PRIVACY POLICY ON THE PROCESSING OF PERSONAL DATA OF PARTICIPANTS, EITHER AS SPEAKERS OR MODERATORS, REGISTERED FOR THE WEBINARS ORGANIZED BY BACCAREDDA BOY LAW FIRM
Pursuant to art. 13 and 14 of the GDPR EU 2016/679
Data Controller
The Data Controller is Carlo Baccaredda Boy, Atty. (Tax code BCCCRL60P05F205E; VAT 09682570156). Data processing takes place at the headquarters of the Data Controller, i.e., Baccaredda Boy Law Firm, Viale Bianca Maria 25, Milan 20122, Italy. Phone: 0276014179, Fax: 0276390535, e-mail: avvocati@studiolegalebaccaredda.it. This information is also included on the Baccaredda Boy Law Firm website, in order to provide information to participants, as speakers or moderators, registered for the webinars organized by Baccaredda Boy Law Firm, as to the use of any personal data collected concerning them. This information does not refer to other websites that may be reached and viewed by users through hypertext links.
Types of data being processed and interested parties
Following are the types of data processed according to the purposes and methods established by the privacy policy:
- a. the identification and contact details of the participants, as speakers or moderators, registered for the webinars organized by Baccaredda Boy Law Firm, such as: name, surname, company, e-mail address;
- b. any data sent by participants to be able to interact and take part in webinar activities (e.g., comments or questions submitted in writing)
Webinars will not be recorded.
How personal data are processed
Personal data held by Baccaredda Boy Law Firm are collected as required by law. Personal data will be processed in a lawful, correct, transparent, accurate way, in compliance with the aforementioned regulations and with the confidentiality obligations by which the Data Controller must abide.
Purposes and legal basis for data processing
The personal data provided by the user will be processed for activities related to the organization and delivery of webinars organized by Baccaredda Boy Law Firm, including relevant communications (for example communications regarding the management of webinars, any changes to the program, materials and notifications).
This data processing is based on the need to follow up on the request for registration to webinars, and, pursuant to art. 6, par. 1, lett. a) of the GDPR, this requires the authorization of the interested party, which must be given by signing this privacy policy statement.
The provision of data is optional, but necessary to be able to register and participate in webinars and to receive any relevant communications. Failure to authorize data processing will result in the inability to register.
Method, scope and duration of data processing
Data processing is carried out by Carlo Baccaredda Boy in his capacity as Data Processor. Baccaredda Boy subsequently authorizes his Baccaredda Boy Law Firm team of professionals to process the data under his direct authority (Article 4, no.10 of the GDPR). These professionals are in charge of actually carrying out any processing operations on personal data, based on the operating instructions provided to them (Article 29 of the GDPR), which they are required to strictly adhere to.
Any personal data collected will not be disseminated or communicated to third parties without the explicit consent of the interested parties, except on the basis of specific regulatory provisions.
The data will be processed for the time strictly necessary to pursue the purposes for which they are collected.
Rights of interested parties
Pursuant to Article 15, paragraph 1 of the GDPR (Right of access of the interested party): "The interested party has the right to ask the data controller to confirm that the processing of personal data concerning him or her is in progress and, if so, to obtain access to personal data and the following information:
- the purposes of the data processing;
- the categories of personal data in question;
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if they are recipients of third countries or international organizations;
- if possible, the retention period of personal data provided or, if not possible, the criteria used to determine such period;
- the existence of the right of the interested party to ask the data controller to correct or delete personal data or limit the processing of personal data concerning him or her or to oppose their processing;
- the right to lodge a complaint with a supervisory authority;
- if the data are not collected from the interested party, all available information on their source;
- the existence of an automated decision-making process, including the profiling referred to in Article 22, paragraphs 1 and 4, and, at least in such cases, significant information on the logic adopted, as well as the importance and expected consequences of such processing for the interested party.
The interested party can exercise his or her rights by submitting a written request to Baccaredda Boy Law Firm, Viale Bianca Maria 25, 20122 Milan or via e-mail to: webinar@studiolegalebaccaredda.it, indicating in the subject line: "Request information / forwarding of privacy management requests." The response time to a request is one month from the day of receipt of the request, as required by art. 12. Paragraph 3 of the GDPR, with the possibility of an extension to two months and subject to an obligation to provide information within the first month. Furthermore, in the event that data processing is thought to have violated the legislation on the protection of personal data, the right to lodge a complaint with the Data Protection Commissioner, Piazza Venezia, 11, 00187, Rome shall subsist. To file the complaint, please follow the procedures and indications published on the Commissioner's website at www.garanteprivacy.it.
Privacy policy – changes
Those who read this statement on the Baccaredda Boy Law Firm website (www.studiolegalebaccareddaboy.it) are invited to view the Baccaredda Boy Law Firm Private Policy at https://www.studiolegalebaccaredda.it/eng/privacy-policy.php. The Data Controller may make changes to the privacy policy by informing users.
The Data Controller will collect the consent of the interested parties, should these changes require it.
