Thank you for visiting www.CreasysYouthFoundation.org. These General Conditions will explain how you and CYF.org will interact while browsing the website or creating an account. Go ahead, read them. If you don’t like what you see, stop using the website and all its features. If you have any questions, send us an e-mail to info@creasysyouthfoundation.org.
What does CYF do?
The Creasys Youth Foundation wants to help young people unleash their potential by supporting creative ideas through investments in projects developed according to a model of personal and professional growth that combines the qualities and moral skills of each person, supported by a dedicated development path, which contributes positively to the quality of life and interpersonal relationships.
1.1 This section contains information on how to manage the website www.creasysyouthfoundation.org (hereinafter the “Site”) with reference to the processing of data of Users who access it.
1.2 The Site represents the activities and services of the Creasys Youth Foundation, based in Rome, Piazza Albania n. 10, which can also be contacted at the ordinary e-mail address info@creasysyouthfoundation.org and to the certified e-mail address creasysyouthfoundation@pec.it
1.3 This policy
(a) is provided pursuant to art. 13 of Regulation (EU) 2016/679 (so-called General Data Protection Regulation), relating to the protection of individuals with regard to processing personal data, as well as the free circulation of such data;
(b) relates solely to data collected through the website www.creasysyouthfoundation.org and to cookies (both proprietary and third parties) used for navigation and not for other sites that may be consulted by the User through the links contained in the same Site;
(c) has the purpose of providing information on the types of data processed, methods of treatment, data retention times, the nature of the information and any other relevant aspect that the data controllers have must disclose to Users according to both national and community legislation in force.
2.1 The Data Controller is the natural or legal person, public authority or other body which, individually or together with others, determines the purposes and means of the processing of personal data. This subject is also required to identify and adopt the technical and organizational measures adequate in order to guarantee an adequate level of safety for the risk generated by the operations of treatment.
2.2 With reference to this Site, the Data Controller is Creasys Youth foundation Foundation, in the person of its pro tempore legal representative and for any information can be contacted at the addresses indicated in the above art. 1.2.
3.1 The Data Controller (indicated in Article 2.2. Above) takes, in compliance with the technical and organizational measures, all suitable actions
(a) to guarantee, in line with the provisions of art. 32 of Regulation (EU) 2016/679, that the processing of Users’ personal data is carried out in accordance with the regulations in force on the subject
(b) to prevent access, disclosure, the unauthorized modification or destruction of (the same) data.
3.2 The treatment is carried out using IT tools and only in a residual way with paper, through organizational and logical methods strictly related to the purposes indicated.
3.3 In addition to the Data Controller, in some cases, other parties involved may have access to the data in the organization of the Site (such as administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, couriers postal services, hosting providers, IT companies, communication agencies) also appointed, if necessary; all this without prejudice to the adoption by the Owner of the security measures at following art. 8.
3.4 The data collected will not be disclosed, sold or exchanged with third parties without the express consent of the interested party, except for the cases in which said communication is necessary to fulfill to legal obligations or to carry out obligations deriving from the relationship in place with the interested party or third parties act as data processors.
4.1 The personal data collected by this Site are used for the following purposes:
4.1.1 registration in the Site;
4.1.2 provision of the services provided by the Site;
4.1.3 sending registration in the Site newsletters to the e-mail address provided by the User by filling in the appropriate form on the Site;
4.1.4 sending advertising and commercial communications on products and services provided / provided by the Site;
4.1.5 respond to requests for assistance and / or information;
4.1.6 fulfill any legal, accounting and tax obligations;
4.1.7 assert or defend rights in court, in case of abuse in the use of the Site and / or services
provided therein or for contractual or extra-contractual disputes.
4.1.8 improve the quality of the service and optimize the functionality of the Site;
4.1.9 understand user behavior in order to improve online communication;
4.1.10 prepare statistical information concerning the use of the Site.
4.2 In this regard, it is specified that the contractual services offered by the Data Controller and the subject of the contract in being with the User does not in any way represent an investment solicitation or a offer, nor a recommendation to buy or sell instruments attributable to anyone type of investment services; it being understood that neither the Owner nor any company to the same referable to carry out activities included in the sectors mentioned above.
4.3 If the Data Controller intends to process personal data for a purpose other than the one they were collected for, he will provide the interested party, prior to such processing, with information about that different purpose and other necessary information.
5.1 The legal basis for the processing of personal data consists of the contractual relationship regarding the services offered by the Owner.
6.1 Personal data may be freely provided by the User or, in the case of usage data, collected automatically when using the Site.
6.2 Unless otherwise specified, all the data requested by the Site are mandatory and necessary in order to allow its use by the User.
6.3 In the event that the data are indicated as optional, the User is free to refrain from communicating them without this having any consequence on the availability of the service or on the operation of the Site.
Users who have doubts about which data are mandatory can freely contact the owner.
6.4 Any use of cookies (both proprietary and third parties), unless otherwise specified, has the purpose of providing the service requested by the User, in addition to the additional purposes described in the following art. 15.
