Privacy policy

In accordance with Article 13 of Regulation (EU) 2016/679 (hereinafter "GDPR"), PARROCCHIA SANTI MARIA E LEONARDO IN FONTIGNANO, as the Data Controller, is required to provide users who connect to the domain: https://www.tombadelperugino.it (regardless of the purpose of the connection) with certain information regarding the processing of personal data carried out on this site. This document constitutes the "Privacy Policy" (subject to future updates) of this website.

For the purposes of this notice, in accordance with the definitions set out in Article 4 of the GDPR, the following terms are defined as:

The company:

PARROCCHIA SANTI MARIA E LEONARDO IN FONTIGNANO, which is the Data Controller.

The domain “https://www.tombadelperugino.it”:

Accessible through the World Wide Web service of the internet at the address https://www.tombadelperugino.it, consisting of data, applications, technological resources, human resources, organizational rules, and procedures designated for the acquisition, storage, processing, exchange, retrieval, and transmission of information.

Points of Collection:

Areas within the domain https://www.tombadelperugino.it/ designated for the collection of personal data.

Reference Standards and Legal Basis for Processing:

The processing operations, which we will detail below, are based on the legal standards governing the right to personal data protection, the right to privacy, and those that allow individuals to express or revoke their informed consent for processing operations at any time, namely:
‍
- The EU General Regulation 679 of April 27, 2016, regarding the protection of natural persons with regard to the processing of personal data, as well as the free movement of such data;

- Informed consent, expressed in accordance with the applicable legal provisions on personal data protection (Article 6 GDPR).

- Fulfillment of contractual obligations undertaken by PARROCCHIA SANTI MARIA E LEONARDO IN FONTIGNANO in favor of the user at the time of subscribing to the Service (Article 6 GDPR).

- Compliance with legal obligations or orders that the Data Controller is required to follow by law or by order of an authority (Article 6 GDPR).

Nature of the Data Subject to Processing:

- The possible sending of emails to the addresses indicated on this site, as well as the completion of the Contact Form published, results in the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data entered. Specific summary information will be progressively provided or displayed on the pages of the site prepared for particular request-based services. In any case – where required by law – you will be asked for your consent to the processing of your personal data each time.

‍- With prior consent, where necessary, the following categories of personal data, relating to the person expressing consent (the Data Subject), may be processed for the indicated purposes:

Common personal data, identification data, such as Name and Surname, Year of Birth, Gender, Address, City, Province, Email Address, Phone Number, Postal Code, Links to social network profiles such as Facebook, Instagram, and Twitter (provided, for example, via the Contact Form).

Technical Processing:

The IP number and the type of browser used to connect to the domain https://www.tombadelperugino.it/ (non-identifying data) are also subject to processing, automatically recorded by the logical protection and access control devices of the domain (LOG FILES). These personal data will be used exclusively for the purpose of controlling network traffic to the domain. These are pieces of information that are not collected to be associated with identified individuals but, by their nature, could, through processing and association with data held by third parties, allow the identification of users. These data are used solely to obtain anonymous statistical information about the use of the site and to monitor its proper functioning, and they are deleted immediately after processing. The data may be used for identifying responsibility in case of potential cybercrimes committed against the site: unless this possibility arises, the web contact data do not persist for more than seven days.

Cookies:

For more detailed information about the use of cookies on the site https://www.tombadelperugino.it/, you can consult the Cookies Policy.

Special Categories of Personal Data:

In the event that special categories of personal data as per Article 9 of EU Regulation 679/2016 are collected through the domain https://www.tombadelperugino.it/, the user will be informed in advance and given the opportunity to provide their consent in accordance with the legal requirements.

Nature of Data Provision, Sources of Data:

The provision of personal data is generally not mandatory, but in some cases, it is necessary and therefore obligatory in order to access the services and features of the website.

Data Provision Necessity:

The provision of certain personal data is necessary and therefore mandatory in order to fulfill specific requests, such as providing a response to a contact request. While users are always free not to provide their personal data, failure to do so may make it impossible for the Data Controller to address requests, meet needs, or fully utilize all the features available on the site.

Providing identifying personal data is necessary if users wish to register on the site and receive, along with other benefits, information about the services offered by Parrocchia Santi Maria e Leonardo in Fontignano. These identifying data will be processed using both paper and electronic means and will be retained by Parrocchia Santi Maria e Leonardo in Fontignano exclusively as long as the users have received a response regarding their request, or for a maximum period of 5 years from the last action performed on the site. After the retention period, identifying personal data will be automatically deleted.4o mini

Data Sources:

We will collect data directly from the user through interactions with the website.

