INFORMATION ON THE PROTECTION OF PERSONAL DATA
Information notice pursuant to Art. 13 and Art. 14 of the GDPR 2016/679
- Identity and contact details of the Data Controller. The Data Controller of the processing is the company, Duofin Art S.r.l., with registered office in Via Monza 21, 00182 Rome, VAT no. 03635201001.
The Data Controller may be contacted by email to: privacy@aant.it or by certified email (Pec) to: accademiadellearti@pec.it, or by calling the number: 066864008. - Contact details of the Data Protection Officer (RDP or DPO). The Data Protection Officer is Avv. Daria Polidoro, registered with the Bar Association of Rome, with chambers in Rome, Via Barberini, 47, e-mail: daria.polidoro@rsm.it, certified email (Pec): dariapolidoro@ordineavvocatiroma.org.
- Purposes of the processing (Art. 6, par.1 of the GDPR).
a. to manage the correct use of the website;
b. to statistically evaluate the use of the website by users;
c. to gather information on the choices made by the user during navigation of the website
d. to communicate commercial information and to send advertising/information material for goods and services similar to those, object of the contract, also by automated and conventional means, e-mail, and related web applications, on the basis of express consent;
e. to comply with legal requirements; to fulfil the obligations provided for by the law, regulations or EU legislation, or obligations provided for by instructions from public authorities or supervisory bodies; to consult this domain. - Categories of personal data. The personal data you provide when filling in the forms at the collection points in the domain, directly or indirectly related to your relationship with Duofin Art and necessary for the fulfilment of legal and contractual obligations, will be processed. It is not mandatory to provide your data. However, failure to provide the data, which are essential for registration, makes it impossible for the Data Controller, and the Data Processors and for those who perform the processing operations to provide the related services. The IP number and type of browser used by you to connect to this domain (non-identifying data), which are automatically recorded by the logical protection and control devices used exclusively for the purpose of verifying network traffic are also subject to processing.
Cookies
For more information about the cookies we use, please refer to our cookie policy available at: https://www.accademiadellearti.it/cookies-policy/.
- Recipients of the personal data. The personal data can only be accessed by the employees of Duofin Art who need them in order to provide the requested services, and only for the information that is instrumental and related thereto.
In particular:
• Administrative and teaching staff: Our employees and collaborators have been informed on the importance of maintaining absolute confidentiality regarding personal data: Duofin Art takes all necessary actions to make them aware of their responsibilities regarding the protection of the personal data.
• Service Providers: Duofin Art shares personal information with certain providers who assist Duofin Art in providing the services you have requested.
• Third parties who provide support in managing the website.
If third parties access your data, they will do so in compliance with applicable data protection laws and the instructions given by Duofin Art.
Legal requirements
We do not share personal information with other third parties without authorisation, except when required to do so by law or by an Authority.
- Transfer of data outside the European Union. Your data is not transferred abroad.
- Processing method. In relation to the abovementioned purposes, the processing of your personal data will be carried out with the support of paper, computer, or electronic means to store, transmit and share the data. Duofin Art informs you that the data you have provided will be processed by Data Processors, either manually, on paper or by computer, by entering them into archives or databases.
The Data Controller and the Data Processors adopt appropriate technical and organisational measures to ensure a level of security that is appropriate to the risk, in accordance with current legislation, in order to ensure security and confidentiality of your data. - Retention period of personal data. Within the scope of the purposes indicated above, your personal data will be kept for the period of the contract, and for ten years following the period in which the Data Controller is subject to conservation obligations for tax, contractual, or other purposes provided for by the law or regulations or for the purposes already indicated. After this period, unless expressly confirmed by the data subject, they will be deleted.
As an example:
• for commercial purposes, considering the legitimate interest of the Data Controller to keep the personal data collected in order to offer goods and services deemed to be of interest to you, the personal data will be kept in a form that permits the identification of the data subjects for the period of time necessary to achieve said interest and precisely until the conclusion of the contract;
• to comply with legal or contractual obligations for up to ten years following the end of the contract and, in any case, for the period required by the law or arising from the contract;
• in case of disputes, for the period necessary for in-and-out-of-court defence and, in any case, for a subsequent period of at least ten years after the end of the contract and/or for the period necessary for the defence in court.
Rights of the data subject
You may exercise your rights under Articles 15 to 22 of the GDPR (e.g., request for confirmation of the existence of your personal data, access to your personal data, rectification, erasure or restriction of processing concerning your personal data, portability in a structured format for common use, and request transfer to another Data Controller) in writing by registered mail to the following address: Duofin Art S.r.l., with registered office in Via Monza 21, 00182 Rome, VAT no. 03635201001, or by e-mail to: privacy@aant.it.
Pursuant to Art. 8 of the GDPR, the processing of personal data of children under the age of 16 is lawful. If the minor is under 16 years of age, such processing shall only be carried out with the consent or authorisation of the holder of parental responsibility.In such cases, the Data Controller shall make all reasonable efforts, considering available technology, to verify that consent is given or authorised by the holder of parental responsibility of the child.You may lodge a complaint (Art. 77 of the GDPR) and/or object to your processing (Art. 21 of the GDPR) with the Supervisory Authority.