Privacy Policy
As per section 13 of Italian Law Decree n. 196 dated June 30, 2003 (“Privacy Law”), section 13 of the European Regulation n. 679 dated 2017 (“Data Protection Regulation”), Ruling n. 229 dated 2014 of the Italian Personal Data Protection Authority as well as Recommendation n. 2 dated 2001 adopted as per section 29 of Directive n. 95/46/CE, Associazione Culturale Micene (hence, the “Controller” or “ACM”) intends to inform its Users on the use of their personal data, of the log files and of the so-called cookies gathered by means of navigation of the Site https://moonfarsideprotection.org (hence the “Site of the Symposium”) and the subscription to the related “keep me updated” service (hence, the “Keep me update Service”), which has the purpose of updating the Users on all initiatives held during the 1st Symposium on Moon Farside Protection (hence the “Symposium”).
1. Controller, Processor and Data Protection Officer
The controller of the personal data processing is Associazione Culturale Micene, with legal offices in Corso F.lli Cervi 56, 10095 Grugliasco (TO), Italy, Italian fiscal code 95587360017 and email associazione@associazionemicene.it
The updated list of Data Processors, where nominated, can be provided upon request by the Users.
In case a Data Protection Officer is nominated (as per section 37 of the Data Protection Regulation), his/her identity will be announced by means of publication of an integration to the current information sheet.
2. Information and data collected automatically by the Site of the Symposium
Similarly, to all web-sites, Site of the Symposium uses log files in which information is automatically collected and preserved during the Users’ visits.
The collection information regards the following:
internet protocol address (IP);
type of browser and parameters used to create connection to the Site of the Symposium;
name of the internet service provider (ISP);
date and time of the visit;
web-page of provenance (referral) and destination after exit by the User;
number of clicks, where applicable.
This information is processed automatically and collected exclusively in an aggregated way in order to monitor the correct functioning of the Site of the Symposium.
Cookies
The Site of the Symposium makes use of cookies. Cookies are text-files saved on digital supports which allow to register some parameters and data communicated to the information system, by means of the browser used by the Users. Thus, these tools allow for an analysis of their habits in using a certain internet site.
The Site of the Symposium makes use of so-called “technical”, “analytical” and “profiling” cookies; for a profound analysis of such cookies and of the possibility of blocking their use by denying permission, the Users may consult the following link.
3. Data voluntarily introduced by the Users: ways and purposes of use
For simple navigation of the Site of the Symposium, there is no need to register, but in order to be able to receive the Keep me update Service, we need to gather some information regarding the Users. In any case, ACM commits to using the personal data of Users exclusively in the ways, terms and for the purposes listed as follows. The Controller processes personal data of Users for the following purposes:
executing the Keep me updated Service, updating the Users on all of ACM’s initiatives held during the Symposium;
performing administrative obligations related to the usage of Keep me updated Service (e.g. for information requests, complaints, etc.);
performing legal obligations;
executing technical management of the Site of the Symposium;
sending ACM documentation to update the Users on all other projects, initiatives and future events promoted by ACM, by means of both automated tools (such as newsletters, e-mails, SMS’s, MMS’s, robocalls, etc.) and traditional communication tools (hardcopy mail and/or operator calls).
The Keep me updated Service will be provided by means of automated tools (such as, e-mail, SMS, MMS, robocalls, etc.).
The data provided by Users will be processed predominantly with information systems under the authority of the Controller, by third parties specifically commissioned, authorized and instructed to the processing as per section 30 of the Privacy Law and of sections 28 and 29 of the Data Protection Regulation. Appropriate security measures, also as per sections 5 and 32 of the Privacy Data Protection, will be adopted to prevent loss of data, illicit or inappropriate uses and unauthorized access.
4. Optional or mandatory nature of data transfer, consequences of denial and juridical basis of the processing
In order to provide the Keep me updated Service, as well as for the purposes listed at items (ii), (iii) and (iv) of preceding section 3, transfer of the Users’ personal data is mandatory, as otherwise the Users could not be updated on all initiatives promoted and organized during the Symposium.
On the contrary, the transfer of the Users’ personal data is not mandatory but optional for the purpose listed at item (v) of preceding section 3 and denial of transfer will have the only consequence of not being able to receive the ACM documentation to update the Users on all other projects, initiatives and future events promoted by ACM.
Thus, with reference to the items (i), (ii), (iii) and (iv) of preceding section 3, the juridical basis of the processing is the provision of the Keep me updated Service (as per section 6, paragraph 1, letter b) of the Data Protection Regulation); instead, with reference to the purpose listed at item (v) of preceding paragraph 3, the juridical base for processing is the Users’ consent (as per section 6, paragraph 1, letter a) of the Data Protection Regulation).
