Korczak

Competitions-img

Privacy policy

JANUSZ KORCZAK FOUNDATION OF VENICE FOR NEW MUSIC

Introduction

This Privacy Policy has been drafted to provide all users and visitors of the website https://istitutonuovamusicajk.it/ ¬†with a comprehensive and detailed framework of the policies and practices adopted by the Janusz Korczak Foundation of Venice for New Music NPO (“the Foundation” or “Data Controller”) concerning the processing of personal data.

The document is structured to offer clear, transparent, and comprehensive information in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and the free movement of such data (General Data Protection Regulation, hereafter “GDPR”). Additionally, the Privacy Policy complies with the provisions of the Italian Legislative Decree of 30 June 2003, No. 196, “Code concerning the protection of personal data” (“Privacy Code”), and the Guidelines and Recommendations issued by the Italian Data Protection Authority pursuant to the GDPR and the Privacy Code.

The Data Controller is deeply committed to ensuring the confidentiality, integrity, and security of users’ personal data. In this respect, the Foundation takes all necessary technical and organizational measures to ensure an adequate level of security, as prescribed by Articles 24 and 32 of the GDPR.

It is strongly recommended to read this Policy carefully to understand how the Foundation collects, uses, stores, and protects users’ personal data and to know the rights granted to data subjects under Articles 15-22 of the GDPR.

ARTICLE 1 – DATA CONTROLLER

The Data Controller for the personal data collected through the website https://istitutonuovamusicajk.it/ is the Janusz Korczak Foundation of Venice for New Music NPO, a Third Sector Organization registered under Italian law with a specific cultural and educational mission.

Details of the Data Controller:

  • Legal Name: Janusz Korczak Foundation of Venice for New Music NPO
  • Registered Office: Palazzo Brandolini, Dorsoduro, 3228, 30100 – Venice (VE), Italy
  • VAT Number: 94104390276
  • Certified Electronic Mail (PEC): fondazionekorczak@legalmail.it

The Foundation is the sole entity responsible for defining the purposes and means of processing personal data, as well as decisions about data storage and access methods. The Foundation may engage external Data Processors for specific technical or organizational activities, who will be appointed and regulated according to Articles 28 and 29 of the GDPR.

For any questions or requests concerning personal data processing, the Data Controller can be contacted using the provided contact details. Data subjects may exercise their rights related to data protection, as outlined in Articles 15-22 of the GDPR, by directly contacting the Data Controller.

ARTICLE 2 – TYPES OF DATA COLLECTED AND PURPOSES OF PROCESSING

The Janusz Korczak Foundation of Venice for New Music NPO (“Data Controller”), during navigation and usage of the website https://istitutonuovamusicajk.it/, is likely to collect and process various categories of users’ personal data to pursue specific legitimate purposes in compliance with applicable legal provisions.

Types of Data Collected:

  • Browsing Data: Information automatically collected by the website, including IP addresses, domain names of computers used by users who connect to the site, and other parameters related to the user’s operating system and computing environment.
  • Data Provided Voluntarily: Information actively provided by the user for specific purposes, such as through the contact form, which may include name, surname, email address, telephone number, etc.
  • Usage Data: Information collected through cookies and similar technologies, as detailed in our Cookie Policy, accessible through the cookie banner on the site.
  • Third-Party Data: Personal data obtained through third parties like social media, where the user decides to share profile information with the Foundation.

Purposes of Processing:

  • Managing Requests: To manage and respond to information requests, inquiries, or any other interaction the user intends to have with the Foundation through the contact form or other available communication channels.
  • Communication and Marketing: To send informational communications, event updates, newsletters, subject to explicit consent from the user.
  • Analysis and Improvement of Services: To conduct anonymous statistical analyses, monitor and improve the site’s performance and usability, as well as its security.
  • Compliance with Legal Obligations: To fulfill regulatory obligations, laws, national and EU legislation, as well as administrative and accounting aspects.

Data processing is conducted in compliance with the principles of lawfulness, fairness, transparency, limitation of purpose and retention, data minimization, accuracy, integrity, and confidentiality, as prescribed by Articles 5 and 6 of the GDPR.

ARTICLE 3 – DATA PROCESSING AND SECURITY MEASURES

Methods of Processing

The processing of personal data collected through the website https://istitutonuovamusicajk.it/ is carried out with the aid of electronic and/or telematic procedures. The processing adheres to principles of lawfulness, fairness, transparency, relevance, and proportionality, in compliance with Articles 5 and 6 of Regulation (EU) 2016/679 (GDPR) and Italian Legislative Decree No. 196/2003 and its subsequent amendments (Privacy Code). The processing is aimed at the operations or set of operations as indicated in Article 2.

Data Processors and Data Processing Managers

The Data Controller may appoint external Data Processors for specific data processing operations, in accordance with Article 28 of the GDPR. Additionally, internal data processing managers within the organizational structure of the Data Controller may have access to the collected personal data. These individuals are adequately trained and operate under the direct authority of the Data Controller.

Location of Processing

The data is primarily processed at the registered office of the Data Controller and at any other location where the parties involved in the processing are situated. For further information, users can contact the Data Controller using the provided contact details.

