© artlab 2023
Privacy Policy
INFORMATION pursuant to art.13 of Regulation (EU) 2016/679
1) Involved parties
DATA SUBJECT: The person who provides their personal data and to whom this information notice is addressed; DATA CONTROLLER: Entity that collects the data and processes, stores, or transmits it; DATA PROCESSOR: Any person in charge of processing; THIRD PARTY RECEIVING THE DATA: The person to whom the data is provided. 2) Processing methods
The collection and processing of your personal data will take place after your consent. Processing may also take place with the aid of paper, electronic, IT, or web-based means for the operations indicated by art. 4 of the Code and art. 4 no.2 of the GDPR such as: registration, organization, consultation, processing, modification, extraction, use, communication, deletion. They will be stored in locked places, the key to which will be kept by the President, and on a Personal Computer located at the APS headquarters, equipped with a firewall, antivirus, and periodic backup. Processing will consist of the collection, registration, processing, use, blocking, communication, deletion, and destruction of data.
3) Purpose of processing
The processing, following your consent, is aimed at managing your request for membership in the APS pursuant to the Statute, inclusion in the Register of Members, and participation in activities proposed by APS/ASD/SSD/EPS/Associative Networks. All communications relating to institutional and statutory activities, including notices of ordinary and extraordinary meetings of Members, will be sent to the email address provided at the time of the membership request.
4) Sensitive data
The processing will mainly concern personal data not included among sensitive data (racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership in parties, trade unions or associations, as well as personal data suitable for revealing health status and sexual life). The APS will limit itself to the mere storage of data for the period of Member status, after which, upon your formal request, to be sent via PEC to: assoartlab@pec.it or by REGISTERED MAIL to: ARTLAB-APS via Piazza D'Armi, 12 - 06049 - Spoleto (PG), the same APS will proceed with their destruction.
5) Mandatory provision
Dear prospective Member, we inform you that the social promotion association ARTLAB-APS (hereinafter referred to as APS), as Data Controller and Processor, pursuant to EU Regulation 2016/679, which is immediately applicable in Italy, pending the Decree provided for by Community Law no. 163/2017, which provides for the protection of individuals and other subjects with regard to the processing of personal data, will process your personal, identifying, and registry data in accordance with the principles of fairness, lawfulness, transparency, and protection of your privacy and rights. Pursuant to art. 13 of the DGPR in the following ways: Provision is necessary and mandatory for the aforementioned purposes and refusal will make it impossible to proceed with your admission as a Member of our APS.
6) Data communication The data you provide will be processed by the APS and communicated exclusively for the purposes indicated by the processing and for the resulting institutional purposes necessary for the performance of the institutional and statutory activities of the APS and the Associative Networks connected to it. These will act in full autonomy as Data Processors for their respective obligations. Furthermore, the data themselves, upon request, will be communicated to Public Administrations for legal purposes.
7) Place and method of storage Personal data will be stored, by the Data Controller, on paper and/or IT servers, usually located within the European Community. Upon request of the data subject, with reference to the same date of the request, the storage addresses will be communicated.
8) Data retention period Your data will be kept for as long as necessary as required by current legislation and civil and tax provisions. They will be archived in protected files for the period provided for by law, and at the end, destroyed, upon your formal request, in the manner indicated in point 5).
9) Legal basis The provision of data is mandatory for achieving the institutional purposes of the APS and is therefore essential for the acceptance of your application for membership and for active participation in the institutional and statutory activities of the APS and the Associative Networks, as indicated in point 6). Based on art. 36 of the Civil Code, the tax regulations relating to non-profit entities, in particular art. 148 of the T.U.I.R., art. 4 of D.P.R. 633/72, and art. 90 of Law 289/2002. Any refusal to provide them will make it impossible to accept your application for registration and membership, as it would not be possible to establish the associative relationship provided for by the Statute, which is the basis for being able to benefit from the tax advantages due to the APS and also to participate in the activities organized by the APS and the entities mentioned in point 6).
10) Rights of the data subject At any time you may exercise your rights with a specific request, to be sent to the APS, through the Data Controller, by registered mail or PEC. You may know what personal data the APS holds about you, request its modification, correction, or destruction, and you may also complete, update, or request a copy of it. Any requests for copies on paper not collected at the APS headquarters will be subject to shipping costs. You may also, in the same ways, revoke your consent, object to the processing of all or part of the data, or request that it be sent to third parties indicated by you. You may lodge complaints with the Data Protection Authority if you believe your rights have been violated.
11) Control methods Functional security checks will be carried out in the IT and web environment through: Control and traceability of access using IDs and Passwords of different levels; Coding of Processing with identification and partitioning of processes; Malware protection system; Minimization of processed data. Periodic physical security checks will be arranged through: Storage of paper media in protected places accessible only to authorized personnel; Storage of physical server media in a protected place and Data Backup; Stipulation of accurate contracts regarding the processing of personal data. Specific training will be provided for personnel who have access to personal data; there is no automated decision-making process, nor any profiling activity as per art. 22, paragraphs 1 and 4 of the GDPR.
© artlab 2023