March 18, 2019
INFORMATION NOTICE ON THE PROCESSING OF PERSONAL DATA pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR)
This information notice concerns the website www.2020europe.com (Website) and is provided by 20EVENTI s.r.l. unipersonale, via Europa Unita 1A/4 (37011) Bardolino VR – Italy, VAT No. 04321160238 (registration with the Economic and Administrative Register “REA” number 410566), Equity Capital of Euro 2,000.00 (20EVENTI), in its capacity as the Data Controller for the processing of personal data (Data Controller).
In accordance with the GDPR, this information notice is provided for the purpose of informing you that the Data Controller will process the personal data collected through the Website at the conditions indicated below.
Art. 1. Purposes and legal grounds for processing. Mandatory or voluntary data collection. Consequences in case of objection to data processing.
The processing of your personal data collected through the Website is intended for the following purposes:
a. meeting your requests. The data are provided on a voluntary basis, but in case of refusal it will be impossible for 20EVENTI to meet your requests. The legal basis for processing is 20EVENTI’s legitimate interest to meet the user’s request;
b. with your prior consent, for the delivery of newsletters and promotional materials relating to the products and/or services of 20EVENTI and/or third parties, by means of automated systems, such as e-mail, fax, text or MMS messages, or using traditional means (e.g. paper-based mail or telephone) (marketing purposes). The legal basis for processing is 20EVENTI’s legitimate interest to perform this type of activity. In case of absence of the user’s consent to data processing for marketing purposes it will be impossible for you to receive newsletters and promotional materials relating to the products and/or services of 20EVENTI and/or third parties.
Art. 2. Processing methods
The processing of your personal data will be mainly performed using electronic or in any case automated means, with methods and tools adequate to guarantee their security and confidentiality in accordance with GDPR. Notably, all technical, IT, organisational, logistic and procedural security measures required in order to ensure the minimum data protection level set out by law will be adopted, enabling access exclusively to the persons tasked with data processing by the Data Controller or the Data Processors designated by the Data Controller.
The information collected and the processing methods adopted will be relevant and not excessive in consideration of the type of services rendered. The data will be managed and protected in environments where access is under constant control.
Art. 3. Disclosure and dissemination of data
Your data may be disclosed:
- to all those (including Public Authorities) having access to personal data by virtue of statutory or administrative orders;
- companies, consultants or professionals, if any, tasked with the installation, maintenance, updating, and in general the management of the hardware and software components of the Website;
- the Data Controller’s employees and/or collaborators;
- all public and/or private entities, natural persons and/or legal entities (legal, administrative and fiscal consulting firms, Court Offices, Chambers of Commerce, Labour Chambers and Offices, etc.), if such disclosure is necessary or functional to the proper fulfilment of existing contractual obligations and the obligations set out by law.
Your data will not be disseminated, except in anonymous and aggregate form, for statistical or research purposes.
Art. 4. Data Controller
The Data Controller can be contacted as follows:
- using the contract form available at the following address: http://www.2020europe.com/en_en/contacts
- by email, at the address firstname.lastname@example.org
- by phone, on the number +39 045 2428284
- by post, writing to 20EVENTI s.r.l. unipersonale, Corso Porta Nuova, 20
37122 Verona – Italy.
Art. 5. Storage of personal data
The Data Controller will retain your personal data for the time required in order to meet your requests. For marketing purposes, the Data Controller will store your personal data for 5 years from the date of the last data collection; prior to the expiry of the aforesaid period, the same will request your consent again, and in case of lack of consent, remove your personal data for said specific purpose.
In any case, the Data Controller will store your personal data for 10 years after the date of the last data collection for defence purposes in case of legal proceedings.
Art. 6. The Data Subject’s rights
To the intents and purposes of art. 13 of the GDPR, the Data Controller informs you that you have the following rights:
- to request access to your personal data and their rectification or erasure, and the restriction of their processing, or to object to their processing, and also the right to data portability;
- to withdraw your consent at any time, without prejudice to the legitimacy of the processing activities performed on the basis of the consent expressed prior to withdrawal;
- to lodge a complaint with a supervisory authority (e.g.: the Personal Data Protection Authority).
The rights above can be exercised upon request, without any formal requirements, to the Data Controller at the contact details indicated at art. 4 above.
Art. 7. Modifications
The Data Controller reserves the right to modify this information notice at any time, with adequate publicity to the users of the Website, and ensuring in any case an adequate and similar level of protection of personal data. In order to be informed of any modifications, we invite you to consult this information notice on a regular basis.