PRIVACY NOTICE PURSUANT TO ART. 13 OF THE REG. (EU) 2016/679 (“GDPR”)
Veronafiere S.p.A. provides You with the information requested by GDPR concerning the processing of your personal data with regards to the media accreditations system of the virtual event (hereinafter referred to as the Event).
- DATA CONTROLLER
The data controller is Veronafiere S.p.A., Viale del Lavoro, 8, 37135 - Verona VR Tel. 045 8298111 - Fax 045 82 98 288 - email firstname.lastname@example.org (hereinafter referred to as “Veronafiere” or “Controller”)
- DATA PROTECTION OFFICER (DPO)
You can contact the DPO at the email address email@example.com
- DATA PROCESSING PURPOSES, LEGAL BASIS AND DATA RETENTION
The processing purposes are the following:
- For the accreditation – as a journalist – for the Event. In this case:
- the legal basis is the performance of the contract to which the data subject is party (processing is necessary to fulfill specific requests of the data subject).
- data will be stored until the end of the Event
- For the potential establishment, exercise or defence of legal claims by the Controller. In this case:
- the legal basis is the legitimate interest of the Controller.
- data will be stored for the length of the dispute.
- In order to send information and updates regarding the new editions of the Event as well as other initiatives organized by Veronafiere in the field and/or geographical area in which the journalist works. In this case:
- the legal basis is the legitimate interest of the Controller in carrying out adequate information and communication activities, taking into consideration that the data subject is a journalist working in the relevant field and/or geographical area.
- data will be stored until data subject’s objection.
Once the above data retention terms have expired, data will be destroyed or anonymized, compatibly with the technical timing for erasure and backup.
- THE PROVISION OF THE DATA
The provision of data highlighted with an asterisk in the registration form is necessary for the media accreditation. The provision of data which are not highlighted with an asterisk is optional and do not prevent the application assessment.
- CATEGORIES OF RECIPIENTS TO WHOM THE DATA MAY BE DISCLOSED
Data may be disclosed to parties acting as controllers, such as public authorities entitled to request them.
Data may be processed, on behalf of the Controller, by third parties, appointed as Data Processors pursuant to art. 28 of GDPR, carrying out activities that are functional or related to the Event (e.g. IT services providers, companies which provides the Event's digital platform or secretarial activities).
- DISSEMINATION OF DATA
Data uploaded in the personal profile, including the image, will be disseminated online and accessible to all the participants in the Event.
- DATA SUBJECTS’ RIGHTS
The data subject shall have the following rights:
- to access the data concerning him/her in accordance with Article 15 GDPR,
- to obtain the rectification of inaccurate data;
- to have incomplete data completed;
- to obtain the erasure of data in the cases provided for by Article 17 GDPR,
- to obtain restriction of processing in the cases provided for by Article 18 GDPR;
- to object, on grounds relating to his/her own particular situation, to the processing carried out in the legitimate interest of the Controller; in particular, the data subject who no longer wants to receive the above mentioned communications can click on the “unsubscribe” link that appears in every email;
- where the processing is based on consent or contract and is carried out by automated means, to receive the data in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from the controller to which the personal data have been provided (the right to data portability).
In order to exercise Your rights, You can contact the Controller by sending a written communication to the above address or an e-mail to firstname.lastname@example.org.
Data subjects shall have the right to lodge a complaint with the competent supervisory authority in the Member State of his or her habitual residence, place of work or place of the alleged infringement.