Information on the Protection of Personal Data
(Law 196/2003 and EU-GDPR 2016/679)
Legislative Decree n.196/2003 and the successive update EU-GDPR 2016/679 (General Regulation on the Protection of Data) safeguard the treatment of personal data. According to these laws, such treatment will be based on principles of correctness, lawfulness, and transparency, and will protect the privacy and rights of the user and of the members. The following information is in accordance with art.13 of the legislative decree n.196/2003 and EU-GDPR 2016/679.
We intend to manage the data in the following ways:
a) Personal data voluntarily communicated will be registered and stored on electronic and paper databases, protected and inaccessible to the public, and will be kept until the relationship with the association has been dissolved according to the terms of art.2220 of the civil code.
b) Provided data will be used for the following reasons:
- for the organization of Vipassana and Metta retreats for the members.
In particular, member’s personal data may be used for the following ends:
- to provide booking services for events, and access to areas reserved for members;
- to send the electronic Newsletter;
- to provide information on the activities of the Association Pian dei Ciliegi;
- to provide assistance, and to respond to requests;
- to provide information via email regarding the organization of meditation retreats by affiliated teachers and associations;
- to collect, as necessary, funds required for the undertaking of institutional activities. Such funds may be collected in various ways (by credit card, bank transfers, or others).
Personal data may also be used for other operations, but always in keeping with the above ends, and current security norms.
The forms to be compiled on the Pian dei Ciliegi website require only such data as is strictly necessary, and without which, under normal circumstances, the specific request cannot be fulfilled.
Personal data normally requested for the use of services on the website are anagraphic in nature, or contact information, or information relative to payment. The free and voluntary compilation of electronic forms, or emails sent to the indicated address, leads to the acquisition of the sender’s email address (necessary for responding to requests) as well as other personal data included in the message. Following this, summary information will be displayed on pages of the site where specific services are requested. Normally this does not include sensitive information, and, as per art.9 of the Regulations, in the case where sensitive data is required for a particular service, a separate circular will be released, and consent will be required from the interested parties.
The furnished data will not be subject to automated processes, but will be held indefinitely, or until a request is made for its cancellation.
c) Under art.20 of the Law, the Association Pian dei Ciliegi may communicate your data
- to entities, physical or juridical, who are carrying out specific services connected to, or in support of, the Association itself.
In no other case will your personal data be transmitted to a third party, except where the Association Pian dei Ciliegi
- has received your explicit consent to share your data with said third party;
- is obliged to comply with a written ordinance from the Juridical Authorities.
d) In conformity with art.7 of the Legislative Decree n.196/2003 and EU-GDPR 2016/679 (General Regulation on the Protection of Data) the Association Pian dei Ciliegi recognizes that you have the following rights:
1. To access your data at any time
2. To obtain at any time:
- confirmation of the existence of your data, even if it has not been formally registered, and to receive intelligible communications regarding said data and its origins;
- the cancellation, the transformation (in an anonymous form), or the blockage of data (retained to have been handled in violation of the law), as well as the rectification or integration or updating of your personal data.
3. To obtain clarification concerning:
- the origins of your personal data;
- the means and ends for which your data will be used;
- the logic applied to the handling of your data by electronic instruments;
- the details of the holder, or the manager, or the designated representative of your personal data, in accordance with art.5 comma 2;
- the subjects or categories of subjects to whom your data may be communicated, or who may come into contact with your data in their capacity as designated representative or manger or controller of your data;
- the rectification, or integration, or updating of your data;
- the cancellation, the transformation in anonymous form , or blockage of data handled in violation of the law, including data that it is no longer necessary to conserve in relation to the aims for which it was collected, or successively handled;
- the confirmation that the operations carried out in the preceding 2 points were communicated to all those to whom previous data was made available, except in the case where such confirmation is impossible to obtain, or too onerous a task to perform.
4. To object, wholly or in part:
- to the handling of your personal data, for your own legitimate reasons, even if such data is still relevant to the scope for which it was collected.
In order to guarantee the most secure platform for those who wish to use their credit card to make donations, the Association Pian dei Ciliegi has adopted the use of PayPal. The security and functionality of this service is guaranteed in the following ways: credit card information is inserted directly into a secure PayPal server with SSL cryptography and is not memorized on the Pian dei Ciliegi server. No one besides PayPal can come into contact with the credit card data, and the user does not require any certificate of authentication, but can simply utilize any standard web browser.
As far as the verification of your credit card and the response from the international circuit is concerned, PayPal uses the same system as P.O.S., which has been widely approved and offers a continuity of service in accordance with current standards of the market. When a user decides to make a donation, on pressing the button “PROCEED”, they are redirected to a payment page on PayPal’s secure server. Here they will find the form in which the credit card details are to be inserted, and the insertion of the data occurs in a manner that guarantees the donor total security. PayPal gathers the information relative to the transaction (the amount, the expiry date of the card) and passes it on to an international circuit of authorization in the same way as a transaction takes place through P.O.S. Through this circuit, the institution that has issued the card is contacted, and they approve or disapprove the request for authorization and communicate it to PayPal. PayPal, in turn, redirects the client to the web page of the Association Pian dei Ciliegi, providing confirmation (or not) that the donation has been effectuated. During this entire process only one check on the credit card is carried out, and the transaction is financially concluded within 20 days of the date of the donation.