Privacy Policy

PRIVACY PROTECTION

INFORMATION ON THE PROTECTION OF PERSONAL DATA

1. Premise

1.1 Pursuant to current Italian and European legislation, Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 and subsequent decrees implementing the protection of personal data, the Basilica of Infant Jesus of Prague of the Discalced Carmelite, owner of the portal www.gesubambino.org (hereinafter “Portal”), with location: Piazzale S. Bambino 1, 16011 Arenzano (GE), VAT No. 03858310109, e-mail: santuario@gesubambino.org, as “owner” of the treatment, is required to provide information on the use of its personal data.

2. Source of personal data

2.1. Navigation data

Following consultation of this portal, the Basilica of Infant Jesus of Prague of the Discalced Carmelite could acquire some personal data whose transmission is implicit in the use of Internet communication protocols (IP addresses and other parameters related to the operating system and to the user’s it environment). These data are used to obtain anonymous statistical information on the use of the site, to check its correct functioning and to ascertain responsibility in case of hypothetical computer crimes against the site.

2.2. Data provided voluntarily

The collection of your personal data is done by recording the data that you gave us, as an interested party, at the time of registration to the Newsletter of the Basilica of Infant Jesus of Prague of the Discalced Carmelite or on the occasion of a purchase on our e-shop.
It is verified by the Basilica of Infant Jesus of Prague of the Discalced Carmelite through a system that requires a subsequent confirmation from the person requesting registration (double opt-in) aimed at verifying that the person who submitted the registration is the true holder of the e-mail address to be registered for the service.

2.3 Optional nature of the provision of data

The provision of data is optional, but in the absence it will not be possible to send periodic informative communications by digital mailing service or it will not be possible to conclude the purchase on our e-shop.

3. Purpose of the processing

Personal data are processed for the following purposes:

a. Reception of periodic informative communications by digital mailing service via internet.
b. Purchase of products.
c. Comply with legal obligations.

4. Methods of data processing

In relation to the purposes described, the processing of personal data takes place using manual, computerized and telematics tools with logic strictly related to the purposes outlined above and in any case, in order to guarantee the security and confidentiality of the data.
Once the established purposes have been fulfilled, the data will be deleted or transformed into an anonymous form.
However, the data acquired by legal formalities (by way of example and not exhaustive, data retention for tax obligations) will be kept in accordance with the law.

5. Categories of subjects to whom the data may be communicated or who can learn about them as managers or agents

Your personal data may be known by the administrators and managers of the mailing service, identified as Trustees of the treatment or in the case of purchase of products to the subjects who deal with accounting and tax administration. Exclusively for the purposes set out in paragraph 3 (Purpose of processing), personal data may be disclosed to third party companies providing mailing services, after being designated as Data Processors and guaranteeing the same level of protection, or for shipment of the goods you have purchased online.

6. Rights of the interested party
Finally, we inform you that the legislation regarding the protection of personal data confers on the interested parties the possibility of exercising specific rights based on the provisions of art. 7 of the “Code” which is reported here:

a. The interested party has the right to obtain confirmation of the existence or not of personal data concerning him even if not yet registered and their communication in intelligible form.
b. The interested party has the right to obtain the indication:
c. the origin of personal data;
d. of the purposes and methods of processing;
e. of the logic applied in case of treatment carried out with the aid of electronic instruments;
f. of the identification details of the owner, of the managers and of the designated representative pursuant to art. 5, paragraph 2;
g. of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the territory of the State, managers or agents.

7. The interested party has the right to obtain:

a. updating, rectification or, when interested, integration of data;
b. the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; the attestation that the operations referred to
c. to the letters a. and b. they have been brought to the attention, even as regards their content, of those to whom the data have been communicated or disseminated, except in the case where this fulfillment proves impossible or involves a use of means manifestly disproportionate to the protected right.

8. The interested party has the right to object, in whole or in part:

a. for legitimate reasons, the processing of personal data concerning him, even if pertinent to the purpose of the collection;
b. to the processing of personal data concerning him for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication.

9. Data Controller and Data Processors

The Data Controller of personal data referred to in this Notice is Basilica of Infant Jesus of Prague of the Discalced Carmelite, Piazzale S. Bambino, 1 – 16011 ARENZANO (Italy), e-mail: santuario@gesubambino.org. In order to simplify the methods of submission and reduce the time for feedback, please submit the requests, referred to in the previous paragraph, to the Basilica of Infant Jesus of Prague of th Discalced Carmelite, e-mail address: santuario@gesubambino.org.

COOKIE

Based on the provisions of Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 and more recently in Italy by the Privacy Guarantor on 8 May 2014 (web document No. 3118884) on the use of cookies on the websites, the Basilica of Infant Jesus of Prague of th Discalced Carmelite communicates that this site uses technical cookies that do not require the prior approval of the user and third-party cookies – which are the managers and managers – of the web type analytics service (as a non-exhaustive example StatCounter – Google – ShareThis or similar), possibly activated to offer services in view of a better use of site content and for this purpose prepared to collect anonymous data on the navigation of visitors on www.gesubambino.org; the Basilica of Infant Jesus of Prague of the Discalced Carmelite will not use said Third Party cookies for advertising purposes of their own goods and/or services or of other subjects to their visitors.

