Authorized users. The website is not direct and is not intended for access and use by people under the age of 18. We do not intentionally collect or use personal information from users who we believe are under the age of 18.
Owner and purpose of the treatment. CBPT Research Center is responsible for the treatment and personal data of the user. The purposes for which CBPT Research Center collects and processes your information and data, include (without limitation):
– To maintain your CBPT membership relationship and offer you the benefits of CBPT membership
– To be able to contact you by e-mail, post and telephone
– To keep you informed about CBPT related activities
– To invite you to events organized by CBPT Research Center
– To send you newsletters
We will only collect and process personal data about you if we have legal bases. The legal basis for processing is compliance with the membership relationship established by you, as well as your consent established by providing your information as described in this privacy statement.
Types of data processed, purpose and nature of the processing, legal basis and consequences of a refusal
Browsing the Site
The computer systems and software procedures used to operate this Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. It follows that any theoretical refusal to provide such data would make it impossible to consult the Site.
This category of data includes the IP addresses or domain names of the computers and terminals used by users, the URI / URL (Uniform Resource Identifier / Locator) addresses of the requested resources, the time of the request, the method used in the submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.
These data, necessary for the use of web services, are also processed for the purpose of:
- obtain statistical information on the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.);
- check the correct functioning of the services offered.
The navigation data are deleted immediately after their aggregation (except for any need to ascertain crimes by the judicial authorities).
The legal basis for the processing of your data for this purpose is the fulfillment of your request, pursuant to Article 6, first paragraph, letter b), of the GDPR, to be considered implicit by reason of the simple access to the Site; therefore, your consent is not necessary to authorize the processing.
Within the site there are various sections through which interested parties can provide their personal data to the CBPT Research Center or the contact details to be used to communicate with the Organization in order to request information, as well as to propose their application, to register. to courses, to register on the platform dedicated to training, to register on the platform dedicated to the FAD, as well as to access all the services offered online by the CBPT Research Center
In this case, the object of the processing is the personal identification data of the user (for example, name, surname, contact data, etc.) communicated through forms and guide fields, as well as – for those who send their Curriculum Vitae – information on training , on the experiences, cultural and occupational interests of candidates for open job positions, as well as any other information sent in free format by the interested party through the various communication channels of the CBPT Research Center.
The legal basis for the processing of the data of the interested party is the fulfillment of his request, pursuant to Article 6, first paragraph, letter b), of the GDPR, to be considered implicit by reason of the simple access to the forms present on the Site. ; therefore, your consent is not necessary to authorize the processing.
The data of the interested party may also be processed for the purpose of sending material relating to the training offer of the Center (Courses, Events, our publications, etc.); the legal basis that legitimizes the consequent processing is the consent of the interested party, which is free to give or not and which can, in any case, revoke at any time.
Personal data received through the website will be kept for as long as necessary to achieve the purposes of the processing.
With reference to the personal data processed for the purpose of informing and promoting the services of the CBPT Research Center, the same will be kept in compliance with the principle of proportionality and in any case until the purposes of the processing have been pursued or until the specific consent is revoked. by the interested party.
No automated decision-making processes are applied and no profiling of data subjects is carried out; the Data Controller exclusively verifies, in an analytical way, the interests expressed by users in order to generate targeted advertising campaigns and newsletters responding to the needs of the subjects who have given consent to the sending of promotional material, without involving them in massive and non-massive mailings. relevant to the information requested.
For the processing of personal identification data required for the use of any available services connected to this website (eg E-Learning platform, registration platform), please refer to the specific information.
Cookies and other tracking systems
How your personal data will be processed
The processing of your personal data will take place, in compliance with the provisions of the GDPR, using IT and telematic tools, for the purposes indicated and, in any case, with methods suitable for guaranteeing their security and confidentiality in accordance with the provisions of Article 32 of GDPR.
To which subjects your personal data may be disclosed and who can learn about them
For the pursuit of the purposes described above, your personal data will be communicated to employees, external consultants and collaborators of the Data Controller who will operate as persons authorized to process personal data, specifically appointed as data processors.
Furthermore, for the pursuit of the aforementioned purposes, your personal data may be processed by the following third parties:
- service providers for the management of information systems;
- technical assistance service providers;
- other service providers.
