INFORMATION ON THE PROCESSING OF PERSONAL AND SENSITIVE CUSTOMER DATA
In application of Art. 13 et seq. of EU Regulation 2016/679 and the Federal Data Protection Act (DPA) of 19 June 1992 in relation to your personal data that Arouna Arnachellum will come into possession of, we inform you of the following:
- Data Controller and Data Processor
The data controller is Arouna Arnachellum,
- Purposes of processing
Your personal data may be processed, without your consent, in cases where this is necessary to comply with obligations arising from legal provisions on civil, fiscal and anti-money laundering matters, as well as from any other Community legislation, standard, code or procedure approved by the Authorities and other competent national institutions.
In addition, your personal data may be processed in order to comply with the requests of the competent administrative or judicial authorities and, more generally, of public entities in accordance with the formalities provided for by law. Your personal data will also be processed for purposes relating to and/or connected with the activities carried out by the Data Controller, such as specifically for subjects who contact us through the website or by email, for the providing of services and for the sale of goods or products requested by entering data on the site or by sending emails, as well as for the conservation of data for the purposes of operational and administrative management of contacts.
We remind you that during the negotiation phase it is not mandatory to acquire consent if the processing is necessary to fulfill – before the conclusion of the contract – their specific requests;for the execution of the contractual rapport and related and/or accessory services. In such cases, we inform you that under the applicable data protection legislation, the acquisition of your consent is not required if the processing is necessary to perform the obligations arising from a contract;
The data may be used for:
– The sale of goods requested as well as for the activity of organizing, setting up, carrying out and managing, directly and indirectly, events, congressional services, shows and any other kind (cultural, sporting, artistic, tourist, etc.) or similar, and all possibly connected, collateral and/or related activities such as, purely by way of example, the management of hostess and steward services, secretarial services, logistics, warehousing, settings, etc.
– the study and management of advertising campaigns of any type and to be carried out by any type of means;
– the promotion, planning, organization and delivery of training activities through, events, congresses and training courses in general.
– for the management of payments (with related processing – in accordance with the law – of payment data, including credit card or prepaid card identification details) of the services requested and any accessory economic charges, in accordance with the terms of the contract; or fulfilment of legal, accounting, fiscal, administrative and contractual obligations connected with the provision of the services requested
– for the analysis and improvement of the services provided, such as the possible conduct of surveys to obtain suggestions from customers; your personal data, in addition, may be processed for the defence of a right in a court of law or whenever it is necessary in order to ascertain, exercise or defend a right of the Controller; for customer satisfaction surveys on the quality of the services provided;
– for the implementation of extraordinary operations by the Company in favour of the other parties contractually involved. We would like to inform those who contact us via the website or via email that browsing and consulting the website does not require, nor does it allow, any profiling activities. In any case, all data acquired during navigation are processed anonymously and may be used without the express permission of the User only for the purpose of accessing the sites www.thopensquare.org and presentation of the Company’s services.
In particular, with regard to navigation data, please note that computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by its very character could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or the domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check that it is functioning correctly. Furthermore, the data could be used to ascertain responsibility in the event of hypothetical computer crimes to the detriment of the site. With regard to the data provided voluntarily by persons contacting us via the site or via email, please note that the site www.theopensquare.org is provided with a contact form requesting the minimum information to be able to contact the requesting user and only the optional, explicit and voluntary sending of the form involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message, in order to be able to analyse the request and respond accordingly.
In any case, specific summary information will be progressively reported or displayed on the pages of the site set up for particular services, where necessary. The Company may use the name of your company and, subject to your specific consent, your brand name for the purposes of information, promotion and communication of the event organised and the activities of The Open Square, on its websites, social networks and on any brochures, press releases, gadgets, media and communication supports of The Open Square. The Company, subject to your specific consent, may disclose to third parties personal data acquired for the possible sending of advertising material, commercial information, sale of products or services by foreign companies or commercial partners.
It is specified that your personal data may also be processed, subject to the issue of your optional and express separate consent, for the following additional purposes functional to the Controller’s business: market research, economic and statistical analysis; marketing of the Controller’s services, sending of advertising/information/promotional material and participation in initiatives and offers aimed at rewarding the Controller’s customers also carried out by the Controller’s partners.
