Privacy Policy of the Website
Newsletter
Associazione di Promozione Sociale “Sotto il Segno del Toro” with registered offices in Strada Provinciale Galliera, 319 – 40050 Argelato (BO) – Italy, Tax Code/VAT No. 03374441206 (hereinafter the “Data Controller”), owner of the website www.museolamborghini.com (hereinafter the “Website”), as the controller of personal data of the users who browse and are registered on the newsletter of the Website (hereinafter the “Users”) provides the following privacy policy according to Article 13 of EU Regulation 2016/679 dated 27 April 2016 (hereinafter, “Regulation” or “Applicable Regulations”).
The Data Controller takes the utmost account of its Users’ right to privacy and protection of personal data. For any information related to this privacy policy, Users may contact the Data Controller at any time, using the following methods:
- Sending a registered letter with return receipt to the registered offices of the Data Controller (Associazione Sotto il Segno del Toro a.p.s., Strada Provinciale Galliera, 319 – 40050 Argelato (BO));
- Sending an electronic mail message to the address info@museolamborghini.com
The Data Controller has not identified a Data Protection Officer (RPD or DPO), as it is not subject to the obligation of designation provided for by Article 37 of the Regulation.
- Processing purposes
The personal data of Users will be processed lawfully by the Controller pursuant to Art. 6 of the Regulation for the following processing purposes:
- to fulfil User requests: Users’ personal data are collected and processed by the Controller for the sole purpose of processing their request for the newsletter. Therefore the User will receive from the Controller a periodic newsletter regarding information, updates and news related to the Tonino Lamborghini products and to the activities of the Controller. User data collected by the Controller for this purpose includes only the email address. No other processing will be carried out by the Controller in relation to the personal data of Users. Notwithstanding what provided for elsewhere in this privacy policy, under no circumstances will the Controller make the personal data of Users accessible to other Users and/or third parties.
- administrative-accounting purposes, i.e. to carry out activities of an organisational, administrative, financial and accounting nature, such as internal organisational activities and activities instrumental for the fulfilment of contractual and pre-contractual obligations;
- legal obligations, i.e. to fulfil obligations provided for by the law, an authority, a regulation or European legislation.
The provision of personal data for the purposes indicated above is optional but necessary, as failure to provide them will make it impossible for the User to receive the newsletter from the Controller.
In case of consent, Users may also easily object to further sending of the newsletter by clicking on the specific link for the withdrawal of consent, which is present in each email containing the newsletter. Once the consent has been withdrawn, the Controller will send Users an e-mail to confirm such withdrawal.
- Processing methods and data retention periods
The Controller will process the personal data of Users with manual and computer tools with a rationale strictly related to said purposes and, in any case, in such a way as to ensure the security and confidentiality of the same.
The personal data of Users will be retained for the time strictly necessary to carry out the primary purposes described in paragraph 1 above or, in any case, until the User will perform activities indicating an interest and some interaction – even minimum – with the received email (by way of example but not limited to: opening of the e-mail, booking and/or participation to events, sending of answer and any other activity which may be considered as an evidence able to demonstrate the interest of the User in receiving the newsletter).
- Scope of communication and dissemination of data
The personal data of Users may be disclosed to the employees and/or collaborators of the Controller in charge of managing the Site and User requests. These persons, who have been instructed in this sense by the Controller pursuant to Art. 29 of the Regulation, will process User data exclusively for the purposes indicated in this policy and in compliance with the provisions of Applicable Legislation.
The personal data of Users may also be disclosed to third parties which might process personal data on behalf of the Controller in the capacity of “External Data Processors”, such as, by way of example, suppliers of IT and logistics services instrumental to the operation of the Site, outsourcing or cloud computing service providers, professionals and consultants.
Users have the right to obtain a list of any data processors appointed by the Controller, by making a request to the Controller in the manner indicated in paragraph 4 below.
- Rights of Data Subjects
Users may exercise their rights granted by the Applicable Law by contacting the Data Controller as follows:
- Sending a registered letter with return receipt to the registered offices of the Data Controller (Associazione Sotto il Segno del Toro a.p.s., Strada Provinciale Galliera, 319 – 40050 Argelato (BO));
- Sending an electronic mail message to the address info@museolamborghini.com
Pursuant to Applicable Legislation, the Controller hereby informs Users of their the right to obtain i) the indication of the origin of personal data; ii) the processing purposes and methods; (iii) the rationale applied in the case of processing with the aid of electronic means; (iv) the identification details of the controller and processors; (v) of the subjects or categories of subjects to which the personal data may be disclosed or which may become aware of the same as processors or persons in charge of processing.
Furthermore, Users have the right to obtain:
- a) access, updating, rectification or, where interested, integration of the data;
- b) cancellation, anonymisation or blocking of data processed unlawfully, including data that is not required to be retained for the purposes for which the data was collected or subsequently processed;
- c) certification that the operations described in points a) and b) above have been notified, also as regards their content, to those to whom the data has been disclosed or disseminated, unless this requirement proves impossible or involves the use of means clearly disproportionate to the right protected.
Furthermore, Users have:
- a) the right to revoke consent at any time, if the processing is based on their consent;
- b) the right to data portability (right to receive all personal data concerning them in a structured, commonly used format readable by an automatic device), the right to restriction of processing personal data and the right to deletion (“right to be forgotten”);
- c) the right to object:
- i) in whole or in part, for legitimate reasons, to the processing of personal data regarding them, even if pertinent to the collection purposes.
- d) should they consider that the processing that concerns them violates the Regulation, the right to make a complaint to the Supervisory Authority (in the Member State in which they are habitually resident, in the Member State in which they work or in the one in which the alleged violation occurred). The Italian Supervisory Authority is the Authority for the protection of personal data, located in Piazza Venezia n. 11 – 00187 Rome (http://www.garanteprivacy.it/).
The Controller is not responsible for updating all the links in this Policy and, therefore, whenever a link is not functioning and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by such link.