Privacy Policy

Information on the Processing of Personal Data

Pursuant to Article 13-14 of Regulation (EU) 2016/679

We wish to inform those who request information or services from Brindisi Tabernacle APS that the Personal Data you provide will be processed in accordance with the legislative provisions of EU Regulation 2016/679. This is not only to comply with legal obligations, but also because transparency and correctness are a fundamental part of our operations under GDPR 679/2016.

Therefore, the data you provide will be processed according to the principles of fairness, lawfulness, transparency, and the protection of your privacy.

This page describes the methods of processing personal data for those who consult the web and social profiles of Brindisi Tabernacle APS, which are accessible electronically at the following address: https://brindisitabernacle.org/.

The Data Controller of your personal data is Brindisi Tabernacle APS, located at: via San Francesco n. 1, Brindisi 72100 – Italy. They are responsible for the legitimate and correct use of your personal data and can be contacted for any information or request at the following contact details: Tel: +39 3921926501, email: segreteriabt@brindisitabernacle.org.

Legal Basis The processing of customer data is based on the consent provided directly by the customer and on the necessary processing to allow for the conclusion of the contract, or with the use or consultation of this site by visitors and users who explicitly approve this privacy policy and consent to the processing of their personal data in relation to the methods and purposes described below, including the possible communication to third parties if necessary for the provision of a service. This is pursuant to Art. 6, paragraph 1, letter a) where the data subject has given consent to the processing of their personal data for one or more specific purposes.

Purpose of Processing The purpose of the processing—specifically the collection, recording, storage, consultation, communication, transfer, and/or dissemination of this data—is:

  • To manage personal data records, complying with the functions and duties provided for voluntary service centers as per Art. 63 of Legislative Decree no. 117/2017, and for carrying out activities and services directly related to its Statute.

The provision of personal data for these purposes is made directly by the data subject, is mandatory, and the refusal to provide it makes it impossible for Brindisi Tabernacle APS to provide the services in question and to establish and carry out its services. The related processing is carried out through positively given consent.

Types of Data Processed

  • Mandatory Data: Email, first name, last name, tax code, full residential address (street, house number, city, province, postal code). In the paper or electronic forms used to allow access to activities and/or services, the necessary data are marked with an asterisk.
  • Optional Data: Some additional data may also be requested from the data subject, the entry of which is optional and does not affect the ability to access activities and/or use services, including: telephone number, mobile number, educational qualification, profession, association (or organization) of belonging, and the role held within it. The optional data requested may vary depending on the type of service or activity the data subject wishes to access. The data subject who has provided their phone numbers may be contacted for timely communications related to the type of service or activity they have access to.

Methods of Data Acquisition Brindisi Tabernacle APS processes personal data provided directly by the user, or acquired through verbal interaction and, in any case, in the performance of normal work activities.

Data Processed for Statistical Purposes Brindisi Tabernacle APS also monitors the quality of its processes and services by analyzing personal data, using it to identify the average user profile and for other statistical processing useful for preparing social accountability documents such as the Social Report, Social Impact Assessment, and the evaluation of volunteers’ skills.

Dissemination of Data Personal and “special categories” of data are not subject to dissemination except in aggregated and anonymous form.

Communication and Dissemination of Data Brindisi Tabernacle APS ensures that personal data will not be “disseminated” to undetermined parties in any way, even by making it available for consultation. Personal data will not be disclosed or transferred to third parties for any reason without explicit authorization.

However, data may be communicated to:

  • Internal subjects directly and formally authorized by Brindisi Tabernacle APS.
  • External subjects directly and formally authorized by Brindisi Tabernacle APS to carry out a specific service activity.
  • Third parties in accordance with a citation, legal order, court order, legal proceeding, or other legal obligations or to implement available remedies or defend their legal rights.
  • External subjects who carry out activities directly and/or legally connected to those of Brindisi Tabernacle APS, such as control bodies, scientific research bodies, or those with statistical purposes. By way of example, these include: the National Control Body of Service Centers (pursuant to and for the purposes of Articles 64 and 65 of Legislative Decree No. 117/2017), the Puglia Region, Istat, and Universities.

