Privacy policy

Privacy Policy

Privacy Policy

Dear Sir / Madame,

in relation to the provisions of EU Reg. 2016/679 (European Regulation for the protection of personal data) we hereby communicate the necessary information regarding the processing of personal data provided by the interested party. This information, which is provided pursuant to art. 13 of EU Reg. 2016/679 (European Regulation for the protection of personal data) and pursuant to art. 13 Legislative Decree 30.6.2003 n. 196 (Privacy Code).


Pursuant to art. 4 and 24 of EU Reg. 2016/679 the data controller is Tiziana.


The Data Controller processes personal identification data (for example, name, surname, company name, address, telephone, e-mail, bank and payment details), communicated by the interested party when joining the association.


The personal data provided will be processed in compliance with the conditions of lawfulness pursuant to art. 6 lett. b of EU Reg. 2016/679, or for joining and participating in the association and carrying out the activities proposed in favor of the members, and in particular: Membership register registration; participation in associative life; information on activities and other proposed initiatives; possible compilation of data collection forms for sending an information request to the data controller Tiziana; fulfill contractual obligations, legal obligations and administrative-accounting purposes. For the purposes of applying the provisions on the protection of personal data, the treatments carried out for administrative and accounting purposes are those related to the performance of organizational, administrative, financial and accounting activities, regardless of the nature of the data processed; fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority (such as in the field of anti-money laundering); exercise the rights of the owner, for example the right to defense in court;


The personal data provided may be disclosed to recipients, appointed pursuant to Article 28 of EU Reg. 2016/679, who will process the data as managers and / or as natural persons acting under the authority of the Data Controller and of the Data Processor, in order to comply with contracts or related purposes. Specifically, the data may be disclosed to recipients belonging to the following categories:

– Subjects who provide services for the management of the information system and communication networks of the Data Controller;

– Firms or companies in the context of legal assistance and consultancy relationships;

– Competent authorities for the fulfillment of legal obligations and / or provisions of public bodies, upon request; the subjects belonging to the aforementioned categories perform the function of data processing manager, or operate in total autonomy as separate data controllers.


The personal data provided by the interested party will not be transferred abroad within or outside the European Union ..


The processing will be carried out in an automated and / or manual form, with methods and tools aimed at guaranteeing maximum security and confidentiality, by persons specifically appointed to do so. In compliance with the provisions of art. 5 paragraph 1 letter. e) of EU Reg. 2016/679, the personal data collected will be stored in a form that allows the identification of the data subjects for a period of time not exceeding the achievement of the purposes for which the personal data are processed.


on manual cards, also made with the aid of electronic means, stored in closed places, the key of which is held by the President and the persons in charge of the administration, or in a computerized manner, on a PC located at the headquarters of the Association which is adequately equipped against IT risks (firewall, antivirus, periodic data backup); authorized to access such data are the president and the persons in charge of the administration. Pursuant to art. 4 n. 2 of the G.D.P.R, the processing of personal data may consist of the collection, registration, organization, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data.


The provision of personal data for the purposes referred to in point 3 of this information document is necessary to follow up on joining the association. Failure to provide personal data may make it impossible to obtain such membership.


The interested party may assert their rights as expressed in Articles 15, 16, 17, 18, 19, 20, 21, 22 of EU Regulation 2016/679, by contacting the Data Controller, via the email address The interested party has the right, at any time to:

– obtain confirmation of the existence or not of personal data concerning him, even if not yet registered, and their communication in an intelligible form;

– obtain the indication: a) of the origin of personal data; b) the purposes and methods of the processing; c) of the logic applied in case of processing carried out with the aid of electronic tools; d) the identity of the owner, managers and designated representative pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or agents;

– obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data which need not be kept for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment is proves impossible or involves the use of means that are manifestly disproportionate to the protected right;

– object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning him, even if pertinent to the purpose of the collection; b) to the processing of personal data concerning him for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by e-mail and / or through traditional marketing methods by telephone and / or paper mail. Where applicable, the interested party also has the rights referred to in Articles 16-21 GDPR (Right to

rectification, right to be forgotten, right to limitation of treatment, right to data probability, right to object), Without prejudice to any other administrative and judicial appeal, if the interested party believes that the processing of data concerning him violates the provisions of EU Reg. 2016/679, pursuant to art. 15 letter f) of the aforementioned EU Reg. 2016/679, has the right to lodge a complaint with the Guarantor for the protection of personal data and, with reference to art. 6 paragraph 1, letter a) and art. 9, paragraph 2, letter a), you have the right to withdraw the consent given at any time. In the event of a request for data portability by the interested party, the Data Controller will provide the personal data concerning him in a commonly used and readable format, without prejudice to paragraphs 3 and 4 of art. 20 of EU Reg. 2016/679