PRIVACY POLICY FOR THE PROCESSING OF PERSONAL DATA

(pursuant to Article 13 of EU Regulation No. 2016/679 – relating to the protection of individuals with regard to the processing of personal data, as well as the free circulation of such data and the Principle of Accountability)

 

MONGE & C. S.P.A., with headquarters in Via Savigliano 31 – 12030 Monasterolo di Savigliano (CN), TAX ID CODE/VAT NO. 00182160044, as the Data Controller, pursuant to Art. 13 of the EU Regulation no. 2016/679, wishes to inform those who intend to participate in events organized and/or promoted by the same that their data will be processed in the manner and for the purposes defined below.

 

Object and purpose of the processing

The personal data provided by the data subject, on the occasion of completing the registration form for the events organized and promoted by the Data Controller, will be processed in full compliance with the principle of correctness and lawfulness of the legal provisions in order to comply with the request of the data subject to participate in events organized by the Data Controller.
The personal data provided, essentially for identification and contact, will be processed in order to provide the requested service, or for the administrative management of participation in events, for the execution of specific activities and, possibly, for sending material relating to the events themselves. Such data is absolutely necessary in order to participate in the events, as well as to comply with the laws in force, and the failure, partial or inaccurate provision of the data itself would result in the impossibility of participating in the event.
The contact details on the registration form may be used by MONGE & C. S.P.A. to send communications relating to future free initiatives of the same kind and purpose, without prejudice to the data subject’s right of objection.

 

Dissemination, communication and transfer of data

The personal data processed by the Data Controller will not be disclosed, or will not be disclosed to indeterminate subjects, in any possible form, including that of their availability or simple consultation.
The data is communicated to the recipients to the extent strictly necessary in relation to the aforementioned purposes. They may be communicated to workers who work for the Data Controller; in particular, based on the roles and duties performed, some of them have been entitled to process personal data, within the limits of their competences and in accordance with the instructions given. They may also be communicated, within strictly necessary limits, to companies belonging to the business group and to external parties working with the Data Controller, in particular to those who provide services for the management of the information system used and for the operation of the Website. Finally, they may be communicated to the persons entitled to access them under the provisions of the law, regulations, and community regulations.
The Data Controller does not transfer personal data to third countries or international organisations.

 

Data processing and storage methods

The processing will be carried out in an automated and/or manual form, with methods and tools aimed at guaranteeing maximum security and confidentiality, by processors authorized to do so in compliance with the provisions of Article 4 and the principle of accountability of the G.D.P.R.
The Data Controller retains and processes personal data for the time necessary to fulfil the purposes indicated.

 

Rights of the data subject

Pursuant to the GDPR 2016/679 the data subject has the right of access (Art. 15), right of rectification (Art. 16), right to cancellation (Art. 17), right to restriction of processing (Art. 18), right to portability (Art. 20), right to object (Art. 21), right to object to the automated decision-making process (Art. 22), the right to lodge a complaint with the supervisory authority of the state of residence (Art. 77).
In order to assert their rights, the data subject may contact the Data Controller, possibly using the specific form made available on the website, at the email address privacy@monge.it.
The data subject is required to specify the subject of his request, the right he intends to exercise and to attach a photocopy of an identity document that certifies the legitimacy of the request.

 

Refusal to provide data

The provision of your personal data to the Data Controller for the management of participation in the event is mandatory, as it is necessary to offer the relative service. Failure to provide data may make it impossible to attend the event.

 

Automated decision-making processes

The Data Controller does not carry out processing which consists of automated decision-making processes on the data collected.

 

Data Controller

The Data Controller is MONGE & C. S.P.A., with headquarters in Via Savigliano 31 – 12030 Monasterolo di Savigliano (CN). The Data Controller guarantees the security, confidentiality and protection of personal data in their possession, at any stage of the processing of the same.
The updated list of internal and external Managers is available from the Data Controller.