[cookie-control]

We refer to the sites of Third Parties supplying services on www.gesubambino.org for the management or blocking of their cookies
All browsers that can be used by the visitor to consult this site, normally under Settings/Privacy, allow the management or removal of cookies.

WHAT CUSTOMER DATA ARE COLLECTED ON THE SITE?

Data collected automatically

Simply by visiting the site, browsing it and doing research
We collect and analyze data such as, for example: the Internet protocol (IP) address used to connect your computer to the Internet; computer and connection information such as browser type and version; and time zone settings, browser plug-in types and versions, operating system and platform; order history, data that we sometimes combine with similar information collected by other customers for the purpose of creating functions such as “Best Sellers”; the complete URL (Uniform Resource Locators) path (including date and time); the number of cookies; the products you viewed or searched for. We may also use browser data such as cookies, Flash cookies (also known as Flash Local Shared Objects), or similar data collected through certain components of our website to prevent system break-ins and other protective purposes or statistical detection in form anonymous. During some visits, it is possible that we use software tools such as JavaScript for the purpose of evaluating and collecting information about sessions, including page load times, download errors, duration of visits to certain pages, interaction information with pages (such as scrolling , click and cursor movements on pages) and methods used to exit the page. We may also collect technical information to help us identify your device for fraud prevention and diagnostic purposes.

Personal data provided by you

Using contact forms, newsletter subscription form, donation forms, e-commerce cart, sending a communication via e-mail.
Most of the personal data is provided by you when you place orders, send messages to mailing lists, use a contact form. Provide, for example, personal data when: search for a product, place an order; provide personal information in My account; communicate with us by telephone, e-mail or otherwise; complete a questionnaire or contact form; use our services; fill out a Wish List; make a donation with the appropriate forms if any. Here is the information you provide: your IP address, your name, address and telephone number, e-mail address; names of the recipients of the orders (addresses and telephone numbers included), any other data relating to your business if you purchase as a company or holder of VAT number by asking for the invoice.
Personal data received from other sources
We do not manage data from our users received from other sources.

TRANSFER OF DATA TO THIRD PARTIES

The personal data of our customers are an important part of our work and it is not our business to transfer them to others. Therefore personal data will be communicated only in accordance with the methods described below.

Third-party service providers

We use other companies and individuals to carry out certain activities on our behalf. For example, to process orders, deliver packages, send traditional mail and e-mail, remove repetitive information from customer lists, analyze data, provide marketing assistance, provide search results and links (including lists and paid links), make payments with credit cards and provide customer services. These providers only have access to the personal data that are necessary to perform their duties. We guarantee that they can not use the same data for other purposes and are also required to process personal data in accordance with this Privacy Policy, and in accordance with applicable regulations regarding the protection of personal data.

With your consent

In case, other than those indicated above, you will be informed each time your personal data will be communicated to third parties and you will have the possibility to choose whether or not to communicate your personal data to third parties. We will not transfer your personal data to companies, institutions or institutions based in countries of the European Community or in countries outside the European Community if not at your request.

SECURITY OF PERSONAL DATA

We are committed to protecting the security of your personal information when sending it, using the Secure Sockets Layer (SSL) software, which encrypts the information you enter.
We do not deal directly with credit card payments, which are managed by PayPal with their own secure systems, and therefore we do not collect any data related to your credit card.
Our security procedures imply that you may occasionally be asked to prove your identity before disclosing personal data.
It is important that you take appropriate protections against unauthorized access to your password and your computer, in particular by entering a password that the system notifies you as “safe”. If you have an account on our site, after logging in or logging into your account, before closing the browser page always log out. Always make sure you are disconnected when using a computer shared with other users.

DATA TO WHICH YOU CAN ACCESS

If you have a registration account on this website:

On site you can access data such as: updated information on recent orders; personal identification information (including name, e-mail, password, geographic address); payment settings (also promotional codes and accounting situation); e-mail notification settings (if active); to Wish List; as well as my account if you have registered an account.

If you have asked to subscribe to the newsletter:

On site, using the link to the foot of the newsletter received, you can access data such as, e-mail address provided, Name and Surname, registration preferences and request for cancellation from the mailing list or modification of the e-mail address provided.
For all other data provided in different ways the visitor can get in touch with Basilica di Gesù Bambino di Praga dei Frati Carmelitani Scalzi, Piazzale S. Bambino 1, 16011 Arenzano (GE).

DURATION OF DATA CONSERVATION

All anonymous tracking data is normally stored for up to 6 months on the server being used or in system backups.
All data provided voluntarily by the visitor is stored on www.gesubambino.org or in e-mail or in other storage/management systems until the service for which they were issued is provided and in any case as long as it is not the cancellation is requested by the user, except for the data of a fiscal nature that will be kept according to the current italian legislation.