The Foundation
Assets
Funding of research
Cultural activities
Invernizzi Award
Privacy Policy - communication and newsletter
Pursuant to Art. 13 of European Regulation 2016/679 (hereinafter referred to as "GDPR"), we hereby inform you about processing of your personal data so that Fondazione Romeo ed Enrica Invernizzi can e-mail you communications and/or newsletters on activities, initiatives and/or projects promoted by the Foundation.
THE DATA CONTROLLER
The Data Controller is Fondazione Romeo ed Enrica Invernizzi (hereinafter referred to as the “Foundation” or “Controller”).
The contact information of the Controller is:
Registered offices and administrative address: Corso Venezia, 32 - Postal code 20121 Milan, Italy
Telephone switchboard: +39.02.76021812
E-mail address: info@fondazioneinvernizzi.it
2. TYPES OF DATA COLLECTED
The Controller shall process the following personal data: (i) general data (i.e. first name and family name, e-mail address).
3. PROVISION OF PERSONAL DATA
Personal data required shall normally be requested directly from you.
4. PURPOSE AND LEGAL BASIS OF PROCESSING
Your personal data are requested for the following purpose:
– with your consent, to e-mail you communications and/or newsletters on activities, initiatives and/or projects promoted by the Controller.
5. PROCESSING AND RETENTION METHODS
The Controller shall take appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of personal data processed.
Data is processed by means of computer and/or telematic tools, using organisation methods and logics that are strictly related to purposes indicated.
6. POSSIBLE RECIPIENTS OR CATEGORIES OF RECIPIENTS OF PERSONAL DATA
The following categories of entities may become aware of your data in the course of processing:
– External companies that will carry out activities on behalf of the Foundation, which are strictly related to the aforementioned purposes;
– Authorities in general, administrations, agencies and public bodies.
Entities belonging to the aforementioned categories either act as data controllers or operate independently as separate data controllers.
Additional information on the aforementioned entities may be requested by e-mail: info@fondazioneinvernizzi.it.
7. TRANSFER OF DATA ABROAD
Personal data will generally be processed within the European Economic Area (EEA). Any transfer of personal data outside the European Economic Area shall only take place after appropriate safeguards have been put in place, as required by applicable regulations.
8. RETENTION PERIOD
For the aforementioned purpose, the Data Controller shall retain your personal data for a maximum period of 24 months unless otherwise provided for by regulatory or contractual obligations or, where applicable and legitimate, until any request for deletion is made by the data subject prior to the aforementioned deadline.
9. RIGHTS OF INDIVIDUALS CONCERNED
With regard to personal data processed, you may exercise the following rights:
| Access | (i) The right to obtain from the Controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, to obtain information on the origin, purpose, category of data processed, recipients of communication and/or transfer of data, etc.; and (ii) the right to obtain a copy of personal data, provided that this does not infringe the rights and freedoms of others. |
| Rectification | The right to obtain from the Data Controller the rectification of inaccurate personal data without undue delay, as well as the integration of incomplete personal data, also by providing a supplementary declaration. |
| Cancellation | The right to obtain from the Data Controller the erasure of personal data without undue delay if: personal data are no longer necessary in relation to the purposes of the processing; the consent on which the processing is based is withdrawn and there is no other legal basis for the processing; personal data have been processed unlawfully; personal data shall be erased in order to comply with a legal obligation. |
| Objection to processing | The right to object at any time to the processing of personal data that have a legitimate interest of the Controller as their legal basis. |
| Restriction of processing | The right to obtain from the Controller the restriction of processing, in cases where the accuracy of personal data is contested (for the period required for the Controller to verify the accuracy of such personal data), if such processing is unlawful and/or as data subject you objected to the processing. |
| Data portability | The right to receive personal data in a structured, commonly used and machine-readable format and to transmit such data to another data controller, only in cases where the processing is based on consent or on a contract, and only for data processed by electronic means. |
| Not to be subjected to automated decision-making | The right to obtain from the Controller the restriction of processing, in cases where the accuracy of personal data is contested (for the period required for the Controller to verify the accuracy of such personal data), if such processing is unlawful and/or as data subject you objected to the processing. |
| Complain to a supervisory authority | Without prejudice to any other administrative or judicial remedy, a data subject who considers that the processing relating to him or her infringes the GDPR shall have the right to lodge a complaint with the supervisory authority of the Member State in which he or she resides or habitually works, or of the State in which the alleged infringement occurred. |
| Withdrawal of consent | The data subject shall have the right to revoke his or her consent given for one or more of the purposes listed above at any time, without this affecting the lawfulness of the processing carried out by the Controller until revocation. |
The aforementioned rights may be exercised vis-à-vis the Data Controller by writing to the aforementioned addresses.