Privacy Policy

Information on the processing of personal data collected from the data subject (Art. 13 of EU Regulation 2016/679 - GDPR).
Source of personal data and Data controller

ANFIA (Tax code 80084590019) with headoffice in Corso Galileo Ferraris 61, 10128 - Turin, (below “ANFIA” or the “Company” or “Controller”), is the data processor and controller pursuant to art. 4, 7 and and 24 of Regulation (EU) 2016/679 (below “Regulation” or “GDPR”) of personal data acquired by your access on our website / and, in general, in occasion of and during our ANFIA NEXT MOBILITY HACKATHON 2022, to the acquisition and processing of the personal data of the participants in the event for various reasons.

1. DEFINITIONS
Processing of personal data means any operation or set of operations which are performed with or without the aid of computerised processes and applicable to both personal data or sets of personal data, even if not stored in a database, such as the collection, recording, organising, structuring, storing, processing, selecting, blocking, adaptation or modification, retrieval, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or sharing, restriction, deletion or disposal.

2. OBJECT OF PROCESSING
The Data Controller processes personal, identifiable and non-sensitive data, in particular, name, surname, email address, telephone number, information included into bank and payment details, digital images, video/audio recordings, photos (below “personal data” or even “data”) that You have communicated.

3. PURPOSES OF PROCESSING
Your personal data are processed:
A) without Your explicit consent exart. 6 lett. b) and e) of GDPR, for the following Service Purposes:

• managing NEXT MOBILITY HACKATHON ed.2022
  
• providing webinar sessions of the Event;
• fulfilling the obligations established by the services paid or subscribed, by the law and regulations or by an order of the Authority (such as for anti-money laundering);

B) Only subject to Your explicit and distinct consent (Article 7 GDPR), for the following Marketing Purposes:

• introducingYou and interactions during talks with third parties and companies involved in the Events;
• marketing:sending by e-mail, telephone, newsletters of commercial communications and / or advertising material on other different services offered by the Controller and recognition of the degree of satisfaction on the quality of services;
• mailing and profiling: sending by e-mail, mail and / or sms and / or telephone contacts commercial and / or promotional communications of third parties (for example, business partners);
• interaction services with social networks and widgets: webinar (Zoom, Cisco Webex and similar platform), our website, Facebook, Instagram, LinkedIn;
• online platforms displaying content from external platforms: YouTube;
• post pictures, videos or audio recordings: even live on streaming, through the Zoom, Cisco Webex and similar platforms.

4. PROCESSING AND PERIOD OF STORAGE
The processing of your personal data is carried out in accordance with the procedures described in art. 4 no. 2) GDPR, namely: the collection, recording, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, sharing, blocking, communication, cancellation and deletion of data.
Your personal data will be processed both electronically and on paper and/or by automated means
The Data Controller will process the personal data for the time necessary to fulfil the above purposes under letter B) above and however for no more than 2 years from the acquisition or consent of the User.

5. ACCESS TO DATA
Your data may be made accessible for the purposes referred to in art. 3.A) and 3.B):

• to employees and co-workers of the Data Controller in Italy and abroad, in their capacity as persons in charge and / or internal managers of processing;
• to third-party companies or other subjects who carry out outsourced activities on behalf of the Data Controller, in their capacity as external managers of processing;
• ANFIA associates, partners and sponsors of the Event, related staff and consultants.

6. COMMUNICATION OF DATA
Without your express consent (ex-art. 6 letter. b) and c) GDPR), the Data Controller may communicate your data for the purposes referred to in art. 3.A) to supervisory bodies, judicial authorities and all other persons to whom communication is required by law for the performance of these purposes. Your data will not be disclosed.

7. DATA TRANSFER
The management and storage of personal data will be carried out:

• on servers of the Controller located within the European Union.
• on servers of third-party companies, duly appointed as data Processors, that provides the data protection assured by the EU Regulation 2016/679;
• only under Your express consent, on servers of third-party companies, duly appointed as data Processors, located outside the European Union, that may not meet the same data protection standards provided by the EU Regulation 2016/679.

8. NATURE OF THE DATA TRANSFER AND IMPLICATION OF REFUSAL TO REPLY
7.1The communication of data for the purposes of art. 3 A) is mandatory. In their absence, we will not be able to offer You the services of art. 3 A).
7.2The communication of data for the purposes of art. 3 B) is not mandatory. Therefore, You can choose whether to refuse to confer any data or to later deny the treatment of previously communicated data. In this case, You will not receive any related service.

9. RIGHTS OF THE DATA SUBJECT
Pursuant to art. 15 GDPR You have the following rights:

• obtain confirmation as to whether or not personal data concerning You are being processed, even if not yet registered, and their communication in intelligible form;
• obtain the indication of: a) the source of personal data; b) the purposes and methods of the processing; c) the logic applied in case of treatment carried out with the aid of electronic instruments; d) the identity and the contact details of the Controller, Processors and, where applicable, of the Controller’s representative; e) the subjects or the categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the territory of the State or processors;
• obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case where such fulfilment is it proves impossible or involves a use of means manifestly disproportionate to the protected right;
• to object, in whole or in part: a) for legitimate reasons, the processing of personal data concerning You, even if pertinent to the purpose of the collection; b) to the processing of Your personal data for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by email and / or through traditional marketing methods by telephone and / or paper mail. It should be noted that the right of opposition of the interested party, set out in point b) above, for direct marketing purposes through automated methods extends to traditional ones and that in any case the possibility remains for the data subject to exercise the right to object even only partially. Therefore, the interested party can decide to receive only communications using traditional methods or only automated communications or none of the two types of communication.

Where applicable, You have the rights referred to in Articles 16-21 GDPR (Right of rectification, right to be forgotten, right to restriction of processing, right to data portability, right to object), as well as the right of complaint to the Data Protection Authority.

10. ARRANGEMENTS FOR THE EXERCISE OF RIGHTS
You may at any time exercise the above rights by sending:

• a registered letter with advice of receipt addressed to ANFIA – Corso G. Ferraris 61 – 10128 TORINO
• registered mail to: ANFIA - anfia@legalmail.it
  
• e-mail to: privacy@anfia.it

11. DATA CONTROLLER AND DATA PROTECTION OFFICER
ANFIA with headoffice in Corso Galileo Ferraris 61, 10128 - Torino, is the data processor and controller.
The Data Controller has also appointed a Data Protection Officer, who can be contacted at: rdp@anfia.it. The updated list of any data processors is kept at the registered office of the Data Controller.