In this section we describe the processing methods applied to the personal data of the users of this web site.
First of all we would like to clarify that the web site you are visiting (hereinafter referred to as ‘Site’) is owned and directed by Provincia Padovana dei Frati Minori Conventuali area Messaggero S. Antonio Editrice (Padua Province of the Friars Minor Conventual – Messagero S. Antonio Publishing House division) which hereinafter shall be referred to as ‘PPFMC’.
This information notice is not to be considered valid for other web sites which may be visited through links present on this internet site and which are not managed by PPFMC, and to which PPFMC is in no way responsible.
Through consultation of this present site data regarding either indentified or identifiable persons may be processed, either to allow browsing or, if necessary, for the execution of a contract you may have requested.
Hereinafter we are therefore clarifying, pursuant to article 13 of the General Data Protection Regulation (GDPR), the methods and aims of the management of this site with reference to the processing of the personal data which may be used in either one or the other case.
First of all we emphasize that this processing shall be performed in accordance with the principles of lawfulness and propriety, and in compliance with current laws.
Pursuant to art. 13 and 14 of the GDPR we inform you that the Controller of your personal data acquired through the site is Provincia Padovana dei Frati Minori Conventuali, Messaggero S. Antonio Editrice (hereinafter PPFMC), with registered office in Piazza del Santo, 11 in Padova, Italy, and with operating headquarters in Via Orto Botanico, 11, in Padova, Italy.
The Data Protection Officer (DPO) may be contacted through a letter addressed to DPO-Provincia Padovana dei Frati Minori; Via Orto Botanico, 11 – 35123 Padova; Italy; or via email at the following address: dpo@santantonio.org
The list of privacy delegates (subjects who control the application of the GDPR in the various areas pertaining to PPFMC) and the external firms responsible for the processing will be kept updated and will be shown to the data subject (yourself) upon specific request.
We specify that the information relating to a natural person, either identified or identifiable, such as the name, the email address, the telephone number, to postal address or the computer IP address are all personal data.
Those data that reveal the racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership as well as genetic data, biometric data which confirm the unique identification of a natural person, information relating to the health or the sex life and orientation of a person are defined as specific data.
In our site we generally only process personal data (these are the only data necessary for the conclusion of a contract or for the subscription to a newsletter). However, it may happen that, by pure chance, specific data may also be processed (just think, for instance, if your mail were to reveal your religious or political orientation).
We specify that in the site you are browsing now the following personal data are being collected:
These are the personal data you supplied in the registration fields in order to access the newsletters we are offering to create a personal user account or to stipulate a contract with us. These data are processed by us for the following reasons:
In these cases the legal basis of the processing is constituted by the fulfillment of the contract and by the legal obligation to process the data (see GDPR art. 6 points b), c), f), as well as your consent for the newsletter (GDPR art. 6 point a)).
In the case (which, as mentioned earlier, is only a mere possibility) of the processing of specific data, the legal basis of this processing is constituted by the fact that the processing is performed by the Controller, which is an Ecclesiastical Institution, and which pursues religious aims with regard to the processing of its members, ex-members or people who have regular contact with the foundation, the association or organization on account of its aims when the personal data are not disclosed outside the Ecclesiastical Institution) and by consent in the residual hypothesis (GDPR art. 9 paragraphs a) d) e) f)).
Finally, we specify that the sending of optional, explicit and voluntary messages to the contact addresses of the Controller, as well as the compilation and sending of the forms present in the site imply the acquisition of the contact details of the sender in order to answer, as well as all the personal data included in the communications.
The information systems and the software procedures responsible for the functioning of this site acquire, in the course of their normal operation, some personal data whose transmission is implicit during the use of internet communication protocols.
The data included in this category are:
This data, necessary for the fruition of the web services, are also processed for the purpose of:
The browsing data does not remain for more than seven days and is immediately cancelled after their anonymisation (with the exception of a necessity by a judicial authority to detect possible offences).
Cookies are not used to profile users, nor are other tracking methods used.
Instead, session cookies (non persistent) are used, but in a way that is strictly limited to the bare necessities of a safe and efficient browsing of the sites. The memorization of the session cookies in terminals and in browsers is under the user’s control where, on the servers, at the end of the HTTP sessions, information regarding cookies remain recorded in the service log files.
The data will be processed within the structure by authorized personnel responsible for managing the web site and by the accounting and administration departments, and may be communicated to the following subjects which have been nominated external Processor:
NEXTEP as the supplier of development and maintenance services of the web platform.
The updated list of nominated external Processors will be supplied upon a simple request.
The personal data may also be communicated to banking institutions and external societies (for instance consortia) which supply services for the execution of a contract.
The data acquired will in no way be disseminated.
The data supplied for the conclusion of a contract will be kept for the duration of the contract and for the successive time period dictated by law. In particular, we specify that accounting entries, invoices, and correspondence will be kept for 10 years as prescribed by law; the data necessary for the management of a possible dispute or debt recovery will be kept until the settlement of the dispute.
The data supplied for the subscription to the newsletters will be kept for as long as the service is active.
Data conferment is mandatory and necessary for the performance of the contract stipulated between you and the Controller, and to receive the newsletters. Therefore, the possible refusal to confer the personal data requested implies the termination of the relationship.
Moreover, the Controller declares that a possible non communication or erroneous communication, of any of the mandatory data will have, as a consequence, the impossibility, on the part of the Controller, to guarantee the adequacy of the processing itself to the contractual terms under which the contract is to be performed, and the possible lack of correspondence of the results of the processing to the requirements imposed by the fiscal, administrative and work norms to which the processing is directed.
You, the data subject, are entitled to claim from the Controller, at any moment, access to your personal data and to rectify or erase them, or restrict the processing or object to the processing (art. 15 and following of the GDPR), as well as the right to data portability, as provided for in art. 12 paragraph 2 point b) of the GDPR.
Erasure is not permissible for data contained in those Acts which require, according to law, mandatory conservation.
Consent may be withdrawn at any time without affecting the lawfulness of the processing based on consent before its withdrawal.
You have, moreover, the right to lodge a complaint with a supervisory authority, as provided for in art. 77 of the GDPR itself, or to apply proceedings before the courts against the Controller (art. 79 of the GDPR) if you consider that the processing of your personal data performed by this site infringes the norms set by the GDPR.
You may at any time exercise your rights via registered return mail addressed to Provincia Padovana dei Frati Minori Conventuali Messaggero di s. Antonio Editrice, via Orto Botanico 11, 35123 - Padova, Italy, or via email addressed to: privacy@santantonio.org indicating the words: “Accesso Privacy” in the subject line.