The Association Milano & Partners, with legal headquarters in Piazza della Scala 2, 20121 Milano, C.F. 97726610153, VAT number 11016320969, as data controller (hereinafter, "Controller"), informs you as per EU Regulation 2016/679 ("GDPR") and current national legislation on the protection of personal data that Your data will be processed in following the manner and for the following purposes:

1. Object of the processing

The Data Controller processes personal data (hereinafter, “Personal Data” or also “Data”), communicated on the occasion of the release of a disclaimer regarding intellectual property to the Data Controller. In particular, the Data Controller processes identification data - such as name, surname, date and place of birth, residence - of the person who signs the release.

2. Purpose and legal basis of the processing

Your Personal Data are processed, without your prior consent, for the following purposes and legal bases:

  • the execution of the contract and/or the fulfillment of pre-contractual commitments, in particular for:

  • the collection and management of the release of liability on the subject of intellectual property;

  • the pursuit of a legitimate interest of the Data Controller, in particular:

  • the prevention and repression of unlawful acts, the verification of solvency, anti-fraud activities and anti-mafia activities as well as the protection of the rights and legitimate interests of the Data Controller and/or third parties, even in court: the interest of the Data Controller corresponds to the constitutionally guaranteed right of action (Article 24 of the Constitution) and, as such, is socially recognized as prevalent with respect to the interests of the single individual concerned.

3. Processing methods

The processing of your Personal Data is carried out, electronically and on paper, by means of the operations of collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and data destruction.

Your personal data are subjected to electronic and possibly automated processing. Your personal data is protected in such a way as to minimize the risk of destruction, loss (including accidental loss), unauthorized access / use or use incompatible with the initial purpose of the collection. This is achieved with the technical and organizational security measures implemented by the Data Controller.

4. Data Retention

The Data Controller will process the Personal Data for the time necessary to fulfill the aforementioned purposes and in any case for no more than 10 years from the termination of validity of the disclaimer.

5. Provision of Data

The provision of data is necessary for the release of the disclaimer. In case of failure to provide the Data, the disclaimer cannot apply.

6. Access to data

Your data may be made accessible for the aforementioned purposes to:

  • employees and/or collaborators of the Data Controller, in their capacity as persons in charge of the processing and/or internal managers of the processing and/or system administrators;

  • third parties (e.g. IT suppliers, etc.) who carry out activities outsourced by the Data Controller, in their capacity as external data processors.

7. Data communication

Your data may be disclosed, even without your consent, to supervisory bodies, law enforcement agencies or the judiciary, the Ministry of Finance, the Revenue Agency, ministerial bodies and competent authorities, local bodies (regions, provinces, municipalities), regional and provincial tax commissions, upon their expressed request and they will treat them as independent data controllers for institutional purposes an /or in accordance with the law in the course of investigations and controls. Your Data may also be disclosed to third parties (e.g. partners, freelancers, etc.), as independent data controllers, for the performance of activities instrumental to the aforementioned purposes such as, by way of example, the components of a committee for the evaluation of a competition tender.

 

8. Data Transfer

The Controller may transfer the Data outside the European Union. To this end, as per the Italian legislation on privacy, the Controller evaluates the impact of data transfers and adopts, if applicable, the most appropriate guarantees (e.g. decisions on adequacy and standard contractual clauses).

9. Rights of the interested party

The Controller informs you that, as an interested party, if the limitations provided for by law do not apply, you have the right to:

  • obtain confirmation of the existence or not of your personal data, even if not yet registered, and that such data be made available to you in an intelligible form;

  • obtain an indication and, if necessary, a copy of: a) the origin and category of personal data;

b) the logic applied in case of processing carried out with the aid of electronic instruments; c) the purposes and methods of the processing; d) the identity of the controller and its managers;

e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them, in particular if they are recipients of third countries or international organizations; e) when possible, the data retention period or the criteria used to determine this period;

  • obtain, without undue delay, the updating and correction of inaccurate data or, when interested, the integration of incomplete data;

  • revoke the consent given at any time, easily, without hindrance, using, if possible, the same channels used to provide them;

  • obtain the cancellation, transformation into anonymous form or blocking of data: a) unlawfully processed; b) no longer necessary in relation to the purposes for which they were collected or subsequently processed; c) in case of revocation of the consent on which the treatment is based and if no other legal basis applies, d) if you have opposed the treatment and there is no legitimate overriding reason to continue the treatment; e) in case of fulfillment of a legal obligation; f) in the case of data referring to minors. The Data Controller may refuse cancellation only in the case of: a) exercise of the right to freedom of expression and information; b) fulfillment of a legal obligation, execution of a task carried out in the public interest or exercise of public authority; c) reasons of public health; d) archiving in the public interest, for scientific or historical research or statistical purposes; e) exercise of a right in court;

  • obtain the limitation of processing in the case of: a) dispute of the accuracy of personal data;

b) unlawful processing by the Data Controller to prevent its cancellation; c) exercise of your right in court; d) verification of the possible prevalence of the legitimate reasons of the Data Controller with respect to those of the interested party;

  • receive, if the processing is carried out by automatic means, without hindrance and in a structured, commonly used and legible format, the personal data concerning you to transmit them to another controller or - if technically feasible - to obtain direct transmission by the Controller to another controller;

  • object, in whole or in part, for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of the collection;

  • file a complaint to the Italian Data Protection Authority.

 

In the cases mentioned above, where necessary, the Data Controller will inform the third parties to whom your personal data have been communicated of the possible exercise of your legal rights, with the exception of specific cases (e.g. when the fulfillment of this duty proves impossible or involves the use of means that are manifestly disproportionate with respect to the protected right).

10. Procedures for exercising rights

You can exercise these rights at any time:

  • by sending a registered letter to the address of the Controller;

  • by sending an email to info@yesmilano.it

11. Controller, Data Protection Officer and Data Processor

The Data Controller is the Association Milano & Partners, with legal headquarters in Milano, Piazza della Scala 2, 20121 Milano, Tax Code 97726610153 and VAT number 11016320969. The Data Controller has also appointed a Personal Data Protection Officer who can be contacted by sending an email to dpo@yesmilano.it.

 

The updated list of data controllers, data processors and system administrators is instead kept at the legal headquarters of the Data Controller.

 

Milan, 25/08/2021
 

Association Milano & Partners