Place of Processing The data is processed at the legal and operational headquarters at Via San Francesco n. 1 – Brindisi – 72100, and at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For further information, contact the Data Controller.

The Data Controller informs you that the processing of the data provided will be carried out primarily directly or through an assignment to another subject, in any case within the European Union.

Data Retention and Duration of Processing Personal data is processed and stored consistently with the consents provided by the user and for the time required by the purposes for which it was collected.

The data will be stored for a period not exceeding what is necessary for the purposes for which it was collected or subsequently processed. In this regard, it is specified that Brindisi Tabernacle APS will store and process the data of the data subject for a period of 3 (three) years from the last consent to processing obtained.

Contact Data may be stored and processed for a different period than the one indicated in the previous paragraph depending on the actual usefulness of such data. In any case, “Contact Data” will not be stored and processed after 10 (ten) years from the last consent to processing obtained. The Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority.

At the end of the retention period, the Personal Data will be deleted. Therefore, upon the expiration of this term, the right of access, rectification, and the right to data portability can no longer be exercised.

Provision and Possible Refusal The provision of mandatory personal data (and not optional data) is necessary for the performance of the planned activity. Any refusal to provide personal data could make it impossible to provide the agreed services.

Methods of Processing Brindisi Tabernacle APS processes data lawfully and fairly and in a way that ensures its confidentiality and security. The processing is carried out using manual, electronic, and telematic tools, with organizational methods and logic strictly related to the purposes indicated.

The data will be processed with methods strictly necessary for the indicated purposes by technical personnel of proven and adequate capacity, duly informed and trained for the data usage operations described, including any data custody operations and supervision of the premises where they are stored.

Sensitive data will be treated with the utmost confidentiality.

The Data Subject We remind you that pursuant to Article 15 of EU Regulation 679/2016, you have the right to obtain confirmation of the existence or non-existence of data concerning you, to obtain an indication of the origin and purposes and methods of processing, the updating, rectification, integration of the data, the deletion of data processed in violation of the law, and you have the right to object to the processing.

Exercise of Rights You can exercise every right described in this section towards the Data Controller. In particular, you have the right to:

  • Withdraw consent at any time. You can withdraw consent to the processing of your Personal Data previously expressed.
  • Object to the processing of your Data. You can object to the processing of your Data when it is carried out on a legal basis other than consent. Further details on the right to object are indicated in the section below.
  • Access your Data. You have the right to obtain information on the Data processed by the Controller, on certain aspects of the processing, and to receive a copy of the processed Data.
  • Verify and Rectify. You can verify the correctness of your Data and request its update or correction.
  • Limit processing. When certain conditions exist, you can request the limitation of the processing of your Data. In this case, the Controller will not process the Data for any other purpose than its storage.
  • Request erasure or removal of your Personal Data. When certain conditions exist, you can request the deletion of your Data by the Controller.
  • Receive your Data or have it transferred to another controller. You have the right to receive your Data in a structured, commonly used, and machine-readable format and, where technically feasible, to obtain its transfer without hindrance to another controller. This provision is applicable when the Data is processed by automated tools and the processing is based on the User’s consent, on a contract to which the User is a party, or on related contractual measures.
  • File a complaint. You can file a complaint with the competent data protection supervisory authority or take legal action.

To exercise the rights referred to in Art. 15 of EU Regulation 679/2016, you can contact the Data Controller: Brindisi Tabernacle APS: via San Francesco n. 1, Brindisi 72100 – Italy, or by sending an email to segreteriabt@brindisitabernacle.org.

We remind you that we may ask you to verify your identity before taking further action based on your request.

Withdrawal of Consent, Rectification, and Limitation of Personal Data Processing Where you have given consent to Brindisi Tabernacle APS for the processing of your personal data, you can withdraw this consent at any time by sending us a communication specifying your wish to withdraw consent.

The withdrawal of consent does not affect the lawfulness of any processing activity based on it before its withdrawal.