Identity and contact details of the Data Controller of personal data
Pursuant to Art. 13 of European Regulation 679/2016 on the protection of personal data (hereinafter referred to as GDPR), we inform you that the data you voluntarily provide will be processed by DM Cultura s.r.l., a sole-shareholder company (hereinafter referred to as DM Cultura), which is the Data Controller and can be contacted at: firstname.lastname@example.org
Purposes of the processing for which the personal data collected is intended
The personal data provided with your consent will be processed for the following purposes:
- To send information following an explicit request from you on the dedicated page (“Contact us”). The data will be processed by data processors who are employees and/or consultants of DM Cultura for technical and/or application purposes.
- To send information relating to communications, initiatives, and events promoted by DM Cultura. The data will be processed by employees and/or consultants of DM Cultura and may also be communicated, solely for the purposes mentioned above, to companies with which DM Cultura has contractual or business relationships in order to propose initiatives/events in partnership with DM Cultura, which will process the data as Data Protection Officers or agents authorised for this purpose. During the course of our initiatives/events, subject to specific authorisation and permission, photographs may be taken and/or audio-video recordings made – possibly also transmitted via streaming – which may depict the participants for the purposes of promoting, publicising and documenting the events.
- To undertake personnel selection and recruitment activities, where personal data will be processed exclusively with reference both to the positions for which you have applied and to other present and future positions, with the support of paper, computer or telematic means, in any case suitable for ensuring the security and confidentiality of the corresponding processing. The provision of such data is optional, but your refusal to provide it will make it impossible for the Data Controller to process your data and consequently to carry out the selection activities. In the case of self-application, your data may also be included in a computerised database and will be processed in accordance with existing selection and recruitment requirements. If you submit your CV in response to a recruitment message from us, your data will only be used for selection purposes related to this search. If, with specific authorisation, you invite us to process your data for other selections, this will be done in the same way as for self-applications. Your data will be processed by employees and/or consultants of DM Cultura in charge of data processing and may also be disclosed, solely for the above purposes, to companies with which DM Cultura has contractual relations or business relationships for the selection and recruitment of personnel. In addition, all the criteria set out in Legislative Decree 125/91 will be adopted to ensure non-discrimination between the sexes in the selection process. The processing of common personal data for the purposes strictly connected to the selection and recruitment activities and its inclusion in the DM Cultura database does not require your specific consent. Similarly, pursuant to Art. 6 (Lawfulness of processing) of the GDPR, consent is not required even if the CV contains personal data defined as “special category” as indicated by Art. 9 of the GDPR.
Recipients of processed personal data
In addition to the recipients already indicated, it should be noted that your data may also be processed, for the sole purpose of administrative/accounting management, by external companies that undertake these activities, and for technical purposes by employees of the information systems of DM Cultura and/or by external companies, for the operation of navigation on the site and for the purposes indicated in the preceding paragraph. In all cases, third-party processing of the personal data you have provided will not take place without you having given specific consent.
The personal data retention period for the purpose referred to in point a) above is 1 year from the date of completion of the form.
The personal data retention period for the purposes referred to in point b) above is 2 years from the date of completion of the form.
The personal data retention period for the purpose referred to in point c) above is one year from the date of inclusion of the CV or its most recent update.
The personal data retention period for the purpose referred to in point d) above is 2 years and in any case in compliance with administrative/accounting regulations.
Rights of the data subject
During the period of time for which your personal data is stored, you will be able to exercise your rights under Chapter III of the GDPR (Articles 15 to 22 of the GDPR). Among these, we briefly remind you of the rights to:
- Withdraw consent at any time, without affecting the lawfulness of any processing based on consent given prior to withdrawal.
- Obtain access to and confirmation of the existence or otherwise of personal data concerning you.
- Learn the logic and purposes of the processing.
- Obtain the cancellation or blockage, or the updating, rectification or integration, of the data.
- Obtain your personal data, provided with your consent and processed by automated means, in a structured and readable format for transmission to another data controller.
- Object, on legitimate grounds, to the processing of such data and to lodge a complaint with a supervisory authority.
The processing of your personal data will be based on principles of correctness, lawfulness and transparency and your privacy and your rights will be protected. Contact e-mail address for the exercise of rights: email@example.com
For any information or request, you can contact directly: DM Cultura s.r.l., a sole-shareholder company, – ref. Privacy, Piazza di Sant’Andrea della Valle, 6 – 00186 Rome, firstname.lastname@example.org.
Additional information: Types of data collected
The Personal Data collected by this Application, either independently or through third parties, includes: Cookie, Usage Data, First Name, Last Name, Entity or Company, Entity Type, Phone Number and E-mail.
Users acknowledge their responsibilities for Personal Data related to third parties published or shared by the Application and warrant that they are entitled to disclose or disseminate said data, releasing the Data Controller from any liability to third parties.