5. To whom and in which context the Controller may transmit the Users’ personal data
The Users’ personal data may be communicated within the European Union, in full compliance of the provisions of the Privacy Law and the Data Protection Regulation, to the following entities:
to public authorities, where this is mandated by law or required by the authorities;
to the external structures/companies the Controller uses for the execution of activities related to the provision of the Keep me updated Service;
to external consultants, if not nominated Data Processor;
Above entities, to whom the Users’ data can be communicated (if not nominated Data Processor or co-responsible), will treat the Users’ personal data in their quality of Controllers as per the applicable norms, in full autonomy, not being connected to the original processing executed by ACM.
6. Users’ rights
Individual Users can exercise their rights as per section 7 of the Privacy Law and subsequent modifications and integrations, as well as sections 15, 16, 17, 18, 20 and 21 of the Data Protection Regulation at any time, by sending a written note to the Controller’s addresses as listed in preceding section 1 and thus obtain:
confirmation or denial of the existence of personal data of the User with indication of the related origin;
access, rectification, cancellation of the personal data or their limitation of processing;
cancellation, anonymization or blocking of personal data processed in violation of the law.
Individual Users may moreover oppose to the processing of the data that relate to them, as well as revoke at any time their consent to personal data processing (without prejudice to the legitimacy of the processing based on the consent conceded previously to revocation).
As any consent conceded by Users to be contacted by means of automated tools for the purpose listed at item (v) of preceding section 3 extends to traditional tools as well, the Users may contact AIM at any time at the addresses indicated above, to exercise their right of (partial) opposition with reference to one or another of the above-mentioned modalities.
7. Duration of the processing
Except for legal obligations and for the hypothesis in which Users conceded their specific consent for the receiving, from ACM, of updates on all other projects, initiatives and future events promoted by the latter, the Users’ personal data will be conserved for the mere duration of the Symposium. In any case, the processing will not have a duration exceeding 5 years from the date of registration to the Keep me updated Service, as long as Users have not requested cancellation before. Notwithstanding the above, ACM may conserve some personal data of Users also after the request for termination of processing, exclusively for the scope of defending or safeguarding its rights, or in those cased as defined by law or by order of a judicial or government authority.
8. Security measures
By means of the Site of the Symposium, the Users’ personal data are processed in respect of applicable law and adopting appropriate security measures, in compliance with the regulations in force, also as per sections 5 and 32 of the Data Protection Regulation.
In this regard, we confirm, among other things, the adoption of appropriate security measures with the scope of inhibiting unauthorized access, theft, publication, modification of unauthorized destruction of the Users’ data.
9. Modifications to the Privacy Information Sheet
The current Information Sheet is subject to modifications by the Controller; ACM will communicate the modifications to the Users by mail, with a prenotice period of at least 15 days with respect to the date in which the new Information Sheet will apply.
DATA PROTECTION INFORMATION SHEET FOR PARTICIPANTS TO EVENTS
Associazione Culturale Micene (hence, the “Controller” or “ACM”), in its quality of Data Processing Controller, as per section 13 of the EU Regulation n. 679/2016 (hence, the “Data Protection Regulation”), and subsequent modifications and integrations, collects and subsequently processes personal data[1] of the participants (hence, the ’“Data Subject”) to the Symposium (hence, the ’“Symposium”), also held remotely.
The contact details of the Data Protection Officer (as per section 37 of the Data Protection Regulation) designated by ACM are the following: Luca Derosa; c/o Associazione Culturale Micene, Corso F.lli Cervi 56, 10095 Grugliasco (TO), Italy; e-mail: associazione@associazionemicene.it
1. Scopes and ways of processing.
The personal data of Data Subjects are processed in the context of ACM’s activity, for the following scopes:
subscription and participation to the Symposium;
distribution free of charge of documentation relating to the Symposium;
use of the imagine and/or voice of the Data Subject as recorded during the Symposium, or sent/uploaded by the Data Subject itself, in videos, audio recordings and/or photographs of the Symposium published on the web-site and social networks of the Symposium
receipt of documentation from ACM in order to be updated on all its projects, initiatives and events, both my means of automated tools (such as newsletters, e-mails, SMS, MMS, robocalls, ecc.) and by means of traditional tools (hardcopy mail and/or operator calls) in the same area of interest.
The processing of the personal data is executed, under authority of the Controller, by entities specifically Designated, authorized and instructed for the processing as per section 2-quaterdecies of Italian Law Decree n. 196 dated June 30, 2003, as amended by Italian Law Decree n. 101 dated August 10, 2018 (hence, the “Privacy Law”) and as per sections 29 of the Data Protection Regulation, by means of manual, automated or telecom tools, with logics strictly connected to the scopes and in any case in such a way as to guarantee confidentiality and security of the personal data.
