Under the article 13 of the EU Regulation 2016/679 that deals with the protection of personal data of natural persons (and any subsequent amendments and additions) also called GDPR (General Data Protection Regulation), we would like to inform you that your personal data will be processed in full compliance with the aforementioned regulation, the confidentiality obligations that inspire the activity of our Association, the principles of lawfulness, fairness and transparency, therefore guaranteeing the full exercise of your rights as a “data subject”, that is, the subject to which the personal data refers.
The data will be processed by the European Academy of Religion (EuARe) as data controller according to the purposes and methods below.
"personal data" means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
"processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
"data controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
The European Academy of Religion (EuARe) is a non-profit organisation based at Fondazione per le Scienze Religiose "Giovanni XXIII", Via San Vitale 114, 40125, Bologna (IT).
The EuARe is an independent, scientific and professional institution acting in accordance with the law and its statute, in order to create an open organization and platform, aimed at supporting and spreading study, research, communication, exchange and cooperation on religious issues relevant to academic reality and society as a whole.
TYPES OF PROCESSED DATA
Forms. If you use our forms, we will collect the data as well as the personal and economic information (if asked for) relating to your person classified as: (a) personal data and contact details, including telephone (if asked for), e-mail, address and residence data (if asked for); (b) information relating to the organisation or institution of affiliation; (c) (if asked for) accounting, administrative and tax data necessary for the invoicing covered by possible contracts, other information necessary for bureaucratic obligations, tax data necessary to comply with legal obligations; (d) data related to the audio and video images or recordings of the events in which you will participate. For more details, read our Members and Participants privacy policies.
PURPOSE OF DATA PROCESSING
The data collected is used for identification purposes, organisational purposes of the controller and statistical purposes through manual and automated processing, after the anonymisation of data. The processing is also based in fulfilment of contractual purposes (for example, provision of a service by the controller such as the transmission of promotional and informative materials regarding the EuARe activities, ordinary management of the memberships, ordinary management of participation to the EuARe conferences), and for legitimate interest pursued by the controller (such as organisational and logistical processing).
Your personal data will be processed by the controller, lawfully, and as permitted by the EuARe statute. All details can be found in the specific privacy policies linked above.
NATURE OF DATA PROVISION
The processing of personal data by the controller is limited to the indicated purposes and complies with the law and confidentiality obligations. The processing takes place through manual, IT, and telematic tools with all measures to assure the safety and confidentiality of data, taking into consideration the level of risk. Research for statistical purposes in an aggregated and anonymous form is legally based on the legitimate interest of the controller.
SHARING AND COMMUNICATING PERSONAL DATA
The data controller can, always and exclusively within the scope of the purposes described above, can share the data collected with the following processors:
institutions, professionals, companies or other structures entrusted by the controller with the processing related to the fulfilment of administrative, accounting and management obligations;
public authorities and administrations for the purposes related to the fulfilment of legal obligations or to persons entitled to access them by provisions of law, regulations, and EU regulations;
organizations, public and private entities operating in the field of scientific research with which the data controller establishes partnerships to achieve the purposes outlined in the Association's Statute;
banks, financial institutions or other entities to whom the transfer of the aforementioned data is necessary for the performance of the business of our company concerning the fulfilment of our contractual obligations towards the beneficiaries of the EuARe activities;
suppliers of services, assistance and maintenance of computer and telematic systems and all functionally connected services necessary for the performance of the services covered by the contract.
The list of external data processors is available upon request.
RETENTION TIMES FOR PERSONAL DATA
In compliance with Italian and EU legislation on data protection and according to art. 2220 of the Italian Civil Code, personal data acquired both during and after the provision of the service are kept as long as the purposes for processing persists. Retention times for each service are given in detail in the privacy policies linked above.
DATA SUBJECT'S RIGHTS
Concerning the aforementioned processing, the data subject may exercise the rights referred to in Articles 15 to 22 of EU Regulation 27/4/2016, no. 679.
The data subject has the right to access, the right to rectification, to erasure ("right to be forgotten"), right to restriction of processing, to object and oppose to the processing of personal data according to provisions in Articles 15, 16, 17, 18, 19, 20, 21, 22 of EU Regulation no. 2016/679 (GDPR).
Data subject's rights extract, reg. EU 2016/679
The data subject has the right to obtain confirmation from the data controller whether or not personal data concerning them are being processed and, in this case, to obtain access to personal data and the following information:
purposes of the processing;
categories of personal data concerned;
recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular, if recipients are based in third countries or are international organizations;
where possible, the intended period of retention of personal data or, if this is not possible, the criteria used to determine that period.
The interested party has:
the right to complain to a supervisory authority and the Data Protection Supervisor, following the procedures and indications published on the Authority's official website: www.garanteprivacy.it;
when the data are not collected from the data subject, the right to obtain all available information on their origin;
the right to become aware of the existence of an automated decision-making process, including profiling, and significant information on the logic used, as well as the importance and expected consequences of such processing for the data subject.
Any corrections or deletions or limitations to the data processing made at the request of the data subject (unless this proves impossible or involves a disproportionate effort) will be communicated by the data controller to each of the recipients to whom the personal data have been transmitted.
The exercise of rights shall not be subject to any formal constraint and shall be free of charge.
These rights can be exercised by contacting our office:
European Academy of Religion (EuARe)
Via San Vitale 114
40125, Bologna (IT)
This information notice may be supplemented, orally or in writing, with further elements and indications, to better meet any information requirements regarding the protection of personal data and to comply with regulatory developments.
Last edited: 30/10/2020