Who collects your data
Pursuant to Article 13 of EU Regulation 2016/679 (GDPR), MedLit#45+, European partnership, established through the GRANT AGREEMENT No. 2017-1-RO01-KA204-037220, is responsible of collecting your data. We would like to inform you that our organisation is legally bound to process the data the data you have provided us under the aforementioned regulation.
Your data will be processed lawfully and fairly, under the provision of article 5 of EU Regulation 2016/679. Further details might be provided at a later stage. Our partnership did not appoint a data protection officer.
What personal data we collect
In accordance with Article 4 of EU Regulation 2016/679, “personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. We collect only the information you provide us with for the purposes of your legal relationship with our organisation.
” Personal information: name and surname of natural persons, contacts such as address, ZIP code, city, region, telephone number, email;
” Data concerning professionals/organisations/businesses: information concerning businesses, name, fiscal address and other identifiers (fax and telephone number, tax code or VAT number).
Moreover, we may collect data provided when you access our sites, through cookies and other similar technology; and when you contact us via email, social media, or similar technologies.
Even though such data are not collected so as to be associated with the natural person, these online identifiers might be used and combined by third actors so as to create personal profiles. Among the online identifiers we may find IP address, browser type and plug-in details, device type (e.g. desktop, laptop, tablet, phone, etc.) operating system, local time zone. These data are used solely for the production of statistical results.
Why we process your data
Under your specific consent, we will use your data in the following ways:
- to manage existing and future juridical relations;
- to comply with the obligations connected to the aforementioned juridical relations;
- to handle the organisational management of existing or future juridical relations;
- to comply with applicable laws and fiscal regulations;
- to protect contractual rights;
- for statistical purposes;
- to carry out social marketing, fundraising and communication activities concerning the services provided by our organisations via email or mail.
How we process “sensitive” personal information
We would like to remind you that processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation shall be prohibited.
Derogating from such prohibition shall be allowed when processing is carried out in the course of its legitimate activities with appropriate safeguards by a foundation, association or any other not-for-profit body with a political, philosophical, religious or trade union aim and on condition that the processing relates solely to the members or to former members of the body or to persons who have regular contact with it in connection with its purposes and that the personal data are not disclosed outside that body without the consent of the data subjects;
In the aforementioned cases, the subject should agree to data processing.
How long we keep your personal data
We will keep your personal data – collected for the purposes under paragraphs 1, 2, 3, 4, 5 and 6 – as long as we need so as to provide you with the services offered by our organisation and for up to 10 (ten) years. Your data will be deleted once we no longer need them,
Personal data collected for managing and financial purposes will be stored, taking into account relevant legal regulations, for up to 10 years.
We will keep your personal data – collected for the purpose under paragraph 7 – for up to 10 years.
You can withdraw your consent at any time.
How we collect your personal data
Your consent is compulsory for purposes under paragraphs 1-6, in order to comply with juridical obligations and EU laws and regulations; refusal to provide personal data will not allow our organisation to offer you our services. We will send you marketing communication, as described under paragraph 7, via e-mail or postal service. You can exercise you rights any time, pursuant to Article 7 par. 3, and Article 15 of EU Regulation 2016/679 regarding opting out from receiving such communication or choosing other communication modalities.
We would like to remind you that providing your personal data for the purposes under paragraph 7 is voluntary.
Refusal to share your personal data for the aforementioned purposes will not allow us to carry out the following activities: sending newsletter regarding our projects and initiatives via email or postal service.
How we process your data
We will process and store your data solely for the aforementioned purposes, using digital and analogical devices and in relevant databases ensuring appropriate safeguards so as to ensure ongoing confidentiality, integrity, availability and resilience of processing systems, as set out by EU regulation 2016/679. Only subjects who have obtained access to personal data from the controller or the processor can process such information. Data can be used and collected by third parties (i.e. data centres or corporations). These organisations shall be appointed as processor and should comply with legal regulations and contractual obligations related to the existing juridical relation.
As set out by regulation n°229 of May 8th, 2014 of the Italian Data Protection Authority, there are two main categories of cookies:
These are used for the sole purpose of “transmitting communications to an electronic communication network, or to the extent strictly necessary for he provision of a service by the information company explicitly requested by the contracting party or the user in order to provide the said service” These are not used for any ulterior purposes and they are normally installed directly by the owner or the manager of the website (so-called “proprietary” or “editorial” cookies). These can be divided into: browsing or session cookies, which guarantee normal navigation and use of the website (making it possible for example, to make purchases or be authenticated in order to access reserved areas); analytics cookies assimilated by the technical cookies where they are used directly by the manager of the website to collect information, in an associated form (anonymous), about the number of users and the manner in which they visit the website; functional cookies that allow the user to navigate in relation to a series of select criteria (for example, the language or the products selected for purchase) in order to improve the service provided, provided that we inform our users as set out by article 13 EU Regulation 2016/679.
The prior consent of the user is not requested in order to install these cookies.
These are used to create profiles of the users and are employed for sending advertising messages according to the preferences shown by the same during their online navigation. Due to their particular invasiveness with regard to the users’ private sphere, European and Italian regulations require that users be adequately informed about their use of the same and are thus required to express their valid consent.
International and European data transfer
Your data will be processed solely in Italy and within the European Economic Area.
Your rights with regard to the personal data we hold under EU Regulation 2016/679
You can exercise your rights any time, as set out by Article 7, par. 3, and articles 15 and following of EU regulation 2016/679:
- right to access personal data
- right to rectification and erasure of personal data;
- right to restriction of processing;
- right to data portability;
- right to object to processing of personal data
- right to legal claim to Italian Data Protection Autority.
You can exercise your rights by sending an email to the project coordinator at firstname.lastname@example.org. Further information concerning data processing can be added when collecting data.