2. Juridical basis for processing, nature of transfer and consequences of denial, consent by Data Subject.
With reference to the scopes listed at preceding section 1, items 1., 2., 3., 4.,5. and 6, transfer of the personal data is mandatory and represents a necessary condition to the subscription and subsequent participation to the Symposium and receipt of documentation from ACM about future projects, initiatives and events in the same area of interest; indeed, failure to transfer will determine impossibility of subscribing the Data Subject to the Symposium and of involving him/her in any initiative of the Symposium or other ACM’s future projects, initiatives and events of the same area of interest; thus, the juridical base of the related processing is the full participation to the Symposium and the next update on ACM’s future projects, initiatives and events of the same area of interest, as per section 6, paragraph 1, letter b) of the Data Protection Regulation.
3. Entities and categories of entities to which the personal data may be communicated and context of communication.
With regards to the scopes of the processing as indicated above, and within the strict boundaries of pertinence to these scopes, the personal data of the Data Subject will be communicated in Italy, in the European Union or beyond the European Union, to the following entities, for the scope of subscription and subsequent participation to the Symposium:
(i) to fiscal Authorities and other public Authorities, where mandatory by law or upon their request;
(ii) to external consultants (e.g. for management of fiscal duties) if not designated Processors in writing;
Above entities, to whom the personal data of the Data Subject will be or may be communicated (insofar as not being designated Processors), will treat the personal data as Controllers according to the Data Protection Regulation, in full autonomy, being completely separated from the original processing executed by ACM.
Without the consent to communication of the personal data and to related processing, in those cases where it is foreseen as by Data Protection Regulation, the operations which require the communication might not be executed, with consequences known to the Data Subject.
A detailed and constantly updated list of these entities, including their respective offices, is always available at ACM’s legal offices.
As mentioned before, the image or the voice of the Data Subject recorded over the course of the Symposium, or sent/uploaded by the Data Subject itself, may be used in videos, audio recordings and/or photographs of the Symposium, published on the web-site and the social media of the Symposium itself.
Whenever necessary for the execution of the contract, the personal data of the Data Subject may be transferred to countries within the European Union and/or to countries outside the European Union, in full compliance with the norms of the Data Protection Regulation, the rulings and decisions of the related data protection authority as well as the EU regulations.
In particular, where necessary, ACM commits to complying with the norms defined by, respectively, decisions 2001/497/CE, 2004/915/CE and 2010/87/EU (according to the specific case), which oblige to the signing of so-called “typical contractual clauses” between the juridical entities involved in data processing outside of the European Union.
4. Rights of the Data Subject.
Sections 15 and following of the Data Protection Regulation grant the Data Subject the right to obtain:
confirmation or denial of existence of personal data related to the Data Subject, even if not yet registered and their communication in an understandable format;
indication of the origin of the personal data, of their scopes and of their ways of processing, of the logic applied in case of processing by means of electronic tools and of the identifying details of the Controller;
update, rectification, integration, cancellation, transformation into anonymous data or blocking of data treated in violation of the law – including data for which conservation is not necessary for the scopes for which they were collected and subsequently processed. Documentation of these operations, also pertaining to their content, is brought to the attention of the Data Subjects whose data have been communicated or published, except for the case in which this duty is impossible to perform or requires the use of tools which are obviously disproportionate in relationship to the granted right.
Moreover, the Data Subject has the right to:
oppose, partially or completely, for legitimate reasons, to processing of his/her personal data, even if coherent with the scope of collection;
propose a complaint to the Data Protection Authority as foreseen by the Data Protection Regulation.
In order to know the detailed and constantly updated list of the entities to whom personal data of the Data Subject may be communicated and to exercise the rights granted by sections 15 and following of the Data Protection Regulation, in accordance with section 12 of Data Protection Regulation and within the limits of section 2-undecies of the Privacy Law, the Data Subject may contact the Data Processing Controller at the following addresses:
Associazione Culturale Micene
corso F.lli Cervi 56, 10095 Grugliasco (TO) – Italy
E-mail: associazione@associazionemicene.it
5. Duration of the processing.
Except for legal obligations and for the Data Subject’s updates on all other projects, initiatives and future events promoted by ACM, the personal data of the Data Subjects will be conserved only for the Symposium’s duration. In any case, the processing will not have a duration exceeding 5 years from the date of the provision of the update service from ACM, as long as the Data Subject has not requested cancellation before. Notwithstanding the above, ACM may conserve some personal data of the Data Subject also after the termination of processing, exclusively for the scope of defending or safeguarding its rights, or in those cased as defined by law or by order of a judicial or government authority.
[1] As per section 4 of the Data Protection Regulation, “personal data” means any information relating to an identified or identifiable natural person (‘data subject‘); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.