(Version of 28/07/2022)
General Data Protection Regulation No. 2016/679 (GDPR) became enforceable on May 25, 2018.
We are committed to collecting and processing your data in compliance with the GDPR, and therefore wish to inform you of the following.
The Data Controller is Associazione Culturale Fotovideocineclub, VAT number 01214850412, via Bellocchi, 8 – 61032 FANO (PU) – ITALY.
You may contact the Data Controller via email at the address: email@example.com
Categories of Data Collected
We collect and process data according to the principle of data minimization; therefore, we ask you to provide only the data which are relevant and necessary to pursue the purposes of processing.
The data you provide voluntarily are those entered on the Submission Form.
Cookies can be used to enable this website to operate properly, to provide a service explicitly requested by the user, to analyze our website traffic, and to personalize contents and ads.
You can manage cookie-related preferences also by changing the setting of your browser.
This website uses the following cookies:
Technical Cookies (3)
Provider: Polylang (https://polylang.pro/privacy-policy/)
Purpose: storing the website language preferences
Cookie type: First-party cookies
Purpose: tracking the video visualizations
Cookie type: Third-party cookies
Purpose: measuring the bandwidth
Duration: 6 months
Cookie type: Third-party cookies
Purposes and Legal Basis of Data Processing
The data collected through the Submission Form are processed in order to enable the participation to the Festival, to verify compliance with the requirements of the Submission Guidelines, to contact the participants, to carry out promotional activities, the selection, the evaluation of works, and the granting of awards (legal basis: performance of a contract to which the Data Subject is party or performance of pre-contractual measures taken at the Data Subject’s request).
Data will be processed in order to comply with any legal obligations (including tax, accounting, and administrative obligations), with national and EU regulations, and with orders issued by judicial or administrative authorities (legal basis: fulfillment of a legal obligation to which the Data Controller is subject).
We may also process your data in order to assert or defend in a court a right of the Data Controller and to handle any claims or litigations (legal basis: legitimate interest).
Methods of Data Processing
Consequences of not providing Personal Data
Providing your personal data is necessary, according to what established by the Submission Guidelines, in order to submit to and take part in the Festival.
Data may be transferred to natural or legal persons working on behalf of the Data Controller in order to carry out activities related to the service delivery, such as IT service providers (limited to technical access for web server maintenance and management), individuals performing administrative, accounting, tax, legal, marketing and/or consulting services.
Data may also be transferred to Public Administration offices and credit institutions when the data transfer is required by law or pursuant to other regulations.
Any transfer of personal data outside the EU shall take place as long as the recipient complies with the GDPR rules on the basis of an adequacy decision or of the signing of standard data protection contractual clauses approved by the European Commission.
Data will be retained at the Data Controller offices and at the external provider offices for no longer than is necessary for the achievement of the above-mentioned purposes and, once the retention period expires, data will be deleted or rendered anonymous.
The data retention period is established according to the processing purposes, and therefore:
Contact data will be retained for a period of 10 years;
All the other data will be retained permanently for archiving purposes;
Data collected with the purpose of complying with legal obligations, Community regulations or orders issued by judicial or administrative authorities will be kept for the time period established by the specific laws or Community regulations or the orders to which the Data Controller is subject. As for data processing for tax, accounting and administrative purposes, the law establishes a ten-year retention requirement;
Data collected with the purpose of preventing or prosecuting misconduct and protecting our rights will be retained for the whole duration of the litigation and any consequent legal proceedings and until the statute of limitations and the limitation periods are expired.
Rights of the Data Subject
As Data Subject, you shall have all the rights as set forth in Art. 15-22 GDPR, including:
– the right to obtain from the Controller confirmation as to whether or not personal data concerning you are being processed and to obtain access to the personal data (the right of access);
– the right to obtain from the Controller the rectification of inaccurate personal data and to have incomplete personal data completed (the right of rectification);
– the right to obtain from the Controller the erasure of personal data concerning you where one of the grounds referred to in Art. 17, Paragraph 1, GDPR applies and according to the exceptions set forth in Paragraph 3 of the same article (the right of erasure);
– the right to obtain from the Controller restriction of processing where one of the grounds referred to in Art. 18, Paragraph 1, GDPR applies;
– the right to receive from the Controller the personal data concerning you in a structured, commonly used and machine-readable format, also in order to transmit those data to another controller (the right to data portability);
– the right to object to processing of personal data concerning you and, in particular, to object to processing for direct marketing purposes;
– the right to withdraw your consent to processing, limited to the cases where processing is based on your consent. Processing based on consent and carried out before the withdrawal of consent still retains its lawfulness;
– the right to lodge a complaint with the Data Protection Authority, without prejudice to any other administrative or judicial remedy.
You may exercise your rights at any time, by contacting the Data Controller at the above-mentioned address.