Art. 13 of EU Reg. 2016/679 – GDPR
Dear Interested Party, Pursuant to Article 13 of the General Data Protection Regulation – EU Regulation No. 2016/679 (GDPR), we provide you with the following information regarding the processing of personal data relating to the “CONTACTS” form.
Data Controller
The data controller is the SERAPHIC PROVINCE OF ST. FRANCIS OF THE ORDER OF FRIARS MINOR (hereinafter referred to as the “Seraphic Province of St. Francis OFM” or the “Controller”), with registered office in ASSISI (PG) – 06081, Fraz. S. MARIA DEGLI ANGELI, Piazza Porziuncola 1, Tax Code/VAT No. 00160170544, email privacy@assisiofm.org.
Data Protection Officer
The Data Protection Officer (DPO) appointed by the Seraphic Province of St. Francis O.F.M. can be contacted at dpo@assisiofm.org or by registered mail to the headquarters of the Seraphic Province of St. Francis O.F.M.
Purpose and legal basis for processing personal data
The personal data we request is necessary to respond to your requests. Processing is based on your consent.
Optional or mandatory nature of providing data
Providing the data marked with an asterisk is necessary to respond to your requests. Failure to provide this data will prevent us from processing your request.
Processing Methods
Data is processed using IT and electronic means. Data processing is based on the principles of fairness, lawfulness, and transparency, data minimization, and protection of your privacy.
Processing Duration
Personal data will be processed until your requests are fulfilled. The processing duration may vary depending on the content of your request.
Recipients of Personal Data
Personal data may be disclosed to: 1. friars, employees, and individuals in any capacity employed by the Data Controller, limited to what is necessary to perform their duties or assigned tasks; 2. third parties, to the extent necessary to carry out their duties on behalf of the Data Controller, appointed, where necessary, as Data Processors pursuant to Article 28 of the GDPR; 3. individuals who may access the data pursuant to legal provisions.
Personal data will not be disclosed.
Transfer of data outside the European Union
Data processing may involve the transfer of personal data to countries outside the European Union through the use of communication and data storage services provided by companies headquartered and/or operating outside the European Union. The transfer is carried out in compliance with the GDPR, through an adequacy decision or, failing that, the standard contractual clauses and other provisions set forth in Articles 46 et seq. of the GDPR. To request a copy of your data, you can contact the Data Controller at the addresses indicated in the last paragraph.
Data Subject Rights
Pursuant to Articles 7 and 15 et seq. of EU Regulation No. 2016/679 – GDPR, you have the right to:
- Revoke your consent at any time. Revoking consent does not affect the lawfulness of the processing.
- made before the revocation;
- access your personal data to obtain information on the data processed;
- verify the accuracy of your data and request its correction or updating;
- obtain the erasure of your personal data when the conditions set out in Article 17 of the GDPR apply; ‒ obtain restriction of processing in the cases provided for in Article 18 of the GDPR;
- receive your personal data or have it transferred, where technically possible, to another controller, when the data is processed by automated means and the processing is based on the data subject’s consent, on a contract to which the data subject is a party, or on contractual measures connected to it;
- Object to the processing of your data for reasons related to your particular situation, when the personal data is processed in the public interest, in the exercise of official authority vested in the Data Controller, or to pursue a legitimate interest of the Data Controller. If the personal data is processed for direct marketing purposes, you can object to the processing without providing any justification.
Furthermore, you can lodge a complaint with the Supervisory Authority (in Italy, the Italian Data Protection Authority) pursuant to Article 77 of the GDPR or appeal to the judicial authority pursuant to Article 79 of the GDPR.
Exercising your rights
You can exercise the above rights by sending an email to privacy@assisiofm.org or a registered letter to PROVINCIA SERAFICA DI S. FRANCESCO O.F.M. – UFFICIO COMUNICAZIONI, Piazza Porziuncola 1, Fraz. S. MARIA DEGLI ANGELI, 06081 – ASSISI (PG).