Security Measures

The Data Controller adopts a set of appropriate technical and organizational security measures to ensure an adequate level of protection, as stipulated in Article 32 of the GDPR. These measures include:

  • Access Control: Implementation of authentication and authorization mechanisms to limit data access only to authorized personnel.
  • Auditing and Monitoring: Regular verification and monitoring activities for data access and usage to prevent illicit or unauthorized uses.
  • Backup: Adoption of periodic backup procedures to ensure data continuity and availability.
  • Training: Periodic training of personnel responsible for data processing, aimed at raising awareness about data security risks.

The Data Controller is committed to reporting any personal data breaches to the competent regulatory authorities and, where applicable, to the data subject, without undue delay, as provided for in Articles 33 and 34 of the GDPR.

ARTICLE 4 – THIRD PARTIES AND DATA TRANSFER

Communication to Third Parties

The processing of personal data collected through the website https://istitutonuovamusicajk.it/ may involve the communication of such data to third parties. These third parties are carefully selected and adopt high standards in terms of data protection, operating either as independent data controllers or as designated external data processors in accordance with Article 28 of Regulation (EU) 2016/679 (GDPR).

Third parties may belong to the following categories:

  • Technology Service Providers: Companies providing technological infrastructure, web hosting solutions, email services, and other related services.
  • Legal and Commercial Consultants: Professionals or consulting firms providing legal, fiscal, or commercial assistance.
  • Public Authorities: Government bodies or regulatory authorities, when required by law or to respond to legal requests.
  • Commercial Partners: Entities with whom the Data Controller has collaborative relationships and who participate in or manage joint initiatives.

Data Transfer Outside the European Union

In certain cases, it may be necessary to transfer personal data outside the European Union area. In such circumstances, the Data Controller will ensure that the transfer is carried out in full compliance with applicable regulations, including the GDPR. Specifically, the transfer will occur only if one of the conditions laid down in Articles 44 and following of the GDPR is met, such as agreements based on the so-called “standard contractual clauses” approved by the European Commission, or in the case of countries that provide an adequate level of protection as defined by the European Union.

Links to Third-Party Websites and Social Plugins

The website may contain links to external websites and social media plugins (e.g., Facebook, Instagram, YouTube). Access to these platforms is regulated by their respective privacy policies, to which reference is made for all information relating to their data processing.

ARTICLE 5 – COOKIE POLICY

General Information and Applicable Legislation

The website https://istitutonuovamusicajk.it/ uses cookies and similar technologies to ensure the correct functioning of procedures and to improve the user experience of online applications. This document provides detailed information on the use of cookies and similar technologies, how they are used by the Data Controller, and how to manage them.

Reference to Specific Information

For further details, technical specifications, and purposes for which cookies are used on this site, reference is made to the specific cookie information, accessible through the cookie banner that appears upon first access to the website. The specific information contains indications on how the user can express their preferences regarding the use of cookies.

ARTICLE 6 – RIGHTS OF THE DATA SUBJECT

General Principles and Applicable Legislation

In accordance with Articles 15-22 of Regulation (EU) 2016/679 (GDPR) and Articles 7 and following of Legislative Decree no. 196/2003 (Privacy Code), the data subject has the right to exercise specific rights in relation to the processing of their personal data by the Data Controller.

List of Rights

Right of Access (Art. 15 GDPR): The data subject has the right to obtain confirmation as to whether or not personal data concerning them are being processed, and if so, to gain access to the personal data and information related to the processing.

Right to Rectification (Art. 16 GDPR): The data subject has the right to obtain the correction of inaccurate personal data concerning them and to have incomplete data completed.

Right to Erasure (‘Right to be Forgotten’, Art. 17 GDPR): The data subject has the right to obtain the erasure of personal data concerning them without undue delay, if one of the reasons provided by the GDPR exists.

Right to Restriction of Processing (Art. 18 GDPR): The data subject has the right to obtain restriction of processing of personal data concerning them, under circumstances outlined by the GDPR.

Right to Data Portability (Art. 20 GDPR): The data subject has the right to receive their personal data in a structured, commonly used, and machine-readable format and has the right to transmit those data to another controller without hindrance.

Right to Object (Art. 21 GDPR): The data subject has the right to object to the processing of personal data concerning them, for reasons related to their particular situation, in accordance with provisions of the GDPR.

Right to Withdraw Consent (Art. 7, para. 3 GDPR): The data subject has the right to withdraw consent to the processing of their personal data at any time.

Right to Lodge a Complaint with the Supervisory Authority (Art. 77 GDPR and Art. 141 Privacy Code): The data subject has the right to lodge a complaint with the Data Protection Authority, following the procedures and guidelines published on the official website of the Authority, www.garanteprivacy.it.

 Exercise of Rights

To exercise the above-listed rights related to the processing of personal data, the data subject may send a written request to the Data Controller at the following contacts: Fondazione Istituto Janusz Korczak di Venezia per la nuova musica ETS, with registered office at Palazzo Brandolini, Dorsoduro, 3228 30100 – Venice (VE), VAT No. 94104390276, Certified Email: fondazionekorczak@legalmail.it. The request may also be sent via Certified Email, according to the methods allowed by current legislation. Requests will be processed without undue delay and, in any case, within one month from their receipt.

Complaint Procedure

Without prejudice to any other administrative or judicial remedy, the data subject has the right to lodge a complaint with the competent supervisory authority, particularly in the member state of their habitual residence, place of work, or place of the alleged infringement. In Italy, the competent supervisory authority is the Garante per la Protezione dei Dati Personali.