Purpose of Processing

The Company will, where applicable with the user's consent, if necessary, perform the operations required to enable the user to benefit from the services and features of the site, specifically for the following purposes:

1) Management of contact requests;
2) Purposes directly related and instrumental to managing the above-mentioned relationship (e.g., for acquiring pre-contractual information and executing services and operations as contractually agreed);
3) Purposes related to monitoring customer relationship trends and managing credit risk and fraud checks related to the services provided;
4) Fulfillment of specific requests from the data subject.

Methods of Processing Your Personal Data

In relation to all the purposes outlined in the previous sections, personal data will be processed using both computerized and paper-based methods, with techniques of pseudonymization and anonymization aimed at personalizing the services that the Company is able to offer. The processing of data will be carried out in a way that ensures logical and physical security and confidentiality, and may be done through manual, electronic, and telematic tools capable of storing, transmitting, and sharing the data. The processing logic will be strictly aligned with the intended purposes.

Data Security and Retention

Personal data will be stored within the European Union. The related security policies are regularly reviewed in accordance with Best Practices in data protection.

Access Tracking and Operations. Audit Log:

Each access to the data will be recorded in dedicated log tables. The log entries will contain the timestamp of the access, the identifier of the user who accessed the data, the type of data accessed, the user who owns the data, the operation performed, and the application from which the access was made.

Profiling, Automated Decision-Making:

We do not carry out, except as otherwise specified in our cookie policy, any profiling operations related to the data collected through this website, other than what is necessary to allow us to perform the services offered on the site.

Scope of Communication and Disclosure:

The personal data described in this policy may be made available to internal and external data processors and/or persons authorized to process the data, including:

- Qualified staff within the organization, strictly according to their relevant competencies, duties, and assigned tasks.
‍
- Third-party external service providers appointed as external data processors, which the organization engages for the execution of specific services, with access limited to their respective tasks and in compliance with instructions provided.

For routine managerial, accounting, commercial, and administrative activities, the organization may communicate personal data, subject to obtaining consent if required by law, and in compliance with security measures, to third-party service providers solely for the purpose of performing the requested service. These may include postal services, legal and notarial firms, consultants (even in joint form), other service companies, as well as additional parties in compliance with legal obligations (such as insurance companies, law enforcement, judicial authorities, etc.). A list of such entities to which the data may be disclosed is available at the data controller's premises.

Transfer of Personal Data Abroad

The organization does not transfer personal data outside of the EU on its own initiative. However, some third-party service providers may have their servers located outside the European Union (such as email service providers). In such cases, the transfer of data abroad will occur exclusively in accordance with and in compliance with the provisions of Regulation (EU) 679/2016, Articles 44 and following.

Rights of the Data Subject

Articles 15-22 of the GDPR grant data subjects the exercise of specific rights. Article 15 of the GDPR recognizes the right of data subjects to access their personal data and obtain a copy. The right to obtain a copy of the data must not infringe on the rights and freedoms of others.With the access request, the data subject has the right to obtain from the Controller confirmation of whether or not their personal data is being processed, and to know the purposes and categories of data processed, the third parties to whom the data is communicated, and whether the data is transferred to a non-EU country with adequate safeguards. The data subject also has the right to know the retention period of their personal data and has the right to request the correction of inaccurate data, completion of incomplete data, deletion (right to be forgotten) under the conditions set out in Article 17 GDPR, restriction of processing, revocation of consent, data portability, and the right to object, at any time and without the need to provide justification, to processing for direct marketing purposes.If the data subject believes that the processing of their personal data violates the provisions of the GDPR or internal data protection laws, they have the right to lodge a complaint with the Italian Data Protection Authority, located in Rome, in accordance with Article 77 of the GDPR, and/or seek judicial remedy.These rights can be exercised by sending a request to the email address info@tombadelperugino.it or by certified mail to Chiesa dell'Annunziata, Via Arezzo, 29 06132 Fontignano, Perugia. The Controller and/or their Data Protection Officer (DPO) may need to verify the identity of the data subject by requesting a copy of their identification document.4o mini

Revocation of Consent - Privacy Questions - Access and Response

At any time, the data subject has the right to withdraw consent to the processing of personal data by notifying us via email at info@tombadelperugino.it or by certified mail to the address Chiesa dell'Annunziata, Via Arezzo 29, 06132 Fontignano, Perugia. Information regarding the processing of personal data may also be requested through the same methods. Before the Company can provide or modify any information, it may be necessary to verify the identity of the data subject and respond to some questions. We will respond as soon as possible.
‍
Data Controller
‍The Data Controller is PARROCCHIA SANTI MARIA E LEONARDO IN FONTIGNANO, located in Fontignano (PG).
‍
This mandatory information is subject to updates based on any changes in the applicable legal provisions.