© Maison Sophia is a registered trademark - All rights reserved.
TERMS AND CONDITIONS
INFORMATION ON THE PROCESSING OF PERSONAL DATA FOR WEBSITE VISITORS
Information pursuant to and for the purposes of art. 6, EU Regulation no. 679/16, and arts. 13-14, EU Reg 2016/679 (hereinafter, GDPR).
EU Regulation on the protection of personal data no. 679/16 aims to ensure that the processing of your personal data is carried out with respect for the rights, fundamental freedoms, and dignity of individuals, with particular reference to confidentiality and personal identity. Therefore, it is our duty to inform you about our policy regarding data confidentiality and privacy management.
The Data Controller is Maison Sophia, with registered and operational headquarters in Gallipoli (Le) – via Ludovico Ariosto n.39 T +39 3934003835, Tax Code GRRNRM66R63B958I, represented by its legal representative / president Mr. Gerra Norma, as Data Controller, through its current legal representative and president, informs you, pursuant to and for the purposes of Articles 13-14 GDPR, that your data will be processed in the manner and for the purposes indicated in point 2.
La Maison Sophia is committed to respecting and protecting the personal data voluntarily and explicitly provided by you, in compliance with legal provisions aimed at ensuring the security, accuracy, updating, and relevance of the data with respect to the institutional purposes declared by our organization. The personal data provided by users who submit requests are used solely for the purpose of fulfilling the specific request submitted each time, and are communicated to third parties only when strictly necessary and functional to this purpose. The data are processed by personnel appointed as data processing managers, only when the processing is necessary for carrying out the assigned tasks.
1. Subject of the processing
The Data Controller processes personal identification data (name, surname, company name, address, telephone, e-mail) – hereinafter "personal data" – provided by you when consulting this site, following the completion of forms on this site to submit a request for membership relating to the services offered or following subscription to the "Newsletter" service.
2. Purpose of processing
Your personal data are processed:
A) without your explicit consent (pursuant to art. 6, c.1 GDPR) for the following service purposes:
– complete data collection for the formulation of the Controller's service offer;
– fulfill the pre-contractual, contractual, and fiscal obligations arising from existing relationships with you;
– fulfill the obligations provided for by law, by a regulation, by community legislation or by an order of the Authority;
– exercise the rights of the Data Controller, for example the right of defense in court;
B) only with your specific and separate consent (pursuant to art. 7 GDPR), for the following purposes of communication of cultural and educational services and activities:
– to send you via e-mail, mail and/or SMS and/or telephone contacts, newsletters, communications and/or informational material about services offered by the Data Controller and to assess the level of satisfaction with the quality of services;
– to send you via e-mail, mail and/or SMS and/or telephone contacts communications and/or information from third parties authorized and reputationally and privacy-controlled by us.
We inform you that if you are already our user, we may send you informational communications regarding services and products of the Controller similar to those you have already used, unless you object.
3. Processing methods
Pursuant to Art. 5 GDPR, the processing of your Data will be based on the principles of fairness, lawfulness, and transparency and may also be carried out through automated methods designed to store, manage, and transmit them (by means of the operations indicated in Art. 4 no. 2) GDPR and will take place using tools suitable to guarantee security and confidentiality through the use of appropriate procedures that prevent the risk of loss, unauthorized access, unlawful use, and dissemination.
Your personal data is processed both on paper and digitally.
Your personal data will be stored for the time necessary to fulfill the relationships existing between the parties; only ordinary personal data and, in particular, names and addresses of residence and/or domicile and email addresses will be stored for the time necessary to fulfill the relationships existing between the parties and in any case for no longer than 20 years from the termination of the current service provision relationship as required by law.
4. Data communication
Other employees and collaborators of the Data Controller may become aware of the data in their capacity as data processors, and the data may also be viewed by external parties who oversee our IT system and whom our organization has appointed as external processors; your data may also be communicated to companies and/or professional firms that provide – on an outsourcing basis – assistance, consultancy, or collaboration to the Data Controller in accounting, administrative, fiscal, legal, or tax matters, to public administrations for the performance of institutional functions within the limits established by law or regulations and to fulfill legal and regulatory obligations, and to third-party service providers where communication is necessary for the performance of the services covered by our offerings, should we be entrusted with an assignment requiring their involvement. We inform you that all our suppliers are appointed as external processors and are subject to a validation and control process in terms of privacy and the quality of the requested services.
