pursuant to art. 13 EU Regulation 2016/679 (GDPR)
AIDA (CF: 91569580151), Italian Association of Aerophilately, with registered office in 20146 – Milano (MI), Via Lorenteggio 53 / A, as Data Controller pursuant to and for the purposes of EU Regulation 2016/679 ( hereinafter also “GDPR” or “legislation”), recognizes the importance of the fundamental right to the protection of individuals with regard to the processing of personal data. Therefore, by virtue of the aforementioned legislation, the processing of personal data of the data subjects will be carried out and protected according to the principles of lawfulness, correctness, transparency, purpose limitation, data minimization, accuracy, limitation of conservation, integrity, confidentiality, accountability and, in any case, in compliance with the provisions of the GDPR. Access and use of the website https://aida-aerofilatelia.org/ confers the condition of User to the visitor of the website and implies full acceptance without reservations by the same to the following conditions of use. In case of non-acceptance, please do not use the site https://aida-aerofilatelia.org/.
DATA CONTROLLER The Data Controller is AIDA (CF: 91569580151), in the person of the pro tempore legal representative, with registered office in 20146 – Milan (MI), Via Lorenteggio 53 / A. The Data Controller can be contacted at the following e-mail address:firstname.lastname@example.org
PURPOSE AND LEGAL BASIS OF THE PROCESSING The personal data acquired through the site will be processed, in accordance with the GDPR, according to the various legislative, contractual, consensual legal bases or for the pursuit of a legitimate interest, for the following purposes:
- for the provision of services, including responses to requests from interested parties and users; on this point, it should be noted that the optional, explicit and voluntary sending of e-mails, also through “Contact us – become a customer”, by its very nature entails the subsequent acquisition of the sender’s e-mail address;
- to allow the data subjects to be registered in the company records, both paper and electronic;
- manage and maintain the aforementioned company records;
- the conclusion and execution of contracts;
- the fulfillment of pre-contractual, contractual and tax obligations deriving from existing relationships, as well as managing the necessary communications connected to them;
- the fulfillment of obligations deriving from mandatory regulations, both of a national and Community nature;
- the exercise of a legitimate interest as well as a right of the owner (eg the right of defense in court, the protection of credit positions, ordinary internal needs of an operational, managerial and accounting nature);
- marketing and promotional activities as well as sending newsletters, communications including commercial, information circulars, invitations to events with the prior consent of the interested parties.
Should the processing be carried out for purposes other than those set out above, further and specific consent will be requested from the interested parties.
RECIPIENTS OF PERSONAL DATA This information describes how the website is managedhttps://aida-aerofilatelia.org(hereinafter “the Site”), wanting to identify, as recipients of the processing of personal data, the subjects with whom AIDA in any capacity, entertains relationships or contacts, or to whom it otherwise provides personal data, for the purposes and under the additional conditions of this information. Specifically, personal data may be disclosed to AIDA It is understood that the personal data of the interested parties may be freely disclosed to third parties, such as law enforcement agencies, whenever this is permitted by law or required by an order or provision of a competent authority.
PERIOD OF CONSERVATION OF PERSONAL DATA The personal data of the interested parties will be kept for the duration necessary to achieve the purposes referred to in paragraph 2), as well as for the time in which the Data Controller is subject to conservation obligations for tax and / or accounting purposes. or for other purposes imposed by law and by mandatory regulations, both national and Community. It should be noted that specific security measures are observed to prevent the loss of personal data, illicit or incorrect use of the same and unauthorized access, in accordance with the provisions of the GDPR.In addition, in order to ensure that personal data are always accurate, updated, complete and relevant, we invite you to report any changes to the e-mail email@example.com
With regard to the access paths, these are kept for a period of six months.
RIGHTS OF THE INTERESTED PARTY The interested parties may exercise at any time, if the legal requirements are met, by contacting the Data Controller at the e-mail firstname.lastname@example.org, the following rights recognized by the GDPR:
- request and obtain confirmation as to whether or not personal data concerning them is being processed;
- if a processing is in progress, request and obtain access to personal data;
- request and obtain, without undue delay, the correction of inaccurate personal data concerning them as well as the integration of incomplete personal data;
- request and obtain without undue delay, upon the occurrence of one of the conditions provided for by art. 17, paragraph 1, GDPR, the deletion of personal data concerning them, without prejudice to the provisions of art. 17, paragraph 3, GDPR;
- request and obtain, in the cases provided for by art. 18, paragraph 1, GDPR, the limitation of the processing of personal data;
- object at any time to the processing of their personal data, to the occurrence of particular situations that concern them. Specifically, in case of opposition, personal data will no longer be processed,
- except for the existence of binding legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the data subjects or for the ascertainment, exercise or defense of a right in court;
- obtain the portability of personal data concerning them, i.e. the right to receive them from the Data Controller in a structured format, commonly used and readable by an automatic device and request their transmission to another Data Controller, without impediments;
in the event that consent is required for the processing of personal data, revoke the consent already given, limited to the cases in which the processing is based on the consent of the interested parties for one or more specific purposes or in the case of the processing of particular categories of data (e.g. data revealing racial origin, political opinions, religious beliefs, health or sex life, etc.). The processing based on consent and carried out prior to the revocation of the same does not affect and, therefore, retains its lawfulness.
In any case, you are asked not to send or communicate particular data through the site or by any other means. By “particular data” we mean, pursuant to the GDPR, any data suitable for revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data relating to the health or sexual life or sexual orientation of the person.In addition, interested parties can lodge a complaint with the Supervisory Authority (Authority for the protection of personal data), in the in the event that they believe that their rights under the GDPR have been violated, in the manner indicated on the website of the Guarantor itself, accessible at the addresswww.garanteprivacy.it.
CONSEQUENCES OF FAILURE TO COMMUNICATE PERSONAL DATA The provision of personal data is mandatory for the purposes referred to in point 2), lett. from a) to g) and the failure to communicate such data makes it impossible to conclude contracts as well as the impossibility of providing the services requested.The provision of personal data is optional for the purposes referred to in point 2), lett . h) and failure to communicate such data implies the impossibility of their pursuit.