The EU/2016/679 “General Data Protection Regulation” (GDPR), which is of immediate application in Italy as well, provides for the protection of individuals and others with respect to the processing of their personal data.

In compliance with the indicated regulations, the processing carried out by our Association/Company will be based on the principles of fairness, lawfulness, transparency and protection of your privacy and rights.

Therefore, in accordance with Article 13 of the GDPR, we inform you of the following:

1. The personal data and contact information you provide will be processed, upon your express consent by signing the membership/membership form, for the legitimate interest of our association/company to carry out: (a) Inclusion in the membership book/membership list; (b) membership in FSN, DSA, EPS to which our association/society is affiliated or intends to affiliate; (c) for any other use pertaining to the aforementioned association and sports membership relationships.
2. Legal basis for these operations are articles 36 et seq. of the Civil Code, the tax regulations relating to non-commercial entities (art. 148 Presidential Decree no. 917/1986, art. 4 Presidential Decree no. 633/72, art. 90 Law no. 289/2002 et seq.), as well as all provisions issued by CONI, FSN, DSA, EPS and relating to membership as well as participation in activities organized and/or authorized by these entities.
3. The legitimate interests of the processing are to be identified in the correct application of the statutory provisions of our association/company, the possibility of taking advantage of the tax benefits due to it, as well as the possibility of participating in the activities organized/authorized by the entities mentioned in the previous points.
4. The processing will be carried out using manual files, also made with the help of electronic means, kept in closed places, the key to which is held by the legal representative of the association/company, or by computerized means, on computers located at the headquarters or kept by the legal representative, adequately equipped against computer risks (firewall, antivirus, periodic data backup); authorized to access these data, in addition to the legal representative, are the data processors, as identified and appointed by the administrative body. Pursuant to Art. 4, n. 2, GDPR, the processing of personal data may consist of the collection, recording, organization, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data.
5. Personal data will be retained for as long as it is essential for the proper maintenance of the membership book/membership list and/or to proceed with the formalities required by CONI, FSN, DSA, EPS to which the association/company is affiliated or intends to affiliate: this term is determined by the CC, tax law and the rules and regulations of CONI and the aforementioned bodies. Verification of the obsolescence of the data being processed in relation to the purposes for which they were collected and processed is carried out periodically.
6. The provision of data and your consent to its processing are mandatory for the achievement of the purposes of the statute of the association/company and are therefore indispensable for the acceptance of your application for admission as a member and for any membership with FSN/DSA/EPS or for participation in the activities organized by our association/company; any refusal to provide it means that your application for membership and/or participation cannot be accepted.
7. Personal data may be communicated to third party recipients: CONI, FSN, DSA, EPS, to which our association/company is affiliated or intends to affiliate; insurance companies/companies and brokers, for the coverage of the accident risk related to the performance of sports activities and in compliance with legal, regional and national obligations; external companies/consulting firms in charge in providing administrative, fiscal and accounting assistance to the association/company; to sports medicine centers in charge of performing sports medical examinations, at the request of our association/company. Recipients will be required to comply with the requirements of the GDPR and your data will not be disclosed to other parties, nor will it be disseminated.
8. The processing will not concern special categories of personal data, namely “personal data suitable for revealing racial and ethnic origin, religious, philosophical or other beliefs political opinions, membership in parties, trade unions, associations or organizations of a religious, philosophical, political or trade union nature, as well as personal data suitable for detecting the state of health and sexual life.” Any medical certificates acquired for the performance of competitive and non-competitive sports activities in accordance with legal requirements will be kept by the legal representative who will provide for their preservation, without dissemination and/or further processing to third parties;
9. The data controller is the association/company listed in the header (see front of form).
10. The data controller is the legal representative of the same, President or Director, who can be contacted at the email address given in the header (see front of form).
11. In your capacity as data subject and in relation to the aforementioned processing operations, you may at any time exercise your rights under Art. 7, 15 to 21 and 77 GDPR, (right of access, rectification, cancellation, restriction of processing, portability of data), as well as to know the data concerning you, to know how it was acquired, to verify whether it is accurate, complete, up-to-date and well kept, to receive the data in a structured, commonly used and machine-readable format, to revoke any consent you may have given regarding the processing of your data at any time and to object in whole or in part, to its use. These rights can be exercised through specific application to be addressed by registered letter with A/R to the data controller referred to in point 9).
12. You have the right to revoke consent at any time without affecting the lawfulness of the processing based on the consent given before revocation. This right may be exercised by sending revocation of consent to the e-mail address indicated in Section 9 above.
13. You have the right to lodge a complaint with the Data Protection Authority or with the different supervisory authority that may be established.
14. There is no automated decision making or profiling activity as referred to in Article 22(1) and (4) of the GDPR.