Policy statement for the processing of personal data

Pursuant to Art. 13 of Regulation (EU) 2016/679 pertaining to the protection of individuals about the pro-cessing of personal data

1. Data Controller

NOI S.p.A., VAT ID 02595720216

Via A. Volta 13/A – I39100 Bolzano
Tel. +39 0471 066600
E-mail: privacy@noi.bz.it PEC: noi@pec.noi.bz.it

Data Protection Officer (DPO)

Renorm Srl, VAT ID 03064760212

Tel: +39 0471 1882777
E-mail: a.avanzo@renorm.it PEC: renorm@legalmail.it

Data Processor

rixx.de software development – Tobias Kunze, EU VAT ID: DE309062289

Mühlenbecker Weg 1, 16515 Oranienburg, Germany

2. Purpose of processing

The personal data you provide are treated with the sphere of the “SFSCON” event and specifically, for the following purposes:

a) Performance of all operations necessary for the registration and check of the participation application;
b) where applicable, publication of the following personal data: name, family name, company/organization where you work or which you represent), if existing, pdf of the presentation, link to video recording of your presentation.

We should remind you that provision of data for the purposes a) and b) is obligatory for participation in the Project. Failure to provide your data will make it impossible to take part.

3. Type of data processed:

For the above purposes, the following data categories may be processed:
– Name, surname, email, place and date of birth, telephone number of the participant, plus other information contained in the CV.

4. Legal basis for processing and compulsory data

For the purposes stated in subsections a) and b) of point 2 as above, the legal basis for processing personal data is the performance of a contract or the implementation of pre-contractual measures (art. 6 par. 1 point b) of Regulation (EU) 2016/679).

Failure to provide data may make it impossible to proceed with the processing of your request to be admitted to the event.

5. Processing method

Processing will be carried out:
– using manual and electronic means;
– by persons authorised to perform these tasks according to law;
– using the organisational and technical skills required to guarantee data confidentiality and to prevent access to same by unauthorised third parties.

6. Data retention period

Your data will be retained for a period of no longer than necessary to meet the purposes as set down in section 2 of this policy statement, as well as compliant with the required retention periods for data and documents, as set down by law.

7. Data communication to third parties

Without prejudice to communication made in compliance with legal obligations and contracts, the data collected and processed may be communicated, including potentially, for the purposes stated above, to:
– Public and/or private subjects charged with the exercise of public authority for which communication of said data is obligatory or necessary or functional according to law;
– external consultancy companies;
– “ESF – European Social Fund” (if required);
– insurance companies;
– credit institutes.

8. Personal data disclosure

Your data will not be transferred or communicated to third countries outside the EU.

9. Data subject’s rights

You have the right to request the Data Controller, as per Art. 15 and successive of the Regulation (EU)2016/679, the following rights:
– access to your data and information;
– correction and deletion (“right to be forgotten”) of your data;
– limitation to processing and the possibility to oppose same;
– portability of data;
– withdrawal of consent to processing.

In the event you feel that your rights have been breached, you have the right to submit complaint to the Data Protection Authority: www.garanteprivacy.it