INFORMATION ON THE PROTECTION OF PERSONAL DATA
1.1 Pursuant to current Italian and European legislation, Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 and subsequent decrees implementing the protection of personal data, the Basilica of Infant Jesus of Prague of the Discalced Carmelite, owner of the portal www.gesubambino.org (hereinafter “Portal”), with location: Piazzale S. Bambino 1, 16011 Arenzano (GE), VAT No. 03858310109, e-mail: email@example.com, as “owner” of the treatment, is required to provide information on the use of its personal data.
2. Source of personal data
2.1. Navigation data
Following consultation of this portal, the Basilica of Infant Jesus of Prague of the Discalced Carmelite could acquire some personal data whose transmission is implicit in the use of Internet communication protocols (IP addresses and other parameters related to the operating system and to the user’s it environment). These data are used to obtain anonymous statistical information on the use of the site, to check its correct functioning and to ascertain responsibility in case of hypothetical computer crimes against the site.
2.2. Data provided voluntarily
The collection of your personal data is done by recording the data that you gave us, as an interested party, at the time of registration to the Newsletter of the Basilica of Infant Jesus of Prague of the Discalced Carmelite or on the occasion of a purchase on our e-shop.
It is verified by the Basilica of Infant Jesus of Prague of the Discalced Carmelite through a system that requires a subsequent confirmation from the person requesting registration (double opt-in) aimed at verifying that the person who submitted the registration is the true holder of the e-mail address to be registered for the service.
2.3 Optional nature of the provision of data
The provision of data is optional, but in the absence it will not be possible to send periodic informative communications by digital mailing service or it will not be possible to conclude the purchase on our e-shop.
3. Purpose of the processing
Personal data are processed for the following purposes:
a. Reception of periodic informative communications by digital mailing service via internet.
b. Purchase of products.
c. Comply with legal obligations.
4. Methods of data processing
In relation to the purposes described, the processing of personal data takes place using manual, computerized and telematics tools with logic strictly related to the purposes outlined above and in any case, in order to guarantee the security and confidentiality of the data.
Once the established purposes have been fulfilled, the data will be deleted or transformed into an anonymous form.
However, the data acquired by legal formalities (by way of example and not exhaustive, data retention for tax obligations) will be kept in accordance with the law.
5. Categories of subjects to whom the data may be communicated or who can learn about them as managers or agents
Your personal data may be known by the administrators and managers of the mailing service, identified as Trustees of the treatment or in the case of purchase of products to the subjects who deal with accounting and tax administration. Exclusively for the purposes set out in paragraph 3 (Purpose of processing), personal data may be disclosed to third party companies providing mailing services, after being designated as Data Processors and guaranteeing the same level of protection, or for shipment of the goods you have purchased online.
6. Rights of the interested party
Finally, we inform you that the legislation regarding the protection of personal data confers on the interested parties the possibility of exercising specific rights based on the provisions of art. 7 of the “Code” which is reported here:
a. The interested party has the right to obtain confirmation of the existence or not of personal data concerning him even if not yet registered and their communication in intelligible form.
b. The interested party has the right to obtain the indication:
c. the origin of personal data;
d. of the purposes and methods of processing;
e. of the logic applied in case of treatment carried out with the aid of electronic instruments;
f. of the identification details of the owner, of the managers and of the designated representative pursuant to art. 5, paragraph 2;
g. of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the territory of the State, managers or agents.
7. The interested party has the right to obtain:
a. updating, rectification or, when interested, integration of data;
b. the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; the attestation that the operations referred to
c. to the letters a. and b. they have been brought to the attention, even as regards their content, of those to whom the data have been communicated or disseminated, except in the case where this fulfillment proves impossible or involves a use of means manifestly disproportionate to the protected right.
8. The interested party has the right to object, in whole or in part:
a. for legitimate reasons, the processing of personal data concerning him, even if pertinent to the purpose of the collection;
b. to the processing of personal data concerning him for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication.
9. Data Controller and Data Processors
The Data Controller of personal data referred to in this Notice is Basilica of Infant Jesus of Prague of the Discalced Carmelite, Piazzale S. Bambino, 1 – 16011 ARENZANO (Italy), e-mail: firstname.lastname@example.org. In order to simplify the methods of submission and reduce the time for feedback, please submit the requests, referred to in the previous paragraph, to the Basilica of Infant Jesus of Prague of th Discalced Carmelite, e-mail address: email@example.com.
We refer to the sites of Third Parties supplying services on www.gesubambino.org for the management or blocking of their cookies
All browsers that can be used by the visitor to consult this site, normally under Settings/Privacy, allow the management or removal of cookies.
Data collected automatically
Simply by visiting the site, browsing it and doing research
Personal data provided by you
Using contact forms, newsletter subscription form, donation forms, e-commerce cart, sending a communication via e-mail.
Most of the personal data is provided by you when you place orders, send messages to mailing lists, use a contact form. Provide, for example, personal data when: search for a product, place an order; provide personal information in My account; communicate with us by telephone, e-mail or otherwise; complete a questionnaire or contact form; use our services; fill out a Wish List; make a donation with the appropriate forms if any. Here is the information you provide: your IP address, your name, address and telephone number, e-mail address; names of the recipients of the orders (addresses and telephone numbers included), any other data relating to your business if you purchase as a company or holder of VAT number by asking for the invoice.
Personal data received from other sources
We do not manage data from our users received from other sources.
The personal data of our customers are an important part of our work and it is not our business to transfer them to others. Therefore personal data will be communicated only in accordance with the methods described below.
Third-party service providers
With your consent
In case, other than those indicated above, you will be informed each time your personal data will be communicated to third parties and you will have the possibility to choose whether or not to communicate your personal data to third parties. We will not transfer your personal data to companies, institutions or institutions based in countries of the European Community or in countries outside the European Community if not at your request.
We are committed to protecting the security of your personal information when sending it, using the Secure Sockets Layer (SSL) software, which encrypts the information you enter.
We do not deal directly with credit card payments, which are managed by PayPal with their own secure systems, and therefore we do not collect any data related to your credit card.
Our security procedures imply that you may occasionally be asked to prove your identity before disclosing personal data.
It is important that you take appropriate protections against unauthorized access to your password and your computer, in particular by entering a password that the system notifies you as “safe”. If you have an account on our site, after logging in or logging into your account, before closing the browser page always log out. Always make sure you are disconnected when using a computer shared with other users.
If you have a registration account on this website:
On site you can access data such as: updated information on recent orders; personal identification information (including name, e-mail, password, geographic address); payment settings (also promotional codes and accounting situation); e-mail notification settings (if active); to Wish List; as well as my account if you have registered an account.
If you have asked to subscribe to the newsletter:
On site, using the link to the foot of the newsletter received, you can access data such as, e-mail address provided, Name and Surname, registration preferences and request for cancellation from the mailing list or modification of the e-mail address provided.
For all other data provided in different ways the visitor can get in touch with Basilica di Gesù Bambino di Praga dei Frati Carmelitani Scalzi, Piazzale S. Bambino 1, 16011 Arenzano (GE).
All anonymous tracking data is normally stored for up to 6 months on the server being used or in system backups.
All data provided voluntarily by the visitor is stored on www.gesubambino.org or in e-mail or in other storage/management systems until the service for which they were issued is provided and in any case as long as it is not the cancellation is requested by the user, except for the data of a fiscal nature that will be kept according to the current italian legislation.