Rev. 22 July 2021
FONDAZIONE CENTRO DI MUSICOLOGIA WALTER STAUFFER
INFORMATION ON THE PROCESSING OF PERSONAL DATA pursuant to Art. 13 of EU Regulation 2016/679
This Information Notice is provided to inform you pursuant to Article 13 of European Regulation No. 679/2016 (hereinafter GDPR) regarding the use of your personal data. Fondazione Centro di Musicologia Walter Stauffer undertakes to respect and protect your confidentiality by processing the personal data you provide in accordance with the legal provisions designed to ensure the security, accuracy, updating and relevance of the data to the stated purposes.
1 Identity and contact details of the Data Controller
2 Contact details of the Data Protection Officer (“DPO”)
3 Purposes and legal basis of the processing
4 Type of data and processing methods
5 Recipients of personal data
6 Data Processors and Authorised Persons
7 Period of data retention
8 Rights of the interested party
1. Identity and contact details of the Data Controller
The Data Controller is the Fondazione Centro di Musicologia Walter Stauffer, with registered office in Corso Garibaldi, 178, Cremona (CR) – Italy.
2. Contact details of the Data Protection Officer (“DPO”)
The Foundation has not formally appointed a Data Protection Officer (DPO), as the conditions provided for by the GDPR do not exist.
3. Purpose and legal basis of processing
The personal data provided by users who use the website www.stauffer.org are used for the sole purpose of performing the service or provision requested after consent has been given.
4. Types of data and methods of processing
Optional, explicit and voluntary registration to the website www.stauffer.org entails the subsequent acquisition of all the data contained in the fields filled in by the user and the processing is carried out exclusively in fulfilment of the institutional activities of the Foundation.
The data provided will be processed with the aid of automated processes suitable for guaranteeing the security, confidentiality and integrity of the data itself, exclusively by technical personnel authorised to process the data and for the time strictly necessary to achieve the purposes for which it was collected in compliance with the legislation on the protection of personal data.
Specific security measures have been adopted to prevent the loss of data, unlawful or incorrect use and unauthorised access.
5. Recipients of personal data
Your personal data will not be communicated to third parties or disseminated.
6. Data Processors and Authorised Persons
The Foundation may avail itself of the services of third parties for the performance of activities and related processing of personal data of which it retains ownership. In accordance with the provisions of the law, these subjects shall ensure levels of experience, capacity and reliability such as to guarantee compliance with the provisions in force on the subject of processing, including the profile of data security, and to this end they have been appointed as Data Processors by formal deed. The Data Processors are subject to periodic audits in order to ascertain that the levels of assurance recorded when the initial assignment was made are maintained.
Your personal data may also be processed by internal staff who have been authorised in advance and who have been given appropriate instructions regarding measures, devices and modus operandi aimed at guaranteeing the concrete protection of your personal data.
7. Period of data retention
Personal data are processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected.
8. Rights of the interested party
Pursuant to Articles 13, paragraph 2, letters (b) and (d) and 14, paragraph 2, letters (d) and (e), as well as Articles 15, 16, 17, 18, and 21 of the GDPR, the persons to whom the personal data refer have the right at any time to request from the Data Controller access to, rectification of, integration into, deletion of or restriction of the processing of their personal data or to object to the processing of their personal data if the conditions provided for by the GDPR apply.
The above rights may be exercised by the data subject by sending a request to: firstname.lastname@example.org.
The data subject has the right to lodge a complaint with the Garante per la protezione dei dati personali, following the procedures and instructions published on the official website of the Authority: www.garanteprivacy.it.
He or she may at any time withdraw consent to the processing pursuant to Article 7(3) of the GDPR by sending a communication to the following address: email@example.com.
Withdrawal of consent shall not affect the lawfulness of the processing based on the consent given before the withdrawal.