PRIVACY POLICY
www.adventum.org
Information on the protection of personal data Pursuant to Articles 13 and 14 of Regulation (EU) 2016/679)
Adventum Onlus Foundation with registered office in Via G. Savonarola 39 00195 Rome – E-mail: privacy@avventisti.it, (hereinafter, “Adventum” or the ” DataController“), in its capacity as Data Controller, provides below information common to the processing of personal data carried out in the context of its institutional website accessible electronically from the address:
www.adventum.org
(hereinafter, the “Site“).
In this regard, it should be noted that the information is provided only for the Site and not also for other websites that may be consulted through hypertext links or widgets (e.g. social networks) posted on the Site, but referring to resources outside the Owner’s domain or the processing that may result from the voluntary posting.
- Categories of data subjects and personal data processed
The Owner processes the personal data of individuals (identified or identifiable) who visit and consult the Site or who within the Site voluntarily perform actions of interaction with the Owner (hereinafter, the “Users“).
The personal data processed are:
- Browsing data: the computer systems and software procedures responsible for the operation of the Site acquire, in the course of their normal activity, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes: the IP addresses or domain names of computers and terminals used by users, the addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the users’ operating system and computing environment;
- Data reported: the optional, explicit, and voluntary sending of messages by filling out and forwarding the form present on the Site and/or to the contact addresses of the Owner or to the institutional profiles/pages on social media (where this possibility is provided) entails the acquisition of the User’s contact data necessary to respond, as well as any additional and possible personal data included in the form of registration or in communications. Specific disclosures will be posted on pages of the Site showing the form or prepared for the provision of certain services.
- Cookies and other tracking systems: for more information on the types of cookies used, their management of use and purposes, see the cookie policy on the site (hereafter, all, “Personal Data“).
- Purpose of Processing and Legal Basis:
The Owner processes Personal Data collected in the context of the Site for the purposes and under the legal bases indicated in the following table:
|
What are the PURPOSES of the treatment? |
What are the LEGAL BASIS of the treatment?
|
a. |
Fulfillment of a legal obligation related to civil, fiscal and administrative provisions, Community legislation, standards, codes or procedures approved by Authorities and other competent Institutions, as well as to comply with requests from the competent administrative or judicial authority and, more generally, public subjects in compliance with legal formalities. |
Fulfillment of a legal obligation to which the Owner is subject. |
b. |
To assert and defend its rights, including through extrajudicial initiatives and also through third parties, as well as to prevent and detect fraudulent activities or misuse of the Site (for potentially criminal purposes, such as for identity theft, computer crimes, etc.). |
Pursuit of the legitimate interest of the Owner. |
c. |
To enable Users to access and navigate the Site optimally and to handle requests received through the Site. |
Execution of pre-contractual measures taken at the request of the User.
|
d. |
Limited to Users’ browsing data sub para 1(a), for purposes of securing the Owner’s systems and to obtain statistical information about the use of the Site (such as the Site pages most frequently visited, average time spent on each page), as well as to monitor and administer the operation of the Site and improve the services provided. |
Pursuit of the legitimate interest of the Owner. |
e. |
To manage the contact section of the site and then to respond to any user requests received by filling out the appropriate form or by sending communications to the Holder’s email address |
Execution of pre-contractual measures taken at the request of the User. |
f. |
To inform you about all activities of an educational, cultural, religious, informational nature by electronic mail (e-mail) and/or any additional contact information you provide. |
Specific consent of the User (given when voluntarily filling out the appropriate form/box to request the e-mail address), which can be revoked at any time according to what is stated in par. 8 of this policy. |
g. |
For communication of your personal data to third parties such as Associations, Onlus, Ecclesiastical Bodies, Foundations related to theItalian Union of Seventh-day Adventist Christian Churches that organize participatory, community, volunteer activities. |
Specific consent of the User, which can be revoked at any time according to Section 8 of this policy. |
- Mandatory release of requested data and consequences of non-release
Except as specified for browsing data (and, in the appropriate policy, for the management of cookies), users are free to provide their personal data (via form – on the pages that allow it – or by other means to the contacts of the Holder) to send requests for information or to receive communications about all activities of an informative, cultural, religious nature
It is understood that failure to provide them, even in part, may prevent the Controller from carrying out the User’s requests and communication activities, as well as from fulfilling any related obligations.
- Method of treatment
Personal Data will be processed by means of both manual and computerized automated tools exclusively by authorized and specially trained individuals.
