WHY THIS INFORMATION

Pursuant to Regulation (EU) 2016/679 (hereinafter “GDPR”), this page describes how we process personal data. This information is provided pursuant to Article 13 GDPR. The information does not apply to other third-party websites that may be consulted via links on this website, for which no liability is accepted.

Personal data that can be processed

Personal data: any information concerning an identified or identifiable natural person («concerned»); an identifiable person is a natural person who can be identified, directly or indirectly, by reference in particular to an identifier such as a name, an identification number, location data, an online identifier or to one or more features of his physical, physiological, genetic, mental, economic, cultural or social identity (C26, C27, C30 GDPR).

Contractor/user data.

Navigation data

The computer systems and software procedures used to operate this site acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.

This category of data includes the IP addresses or domain names of the computers and terminals used by the users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment.

Data communicated voluntarily

The optional, explicit and voluntary sending of messages to the contact addresses indicated on this site and/or the filling in of data collection forms entails the subsequent acquisition of the sender's address, which is necessary to reply to requests, as well as any other personal data entered.

Information on the processing of personal data carried out through social media platforms

Regarding the processing of personal data carried out by the managers of the Social Media platforms used by the Controller, please refer to the information provided by them through their respective privacy policies. The Owner processes the personal data provided by users through the pages of the dedicated Social Media platforms, in order to manage interactions with users (comments, public posts, etc.) and in compliance with the regulations in force.

Specific information

Specific information may be present on the pages of the Site in relation to particular services or processing of the data provided.

Cookies and other tracking systems. What are they? What are they used for?

For cookies and other tracking systems, see the cookies policy in the footer of the site and at link.

1. WHO IS THE DATA CONTROLLER? HOW TO CONTACT HIM?

The data controller is AECIS - European Association for Culture Innovation Sustainability, with registered office in Piazza Marconi, 3 - 26100 Cremona, in the person of the pro-tempore President, who may be contacted for any information via:
mobile phone +39 327 0741668
e-mail: aecis.segreteria@gmail.com
PEC: aecis@legalmail.it

3. PURPOSE OF PROCESSING, LEGAL BASIS, DATA RETENTION PERIOD AND NATURE OF PROVISION OF DATA

Browsing and cookies

Purpose of processing	Legal basis	Storage period	Nature of conferment
Web Site Navigation Obtain usage statistics (pages visited, time slots, geographical areas) and check the proper functioning of the services.	Art. 6 par. 1 lett. f - GDPR Legitimate interest of the holder, within the limits of the fundamental rights of the data subject (C47).	Duration of browsing session	Necessary for site navigation.
Use of cookies and similar technologies See the cookie policy in the footer of the site.	Art. 6 par. 1 lett. a - GDPR Consent of the person concerned (C42, C43), given via banner and cookie policy.	See the cookie policy in the footer.	See the cookie policy in the footer.

Further processing purposes

Purpose of processing	Legal basis	Storage period	Nature of conferment
A) Contacts Handling of contact and information requests.	Art. 6 par. 1 lett. b - GDPR Performance of a contract or pre-contractual measures at the request of the data subject (C44).	Maximum 12 months	Necessary. Failure to provide this information prevents you from receiving a response to your request.
B) Direct Marketing Sending of promotional material, newsletters and commercial communications by e-mail. Use of reporting systems to analyse openings, clicks and devices used.	Art. 6 par. 1 lett. a - GDPR Consent of the person concerned (C42, C43).	Until consent is revoked (opt-out)	Optional. Failure to provide this information prevents you from receiving marketing communications.
C) Management of the rights of the data subject Handling of requests pursuant to Articles 15 et seq. of the GDPR.	Art. 6 par. 1 lett. c - GDPR Legal obligation of the data controller (C45).	5 years from the closing of the application, subject to litigation	Mandatory to fulfil legal obligations.

4. TO WHOM WILL PERSONAL DATA BE DISCLOSED? RECIPIENTS OF DATA

Personal data will be communicated, also on the basis of the purposes envisaged in specific areas, to subjects who will process the data as autonomous Data Controllers, or Data Processors (art. 28 GDPR) and processed by natural persons (art. 29 GDPR) acting under the authority of the Data Controller and Data Processors on the basis of specific instructions given regarding the purposes and methods of processing, for specific purposes on the basis of the area of reference. The data will be communicated to recipients belonging to the following categories:

• Parties providing services for the website and communication networks, including e-mail, hosting and website management;
• Subjects based in Italy, with which the Controller has signed agreements and prior consent, where applicable;
• For direct marketing;
• Competent authorities for the fulfilment of legal obligations and/or provisions of public bodies, upon request

The list of Data Processors is available by writing to aecis.segreteria@gmail.com or to the other addresses indicated above.

5. WILL THE DATA BE TRANSFERRED TO NON-SEE COUNTRIES?

Personal data will not be transferred to countries outside the EEA. In case of subscription to the newsletter the data will be transferred to countries outside the European Economic Area in compliance with the applicable regulations, in particular, the transfer will take place in compliance with the appropriate and suitable guarantees for the purposes of the transfer itself, pursuant to Articles 44 et seq. of Regulation (EU) 2016/679. For further information regarding the transfer of personal data, you may contact the Data Controller at the contact details indicated above 

6. IS THERE AN AUTOMATED PROCESS?

Personal data will be subject to traditional manual, electronic and automated processing. Please note that no fully automated decision-making processes are carried out.

7. WHAT ARE YOUR RIGHTS? HOW CAN HE EXERCISE THEM?

You may assert your rights as expressed in Art. 15 et seq. GDPR, by contacting the Data Controller at aecis.segreteria@gmail.com, or to the contacts listed above. You have the right, at any time, to request access to your personal data (Art. 15), rectification (Art. 16), erasure (Art. 17), and restriction of processing (Art. 18). The data controller shall inform (Art. 19) each of the recipients to whom the personal data have been transmitted of any rectification or erasure or restriction of processing carried out. The controller shall inform the data subject of these recipients if the data subject so requests. In the cases provided for, you have the right to the portability of your data (Art. 20), in which case they will be provided to you in a structured, commonly used and machine-readable format. You have the right to object (Art. 21), at any time, to the processing of your data based on legitimate interest, and in cases where the legal basis is consent, you have the right to revoke the consent given without prejudice to the lawfulness of the processing based on the consent before revocation.

If you wish to stop receiving automated direct marketing communications (e-mail), please write an e-mail to aecis.segreteria@gmail.com with the subject line “unsubscribe from automated” or use our automated unsubscribe systems provided for e-mails only (opt-out). 

If the data subject considers that the processing of personal data carried out by the Controller is in breach of the provisions of Regulation (EU) 2016/679, he/she has the right to lodge a complaint with the Supervisory Authority, in particular in the Member State where he/she normally resides or works or in the place where the alleged breach of the Regulation occurred (Garante Privacy https://www.garanteprivacy.it/), or to take appropriate legal action.

8. CHANGES TO THE POLICY

The Controller reserves the right to change, update, add or remove parts of this notice. In order to facilitate the verification and modification of the text, the notice will contain the date of update.

Date of update: 15/03/2023