Without the need for express consent pursuant to Art. 6, paragraph 1 of the GDPR, the Data Controller may disclose your data for the purposes referred to in Art. 2.A) to supervisory bodies, judicial authorities, as well as to those subjects to whom communication is mandatory by law for the fulfillment of the aforementioned purposes.
Your data will not be disclosed in any other way.
5. Retention periods
Your personal data will be kept for the time necessary to fulfill the relationships existing between the parties; only ordinary personal data and, in particular, names and addresses of residence and/or domicile and email addresses will be kept for the time necessary to fulfill the relationships existing between the parties and in any case for no longer than 20 years from the termination of the existing service provision relationship as required by law.
Once this retention period has elapsed, the Data will be destroyed and/or deleted, unless there are future communications from the Data Controller or decisions by authorities pursuant to the law.
6. Data transfer
The data may also be communicated to international training entities (international training or residential projects), as Joint Controllers of the data processing, who have signed an agreement with our foundation. These entities – with particular attention to those located in non-EU countries – have been given precise operational instructions through contractual clauses that ensure the data will be processed in accordance with the principles established in EU Regulation no. 679/16 even in the third country of destination.
The data subject may exercise their rights with respect to each Controller.
7. Nature of data provision and consequences of refusal to respond
The provision of data for the purposes referred to in point 2.A) is mandatory. Without them, we will not be able to guarantee you the requested Services.
The provision of data for the purposes referred to in point 2.B) is instead optional. You may therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in this case, you will not be able to receive newsletters, communications, and informational material related to the Services offered by the Data Controller.
You will still be entitled to the Services referred to in point 2.A).
8. Data subject's rights
You, pursuant to art. 7 of Legislative Decree 196/2003 and EU Regulation 2016/679, have the right to request from the Data Controller access to your data, its rectification or deletion, the integration of incomplete data, the limitation of processing; to receive the data in a structured, commonly used and machine-readable format; to withdraw any consent given regarding the processing of your special data (dietary habits, religious beliefs) at any time and to object, in whole or in part, to the use of the data; to lodge a complaint with the Authority, as well as to exercise the other rights recognized to you pursuant to articles 15-22 of EU Regulation no. 679/16.
9. Methods of exercising rights
You may exercise your rights at any time by sending an email to: info@maisonsophia.it
The data subject has the right to lodge a complaint with a supervisory authority.
If you are no longer interested in communications from Maison Sophia and wish to unsubscribe from the newsletter, you can do so by clicking on the "unsubscribe" link at the bottom of each email sent or by sending an email to: info@maisonsophia.it
10. Data controller, processors
The Data Controller is Maison Sophia, with registered and operational office in Gallipoli (Le) – via Ludovico Ariosto n.39 T +39 3934003835, Tax Code GRRNRM66R63B958I represented by its legal representative / president; E-mail: info@maisonsophia.it
The Data Controller makes use of internal and external data processors appointed for the achievement of the purposes specified in point 2 (technical purposes related to the provision of the service and informational purposes).
The updated list of internal and external data processors, joint controllers, and data recipients is kept at the administrative headquarters of the Data Controller.
11. Informative communications
Our communications about events, activities, and cultural/educational initiatives (including those offered free of charge) or regarding our services are considered informational. The Foundation's informational approach is expressly non-intrusive and has an ethical and cultural value. Our primary desire is to protect users as much as possible from any unwanted communications.
From the moment you enter your data by filling out the form on this site to request information about a service, we may use your contact information to send you informational communications and notifications regarding new services offered that we believe may be of interest to you.
To disable the receipt of promotional emails, please follow the instructions provided in the emails themselves or send a message to info@maisonsophia.it
12. Changes
This information notice may be subject to changes. Should substantial changes be made to the use of user data by Fondazione RUI, the user will be notified by publishing them with maximum visibility on its pages.
13. Data acquired during navigation
The IT systems and software procedures of our site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. These are pieces of information that are not collected to be associated with identified data subjects, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the site, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters related to the user's operating system and IT environment. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site: except for this eventuality, web contact data persists for no longer than is necessary for the purposes for which it was collected and subsequently processed.
14. “Data Protection Officer”, data protection officer (DPO)
In case of doubts, needs, or requests for explanations about privacy, you can provide a detailed explanation of the issue you wish to report to the email info@maisonsophia.it.
The DPO will analyze your requests and, based on the responsibilities assumed, may intervene in the ways permitted by the regulation.
© Maison Sophia is a registered trademark - All rights reserved.