PRIVACY POLICY

Dear interested party, we wish to inform you that the "European Regulation 2016/679 concerning the protection of individuals with regard to the processing of personal data, as well as the free movement of such data" (from now on "GDPR") provides for the protection of persons and other subjects regarding the processing of personal data. Lagrù cultural association as "owner" of the treatment, pursuant to article 13 of the GDPR, therefore, provides you with the following information:

DATA CATEGORIES:

The Lagrù cultural association will process the personal and/or sensitive and health-related data that will be entered in the form.


SOURCE OF PERSONAL DATA:

The personal data of which cultural association Lagrù. will be in possession are collected directly by the interested party when completing this form.


HOLDER OF THE TREATMENT

LAGRU' CULTURAL ASSOCIATION Via Augusto Murri snc, 63811 Sant'Elpidio a Mare (FM); CF and 90056320444; VAT number 02162770446, who can be contacted at the email address lorenzo@lagruragazzi.it.


PURPOSE OF DATA PROCESSING AND LEGAL BASIS:

The processing of your data, collected and stored in relation to the completion of this form, has your consent as its legal basis and is carried out for the following purposes: responding to requests for information sent via the form, providing assistance and support services, proceeding by subscribing to the newsletter, send training, information and commercial communications.


DATA ADDRESSEES:

Within the limits pertinent to the indicated processing purposes, your data may be communicated to partners, consultancy firms, private companies, appointed as Data Processors by the Data Controller. Your data will not be disseminated in any way. The Managers and Data Processors in charge are duly identified in the Privacy Document, updated on a regular basis.


TRANSFER OF DATA ABROAD:

The transfer of your personal data abroad may occur if an email address corresponding to the Gmail domain is used. This transfer is guaranteed in accordance with the GDPR by the service provider. For the processing of information and data that will eventually be communicated to these subjects (managers, recipients), the equivalent levels of protection adopted for the processing of the personal data of its employees will be required. In any case, only the data necessary to achieve the intended purposes will be communicated and the regulatory instruments provided for by the articles will be applied. 43 and 44 of the Code and Chapter V of the GDPR.


DATA RETENTION PERIOD:

The data collected will be kept for a period of time not exceeding the achievement of the purposes for which they are processed ("conservation limitation principle", art.5, GDPR) for the purposes for which they were collected is carried out periodically.


RIGHTS:

The interested party always has the right to request from the Data Controller access to your data, the rectification or cancellation of the same, the limitation of the treatment or the possibility of opposing the treatment, to request the portability of the data, to revoke the consent to the treatment by asserting these and other rights provided for by the GDPR through a simple communication to the Data Controller. The interested party can also lodge a complaint with a supervisory authority.


OBLIGATORY OR NOT OF THE PROVISION OF DATA:

We inform you that the provision of data is optional for some fields and for others (indicated by an asterisk) mandatory and failure to provide the mandatory data involves NOT sending the form. The flag is necessary for acknowledgment of the disclosure.


MANDATORY CONSENT:

The provision of consent to data processing by means of a specific check is optional, but essential to proceed with sending the form.


DATA PROCESSING METHODS:

The personal data you provide will form the object of processing operations in compliance with the aforementioned legislation and the confidentiality obligations which inspire the activity of the Data Controller. The data will be processed both with IT tools and on paper and on any other type of suitable support, in compliance with adequate technical and organizational security measures provided for by the GDPR.