When you browse our website, write comments, or get in touch with us via the online forms of our website, we necessarily collect and process your personal data. This document will help you understand what personal information we collect on you (the so-called “processing of personal data”), how we collect it, what purposes we use it for, and what rights you have with regard to your personal data.
When we speak of the “Data Controller” (or simply “Controller”), we are not referring to a specific person, but to the Fondazione Valter Baldaccini, Via V. Baldaccini, 1 – 06034 Foligno (Perugia, Italy), Tel. +39 0742 348 428, e-mail: email@example.com.
The website is run per our instructions and on our behalf by Copiaincolla.com s.r.l., Via dei Toscani, 36/E – 46100 Mantua, which is called the “Processor” of the personal data.
For the Newsletter processing and the Donation the Processor is Kudu Srl Società Benefit Via Cavour, 2 22074 Lomazzo(CO) Tel. +39 0236714480, mail: firstname.lastname@example.org.
For several processings regarding the data provided by cookies, the Processor is NUR s.r.l., Via del Commercio, 1/N – 46030 San Giorgio di Mantova (Mantua), Tel. +39 0376 369728, e-mail: email@example.com
When we speak of the “website”, we are referring to thewww.fondazionevb.org site and its apps.
On the “Contacts” page
With your explicit consent, the data you enter on this page will be stored both on the server and in a database. Your first and last names and e-mail address are necessary. You may choose to add other personal data also. These data, including the comments, will be kept and processed by the Controller and will not be rendered public.
In the “Receive the Newsletter” pop-up
On the “Propose a Project” page
All the data requested, including the files you have shared, are necessary in order to better understand the project you are suggesting. With your explicit consent, these data remain on the site’s server for one year and in the Foundation’s database for 10 years. You may ask us to access, modify, or delete these data at any time.
Information coming from social networks
You can click on “Like” on the social network accounts connected with our website, for example Facebook, Instagram or Youtube. When you use this option, we automatically collect selected information on you from the social networks. The information we collect depends on the information you have made available on the social network and on your privacy settings for sharing the information on the social networks. Depending on your settings and choices, we will collect the following information: Name and/or username, e-mail address, profile photo, and your contacts on the social networks.
We will use the information provided us to offer you our services, improve our website and services, answer your questions, send you our newsletters, facilitate the social sharing function, show which members of your social networks are friends of the Foundation, and create a better user experience on our website.
Furthermore, these data are used by the Controller and Processor (NUR s.r.l. and Kugu Srl) for various internal purposes, such as data analysis, checks, monitoring and prevention of fraud, development of new products and services, improvements or changes to the website or our services, identification of use trends, determination of the effectiveness of our promotional campaigns, and management and expansion of our activities.
In some cases they are necessary to comply with legal requirements and procedures, requests from public and governmental authorities, pertinent standards, and our internal policies.
Within the limited circumstances in which you expressly gave your consent for the processing of your personal data, for example when you sign up for our newsletter, you have the right to know what personal data we have on you, to modify them, and to request their deletion. You have the right to object to the way we process your personal information, or to ask us to limit its processing. For this purpose, you can send an e-mail to the Processor: firstname.lastname@example.org
Our website may contain links to other sites. Our inclusion of such links does not imply our approval or endorsement of such sites. We have no control over the content of these third-party websites, and do not assume any responsibility or liability for third parties and their policies or practices.
The Processor (Copiaincolla.com s.r.l.) is following a path of adherence to the GDPR standards. Its procedures envisage the fact that only two persons, equipped with a special “key”, can access the data, and they do so only for specific reasons.
At the Controller’s premises, only three persons can access the database holding the personal data you enter through the site. They use a secure password that is frequently changed. Connection to the website is via SSL encryption.
The Processor of the data connected with the website (Copiaincolla.com s.r.l.) does not have its own servers, but uses Amazon Web Services (sub-processor). The users’ data (with the exception of information on payments and credit cards, which are the responsibility of the Bank and do not go through the website) are stored in a database on an Amazon server which is accessible only from the server itself and remotely only from our company network.
Amazon Web Services uses a cloud architecture, so it is not able to guarantee that the data will be kept within the European Union. However, Amazon Web Services:
We keep the personal details and data you provide us with, including your comments on the website, for one year on the site’s servers and for 10 years on our database, unless you request their deletion.
The processings of personal data described permit us to pursue the social purposes of the Foundation, disseminating awareness of its activities, and receiving proposals for intervention and funding. They also enable us to meet our legal obligations and pursue our legitimate interests in relation to running the website and providing you with our services, so long as your interests and fundamental rights do not override our interests.
Considering the fact that the security measures adopted render damages to privacy very improbable, and that in any case they would be very limited, and that data subjects may exercise their right to access, modification, and/or deletion of their data at any time, the Controller deems the data processing in question legitimate and in compliance with the spirit and wording of the European General Data Protection Regulation 679/2016, and that the legal basis to continue it exists.
Any complaint you may have of dissatisfaction may be lodged with the Autorità Garante per la protezione dei dati personali (Personal Data Protection Authority), Piazza di Monte Citorio 121 – 00186 Rome, Tel.: +39 06.696771, e-mail: email@example.com.
All graphic material and text is the property of the Fondazione Valter Baldaccini. Any kind of reproduction, even partial, is completely forbidden.