Method and place of processing for the collected Data Data processing methods
The Data Controller processes Users’ Personal Data using suitable security tools to protect against the unauthorised access, distribution, modification or destruction of Personal Data. Processing is carried out using electronic and/or telecommunication tools in line with organisational procedures and on the basis of principles strictly related and limited to the stated purposes. In addition to the Data Controller, in some cases, the Data may be accessed by categories of employees involved in the organisation of the Site (administrative, commercial, marketing, legal, system administrators) or external parties (such as third-party technical service providers, mail couriers, hosting providers, IT companies, communication agencies) and by Data Controller-appointed Data Protection Officers, where necessary. The updated list of Data Protection Officers can be requested from the Data Controller.
The Data is processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For further information, contact the Data Controller.
Details regarding the processing of Personal Data Contact form
The User, by filling in the contact form with their Data, consents to its use to respond to the purposes indicated to requests for information, quotes, or any other category indicated in the header of the form.
The Personal Data collected can include: Name, Surname, Organisation or Company, Organisation type, E-mail and Telephone number.
Interaction with social networks and external platforms
These services allow you to interact directly with social networks or other external platforms, using the pages of this Application. The interactions and information acquired by this Application are in any case subject to the User’s privacy settings for each social network. If a service for interacting with social networks is installed, then it may still collect traffic data for the pages it is installed on, even if the Users do not use the service.
Facebook 'Like' button and social media widgets (Facebook, Inc.)
Tweet button and Twitter social widgets (Twitter, Inc.)
The services contained in this section allow the Data Controller to monitor and analyse traffic data and are used to keep track of User behaviour.
Google Analytics (Google Inc.)
Social Media Policy
DM Cultura is present on various social networks, in particular:
- Facebook with the company page https://www.facebook.com/DMCultura.Italia/
- Twitter: https://twitter.com/dmculturait
- LinkedIn: https://www.linkedin.com/company/dm-cultura/
On social media we share our most significant projects and news that may be of interest to the culture sector.
DM Cultura uses social media, given that it is a place of sharing and exchange open to all. Therefore, with the aim of guaranteeing a better experience, it has defined a specific corporate Social Media Policy.
On DM Cultura social profiles it is FORBIDDEN to publish:
- Data and personal information of third parties without the explicit consent of the data subjects
- Images and materials that violate copyright/industrial rights
- Contents that are confidential or that otherwise infringe the rights of third parties
- Photographs and images collected without the consent of the data subjects
- Spam content
- Offensive and discriminatory comments
- Off-topic content
Failure to comply with this policy will result in the removal of published comments and content and, in the most serious cases, even the blocking of access to our social channel, with notification for the necessary measures.
DM Cultura is not responsible for the content posted by users on our social profiles.
DM Cultura, moreover, in the execution of specific administration activities of its Facebook fan page does not perform profiling activities for advertising purposes, namely the collection of behavioural data in order to send personalised advertising to users (behavioural targeting) regardless of any profiling activities performed by Facebook itself. Activities for which DM Cultura and its administrators remain operationally and legally unconnected and exempt from any liability.
Additional information on data processing Legal defence
The User’s Personal Data may be used by the Data Controller for defence in court or during the stages leading to possible legal action, against improper use by the User of the same or of related services. The User declares to be aware that the Data Controller may be required to disclose information if requested by public authorities.
System Logs and Maintenance
This Application and any third-party services used by it may collect system Logs, which are files that record interactions and may also contain Personal Data, such as the User IP address, for operational and maintenance purposes.
Information not contained in this policy
Further information from the Data Controller may be requested at any time in relation to the processing of Personal Data using the contact information.
Personal Dara (or Data)
Personal Data shall mean any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more distinctive features of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
This is personal data collected automatically by the Application (or by any third-party applications that it uses), and includes the following: IP addresses or domain names of those computers used by the User when connecting to this Application, Uniform Resource Identifiers (URIs), time of request, method used to submit the request to the server, size of the file obtained in reply, numerical code indicating status of response from the server (successful, error, etc.), country of origin, characteristics of the browser and operating system used by the visitor, various temporal aspects of the visit (for example, time spent on each page) and details of the route taken within the Application, with particular reference to the sequence of pages visited, parameters related to the User’s operating system and IT environment.
The individual who uses this Application, which must coincide with the data subject or be approved by them, and whose Personal Data is being processed.
The natural or legal person to whom the Personal Data refer.
Data Processor (or Processor)
The natural person, legal person, public administration and any other entity, association or organisation that processes personal data on behalf of the Data Controller.
Data Controller (or Controller)
The natural person, legal person, public administration or any other entity, association or organisation with the right, also jointly with another Data Controller, to make decisions regarding the purposes and methods related to the processing of Personal Data and the means adopted, including the relevant security measures, concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the owner of this Application.
The hardware or software tool by means of which the Personal Data of Users are collected.
We inform you that this Information, provided pursuant to art. 13 of the GDPR will be subject to periodic updates which will be highlighted. Last modification date: This information was updated on 20/05/2021.