6.5 The information that Users will deem to make public through the services and tools provided available to them from the Site are provided by the User knowingly and voluntarily with each exemption from liability of the owner. It is therefore up to the User to verify that they have the permissions for the entry of personal data of third parties obtained, published or shared through the Site.
7.1 Like all websites, this Site also makes use of log files in which the information collected in an automated manner during User visits and whose transmission is implicit in the use of internet communication protocols such as, by way of example:
7.1.1 Internet protocol (IP) address;
7.1.2 browser type and device parameters used to connect to the Site;
7.1.3 name of the internet provider (ISP)
7.1.4 date and time of the visit;
7.1.5 web page of the visitor’s origin and exit;
7.1.6 possibly number of clicks.
7.2 The aforementioned data are used in an automated form and for the sole purpose of obtaining, in a totally anonymous way statistical information on the use of the Site and to check its correctness in operation.
7.3 For security purposes (spam filters, firewalls, virus detection), the information and data recorded automatically, they can be used to block attempts to damage the Site, or further harmful activities based on the legitimate interests of the Data Controller, in accordance with the current legislation.
7.4 These data, therefore, are never used for the identification or profiling of the User, unless this is required for the fulfillment of legal obligations or orders of the judicial authority.
8.1 The personal data provided by the User on an optional basis (for example by filling in the various forms provided by the Site, in order to access certain services voluntarily requested) are used only in order to carry out the service to which they refer.
8.2 In the event that the User refuses to provide personal data, the consequences is the impossibility of executing the contractual relationship concerning the services offered by the Holder. In this case, therefore, the provision of data is mandatory as it is essential for giving execution of the contractual relationship concerning the services offered by the Data Controller and any refusal to provide such data makes it impossible to execute the aforementioned contractual relationship.
8.3 The provision of personal data by minors under the age of 18 is not permitted unless authorized by a parent or legal guardian. Consequently, the Data Controller does not collect intentionally personal information relating to minors.
8.4 In the event that information on minors were unintentionally registered, the Data Controller will delete them
in a timely manner, ex officio or at the request of the Users.
9.1 This Site processes Users’ data in a lawful manner and in compliance with current legislation adopting adequate security measures to avoid violations of personal data, in the form of unauthorized access, disclosure, modification and unauthorized destruction.
9.2 To this end, the processing is carried out using IT and / or telematic tools with organizational modalities and according to logic strictly related to the purposes connected to the operation of the Site.
10.1 The Owner does not process sensitive data.
11.1 I dati so11.1 The data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the treatment are localized.
11.2 To this end, the Data Controller uses servers located within the European Union as well as computer systems located at the headquarters of the Data Controller and their transfer outside the European Union is not foreseen.
12.1 The data are processed and stored (in electronic archives) for the time required by the purposes they
have been collected and, in any case, in compliance with the terms of the law.
12.2 At the end of the retention period, personal data will be deleted and, consequently, the rights referred to in the following article 14 can no longer be exercised.
13.1 The interested party may, at any time, exercise the following rights (in articles 15-22 of the GDPR):
13.1.1 right of access, i.e. the right to obtain confirmation from the Data Controller that whether or not personal data concerning him is being processed and in case affirmative obtain access to the following information:
a) purpose of the processing;
b) categories of personal data processed;
c) recipients or categories of recipients to whom the data have been or will be disclosed;
d) retention period;
e) existence of a automated decision making, including profiling and, if so, information in order on the logic used;
13.1.2 right of rectification, i.e. the right to obtain from the Data Controller the rectification of personal data concerning him;
13.1.3 right to cancellation, i.e. the right to obtain from the Data Controller the deletion of personal data concerning him if
a) they are no longer necessary with respect to the purposes for which they were collected or otherwise processed;
b) was revoked on consent on which the processing is based and if there is no other legal basis for the treatment; c) the personal data have been unlawfully processed; d) its cancellation it is connected to the fulfillment of a legal obligation imposed on the Owner;
13.1.4 right of limitation, i.e. the right to obtain blocking, without prejudice to the consent of the interested party, in the processing of data when
a) its accuracy is contested;
b) the treatment it is illegal, and the interested party opposes the cancellation asking, instead, only that use is limited;
c) the personal data are necessary for the verification, exercise or the defense of a right in court by the interested party;
d) the latter is itself opposed to the processing carried out, pending verification of any prevalence of the legitimate reasons of the Data Controller, compared to those of the interested party;
13.1.5 right to portability, i.e. the right to receive on a structured, commonly used format and readable by automatic device, the personal data concerning him provided for transmit them to another Data Controller without any impediment;
13.1.6 right to object, i.e. the right of the interested party to object at any time, for reasons connected to his particular situation, to the processing of personal data that concern.
13.2 To exercise the aforementioned rights, Users can address a request directly to the Data Controller, by e-mail to info@creasysyouthfoundation.org and / or alternatively by registered letter with return receipt to the following address: CREASYS YOUTH FOUNDATION Piazza Albania, n. 10 00153 – Rome (RM)
13.3 Requests are processed free of charge and processed by the Data Controller as soon as possible and, in anyway, within a month.
13.4 The User also has the right to register a complaint with the Guarantor for the protection of personal data pursuant to art. 77 of the GDPR.