- Transfer of data abroad
Personal data may be freely transferred outside the national territory to countries within the European Union. With reference to transfers outside the territory of the European Union to countries not considered adequate by the European Commission, the Data Controller adopts suitable and appropriate security measures to protect the personal data received. Consequently, any transfer of data to countries outside the European Union will take place, in any case, in compliance with the appropriate and suitable guarantees for the purposes of the transfer itself, such as the standard contractual data protection clauses, pursuant to the applicable legislation and in particular Articles 45 and 46 of the Privacy Regulation.
- Processing and storage methods
Processing will be carried out in automated and/or manual form, in compliance with the provisions of Article 32 of GDPR 2016/679 and the Federal Data Protection Act (LPD) regarding security measures, by specially appointed individuals and/or external consultants, in accordance with the provisions of Article 29 GDPR 2016/679 and the Federal Data Protection Act (LPD). Please note that, in accordance with the principles of lawfulness, purpose limitation and data minimization, pursuant to Article 5 GDPR 2016/679, your personal data will be kept for the period of time necessary to achieve the purposes for which they are collected and processed, as well as to comply with legal obligations and requirements.
- Communication of data
Personal data may come to the attention of the persons in charge of processing and may be communicated for the purposes set forth in point 2 to third party suppliers of consulting and assistance, to banks, to companies in the Controller’s group, to the commercial network, and, more generally, to all those public and private entities to whom communication is necessary for the proper fulfilment of the purposes indicated in point 2 or for legal obligations.
- Dissemination of data
Non-sensitive data (such as logo and name) may be subject to dissemination on the website www.theopensquare.org in the section relating to the Company’s customers.
- Cloud and telematic systems
Sensitive data may also be stored and/or used and/or sent/exchanged using online systems and related programs (e.g. Dropbox, Outlook or other cloud and mailing programs), exclusively for the purposes specified in this policy.
RIGHTS OF THE INTERESTED PARTY
9. Right of access
The data subject has the right to ask the data controller for access to his/her personal data. In response to such a request, the data controller shall provide a copy of the personal data being processed. In case of further copies requested by the data subject, the controller may charge a fee based on administrative costs. If the data subject submits the request by electronic means, and unless otherwise specified by the data subject, the information shall be provided in a commonly used electronic format.
10. Right of rectification.
The data subject shall have the right to obtain from the controller the rectification of inaccurate personal data relating to him/her without undue delay. Having regard to the purposes of the processing, the data subject shall have the right to obtain the integration of incomplete personal data, including by providing a supplementary declaration.
11. Right to erasure (“right to be forgotten”).
With the exception of the cases provided for in Article 17(3) of EU Regulation 2016/679, the data subject has the right to obtain from the data controller the erasure of personal data concerning him or her without undue delay, and the data controller has the obligation to erase the personal data without undue delay if one of the cases provided for in Article 17(1) of EU Regulation 2016/679 and pursuant to Article 5 of the Federal Data Protection Act (DPA) exists.
12. Right to restriction of processing.
The data subject shall have the right to obtain from the data controller the restriction of processing by recurring to one of the cases referred to in Article 18 of EU Regulation 2016/679.
13. Right to object to processing.
The data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her pursuant to Article 6(1)(e) or (f) of EU Regulation 2016/679.
The controller shall refrain from further processing the personal data unless he or she demonstrates the existence of compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
14. Right to data portability.
The data subject has the right to receive in a structured, commonly used and machine-readable format personal data concerning him or her that have been provided to a data controller and has the right to transmit such data to another data controller without hindrance by the data controller to whom he or she has provided them in the sole cases provided for by law and without prejudice to the rights and freedoms of others.
15. Withdrawal of consent.
Where the processing is based on Article 6(1)(a) or Article 9(2)(a) of EU Regulation 2016/679, the data subject shall have the right to withdraw the consent given at any time without affecting the lawfulness of the processing based on the consent given before the withdrawal.
16. Right to complain.
The data subject has the right to lodge a complaint with the Supervisory Authority. Refusal to provide data. Any refusal on the part of the data subject to provide personal data shall make it impossible to perform the activities covered by the consulting contract entrusted to the Data Controller.You may exercise your rights by sending a written request by registered mail with return receipt to the company’s registered office.
In light of the information read, by consenting to the processing of data through the site www.arounadevi, I authorise and give my consent
– to the processing of data as described above.
– to the processing of data for marketing purposes.
– to the communication of data to third parties for marketing purposes.