to it. These will act in full autonomy as Data Processors for their respective obligations. Furthermore, the data, upon request, will be communicated to Public Administrations for legal purposes.
7) Place and method of storage Personal data will be stored by the Data Controller on paper and/or IT servers, usually located within the European Community. Upon request of the data subject, as of the same date of the request, the storage addresses will be communicated.
8) Data retention period Your data will be kept for as long as necessary as required by current legislation and civil and tax provisions. They will be archived in protected files for the period required by law, and at the end, destroyed, upon your formal request, in the manner indicated in point 5).
9) Legal basis The provision of data is mandatory for achieving the institutional purposes of the APS and is therefore essential for the acceptance of your application for membership and for active participation in the institutional and statutory activities of the APS and the Associative Networks, as indicated in point 6). Pursuant to art. 36 of the Civil Code, the tax regulations relating to non-profit organizations, in particular art. 148 of the T.U.I.R., art. 4 of D.P.R. 633/72 and art. 90 of Law 289/2002. Any refusal to provide them will make it impossible to accept your application for registration and membership, as it would not be possible to establish the associative relationship provided for by the Statute, which is the basis for being able to benefit from the tax advantages due to the APS and also the possibility of participating in activities organized by the APS and the entities mentioned in point 6).
10) Rights of the data subject At any time you may exercise your rights with a specific request, to be sent to the APS, through the Data Controller, by registered mail or PEC. You may know what personal data the APS holds about you, request its modification, rectification or destruction, and you may also complete, update or request a copy of it. Any requests for copies on paper not collected at the APS headquarters will be subject to shipping costs. You may also, in the same way, revoke consent, object to the processing of all or part of the data, or request its transfer to third parties indicated by you. You may lodge complaints with the Data Protection Authority if you believe your rights have been violated.
11) Control methods Functional security checks will be implemented in the IT and web environment through: Access control and traceability using IDs and Passwords of different levels; Processing coding with identification and partitioning of processes; Malware protection system; Minimization of processed data. Periodic physical security checks will be arranged through: Storage of paper documents in protected places accessible only to authorized personnel; Storage of physical server media in a protected place and data backup; Conclusion of accurate contracts regarding the processing of personal data. Specific training will be provided for personnel who have access to personal data; there is no automated decision-making process, nor any profiling activity as per art. 22, paragraphs 1 and 4 of the GDPR.
© artlab 2023