Article 13 of the EU Regulation 679/2016 on the protection of personal data collected from the data subject
- Data Controller
-The Data Controller is the Museo dei Bambini SCS Onlus with registered office in Via Flaminia no. 80/86 -00196 (RM)
– The Data Processor is Patrizia Tomasich in compliance with the principles of protection of personal data.
– The Museo dei Bambini SCS Onlus staff is tasked with personal data processing.
2.Source of personal information
In accordance with Article 13 of the EU Regulation 679/2016, we hereby inform you that the Museo dei Bambini SCS Onlus processes personal data collected from the data subjects who have freely communicated in person and/or by means of forms, telephone or fax their personal information to our offices.
- Purposes of personal data processing
In accordance with the above-mentioned regulation, the Data Controller will ensure that the processing of personal data will be carried out in the respect of the data subject’s fundamental rights and freedoms, as well as of the data subject’s dignity, specifically for privacy, personal identity and the right of personal data protection.
3.1 All personal data collected from the data subjects are processed only for the purposes of provide training activity and courses.
- Personal data collection and consequences for non-consent to processing
Personal data collection for the purposes referred to in item 3.1 is required in order to allow delivery of the service requested. Should the user not give their consent to the collection of their personal data, the service cannot be provided.
We may collect and use several types of information from and about you, depending on which Services you use. We only collect the information necessary to provide the Services and operate the Website and our business.
If you access the Website, we may collect:
Technical information, including your browser type, time zone, operating system, IP address and device type; and Personal information including your name, email address, and phone number if you submit this information to us by email, through our contact form, or sign up for our newsletter.
If you enroll a Course we may collect:
Your name, address and email address, Your account name on LearnDash.
- Data communication and disclosure
Personal data freely obtained from the data subject will not be disclosed in any form whatsoever.
Personal data, whenever necessary, might be communicated to:
5.1 all subjects whose access right is acknowledged pursuant to and for the purposes of law provisions;
5.2 our contractor personnel, employees and suppliers, in relation to their tasks and/or our contractual obligations to them, for the purposes of the business relationships with the data subject;
5.3 all public and/or private subjects, individuals and/or legal bodies (legal, administration and tax offices, Courts, Chambers of Commerce, Municipality of Rome, etc.), whenever data communication proves necessary or functional to our business and activities for the purposes and in the manners described above;
5.4 banks for the purposes of receiving and issuing payments arising from contracts.
In the cases described above, only basic data – and no more than basic data – will be communicated for the purposes for which it is communicated.
Transfer of data to third countries
The Data Controller will not transfer personal data to third countries; however, it reserves the possibility to use cloud services; in this case, cloud service providers will be selected among those who provide appropriate safeguards in accordance with article 46 of GDPR 2016/679.
- How personal data is processed
Processing involves common identification personal data.
Personal data may be held electronically and in hard copy and is subject to appropriate safeguards in order to ensure protection and privacy. Data will be processed and stored on premises where access is constantly monitored; in particular, all technical, information technology, organisational, logistic and safety procedural safeguards will be adopted so that the appropriate data protection level specified in the regulation is maintained; access will be allowed only to persons tasked with processing by the Data Controller or Data Processors being appointed by the Data Controller.
- How long personal data will be kept
We only keep your personal information for as long as we need it to carry out the different activities set out in this website.
You can request a complete delete of your data writing and email to [email protected]
- Rights of the data subject
The data subject can, at any time, exercise the following rights:
- right of access to personal data;
- right to rectification or erasure or right to restrict processing;
- right to object to processing of their personal data;
- right to data portability;
- right to lodge a complaint with a supervisory authority pursuant to article 77 of GDPR based on the data subject’s private address, place of work, or place of breach of their rights; for Italy the competent supervisory authority is the Data Protection Authority (Garante per la protezione dei dati personali) who can be contacted through the website http://www.garanteprivacy.it.
The rights described above can be exercised by sending a request to the Data Controller at the following e-mail address: [email protected] or using the contact information included in this privacy statement. Requests related to the exercise of the data subject’s rights will be handled without unjustified delay and within a month from the date of request; only in more complex cases and in the face of a high number of requests, the term may be extended by 2 (two) more months.