Sergio Illuminato guarantees compliance with the regulations in force concerning the protection of personal data and the confidentiality obligations inherent to its activity.
1. DATA CONTROLLER
The Data Controller is Sergio Illuminato (hereinafter “The Controller”), legal office Roma, Italy, e-mail address email@example.com.
The User remains at all times responsible for the images and personal data entered on the website. Except and without prejudice to the above, the Controller reserves the right to withdraw any illicit or illegal content.
2. CATEGORIES OF PERSONAL DATA
The personal data object of the processing are the data provided by the User when completing the subscription form on-line in the various sites managed by the Controller, through social networks, front-office service or by any other means allowed (chat, telephone, e-mail).
The categories of data that the owner is authorized to gather are the following:
Final users (artists, exhibitions and events visitors)
Personal data: name, surname, image, identity document, username on social network (name and surname, in case of access or interaction through social networks).
Contact details: phone numbero, e-mail address, residence, username on social network (name and surname, in case of access or interaction through social networks).
Personal data: date of birth, place of birth, nationality, gender.
Economic and financial data: banking details (if necessary).
Professional users/partners (galleries, residencies, cultural insitutions, critics, curators, art professionals)
Identifying data: Name and surname.
Business contact details: phone number, e-mail address, professional domicile.
Commercial data: business name and activity.
Upon registration, the User acknowledges and accepts that his/her user profile is made publicly visible on the sites linked to the activities of the Controller, as well as on the various search engines on the Internet.
3. MANDATORY OR OPTIONAL CHARACTER OF THE INFORMATION SUPPLIED BY THE USER AND DATA VERIFICATION
Fields marked with an asterisk (*) in the application form to be filled out by the User are necessary to follow up on his/her enrollement, since data entry in all other fields is optional. The User guarantees that the personal data provided are true and updated and committs to communicate any modification of the same, as the User is the only responsible in case of inaccuracy or falsity of the data provided. The Data Controller in turn declares that the personal data obtained are at all times adequate and relevant with respect to the scope, the specific purposes and the nature of the services provided.
4.PURPOSE AND LEGAL BASIS OF PROCESSING
Users’ data are gathered for the following purposes:
– organize art competitions, exhibitions and events in order to give visibility to interested users
– provide users with information on cultural events, competitions, artistic activities, exhibitions, opportunities for artists, talks
– provide information on the network of partners and professionals involved in the activities of the Controller
– facilitate contact by sending requests for information by e-mail, forms and telephone numbers, among partners who carry out cultural activities or services in the world of art and events and interested users
– send promotional and informative communications on services and activities provided by companies, associations, institutions with which the Controller maintains commercial and non-commercial agreements (including commercial communications of professional users and third parties), inherent to the sector of cultural and artistic activities, given the nature and object of the activities of the Controller. The Owner is entitled to send such informative and promotional communications for the entire duration of the relationship between User and Owner, unless the user expresses otherwise.
The personal data provided by the Users are also gathered for statistical purposes.
The Owner is authorized to process the personal data of Users for the purposes described above, as expressly recognized by the current legislation, (i) if the User has given his/her consent and/or (ii) if the information sent is related to activities, products and services regarding the artistic and cultural sector, on condition that the User has not requested to stop receiving such communications.
The Owner may use, without the User’s consent, e-mail and mail addresses, pursuant to and within the limits permitted by art. 130, co. 4 of the Privacy Code and the provision of the Authority for the protection of personal data of June 19th, 2008.In this case, the legal basis for the processing of your data for this purpose is art. 6 (1) (f) of the Regulations.
The Data Controller declares not to take decisions that could influence the User based solely on the automatic processing of his/her personal data. All decision-making processes associated with the purposes of the treatment described above are performed with human intervention.
6. TRANSFER OF PERSONAL DATA TO THIRD PARTIES
Given the nature of the service and activities carried out by the Data Controller, for the purpose of fulfilling its obligations arising from the provision of contractual and partnership services, the Controller has the right to share the Users’ personal data with all the categories included in art.2. The legal basis that legitimizes the Data Controller to transfer personal data lies in the fulfillment of its contractual obligations.
The Controller is also entitled to transfer the personal data of the Users to the following recipients and for the reasons indicated: jurors and partners of the competitions organized by the Controller for the realization of the winners and the creation of the prizes offered and with which the Controller has signed the confidentiality agreements and contracts for the processing of personal data required and imposed by the regulations in force to protect the privacy of Users.
The Data Controller undertakes to promptly inform the User in the event of future transfers of personal data.
7. INTERNATIONAL TRANSFERS OF PERSONAL DATA
In accordance with the current regulations on the protection of personal data, for the correct provision of the services managed by the Controller, Users’ data may be transferred to international partners with whom the Data Controller collaborates and with which the Data Controller has signed the corresponding contract for the processing of data containing the standard contractual clauses adopted by the European Commission.
For further information on guarantees regarding international transfers of personal data, please contact the Data Controller at the following e-mail address
8. DATA CONSERVATION
The Data Controller will continue to process the Personal Data of Users for informational and marketing purposes until the consent is revoked. The user will always be able to withdraw the consent by using the unsubscribe button that can be found in all the newsletter he/she will receive or by sending an email to firstname.lastname@example.org
The User may request further information regarding the policy for the data conservation period and the criteria used to determine such period to email@example.com
9. EXERCISE OF THE RIGHTS OF THE INTERESTED PARTIES AND COMPLAINTS
In accordance with Article 15 et seq. of the GDPR, the User has the right to exercise his/her rights of access, rectification, cancellation, portability, limitation of treatment and/or opposition to the processing.These rights can be exercised by sending a written communication by e-mail to firstname.lastname@example.org . In any case, the User is always entitled to lodge a complaint with the competent Supervisory Authority (Guarantor for the Protection of Personal Data), in accordance with art. 77 of the Regulation, if they believe that the processing of their Personal Data is contrary to the current legislation.
10. PERSONAL DATA OF MINORS
The inclusion of personal data of minors on the Site implies the obligation of the User responsible for such insertion to declare expressly and without reservation: – to be the legitimate holder of the rights necessary to provide the personal data and the image of the minor
– that the inclusion of the aforementioned data does not in any way prejudice the minor or violate any of their rights
– to indemnify Sergio Illuminato from any possible claim or demand in this regard, and take full responsibility deriving from such claim or demand.
11. SAFETY OF DATA PROCESSING
The Owner informs Users that they have adopted the appropriate technical and organizational measures established by current regulations, in order to guarantee the safety of personal data and avoid their destruction, loss, modification, unauthorized disclosure or access, taking into consideration the state of the art, the nature of the personal data stored and the risks to which they are exposed.
It is possible to contact Sergio Illuminato at the e-mail address email@example.com .