INFORMATION ON THE PROCESSING OF PERSONAL DATA
For users of the GENerate website and the mobile application GENerate of the Focolare Movement , for the protection of personal data pursuant to Regulation (EU) 2016/679
REASON FOR THIS NOTICE
This page describes how to manage the site with reference to the processing of personal data of users who use it.
This information concerns the privacy, in accordance with Regulation (EU) 2016/679 (hereinafter “Regulation” or “GDPR”), of those who interact with the web services of GENerate_Focolare Movement, accessible electronically from the address: generate.focolare.org corresponding to the home page of the official GENerate website and the mobile application of the same name.
THE “OWNER” OF THE DATA PROCESSOR
The “owner” of the data processing – i.e. the legal entity that determines the purposes and means of processing personal data – is P.A.F.O.M. with registered office in Rocca di Papa (Rome – Italy), Via Frascati, 306.
Following consultation of this site, data relating to identified or identifiable persons may be processed.
THE PERSON IN CHARGE OF DATA PROTECTION
The Data Protection Officer (DPO) is Sergio Barbaro, lawyer, who can be reached at the following address: Data Protection Officer, Via Frascati n. 306, Rocca di Papa (Rome-Italy), email: firstname.lastname@example.org.
LOCATION OF DATA PROCESSING
The processing operations connected to the web services of this site take place at the above-mentioned premises and are carried out only by technical personnel appointed by the data controller, or by persons in charge of occasional maintenance operations, under the direct authority of the data controller.
No data deriving from the web service is communicated or disseminated.
The personal data provided by users who request information material (answers to questions, newsletters, notifications, etc.) are used only to respond to the request and are communicated to third parties only if this is necessary for this purpose due to legal obligations.
TYPES OF DATA PROCESSED
We process two types of data:
- navigation data that we automatically collect
- user-supplied data
- tracking data
- navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the computers used by users who connect to the site, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc..) and other parameters relating to the operating system and computer environment of the user.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this possibility, at present, the data on web contacts do not persist for more than seven days.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.
Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services on request.
When the user browses the site, the following operations can be tracked for which the user is asked before expressing consent: content displayed, clicks made on the page, favourite pages saved, playlists created.
Different types of “cookies” (small text files stored on your device) are used on this website. The use of session cookies (which are not permanently stored on the user’s computer) is strictly limited in order to allow the safe and efficient exploration of the site.
Session cookies do not allow the acquisition of personal data identifying the user. Below is the extended information on the cookies used in this website.
Browser settings can be configured in such a way that cookies are blocked or the system informs the user when a website intends to set a cookie. However, it is important to be aware that blocking cookies may prevent you from using all the functions of this website.
The use of so-called session cookies (which are not permanently stored on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable the safe and efficient exploration of the site.
The so-called session cookies used in this site avoid the use of other computer techniques potentially prejudicial to the confidentiality of users’ navigation and do not allow the acquisition of personal identification data of the user.
DATA STORAGE PERIOD
Except for the data provided voluntarily by the user for specific services, for which specific information will be provided, the information relating to navigation will be kept for a maximum of fourteen months after collection; except in the case where it must be used to ascertain responsibility in the event of computer crimes against the site; in this case the information will be kept available to the Authority for the time necessary to guarantee P.A.F.O.M. the exercise of its rights of defence.
PURPOSE AND LEGAL BASIS OF THE TREATMENT OF DATA
Apart from what has been specified for navigation data, the user is free to provide personal data (name, surname, date of birth, email address) contained in the request forms to the GENerate website and to the mobile application of the same name or in any case indicated in contacts with its various expressions to request the sending of informative material or other. They will be known to P.A.F.O.M. employees and collaborators, duly instructed on the precautions and guarantees to be adopted in the processing of the information in question as required by the Applicable Regulations.
Failure to provide them may make it impossible to obtain the information requested.
METHODS OF PROCESSING DATA
Personal data is processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
In view of the user’s express consent, where required for specific services, the user may be contacted by e-mail, SMS, or through any equivalent electronic means or by paper mail or call through an operator at all the addresses provided. If you prefer to be contacted only at one or some of these addresses, you can make an express request using the form available in the specific section to which the service relates.
The data are registered only on the site and managed locally on the site. Emails are sent via an SMTP owned by P.A.F.O.M. If on a browser or on a messaging application, it is sent via the one chosen by the user.
Each time an email with notifications is sent, the user is free to ask to unsubscribe through the footer located in the email, where it is written: “If you received this message incorrectly and you are not interested: unsubscribe” or similar. To deactivate the notifications on the browser, the user must go to the menu and deactivate the notifications.
The Applicable Law grants users a number of rights including, but not limited to, the right:
(i) to access their personal data
(ii) to request its rectification
(iii) updating and deletion, if incomplete, incorrect or collected in violation of the law
(iv) to request that the processing be limited to a part of the information concerning them
(v) to transmit to the same or to third parties indicated by them the information concerning it (so-called “data portability”)
(vi) to object to their processing on legitimate grounds
(vii) to revoke its consent at any time by written request addressed without formality to P.A.F.O.M. to the contacts indicated.
P.A.F.O.M. reminds that, if the response to the requests cannot be considered satisfactory, the user may contact and lodge a complaint with the Guarantor Authority for the Protection of Personal Data (www.garanteprivacy.it) in the manner provided for by the Applicable Regulations.
PROVIDING FEEDBACK TO THE INTERESTED PARTY’S REQUESTS AND CONTACT DETAILS
P.A.F.O.M. can therefore be contacted for any request, clarification or feedback on the application of the legislation on the protection of personal data and for the concrete exercise of the rights of the person concerned, better indicated in the previous paragraph, even if it is necessary to update, modify, supplement, correct and/or cancel the data, as provided for by the legislation or in relation to the assessment of the specific needs explicitly proposed by the person concerned.
To this end, in order to facilitate the interested party in exercising their rights and interacting with the Focolare Movement, the following contact details are provided in case of complaints: e-mail address: email@example.com; 00040 Rocca di Papa (RM), Via Frascati, 306.
22 July 2020