The subjects belonging to the categories listed above will operate, in some cases, as separate data controllers, in other cases, as data processors specifically appointed by the Data Controller pursuant to Article 28 of the GDPR. In any case, the communication of your data to the third parties identified above is based on the legitimate prevailing interest of the Data Controller, given that it is necessary for the pursuit of the aforementioned purposes.
At any time you can ask for the list of data processors by contacting the Data Controller.
Your personal data will not be disclosed to the public.
Furthermore, the Data Controller does not intend to carry out any type of transfer of your personal data to non-European countries.
How can you exercise your rights
The aforementioned rights may be exercised by contacting the Data Controller at the above addresses. The exercise of your rights as an interested party is free of charge pursuant to Article 12 of the GDPR. However, in the case of manifestly unfounded or excessive requests, also due to their repetition, the Data Controller may charge you a reasonable fee, in light of the administrative costs incurred to manage your request, or deny the satisfaction of your request.
Finally, we inform you that the Data Controller may request additional information necessary to confirm the identity of the interested party.
Sources of information
Personal information provided by the user. We do not use our website to collect personally identifiable information about you other than that voluntarily provided for various purposes. We receive information about you from our interactions with you, even when you request registration, we request to become a Professional trained in CBPT. Depending on the information you provide to us, the information we receive may include your name, instruction and documents, and other credentials, billing and / or shipping address, telephone number, date of birth, form of payment, email address. If you pay by check or use a credit or debit card, the information received will include your account number. If you choose not to provide any personal information about yourself, you may not be able to participate in certain programs or activities and we may not be able to satisfy a request that you may have. If you provide personal information, you agree to provide true and accurate information in relation to your registration and to promptly inform us of any changes in the registration information.
Security of your transactions
Policies and procedures. We follow generally accepted standards to ensure that the information you share with us is handled safely, securely and responsibly. We maintain and monitor our physical, electronic and procedural systems to achieve this and comply with all applicable laws and regulations. Although we try to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third party “hackers” from illegally obtaining this information. We are not responsible for any breach of your security or for the actions of third parties who may obtain personal information. It is prohibited to violate or attempt to violate security or otherwise interfere with the operation of the website. We do not expressly make and disclaim any representations or warranties, expressed or implied, regarding the security or integrity of the website and your personal information.
Information shared with others
Registration information. We make membership information available to CBPT branches, the public and our members through our printed and online membership directories. If you do not want your membership information to be displayed, log in and change your viewing preferences or contact us.
Except as described in this privacy statement, we do not disclose personal information to third parties except (1) for the purpose of communicating with you when it is necessary to complete the transactions that you have authorized, including but not limited to providing such information to data processors or postal services, (2) when employees, agents and contractors need to manage or manage the website or correct a technical problem; (3) when you need to verify the existence or conditions of your account with a financial institution, a credit institution or other third parties; (4) with our affiliates or (5) if we combine or transfer the organization’s resources to another organization.
Information for the treatment of personal data
Information document pursuant to and for the purposes of Article 13, Reg. (EU) 2016/679
With this document (“Information”), the Data Controller, as defined below, wishes to inform you about the purposes and methods of processing your personal data when consulting the website cbpt.org and about the rights that the Regulation (EU) 2016/679, concerning the protection of individuals with regard to the processing of personal data, as well as the free circulation of such data (“GDPR”), recognizes them.
This Notice relates exclusively to the processing of personal data conducted through the website cbpt.org
- Data Controller
CBPT Research Center
Registered office: Piazza Antonio Mancini, 4- 00196 Rome
Operating Office: Piazza Antonio Mancini, 4- 00196 Rome
- Object of the Treatment
Object of treatment are:
- Personal identification data such as personal data, tax code, identity documents, contact details, CVs, certificates about the training carried out if required, etc;
- Personal fiscal and banking data necessary for accounting records and for making payments
3. Purpose and legal basis of the processing
The collection and processing of personal data are carried out:
- For purposes connected and instrumental to the service provided. This need represents the legal basis that legitimizes the consequent processing. The provision of the data necessary for these purposes represents a necessary requirement for the provision of the service in question.
- For administrative or accounting purposes. This need represents the legal basis that legitimizes the consequent processing. The provision is necessary for the economic and administrative execution of the service relationship (where provided).
