Navdanya International – Onlus, legal address: Piazza Donatello, 2 – 50132 Firenze (FI), CF 94192980483 email info@navdanyainternational.it, as Controller of personal data processing for navdanyainternational.org website (hereinafter, “Controller”) informs you under art. 13 of Eu Regulation n. 2016/679 (“GDPR”) that your personal data will be processed according to the following modalities and purposes:
Object of the treatment
The Controller processes the personal, identifying data (such as name, surname, company name, address, telephone number, e-mail address, bank and payment details – hereinafter, « personal data » or « data ») communicated by you for the pursuit of the purposes identified in the Association’s Statute.
Purpose of the treatment
Your personal data will be processed:
without your express consent (art. 6 letter b), e) GDPR), for the following service purposes:
– fulfilling any pre-contractual, contractual and fiscal obligations arising from existing relationships with you (e.g. employment contracts, service contracts);
– fulfilling any obligation provided by law, regulation, Community legislation or any order of the Authority (such as in the field of anti-money laundering regulations);
– exercise the rights of Navdanya International, for example the right of defence in court.
Only with your specific and distinct consent (Art. 7 GDPR), for the following promotional purposes:
– send you via e-mail, post and/or text messages and/or telephone contact, newsletters, communications and/or material on the activities and projects managed by Navdanya International and surveys on the degree of satisfaction with the quality of our work.
These services may also allow the collection of data relating to the date and time of display of messages by the User, as well as the User’s interaction with them, such as information on clicks on links inserted in messages.
Treatment methods
The processing of your personal data is carried out with reference to the operations indicated in art. 4 no. 2 of the GDPR, namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data is processed electronically and/or automatically.
The treatment may be carried out through the use of automated and computerized systems and will be carried out in such a way as to ensure the security and confidentiality of data in accordance with current legislation, inspired by the principles of correctness and lawfulness of treatment.
Navdanya International will process personal data for the time necessary to fulfil the above purposes and in any case for no longer than 10 years from the termination of the relationship for the purposes of service. For promotional purposes, your data will be deleted at your request.
Access to data
Your data may be made accessible for the purposes referred to in art. 2.A) e 2.B):
– to Navdanya International employees and collaborators authorised to process personal data;
No personal data will be provided to third parties by the holder of the treatment, unless requested, followed by express authorization provided by the same person.
Data Communication
Without the need for express consent (art. 6 letter. b) and c) GDPR), Navdanya International may communicate your data for the purposes referred to in art. 2. A) to supervisory bodies, judicial authorities, insurance companies for the provision of insurance services, as well as to those persons to whom communication is required by law for the performance of these purposes. These subjects will process the data in their capacity as independent data controllers.
Your data will not be disclosed.
Data transfer
Personal data are stored on servers located within the European Union. In any case, it is understood that the Controller, if necessary, will have the right to move the servers even in non-EU countries. In this case, the Data Controller hereby guarantees that the transfer of data to non-EU countries will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided for by the European Commission.
Nature of data provision and consequences of refusal to respond
The provision of data for the purposes referred to in art. 2.A) is mandatory. In their absence, we cannot guarantee the services stated in art. 2.A).
The provision of data for the purposes referred to in art. 2.B) is instead optional. You may therefore decide not to provide any data or subsequently deny the possibility of processing data already provided: in this case, you may not receive newsletters, communications and material relating to the activities and projects of Navdanya International. In any case, you will continue to be entitled to the Services referred to in art. 2.A).
Rights of the interested party
As an interested party, you have the rights under Art. 15-22 GDPR and precisely the rights to:
- obtain confirmation of the existence or not of personal data concerning you, even if not yet recorded, and their communication in intelligible form;
- obtain information on: a) the source of the personal data; b) the purposes and methods of processing; c) the logic applied in the event of processing carried out with the help of electronic means; d) the identification data concerning the data controller, data processors and the representative designated pursuant to art. 3, paragraph 1, GDPR; e) the entities or categories of entities to whom the personal data may be communicated or which may be informed in light of their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing;
- obtain: a) the updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) certification that the operations as per letters a) and b) have been notified, also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;
- oppose, as a whole or partially: a) for legitimate reasons to the processing of personal data concerning you, even if pertinent to the purpose of collection; b) the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by e-mail and / or traditional marketing methods by telephone and / or mail. It should be noted that the right of opposition of the person concerned, as set out in point b) above, for direct marketing purposes using automated methods extends to traditional ones and that, in any case, the possibility for the person concerned to exercise the right of opposition even partially. Therefore, the interested party may decide to receive only communications by traditional means or only automated communications or neither of the two types of communication;
Where applicable, he also has the rights under Articles 16-21 GDPR (Right of rectification, right to be forgotten, right to limitation of processing, right to data portability, right of opposition), as well as the right of complaint to the Guarantor Authority.
Modes of rights exercise
You may at any time exercise your rights by sending:
– a registered letter with return receipt to the person in charge of data processing – Navdanya International Onlus, Piazzale Donatello, 2 – 50132 Firenze (FI)
– an e-mail to info@navdanyainternational.org
Data Processor and persons in charge of the processing
The updated list of data processors and persons in charge of data processing is kept at the legal address of the Data Controller.