PRIVACY POLICY DATA SITE WEBSITE

Updated to Regulation (EU) 2016/679 and to Legislative Decree 101/2018
(European regulation on personal data protection)

Introduction

RE.LEG.ART. Soc. Copp. to M.P Onlus, based in Perugia, via Fiorenzo di Lorenzo n. 2 bis / 1, law: 0121515049, takes the user's privacy seriously and undertakes to respect the same. This privacy policy (Privacy Policy) describes the processing of personal data carried out by RE.LEG.ART. Soc. Copp. To M.P Onlus through the website www.relegart.it and the respective commitments undertaken in this sense by the Company.

EMIA MAKE UP S.R.L. can process the user's personal data when they visit the site and use the services and features on the Site. In the sections of the site where the user's personal data is collected, a specific information notice is normally published pursuant to the articles from 13 to 15 of Regulation (EU) 2016/679.

Where required by Regulation (EU) 2016/679, the user's consent will be required before proceeding to the processing of his personal data. If the user provides personal data of third parties, he must ensure that the communication of data to RE.LEG.ART. Soc. Copp. To M.P Onlus and the subsequent treatment for the purposes specifically indicating privacy information technology, applicable is compliant with Regulation (EU) 2016/679 and the applicable legislation.

Who is the data controller of your personal data?

The data controller is RE.LEG.ART. Soc. Copp. To M.P Onlus in person of the President of the Board of Directors and legal pro-tempore representative Mrs. ROMANIELLO SILVIA, with seat in Perugia, via Fiorenzo di Lorenzo n. 2 bis / 1, CAP 06121;

The owner can be contacted by email at: relegart@relegart.it;
The Data Controller has not appointed a person responsible for the protection of personal data (RPD, that is, data protection officer, DPO).

What are your personal data being processed?

The visit and consultation of the site do not generally involve the collection and processing of personal data of the user, except for navigation data and cookies as specified below. In addition to the so-called "navigation data", personal data voluntarily provided by the user may be processed when he interacts with the site's features or requests to use the services offered on the site.

What are cookies and navigation data?

The site uses "Cookies". By using the site, you consent to the use of cookies in accordance with this Privacy Policy. Cookies are small files stored on the user's computer hard disk. There are two macro-categories of cookies: technical cookies and profiling cookies.

Technical cookies are necessary for the proper functioning of a website and to allow the user's browsing, without them the user may not be able to view the pages correctly or to use certain services.

Profiling cookies are responsible for creating user profiles in order to send advertising messages in line with the preferences shown by the user while browsing.

Cookies can also be classified as:

• Session cookies which are canceled immediately when the browser is closed;
• Persistent cookies, which remain in the browser for a certain period of time. They are used, for example, to recognize the device that connects to a site facilitating authentication operations for the user;
• "Own" cookies, generated and managed directly by the manager of the website on which the user is browsing;
• "Third party" cookies, generated and managed by parties other than the website manager on which the user is browsing.

What cookies does our site use?

The site uses the following types of cookies:

1. Own, session and persistent cookies, necessary to allow browsing on the site, for internal security and system administration purposes;
2. Third-party session and persistent cookies, necessary to allow the user to use multimedia elements present on the site, such as images and videos;
3. Persistent third-party cookies used by the site to send statistical information to the Google Analytics system, through which RE.LEG.ART. Soc. Copp. to M.P Onlus can carry out statistical analysis of accesses / visits to the site. The cookies used are exclusively for statistical purposes and collect information in aggregate form. Through a pair of cookies, one of which is persistent and the other of session (with expiration at browser closure), Google Analytics also saves a register with the start times of the visit to the site and its exit. You can prevent Google from collecting data via cookies and subsequently processing data by downloading and installing the browser plug-in from the following address: http://tools.google.com/dlpage/gaoptout?hl=it
4. Third party cookies, persistent, used by the site to include in its pages the buttons of some social networks (facebook, Twitter and Google+). By selecting one of these buttons, the user can publish the contents of the website of the website he is visiting on his personal page of the relevant social network. The site may contain links to other sites (c.d. third party sites). RE.LEG.ART. Soc. Copp. to M.P Onlus does not make any access or control over cookies, web beacons and other user tracking technologies that could be used by third party sites that the user can access from the site. RE.LEG.ART. Soc. Copp. to M.P Onlus does not carry out any control on content and materials published by or obtained through third party sites, nor on the relative methods of processing of personal data of the user, and expressly disclaims any responsibility for such eventualities. The user is required to check the privacy policies of third-party sites accessed through the site and to inform himself about the conditions applicable to the processing of his personal data. This Privacy Policy applies only to the site as defined above.