- To fulfill legal obligations and the provisions of the Supervisory Authorities and Bodies or administrative practices. This need represents the legal basis that legitimizes the consequent processing. The provision of the data necessary for these purposes represents a legal obligation.
- To exercise the rights of the owner, for example the right to defense in court. This need represents the legal basis that legitimizes the consequent processing. The provision of the data necessary for these purposes represents a legal obligation.
- In order to send material relating to the training offer (Courses, Events, our publications, etc.). The legal basis that legitimizes the consequent processing is the consent of the interested party, who is free to give or not and who can, however, withdraw at any time.
The processed data will be processed based on the principles of correctness, lawfulness, transparency and protection of the confidentiality and rights of the participants. The personal data provided will be processed for the entire duration of the event, from the organization of the event to the verification of participations with any feedback and, also subsequently, for the fulfillment of all legal obligations.
- Processing methods
The processing of personal data consists of the collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. The processing of data for the purposes set out above takes place with both automated, electronic or magnetic, and non-automated, paper-based methods, in compliance with the rules of confidentiality and security provided for by law, the consequent regulations and internal provisions.
- Place of processing
The data are currently processed and archived at the operational headquarters of the data controller. They are also processed, on behalf of the Data Controller, by professionals and / or companies in charge of carrying out technical, consultancy, development, management and administrative-accounting activities.
- Recipients or categories of recipients of the data
For the pursuit of the indicated purposes, the natural and legal persons appointed as Data Processors and the natural persons authorized to process the data necessary for the performance of the tasks assigned to them may have access to the data of the interested party: – employees and collaborators of the Data Controller, in their capacity as authorized subjects and / or internal data processors, with particular reference to those responsible and in charge of the personal management and administration functions, and / or technical collaborators and network / system administrators; – third-party companies or other subjects (as an indication, professional service supply companies, consultants, insurance companies for the provision of insurance services, accountants etc.) who carry out outsourcing activities on behalf of the Data Controller, in their capacity as External Managers of the treatment.
The Data Controller may communicate the data of the participants to third parties, such as, for example, those belonging to the following subjects or categories of subjects: Supervisory Bodies, Judicial Authorities, as well as to those subjects to whom communication is mandatory by law for the performance of the purposes indicated above.
These subjects will process the data in their capacity as independent data controllers.
Participant data will not be disseminated by Data Controller.
- Data retention period
The data provided for accounting and administrative activities (where provided) will be kept in the owner’s archives for a period of 10 years as established by law by the provisions of art. 2220 of the Italian Civil Code, without prejudice to any delayed payment of the fees that justify their extension. With reference to the personal data processed for the purpose of informing and promoting the services of the CBPT Research Center, the same will be kept in compliance with the principle of proportionality and in any case until the purposes of the processing have been pursued or the withdrawal of the specific consent occurs by the interested party.
- Transfer of data abroad
The Data Controller hereby declares not to transfer data to third countries or international organizations that are not related to the agreed activities.
- Automated decision-making processes
No automated decision-making processes are applied.
- Rights of the interested party
Pursuant to articles 15 to 22 of the 2016/679 European Regulation, the interested party is informed that:
- he has the right to ask the CBPT Research Center as the data controller to access personal data, correct or cancel them or limit their processing or to oppose their processing, in the cases provided for;
- he has the right to receive his personal data provided to the CBPT Research Center and processed by them on the basis of consent or other legal basis in a structured, commonly used and legible format, as well as the right to transmit such data to another Data Controller unimpeded processing;
- he has the right not to be subjected to decisions based solely on automated processing, including profiling, which produce legal effects concerning him or which significantly affect his person in a similar way;
- he has the right to lodge a complaint with the Guarantor for the protection of personal data, following the procedures and indications published on the official website of the Authority at garanteprivacy.it;
- any corrections or cancellations or limitations of processing carried out at the request of the interested party – unless this proves impossible or involves a disproportionate effort – will be communicated by the CBPT Research Center to each of the recipients to whom the personal data have been transmitted. The CBPT Research Center may communicate these recipients to the interested party if the interested party requests it.
The exercise of the rights is not subject to any formal constraint and is free of charge.
- How to exercise the rights of the interested party
To exercise the rights provided for by the European Regulation 2016/679, listed above, the interested party may send a written request by registered letter with Return Receipt. to:
CBPT RESEARCH CENTER
Piazza Antonio Mancini 4 – 00196 Rome