INFORMATION ON THE PROCESSING OF PERSONAL DATA

FOR MEMBERS, VOLUNTEERS, SUPPORTERS AND SITE VISITORS

In relation to the provisions of EU Reg. 2016/679 (European Regulation for the protection of personal data) and pursuant to art. 13 of Legislative Decree no. 196 of 30.6.2003 (Privacy Code), we hereby communicate the necessary information regarding the processing of personal data provided by the interested party.

1. DATA CONTROLLER

The Data Controller is the Francesco Tonucci International Association, with registered office in Viale Aurelio Saffi 54, 00152, Rome, Italy

2. DATA SUBJECT TO PROCESSING

The Data Controller processes personal identification data (e.g., name, surname, company name, address, telephone, e-mail, bank and payment details), communicated by the data subject when joining the association as a member, as a volunteer or as a supporter.

3. PURPOSE AND LAWFULNESS OF THE PROCESSING

The personal data provided will be processed in compliance with the conditions of lawfulness pursuant to Article 6 letter b of EU Reg. 2016/679, i.e. for membership and participation in the association and the performance of the proposed activities, and in particular:

• registration in the register of members, volunteers or supporters;
• participation in the activities of the association;
• information on activities and other initiatives proposed;
• to fulfil contractual, legal and administrative-accounting obligations.
• to comply with the obligations provided for by law, by a regulation, by EU legislation or by an order of the Authority (such as, for example, in the field of anti-money laundering);
• exercise the rights of the Data Controller, for example the right of defence in court;

4. RECIPIENTS OR CATEGORIES OF RECIPIENTS OF DATA

The personal data provided may be communicated to recipients, appointed pursuant to Article 28 of EU Reg. 2016/679, who will process the data as data processors and/or as natural persons acting under the authority of the Data Controller and Data Processor, in order to comply with contracts or related purposes. Precisely, the data may be communicated to recipients belonging to the following categories:

• subjects who provide services for the management of the Data Controller’s IT system and communication networks;
• firms or companies in the context of assistance and consultancy relationships;
• competent authorities for the fulfilment of legal obligations and/or provisions of public bodies, upon request;
• Banking institutions for the management of collections and payments
• Tax administrations or public institutions for legal compliance
• Competent authorities for compliance with legal obligations

The subjects belonging to the aforementioned categories perform the function of Data Processor, or operate in total autonomy as separate Data Controllers.

5. DATA TRANSFER TO A THIRD COUNTRY AND/OR AN INTERNATIONAL ORGANISATION

The personal data provided by the data subject will not be transferred abroad, within or outside the European Union.

6. PROCESSING METHODS

The processing of the personal data of the data subject is carried out by means of the operations indicated in art. 4 no. 2) GDPR of EU Reg. 2016/679 and precisely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data are subject to both paper and electronic and/or automated processing.

7. DATA RETENTION PERIOD

The processing will be carried out in automated and/or manual form, with methods and tools aimed at ensuring maximum security and confidentiality, by persons specifically appointed for this purpose.

In compliance with the provisions of art. 5, paragraph 1, letter e) of EU Reg. 2016/679, the personal data collected will be stored in a form that allows the identification of the data subjects for a period of time not exceeding the achievement of the purposes for which the personal data are processed.

8. NATURE OF THE PROVISION AND REFUSAL

The provision of personal data for the purposes referred to in point 3 of this information document is necessary to follow up on membership of the association. Failure to provide personal data may make it impossible to obtain such accession.

9. RIGHTS OF DATA SUBJECTS

The interested party may assert his/her rights as expressed in articles 15, 16, 17, 18, 19, 20, 21, 22 of EU Regulation 2016/679, by contacting the Data Controller, via the e-mail address apsfrancescotonucci@pec.it

The data subject has the right, at any time, to:

• obtain confirmation of the existence or otherwise of personal data concerning him/her, even if not yet recorded, and their communication in intelligible form;
• Get the indication:
  1. the origin of the personal data;
  2. the purposes and methods of processing;
  3. the logic applied in the case of processing carried out with the aid of electronic tools;
  4. the identification details of the Data Controller, the Data Processors and the Designated Representative pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR;
  5. of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representatives in the territory of the State, data processors or persons in charge of the processing;
• get:
  1. updating, rectification or, when interested, integration of data;
  2. the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
  3. certification that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfilment proves impossible or involves the use of means manifestly disproportionate to the protected right;
• oppose, in whole or in part:
  1. for legitimate reasons to the processing of personal data concerning him/her, even if pertinent to the purpose of the collection;
  2. to the processing of personal data concerning him/her for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by e-mail and/or through traditional marketing methods by telephone and/or paper mail.

Where applicable, the data subject also has the rights referred to in art. 16-21 GDPR (Right to rectification, right to be forgotten, right to restriction of processing, right to data portability, right to object),

Without prejudice to any other administrative and judicial remedy, if the data subject considers that the processing of data concerning him or her violates the provisions of EU Reg. 2016/679, pursuant to art. 15 letter f) of the aforementioned EU Reg. 2016/679, has the right to lodge a complaint with the Guarantor for the protection of personal data and, with reference to art. 6 (1) (a) and Art. 9 (2) (a), you have the right to revoke your consent at any time.

In the event of a request for data portability by the data subject, the Data Controller will provide the personal data concerning him/her in a commonly used and readable format, without prejudice to paragraphs 3 and 4 of art. 20 of EU Reg. 2016/679.

9. RIGHTS EXERCISE

To exercise your rights, you can contact the Data Controller at the following addresses:

• Address: Viale Aurelio Saffi 54, 00152, Rome
• E-mail: apsfrancescotonucci@pec.it 

10. PROVISION OF DATA

The provision of personal data for the services requested is mandatory and failure to provide it could make it impossible to participate in the activities of the association 

11. AUTOMATED DECISION-MAKING

The Association does not use automated decision-making, including profiling.

 

Rome, 01/07/2025

Francesco Tonucci International Association

The data controller