Veneranda Biblioteca Ambrosiana, C.F. 80032310155 and P.I. 04196990156 with registered office in Piazza Pio XI, 2 – 20123 MILANO, (hereinafter, “OWNER”), as Data Controller, informs pursuant to art. 13 European Regulation 2016/679 on data processing (hereinafter, “GDPR”) that your data will be processed in the manner and for the purposes set out below.
In the context of the protection of personal data, Veneranda Biblioteca Ambrosiana provides its users with information about: object of the processing, purpose of the processing, data processing methods, access to the data, nature of the data processed, data controller, data processor, communication and dissemination of the data, rights of the interested parties.
ART. 1 – Processing of Personal Data
In accordance with European Regulation 2016/679 on the protection of personal data, Veneranda Biblioteca Ambrosiana guarantees compliance with the regulations on the protection of personal data, which will be used exclusively for the performance of the relationship activities with the User and will not be transferred to third parties.
ART. 2 – Data Controller
The Data Controller of the collected data is Veneranda Biblioteca Ambrosiana, C.F. 80032310155 and P.I. 04196990156, with headquarters in Piazza Pio XI, 2 – 20123 MILAN, Telephone: +39.02806921 – Email: contatti@ambrosiana.it
ART. 3 – Data Controller
The data controller is: Antonello Grimaldi, born in Naples, General Secretary and legal representative of Veneranda Biblioteca Ambrosiana, Telephone: +39.0280692203 – Email: agrimaldi@ambrosiana.it
ART. 4 – Purpose of processing
The processing of personal data is aimed at achieving the following purposes: to guarantee the correct provision of the services requested through the Site and, therefore, to correctly and punctually fulfill all obligations arising from the contractual relationship established, as well as obligations arising from the law or regulations in force;
administrative and accounting purposes, including the possible transmission by email of commercial invoices by Veneranda Biblioteca Ambrosiana and/or companies that cooperate with it in providing the service.
transmission by email of newsletters on the activities of Veneranda Biblioteca Ambrosiana.
ART. 5 – Type of data processed and collected
The Data Controller will process the following personal data: – personal and contact details.
ART. 6 – Legal basis of processing
The legal basis of this processing is the consent given by the interested party, which may be denied, but failure to provide the data will make it impossible to conclude the contract.
It is understood that consent to the processing of data for the purpose indicated in art. 4.3 (newsletter service) is purely optional; Therefore, in the event of any denial to processing for the aforementioned purpose, the data will be processed for the sole purposes indicated in art. 4.1 (correct execution of the contractual relationship) and art. 4.2 (administrative and accounting activity).
ART. 7 – Access to data
The data collected may be made accessible, for the purposes set out in this information notice: to employees and collaborators of the Data Controller responsible for managing administrative and accounting activities;
to third-party companies or other entities (professional firms, consultants, etc.) that carry out outsourcing activities on behalf of the Data Controller, in their capacity as external data processing responsibilities, or to professional firms, if and to the extent necessary for the performance, on their part, of consultancy and/or legal assistance activities in favor of the Veneranda Biblioteca Ambrosiana, in any dispute arising between the latter and one or more users.
ART. 8 – Dissemination of data
The personal data collected will not be disclosed to third parties not authorized by the Data Controller and may be exhibited only upon request of the Judicial, Financial and Guarantor Authorities, as well as to all other entities to whom communication is mandatory by law.
These entities will process the data in their capacity as independent data controllers.
ART. 9 – Storage and Transfer of data
Personal data is stored on servers located within the European Union. In any case, it is understood that the Data Controller, where necessary, will have the right to move the data and/or servers even outside the EU. In this case, the Data Controller hereby ensures that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission.
ART. 10 – Storage period
The data will be stored for the time necessary for the execution of the contract and in any case for a maximum period of 10 years in the