INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO THE (EU) REGULATION NO.2016/679 (‘GDPR’)
For the purpose of promotional information on the services provided by Ente Fiera Promoberg and Confindustria Bergamo.
Pursuant to the provisions of art. 13 in the (EU) Regulation no. 2016/679, on the protection of natural persons with regard to the processing of their personal data (‘GDPR’), we are herewith informing you that your personal data shall be processed by Ente Fiera Promoberg and Confindustria Bergamo (Data Controllers), to send communications related to services, events and shows, which they may organize.
1.DATA CONTROLLERS AND DATA PROCESSORS
The data controllers are:
– Ente Fiera Promoberg, with registered office in via Borgo Palazzo n. 137- 24125 Bergamo – VAT no. 01542150162 – e-mail email@example.com – phone no. 0353230911.
– Confindustria Bergamo, with registered office in via G. Camozzi, 70, 24121 Bergamo – Tax Code 80021750163 – e-mail firstname.lastname@example.org – phone no. 035 275111.
The Data Processor in charge of providing the newsletter service is Net Banana Sas, with registered office in via A. Cornaro no. 18 – 35038 Torreglia (province of Padua).
2. TYPES OF PROCESSED DATA AND PROCESSING GOALS
Processing shall be performed on the personal data only, which are required to send promotional newsletters with regard to services, events and shows organized for the Industrial Valve Summit. The processed data shall include specifically:
– The data provided by the Data Subject participating in the Industrial Valve Summit events, by filling in the special form on the back of the invitation to the same event: particularly, such data include the Data Subject’s name, surname and e-mail address. The Data Subject also has the option to report the own sectors of interest in the form above: such data shall be processed by the Data Controllers only to perform statistical activities for internal use and to improve the offered services. The processing modalities shall be such to allow the data anonymization so that data may not be associated to the single Data Subjects.
– The e-mail address, which the Data Subject provides by filling in the special form to register in the newsletter service on the website https://industrialvalvesummit.com.
– The Data Subject’s e-mail address processed by the Controller to send communications on the services, events and shows organized for the Industrial Valve Summit, pursuant to art. 6 par. 1 lett. f) in the GDPR.
Please note that Data Subjects are free to provide the data required in the forms above, since they are not obliged to provide it: however, if the data marked as required are not filled in, it will not be possible to access the newsletter service.
3. PROCESSING MODALITIES and CONSERVATION TIME
The Data Processor Net Banana Sas – with registered office in via A. Cornaro, 18 – 35038 Torreglia (province of Padua) – may process the Data Subject’s personal data on behalf of Ente Fiera Promoberg and Confindustria Bergamo. The goal shall be the performance of the operations required to provide the newsletter service, in compliance with the given instructions and implementing the Controllers’ technical and organizational measures.
Both paper and/or IT tools shall be used to process the Data by the authorized entities that operate under the Data Controllers’ or Processors’ direct management and instructions, following the logics strictly related to the given goals and however so as to guarantee the safety and confidentiality of the processed data.
The Data Controllers Ente Fiera Promoberg and Confindustria Bergamo have arranged a model to protect the personal data, by identifying the roles and responsibilities within the own organization and by specifically identifying the processors in charge of the processing procedures and measures envisaged in the model, within the corporate organizational units with regard to the own processing only.
Data shall be processed under automated modalities as well, by adopting the appropriate technical and organizational measures to guarantee the safety of data and systems. Specific safety measures shall be adopted to minimize the risks of accidental data destruction or loss, of unauthorized access or processing and of any processing non-compliance with the goals in this disclosure. Particularly, the website https://www.bergamofiera.it/ shall use the HTTPS protocol to authenticate the server and encrypt the communication channel.
The processed data shall be kept for a period not exceeding that required to send promotional newsletters with regard to the services, events and shows organized by Ente Fiera Promoberg, without prejudice to the exercise of the Data Subject’s right to oppose processing under the modalities described below.
4. DATA COMMUNICATION AND DISCLOSURE
The personal data shall never be disclosed, disseminated, or in any case transferred to third parties for illicit purposes and, in any case, without giving suitable information to the Data Subjects or receiving their consent, where required by law. The possible communication of data at the request of the judicial or public security authorities, in the manner and cases provided for by law, shall remain unprejudiced. Personal data will not be transferred abroad, to any countries or international organizations outside the European Union that do not provide an adequate level of protection, pursuant to Article 45 in the GDPR, based on a decision of adequacy by the EU Commission. If so required for the provision of the Site services, personal data may be transferred to countries or international organizations outside the EU, for which the Commission has not made any decision of adequacy (Article 45 in the GDPR), only with appropriate guarantees provided by the recipient country or organization (Article 46 in the GDPR) and on condition that the Data Subjects enjoy enforceable rights and effective means of redress. Failing an adequacy decision by the Commission (Article 45 in the GDPR) or appropriate guarantees (Article 46 in the GDPR), including binding corporate rules, a cross-border transfer will only take place if one of the conditions set out in Article 49 in the GDPR occurs.
5. RIGHTS OF THE DATA SUBJECTS (ARTICLES NO. 15 to 22 in the GDPR)
5.1 The Data Subjects shall enjoy the rights under articles from 15 to 22 in the GDPR, where applicable.
5.2 Particularly, the Data Subjects may ask the Data Controllers to access the processed personal data, to correct any possible incorrect data, to integrate any incomplete data, to cancel data, and to limit data processing in the cases provided for under art. 18 in the GDPR1.
5.3 The Data Subjects are entitled to oppose the following, in full or in part:
a) The processing of the own personal data for any legitimate reasons, if related to the aim of the collection;
b) The processing