Dear Member, we hereby inform you that the Icnussa Association APS (ICNUSSA) will use your personal, identification, records and particular data (see number 5, letter e) in accordance with UE Rule 2016/679 (GDPR) and therefore informs you of the following:
- For Personal data is meant
It is personal data every piece of information related to natural person identified or identifiable (directly or indirectly) through one or more carachteristic elements of their physical, physiological, genetic, psychic, economic, cultural or social identity.
It is particular data (former sensitive) personal data likely to reveal racial or ethnic origin, political opinions, religious or philosophical believes, or trade-unions belonging, as well as genetic and biometric data likely to reveal health status and sexual activity and orientation or likely to reveal penal sentence or crimes.
- For Treatment is meant
It is Treatment every action or complex of actions, carried out with or without electronic or automated means, on personal data concerning collection, registration, organization, processing, storage, adaptation or modification, extraction, consultation, use, communication through transmission, diffusion or any other form of making available, comparison or interconnection, limitation, deletion and destruction.
- Figures and Treatment Roles:
Person Concerned – Person who gives his own personal data.
Owner of the Treatment – Who, individually or with others, defines the purpose and means of the Treatment of personal data, receives the data, use, storage and transmits them to others.
Treatment Controller – Natural or legal person, public authority, service or other entity which treats personal data on behalf of the Treatment Controller.
Third party who receives the data – Person to whom the data are transmitted by ICNUSSA.
- Owner of the Treatment
The owner of the treatment of your personal data is ICNUSSA legal residence in Urzulei in via Risorgimento Snc
- Purposes of the Treatment
ICNUSSA collects data with the following purpose:
- membership recruiment, the given data are directed to the correct management of the participant to the association and to the duty linked to the membership. The treatment allows the full participation to the institutional activities and to use the services that ICNUSSA provides to the members;
- insurance coverages, the given data are directed to the correct supply that ICNUSSA makes available to its members for daily activities or in case of the organization of events and manifestation;
- associative management, the given data are directed to the correct management of ICNUSSA which summon its own members as the internal regulation requires;
- institutional and promotional, ICNUSSA collects data and pictures during conventions, exhibits, events and public manifestations with informative intention of its own activities, organizational, of relational and inter-institutional exchange and with partnership and planning intentions;
- claim opening, ICNUSSA asks for the documents regarding (particular data) the potential claim, for the purpose of the completion of the contractual insurance procedure.
- Terms of the Treatment
ICNUSSA in accordance with the article 5 of GDPR process data in legal, correct and transparent way and following the purposes of the previous point. Data collection can take place with the help of paper, electronic and informatic means or through the web for the operations indicated by the art. 4 n 2: registration, organization, consultation, elaboration, modification, extraction, use, communication, deletion.
- Data provision
The provision of data for the purposes of point 5 leter a-b-c-d is obligatory under the mentioned purposes and for the concerning contractual obligations (juridical, civilistic, insurance, fiscal) and the denial will involve the impossibility to join the ICNUSSA. The provision of data for the purposes of point 5 letter e is obligatory in case of registration to the first level course.
- Data Communication and Diffusion
Some particular data (medical data) could be communicated to the insurance in effect. Their communication could be necessary only and exclusively for the completion of the omologation procedure of the first level course.
- Place and terms of data storage
Personal data will be storaged on paper support and/or informatic servers, in places located inside the European Community. Upon request of the person concerned, in reference to that date, the storage addresses will be communicated.
- Period of the data storage
Your data will be storaged for the period expected by the current regulations (10 years). For historic purposes the documents related to publications, conventions, exhibits and schools could be storaged without any deadline.
- Terms of control
It is established that funtional security control are made informatic and web setting through:
– Control and traceability of the accesses through ID and password of different levels;
– Codification with identification and subdivision of the processes;
– Protection system from Malware;
– Minimization of treated data.
Physical security control are made through:
– Storage of papers in protected places and accessible only to staff in charge;
– Storage of physical supports of the server in protected place and data Backup;
– stipulation of accurate contracts regarding data treatment.
– Organisational controls will be made through specific formation of the staff who has access to personal data.
- Person concerned rights
At any moment, with specific request to send through email at the address firstname.lastname@example.org
it will be possible to carry out your own rights in reference to the articles from 15 to 22 of UE Rule n. 2016/679:
- to ask for the confirmation about the existence or not of your own personal data;
- to obtain the indication about the purposes of the treatment, the categories of personal data, the addressee or the categories of addressees to whom the data have been or will be communicated and, when possible, the period of storage;
- to obtain amendment and deletion of data;
- to obtain the limitation of the treatment;
- to obtain the portability of data, or receive them by a owner of the treatment, in organized format, of common use and readable by automatic device and transmit them to another owner of the treatment without any obstacle;
- to oppose to the treatment at any moment and even in case of treatment for direct marketing purpose;
- to oppose to an automated decisional process related to a natural person, including the profiling;
- to ask the owner of the treatment the access to personal data and amendment or deletion of data or the limitation of the treatment regarding that or to oppose to their treatment, in addition to the portability of data;
- to revoke the consent at any moment without compromise the legitimation of the treatment based on the consent given before the revocation;
- to make a complain to the Guarantor for protection of personal data in case of violation of your own data.