- Recipients/categories of recipients of personal data
For the purposes stated in this policy, Users’ Personal Data may be disclosed:
- to the authorized data processors of the Owner (employees or collaborators);
- to third party service providers to the Data Controller (including IT service providers, hosting providers, web editors, as well as companies or individuals performing legal, insurance services) who will act as data processors, where appropriate;
- to companies and third-party professionals appointed to enforce rights, interests, claims of the owner arising from the relationship with Users;
- to State Administrations, judicial or administrative authorities, public and private entities, including as a result of inspections and audits;
- to individuals who can access the data by virtue of legal provisions or secondary or EU regulations.
- to third parties such as Associations, Non-profit organizations, Ecclesiastical Bodies, Foundations related to the Italian Union of Seventh-day Adventist Christian Churches
Only the category of recipients is indicated, as it is subject to continuous updates. To find out the updated list of recipients, Users may contact the Controller directly by writing to the contact details given in Section 9 of this policy.
- Personal data retention periods
Personal Data will be kept by the Owner for the time strictly necessary for the purpose for which it was collected; specifically, the Owner will keep:
- Users’ browsing data (indicated in par. 1, lett. a) for the duration of the browsing session and in any case not more than seven days, except in the case of malfunctions in the systems, in which case they will be kept until the issue is resolved;
- Data disclosed by Users (mentioned in par. 1(b)):
- regarding personal data communicated by filling out the forms on the website, for the time necessary to process the relevant request;
- with regard to personal data for the purpose stated in par.2 lett. f), until the User withdraws consent, if any;
- with regard to personal data for the purpose stated in Sec. 2(g), for a maximum period of 24 months or until the User withdraws consent, if any;
- Personal Data whose processing is necessary in connection with legal obligations for the duration of the law;
and in any event, for the purposes set forth in Paragraph 2(b), for a maximum period equal to the limitation period of the relevant actions increased by a prudential period of six months, in order to ensure the Holder’s right of defense with respect to possible future litigation in judicial or administrative proceedings.
In all cases, after the respective terms have expired, all Personal Data will be deleted or anonymized. It is understood that the terms indicated may be extended in cases where storage for a further period is required in connection with any litigation, requests by the competent authorities or pursuant to applicable regulations.
- Transfer Of personal data to a third country or international organization
As part of the above purposes, it is possible that your data may be transferred to countries within the EU.
- Rights
Users, if the circumstances apply, may exercise the following rights against the Controller:
- Right of Access: allows Users to obtain confirmation from the Data Controller that Personal Data concerning them is or is not being processed and, if so, to obtain access to their Personal Data;
- Right of Rectification: allows Users to obtain rectification/integration of inaccurate/incomplete Personal Data;
- Right to erasure: allows Users to obtain, in the cases provided for in the legislation, the erasure of their personal data;
- Right to limitation of processing: allows Users to obtain, in the cases provided for in Art. 18(1) of the GDPR, the restriction (i.e., marking personal data stored with the aim of limiting its processing in the future) of the processing of one’s personal data;
- Right to data portability: allows Users – in cases where the processing is carried out by automated means on the legal basis of contract or consent – to receive in a structured, commonly used and machine-readable format, limited to the data provided to the Controller, personal data concerning them and similarly the right to transmit such data to another data controller.
In addition, Users are entitled to:
- to object to the processing of their Personal Data for the purposes indicated in paragraph 2;
- To revoke, at any time, consent for the purposes reported in par.2 lett. f);
- as well as, if they believe that the processing of Personal Data relating to them carried out through this Site is in violation of the provisions of the GDPR, to lodge complaints under Art. 77 of the GDPR, to the National Supervisory Authority of the European Union member state where the Data Subject has his or her habitual residence or place of work or where the alleged violation of his or her right occurred (in case that state is Italy, the person to whom he or she may turn is the Italian Data Protection Authority) or to take appropriate legal action (Article 79 of the GDPR).
- Contact
To exercise all rights, the data subject may submit an appropriate application by contacting the Controller in the following ways:
- by mail c/o the registered office of the Adventum Onlus Foundation Via G. Savonarola 39 00195 Rome;
- By sending an e-mail to the ordinary e-mail mailboxprivacy@avventisti.it
- Changes
This privacy policy was updated on 07/21/2022
The Owner reserves the right to partially or fully amend this policy or update its content, e.g., due to changes in applicable law. Therefore, the User is invited to regularly consult the policy to know its latest updated version so that he/she is always informed about the way Personal Data is collected and used.
_____________
Version July 21, 2022