Information on the processing of personal data

This page describes how the site www.francescoeconomy.org is being managed in relation to the processing of personal data of users who consult it. This information is provided in accordance with current legislation on personal data for users who interact with the services of this site within the framework of EU Regulation 2016/679. The information is provided only for this site and not for other websites that may be visited by the user through our links.

The “owner” of the processing

Following a visit to the site, data related to identified or identifiable persons may be processed. The “owner” of this processing is the Committee the Economy of Francesco, Via Viale Marconi 6, 06081 Assisi.

Location of data processing

The processing operations connected to the web services are carried out only by the technical staff of the office in charge of the processing, or by any persons in charge of occasional maintenance operations appointed as data processors. No data deriving from the web service is communicated or disseminated.

Purpose of the processing

The personal data provided by users, who request or intend to use services or products offered through the site and receive further specific content, are used only to respond to requests or perform the service or provision requested and are communicated to third parties only where this is necessary in order to respond to requests. It should be noted that such data will also be subject to profiling in order to respond to requests made and that this profiling requires human intervention and does not involve exclusively automated decisions. The legal basis for these processing operations is the need to respond to requests from data subjects or to carry out activities provided for in agreement with data subjects.  With the consent freely expressed by the user – also relating to profiling -, the data may be used for commercial communication activities relating to offers of products or services other than those of the owner. At all other times, the navigation data of the users are kept for the time strictly necessary to manage the processing activities within the limits provided by the law.

Types of data processed

  • Navigation data
    The computer systems and software procedures used to operate the site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters related to the operating system and the user’s computer environment. These data are used only to obtain anonymous statistical information on the use of the site and to check its proper functioning and are deleted after processing. The data could be used to ascertain responsibility in the event of hypothetical information violations against the site.
  • Data provided voluntarily by the user
    The optional, explicit and voluntary sending of electronic mail to the addresses indicated on the site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the site set up for particular services on request.

Cookies

Cookies are text elements that are inserted into the hard disk of a computer only after authorization. Cookies have the function of streamlining the analysis of web traffic or to signal when a specific site is visited and allow web applications to send information to individual users. No personal data of the users is acquired by the site. Cookies are not used for the transmission of personal information, nor are so-called persistent cookies of any kind, or systems for tracking users, used. The use of so-called session cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow secure and efficient exploration of the site.  The so-called session cookies used on the site avoid the use of other computer techniques that could potentially compromise the confidentiality of users’ navigation and do not allow the acquisition of personal data identifying the user.

Optional provision of data

Apart from that specified for navigation data, the user is free to provide personal data to request the services offered by the Owner. Failure to provide and/or consent to the processing of personal data – including profiling – may make it impossible to obtain what has been requested.

Methods of processing and time span of storage of data

Personal data are processed by automated tools within the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorised access. The data are kept for the time strictly necessary for the pursuit of the purposes indicated in this statement and will be deleted at the end of this period, unless the data itself must be kept for legal obligations or to enforce a right in court.

Rights of the interested parties

Within the limits and under the conditions provided by law, the owner has the obligation to respond to requests from the person concerned regarding personal data concerning him. In particular, on the basis of current legislation: EU Regulation 2016/679 from art. 13 to art. 20:

    1. The interested party has the right to obtain confirmation from the data controller that personal data concerning him/her are being processed or not and, in this case, to obtain access to personal data and the following information:
      • the purpose of the processing;
      • the categories of personal data concerned;
      • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in non-EU countries or international organisations;
      • where possible, the expected period of retention of personal data or, if this is not possible, the criteria used to determine that period;
      • the existence of the right of the data subject to request the data controller to rectify or erase personal data or to restrict the processing of personal data concerning him/her or to object to their processing;
      • the right to lodge a complaint with a supervisory authority;
      • where data are not collected from the data subject, all available information on their origin;
      • the existence of an automated decision-making process, including profiling.
    2. The data subject has the right to obtain from the data controller the correction of inaccurate personal data concerning him or her without undue delay. Taking into account the purposes of the data processing, the data subject has the right to obtain the integration of incomplete personal data, including the provision of a supplementary statement.
    3. The data subject has the right to obtain from the data controller the cancellation of personal data relating to him/her (right to be forgotten) without undue delay and the data controller shall be obliged to cancel personal data without undue delay within the limits and in the cases provided for by current legislation. The data controller shall inform each of the recipients to whom the personal data have been transmitted of any corrections or cancellations or limitations to the processing within the limits and in the forms provided for by current legislation.
    4. The interested party has the right to obtain from the data controller the limitations of the data processing.
    5. The data subject has the right to receive in a structured, commonly used and machine-readable format personal data relating to him/her which are supplied to a data controller and shall have the right to transmit such data to another data controller without interference from the data controller to whom they are supplied.

    To exercise the rights listed above, the person concerned must submit a request using the following contact points through which the Data Protection Officer can also be contacted info@francescoeconomy.org

    Requests should be addressed to the Data Controller at the following address: Comitato The Economy of Francesco, Via Viale Marconi 6, 06081 Assisi, where the Data Protection Officer designated by the Data Controller may be contacted.

    This version of the information on the processing of personal data was updated on 11/05/2019.