Privacy Policy

HomePrivacy Policy

Privacy Policy of the Fondazione Consulcesi website

Information on data processing ex art. 13 EU Regulation 2016/679

Data Controller

We inform you that, in accordance with EU Regulation 679/2016 (infra: “Regulation“), your personal data will be processed by Fondazione Consulcesi as the Data Controller (“Controller“).

The contact details of the Data Controller are: Fondazione Consulcesi with registered office in Via Giacomo Peroni, 400, 00131 Rome (RM); email: contatti@fondazioneconsulcesi.org.

Types of data being processed

The Controller will process your personal data, collected in the context of the requested services, including but not limited to your first name, last name, mobile phone number, e-mail address.

Purposes, Legal Basis, and Optional Nature of Processing

Your personal data will be processed for the following purposes:

  1. a) performance of the requested services;
  2. b) compliance with any legal obligations.

The legal bases for processing for purposes a) and b) are Articles 6.1.b) and 6.1.c) of the Regulations, respectively. The provision of your personal data for purposes (a) and (b) above is optional, but in default it will not be possible to perform the requested services.

Your personal data will also be processed, upon your specific consent, for the following purposes:

(c) sending promotional and marketing communications, including the sending of newsletters and market research, regarding products and services of the Data Controller and business partners, through automated tools (sms, mms, email, push notifications, fax, automated call system without operator, use of social networks) and traditional tools (paper mail, telephone with operator);

d) communication of your personal data to companies with which the Data Controller has entered into commercial agreements and/or conventions, belonging to the following categories: professionals, communication and marketing companies or entities; professionals, companies or entities operating in the legal, tax/fiscal, financial, accounting/administrative, insurance, training, computer/technological fields; professionals, companies or entities operating in the social/humanitarian field; professionals, companies or entities operating in the real estate and related fields; professionals, companies or entities operating in the field of television and film productions; professionals, companies or entities in the health, medical/pharmaceutical sector and personal and leisure service providers, for their direct marketing purposes, through automated or traditional tools.

It should be noted that the Data Controller collects a single consent for the marketing purposes described herein, pursuant to the General Provision of the Guarantor for the Protection of Personal Data “Guidelines on Promotional Activities and Countering Spam” of July 4, 2013; if, in any case, you wish to object to the processing of your data for marketing purposes carried out by the means indicated herein, as well as to revoke the consent given, you may do so at any time by contacting the Controller at the contact details indicated in this notice, without affecting the lawfulness of the processing based on the consent given prior to revocation.

e) carrying out statistical-scientific surveys of the Controller related to the medical-health world and the well-being of citizens;

f) performance of profiling activities aimed at improving the quality of the services provided and the suitability of commercial communications to your preferences.

The legal basis for processing for purposes c), d), e) and f) is Article 6.1.a) of the Regulations.

The provision of your personal data for the purposes of c), d), e) and f) above is optional; no consequences are foreseen in case of your refusal.

It is also possible the occurrence of processing of personal data, sent by you to the Controller, relating to third parties. With respect to such hypotheses, you stand as autonomous data controller, assuming all the obligations and responsibilities of the law. In this sense, you grant on this point the widest indemnity with respect to any dispute, claim, request for compensation for damages from processing, etc., that may be received by the Controller from third parties whose personal data have been processed through your spontaneous submission in violation of the applicable data protection regulations. In any case, should you provide or otherwise process personal data of third parties, you warrant as of now, assuming all related liability, that this particular hypothesis of processing is based on an appropriate legal basis that legitimizes the processing of the information in question.

Recipients and Transfer of Personal Data

Your personal data may be shared with:

– individuals authorized by the Data Controller to process personal data ex art. 29 GDPR due to the performance of their job duties (e.g. employees and system administrators etc.);

– service providers (such as attorneys, accountants, consultants, credit institutions, etc.) who typically act as data controllers ex art. 28 GDPR or as autonomous Data Controllers;

– parties, entities or authorities to whom it is mandatory to communicate your personal data under provisions of the law or orders of the authorities;

– subject to your consent, partners with whom the Controller has entered into commercial agreements and/or conventions, belonging to the following categories: professionals, communication and marketing companies or entities; professionals, companies or entities operating in the legal, tax/fiscal, financial, accounting/administrative, insurance, training, IT/technology fields; professionals, companies or entities operating in the social/humanitarian field; professionals, companies or entities operating in the real estate and related fields; professionals, companies or entities operating in the field of television and film productions; professionals, companies or entities in the health, medical/pharmaceutical sector and personal and leisure service providers, for their marketing and promotional communication purposes.

The complete and updated list of data recipients can be requested from the Controller at the above-indicated contacts.

Transfer of Data outside the EU

Regarding the possible transfer of Data to Third Countries, the Data Controller informs that the processing will take place according to one of the modalities allowed by the law in force, such as the consent of the data subject, the adoption of Standard Clauses approved by the European Commission, the selection of subjects adhering to international programs for the free circulation of data or operating in countries considered safe by the European Commission. More information is available upon request from the Data Controller at the contacts above.

Retention of Personal Data

Your Personal Data will be stored only for the time necessary for the purposes for which they are collected, respecting the principle of minimization set out in Article 5, paragraph 1, letter c) of the GDPR. In any case, your personal data will be kept for the time necessary to perform the services provided for in the contract. More information is available from the Data Controller.

Data Processing Methods

In relation to the stated purposes, the processing of personal data is carried out using manual, computer and telematic tools with logic strictly related to the purposes themselves and, in any case, in such a way as to ensure the security and confidentiality of the data themselves, in addition to compliance with the specific obligations enshrined in the law.

Your Privacy Rights

You have the right to ask the Data Controller, at any time, for access to your personal data, their rectification or cancellation or to object to their processing; you have the right to request the restriction of processing in the cases provided for by art. 18 of the Regulations; to revoke the consent given ex art. 7 of the GDPR at any time; to obtain in a structured, commonly used and machine-readable format the data concerning you, in the cases provided for in Art. 20 of the Regulation; as well as to lodge a complaint with the competent supervisory authority (Guarantor for the Protection of Personal Data) pursuant to Art. 77 of the Regulation, if you believe that the processing of your data is contrary to the legislation in force. You may make a request to object to the processing of your data pursuant to Article 21 of the GDPR in which you give evidence of the reasons justifying the objection: the Data Controller reserves the right to evaluate your request, which would not be accepted if there are compelling legitimate reasons to proceed with the processing that override your interests, rights and freedoms. Requests should be addressed in writing to the Data Controller.

Support Fondazione Consulcesi’s projects

Find out how you can help us reduce disparities in accessing medical care and accomplish our projects in the Medical Support, Safeguarding Childhood, as well as Inclusion and Social Impact fields.

LEND THE FOUNDATION YOUR SUPPORT

Fondazione Consulcesi works to reduce disparities in accessing medical care.