How do you disable cookies in the browser?

To know how to disable cookies, follow the link https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=it

How are your personal data stored?

Your personal data is stored and processed through IT systems managed by RE.LEG.ART. Soc. Copp. to M.P Onlus and are handled exclusively by specifically authorized personnel, including personnel responsible for carrying out extraordinary maintenance operations.

For what purposes are your data processed?

RE.LEG.ART. Soc. Copp. a M.P Onlus can process the common and sensitive personal data of the user for the following purposes: use by users of services and features on the site, management of requests and reports by its users, etc. Moreover, with the additional and specific optional consent of the user, RE.LEG.ART. Soc. Copp. MP Onlus may process personal data for marketing purposes, that is, to send the user promotional material and / or commercial communications relating to the gym's services, at the indicated addresses, both through traditional methods and / or means of contact (such as, paper mail, telephone calls with operator etc.) and automated (such as, communications via internet, fax, e-mail, text messages, applications for mobile devices such as smartphones and tablets - so-called APPS-, social network accounts eg via facebook and Twitter, phone calls with auto attendant etc.)

Personal data is processed both in paper and electronic form and entered into the RE.LEG.ART information system. Soc. Copp. to M.P Onlus in full compliance with Regulation (EU) 2016/679, including safety and confidentiality profiles and inspired by the principles of correctness and lawfulness of processing. In accordance with the Regulation (EU) 2016/679 the data are kept and kept for the duration of the contract except for a further period of retention in which the Data Controller is subject to conservation obligations for tax purposes or for other, foreseen purposes, by law or regulation.

How are your personal data protected?

RE.LEG.ART. Soc. Copp. a M.P Onlusundertakes to protect the security of the user's personal data and complies with the provisions on security provided for by the applicable legislation in order to avoid loss of data, illegitimate or illegal use of data and unauthorized access to the same, with particular reference to the Technical Regulations regarding minimum security measures. Furthermore, the information systems and computer programs used by RE.LEG.ART. Soc. Copp. to M.P Onlus they are configured so as to minimize the use of personal and identification data; these data are processed only to achieve the specific purposes pursued from time to time. RE.LEG.ART. Soc. Copp. to M.P Onlus uses multiple advanced security technologies and procedures to promote the protection of users' personal data; for example, personal data is stored on secure servers located in places with protected and controlled access. The user can help RE.LEG.ART. Soc. Copp. to M.P Onlus to update and maintain their personal data by communicating any change relating to their address, their qualification, contact information, etc.

To whom will your data be communicated?

Your data may be disclosed to:

• All the subjects to whom the right of access to such data is recognized pursuant to regulatory provisions;
• To our employees, employees, in the context of their duties;
• To all those physical and / or juridical persons, public and / or privat or when the communication is necessary or functional to the performance of our activity and in the ways and for the purposes described above.

The provision of some personal data by the user is required to allow RE.LEG.ART. Soc. Copp. to M.P Onlus to manage communications, requests received by the user or to recontact the user himself to respond to his request. This type of data is marked with the asterisk (*) symbol and in this case the provision is mandatory to allow RE.LEG.ART. Soc. Copp. to M.P Onlus to comply with the request which, in default, cannot be processed. On the contrary, the collection of other data not marked with an asterisk is optional: failure to provide it will not entail any consequences for the user.
The provision of personal data by the user for marketing purposes is optional and the refusal to provide them will have no consequence. The consent given for marketing purposes is intended to be extended to sending communications through automated and traditional methods and / or means of contact.

