INFORMATION ON THE PROCESSING OF PERSONAL DATA
Pursuant to Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 ("GDPR") on the protection of personal data.
This information concerns the processing of personal data carried out in relation to the annual international conference organized by the Italian Chapter of the Eurographics association Smart Tools and Applications in Graphics (STAG) (stag2019.crs4.it). This information is used to indicate who processes your personal data for what purposes, in what ways and what are your rights as an interested party to the processing.
Data Protection Officer or Data Protection Officer
The Data Protection Officer (RDP or DPO) of CRS4 can be contacted by email (firstname.lastname@example.org), or by calling +393931065076.
Types of data processed and purposes of processing
The processing of personal data provided through the registration form and subsequently acquired, including during events and public meetings related to the same, will be processed:
- for registration to the event;
- with the express consent of the interested party, for the publication of the attendees on the website stag2019.crs4.it, or in other means of communication and / or dissemination;
- to comply with obligations provided by law, regulation or European legislation, to respond to specific requests from administrative or judicial authorities or to assert or defend a right of the CRS4, in the appropriate places.
All the data listed above are stored in the servers of the CRS4, located in Pula, as well as on the servers of any external processors pursuant to art. 28 GDPR.
Methods of processing
The processing of personal data for the above purposes takes place mainly by means of computer tools but, sometimes, may be subject to processing even without the aid of computer tools.
Legal basis of the processing
Personal data are processed by CRS4 on the basis of the execution of the obligations related to the organization of the event, and, by virtue of the express consent of the person concerned, for the purposes indicated above.
Optionality of conferment
The user is free to provide the personal data requested at the time of registration, however, failure to provide the data indicated as necessary could make it impossible to participate in the event.
Recipients or categories of recipients of personal data
The recipients of your personal data are:
- the employees and collaborators of the CRS4, expressly designated and authorised to whom specific instructions have been provided. The authorised persons have different levels of access, depending on their specific duties;
- Entities identified as data processors pursuant to art. 28 GDPR.
The data collected for registration will not be disclosed, (except for the publication of the list of attendees who consent, and for the images and videos taken during the Conference)
Transfer of data outside the European Union
Your personal data will be processed by CRS4 through its own IT tools located at its headquarters.
Data Management and Retention Period
The data will be kept for the duration of the event and in any case for the time required by industry regulations for purposes related to the event itself. Such data could however be kept for a longer period, in order to ascertain responsibility in case of crimes.
Rights of the data subject
As an interested party, according to the current regulations, you may exercise the following rights:
- request access to your personal data and information relating to the same, the rectification of inaccurate data or the integration of incomplete data, the cancellation of personal data concerning you (if one of the conditions indicated in art. 17, paragraph 1 of the GDPR occurs and in compliance with the exceptions provided for in paragraph 3 of the same article, for example if your data are processed unlawfully), the limitation of the processing of your personal data (if one of the hypotheses indicated in art. 18, paragraph 1 of the GDPR occurs, for example your data are processed unlawfully);
- object at any time to the processing of your personal data to the occurrence of special situations concerning you;
- exercise the right to data portability, i.e. the right to receive personal data in a structured, commonly used and machine-readable format and to transmit such data to another controller, only in cases where the processing is based on consent and only for data processed by electronic means.
Such requests may be addressed to the Data Controller or to the Data Protection Officer (RDP/DPO) at the addresses indicated above. The form for the exercise of rights is available at https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1089924
If you believe that the processing of your personal data is in breach of the provisions of the European Regulation, you also have the right to lodge a complaint with a supervisory authority (Autorità Garante per la protezione dei dati personali - www.garanteprivacy.it), or to bring the matter before the appropriate courts.
Automated decision-making process, including profiling
Your personal data will not be subject to any automated decision-making process, including profiling.