We inform you that access to our websites and / or any requests for information or services require the provision of personal data that will be processed in full compliance with European Regulation 2016/679 (GDPR).
Therefore, below, you are given all the information, complete and detailed, regarding the methods and the purposes of the processing of your personal data.
The Data Controller is ATADES, with headquarters in Calle Octavio de Toledo, 2 · 50007 – Zaragoza (Spain), which can be contacted at the following email address: firstname.lastname@example.org
The Foundation has appointed a DPO (Data Protection Officer) which can be contacted at the following email address: email@example.com.
CATEGORIES OF DATA PROCESSED, PURPOSE OF TREATMENTS AND LEGAL BASIS
Through the website, different categories of personal data are collected and processed for different purposes and in different ways. Personal data is information about a defined or definable natural person.
Through the website you have the opportunity to subscribe to our newsletter that will keep you informed about new initiatives and events. Sending the newsletter is based on your explicit consent pursuant to art. 6, paragraph 1, lett. a) in conjunction with art. 7 of the GDPR. You can revoke your consent at any time by sending an email to: firstname.lastname@example.org
On the occasion of events organized as part of the ATHENA BEGIN project, audiovisual material can be produced, which can be disseminated on the project’s social media, sites and channels to document the activities performed.
When this material is considered obsolete, it will be removed from the project’s sites. It is understood that the images once published may be saved and then processed by third parties in a completely independent and independent manner, without any consequent responsibility of the ATADES.
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s IT environment.
This data is used only to obtain anonymous statistical information on the use of the site and to check its correct functioning and is deleted immediately after processing.
We also collect such data to be able to recognize system errors and cyber attacks and to be able to implement protective measures to prevent abuse. Conservation takes place according to the principle of necessity.
The legal basis for the processing is art. 6, paragraph 1, lett. f) of the GDPR (the processing is necessary for the pursuit of the legitimate interest of the data controller).
NATURE OF THE PROVISION OF DATA
With the exception of navigation data, data communication is free and optional; however, failure to provide such data may make it impossible to obtain a response to what has been requested.
DATA PROCESSING METHODS
The data processing is performed through paper and computer media.
No automated decision-making process is performed on the site.
CATEGORIES OF RECIPIENTS OF PERSONAL DATA
Personal data will be processed by authorized employees of ATADES as data controller and leader of the ATHENA BEGIN project. These data will be shared with the Athena Begin project partners, as Data Processors appointed by the Data Controller, and with selected organizations that collaborate with the ATHENA BEGIN project, in order to implement a network of professionals and social operators interested in the vulnerability of people with disabilities to become victims of abuse.
Such data may be communicated, as far as their respective and specific competence is concerned, to Entities and in general to any public or private subject with respect to which there is an obligation for us (or faculty recognized by law or secondary or community legislation) or need for communication, as well as to our consultants, to the extent necessary to carry out their duties in our organization, subject to a letter of appointment that imposes the duty of confidentiality and security.
The Data Controller may transfer personal data to third countries or international organizations. In this case, in accordance with the legal requirements, personal data is transferred only if the European Commission has taken an adequacy decision against the third country, and if adequate guarantees have been agreed. ATADES also reserves the right to use cloud services, in which case the service providers will be selected from among those who provide adequate guarantees, as required by art. 46 GDPR 679/16.
RIGHTS OF INTERESTED PARTIES
Pursuant to EU Regulation 2016/679, the interested party enjoys the rights referred to in section 2, 3 and 4 of Chapter III of Regulation (EU) 2016/679. In particular, you have the right to ask the data controller: access to personal data and the correction, deletion of the same, limitation of the processing that concerns them, opposition to their processing and data portability. In addition, you have the right to lodge a complaint with a supervisory authority if you considers that your data treatment violates EU Regulation 2016/679.