What rights can the person have?

1) Article 15 (right of access) art. 16 (right of rectification) of the EU Reg. 2016/679

The interested party has the right to obtain from the data controller the confirmation that the processing of personal data concerning him is in progress and in this case, to obtain access to personal data and to the following information:

1. The purpose of the processing;
2. The categories of personal data in question;
3. The recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if they are recipients of third countries or international organizations;
4. The period of storage of personal data provided, or, if this is not possible, the criteria used to determine this period;
5. The existence of the right of the data subject to request the data controller to rectify or delete personal data or limit the processing of personal data concerning him or to oppose their processing;
6. The right to lodge a complaint with a supervisory authority;
7. The existence of an automated decision-making process, including profiling and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of this treatment for the data subject.

It should be noted that the right of access and any of the information listed above may be requested from the data owner, in writing, by email, at the address:relegart@relegart.it;

2) Right referred to in art. 17 of the EU regulation 2016/679 right to cancellation (right to oblivion)

The data subject has the right to obtain from the data controller the deletion of personal data concerning him without undue delay and the data controller has the obligation to delete personal data without unjustified delay, if one of the following reasons exists:

1. Personal data are no longer necessary with respect to the purposes for which they were collected or otherwise processed;
2. The interested party revokes the consent on which the treatment is based in accordance with the art. 6 paragraph 1 letter. a) or art. 9, paragraph 2, lett. a) and if there is no other legal basis for the processing;
3. The data subject opposes the processing pursuant to the art. 21 paragraph 1 and there is no prevailing legitimate reason to proceed with the treatment, or it is opposed to the treatment according to the art. 21, paragraph 2;
4. Personal data have been processed unlawfully;
5. Personal data must be deleted to fulfill a legal obligation under the law of the union or of the Member State to which the data controller is subject;
6. Personal data has been collected in relation to the offer of information society services pursuant to art. 8 paragraph 1 of the EU Regulation 2016/679.

3) Diritto di cui all’art. 18 del Reg. UE 2016/679 – diritto di limitazione di trattamento

Right referred to in art. 18 of the EU Reg. 2016/679 - right to limitation of treatment
The interested party has the right to obtain the treatment limitation from the data controller when one of the following hypotheses occurs:

1. The data subject disputes the accuracy of the personal data, for the period necessary for the data controller to verify the accuracy of such personal data;
2. The processing is unlawful and the data subject opposes the deletion of personal data and requests instead that its use be limited;
3. although the data controller no longer needs it for the purposes of processing, personal data is necessary for the data subject to ascertain, exercise or defend a right in court;
4. The data subject has opposed the processing pursuant to art. 21, paragraph 1, EU Regulation 2016/679 pending verification on the possible prevalence of the legitimate reasons of the data controller with respect to those of the entirexed.

4) Right referred to in art. 20 of the EU Regulation 2016/679

5) The interested party has the right to receive in a structured format, commonly used and readable by automatic device, the personal data concerning him provided to a data controller and has the right to transmit such data to another data controller without impediments by the data controller.

How can the interested party withdraw his consent to the processing?

The interested party has the right to withdraw his / her consent to the processing of your personal data and if the legal basis legitimizing the processing is the express consent, by sending an email to the address: relegart@relegart.it, accompanied by his / her identity document, with the following text: "revocation of consent to the processing of all my personal data". At the end of this operation your personal data will be removed from the archives as soon as possible.

If you wish to have more information on the processing of your personal data, or exercise the rights indicated above, you can send an email to: relegart@relegart.it

Before you can provide or change any information you may need to verify your identity and answer some questions. The answer will be provided within the maximum period of 30 days which will start from the receipt of the request by RE.LEG.ART. Soc. Coop. to M.P Onlus.