According to the European data protection law (Art. 13, European Regulation 2016/679) the User acknowledges that S.O.G.E.O. srl Impresa Sociale shall undertake to treat the User’s personal data according to the principles of lawfulness, fairness and transparency and protection of confidentiality. Therefore, the User is informed that:
A. DATA CATEGORIES:
The data undergoing the processing may be your personal data such as identification data, personal data and contact data.
B. DATA CONTROLLER:
The Data Controller is S.O.G.E.O. srl Impresa Sociale located in L.go Visconti 4 – 22012 Cernobbio, Como – P.I. 03200630139, contactable by phone at no. 031 3347503 or by email at firstname.lastname@example.org.
C. SOURCE OF PERSONAL DATA:
The personal data held by the Data Controller are collected directly from the data subject.
D. DATA PROCESSING PURPOSES AND LEGAL BASIS:
The processing of your personal data, collected and stored upon completion of this form, has as its legal basis your consent and is performed for the following purposes:
– to activate the required services (registration to workshops, activities, laboratory, press accreditation)
– to subscribe to the newsletter (if expressly specified)
E. RECIPIENTS OF DATA:
Within the scope of the indicated processing purposes, your data may be disclosed to partners, consulting firms, and private companies appointed by the Data Controller. Your data shall not be disseminated in any way.
F. TRANSFER OF DATA ABROAD:
The data collected could be transferred to non-European third countries, by virtue of an adequacy decision of the Commission or providing for appropriate safeguards, to fulfil the purposes indicated above.
G. DATA STORAGE PERIOD:
The collected data will be kept for no longer than it is necessary for the purposes for which they are processed (“data storage limitation principle”, art.5, GDPR) or according to the deadlines laid down by law. The verification of the obsolescence of the data stored in relation to the purposes for which they were collected is carried out periodically.
H. SUBJECT’S RIGHTS:
The data subject has always the right to request from the Controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing, as well as the right to data portability, the right to withdraw consent claiming these and other rights provided by the GDPR through a simple communication to the Controller. The data subject shall have the right to lodge a complaint with a supervisory authority.
I. MANDATORY OR NON MANDATORY CONSENT:
We inform you that the provision of data is optional for some fields and mandatory for others (indicated by an asterisk); failure to provide the data required will cause the non-performance of the requested service.
J. METHODS OF DATA PROCESSING:
The personal data you provided will form the subject of processing operations in compliance with the aforementioned regulations and the confidentiality obligations central to the Controller’s activity. The data will be processed both with IT tools and on paper and any other type of appropriate support, in compliance with the appropriate security measures under the GDPR.