Pursuant to Article 13 of the EU Regulation no. 2016/679 ("GDPR"), CSV TRENTINO - NON PROFIT NETWORK ETS (“data
controller”) provides users (“data subjects”) of the Website ("Website") with the following
information in relation to the processing of personal data concerning them.
The following information does not concern other sites, pages or online services that can be reached through hypertext
links that may be published on the Website but refer to resources outside the data controller’s domain.
1. Data controller
The data controller is CSV TRENTINO - NON PROFIT NETWORK ETS, in the person of its legal representative pro tempore,
office registered in Via R. Lunelli, 4 - 38121 Trento (TN), E-mail:, PEC:, Tel.: +39 0461/916604.
2. Data protection officer
The designated data protection officer is Studio Gadler s.r.l., office registered in Via Graberi 12/A, 38057 Pergine Valsugana
(TN), contact person Dr. Gioia Cantisani, E-mail:, PEC:, Tel.: +39

3. Type of personal data collected
While browsing the Website, the Owner may acquire the following data:
1. Browsing data: The computer systems and software procedures used to operate this Website acquire, during
their normal operation, some personal data whose transmission is implicit in the use of Internet communication
protocols. This information is not collected to be associated with identified interested Parties, but due to its very
nature could, through processing and association with data held by third Parties, allow users to be identified.
This type of data includes the IP addresses or domain names of the computers used by data subjects who
connect to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the
time of the request, the method used for submitting the request to the server, the size of the file obtained in
response, the numerical code indicating the status of the response given by the server (successful, error, etc.)
and other parameters relating to the user's operating system, and computer environment. This data could be
used to ascertain responsibility in case of computer crimes against the site.
2. Data collected through cookies: for more information, please refer to the Cookie policy.
3. Data voluntarily provided by the user: this is identification and contact data and/or additional personal
information provided by the user through dedicated contact forms or contact channels on the Website.
4. Purposes and legal bases of the processing

Information on the processing of personal data

Last update: 28.09.2023
In compliance with the conditions of lawfulness under Articles 6 and 12 GDPR, the user's personal data will be processed
for the pursuit of the purposes and with the legal bases indicated below.

Purpose Legal bases
Allowing and making functional the navigation of the
Website, ensuring an adequate level of security, integrity
and availability, and detecting the user experience of the
Website itself

Legitimate interest of the data controller (Art. 6(f) GDPR)

Respond to requests sent by the user via e-mail and/or
form on the Website

Fulfillment of pre-contractual and/or contractual
obligations (art. 6(b) GDPR)
Legitimate interest of the data controller (Art. 6(f) GDPR)

Send periodically, via remote communication
technologies (e-mail, telephone, SMS, WhatsApp, etc.),
newsletters and communications about services and
activities organized by the owner

Consent (art. 6(a) GDPR)

Send periodically, via remote communication
technologies (e.g., e-mail, telephone, SMS, WhatsApp),
newsletters and communications about the services,
products and activities offered by the holder's partners
and sponsors, which may be of greatest interest to the
data subject

Consent (art. 6(a) GDPR)

Analysis of statistical data on aggregated or anonymous
data, with the purpose of monitoring the proper
functioning of the Website, traffic, usability and interest

Legitimate interest of the data controller (Art. 6(f) GDPR)

To establish, exercise or defend a right in court Legitimate interest of the data controller (Art. 6(f) GDPR)
Fulfilling obligations under the law, a regulation, EU
legislation or an order of the Authority

Fulfilling a legal obligation (Art. 6(c) GDPR)

5. Nature of conferment
The provision of data is optional, except for data necessary for the use of web services (browsing data). The voluntary
sending of messages to the contact addresses of the owner, involve the acquisition of the sender's contact data,
necessary to respond, as well as all personal data included in the communications.

Information on the processing of personal data

Last update: 28.09.2023
6. Methods of processing
In accordance with the provisions of Article 5 of the Regulations, the Personal Data subject to Processing will be:
1. processed in a lawful, correct, and transparent manner towards the data subject.
2. collected and recorded for specified, explicit and legitimate purposes, and subsequently processed in terms
compatible with those purposes.
3. adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
4. accurate and, if necessary, kept up to date.
5. processed in a manner that ensures an adequate level of security.
6. kept in a form that permits identification of the Data Subject for a period of time not exceeding the achievement
of the purposes for which they are processed.
The personal data collected may be processed by the data controller’s personnel, acting on the basis of specific
instructions provided by the data controller regarding the purposes and methods of such processing, and by natural or
legal persons identified as data processors.
7. Communication of data
Personal Data will not be disclosed but may be communicated to the Parties authorized to process them, as well as to
the data processors appointed by the data controller (the full list of such processors is available, upon request, from the
data controller), within the limits of the purposes set out above. Subject to specific consent, the Data may also be
communicated to sponsors and/or partner entities of the controller, who may use them for the purposes set out in point
8. Place of data processing
Personal data will generally be processed within the European Union. Some applications of the services used by the
Controller, however, may involve the transfer of personal data to the United States. The aforementioned processing is
legitimized under Article 45 of EU Reg. 2016/679, by virtue of an adequacy decision adopted by the European Commission.
Should it become necessary, the Data Controller will be entitled to move the location of its IT archives to other non-
European countries, ensuring from the outset that the transfer of non-EU data will be carried out only to states that are
able to offer a level of protection adequate to the standards required by the relevant legislation, in compliance with
Articles 45, 46, and 49 of EU Reg. 2016/679.
9. Retention of data
The data will be processed for the period deemed strictly necessary for the implementation of the purposes stated set
out in point 4 and related fulfillments, in compliance with the provisions of current legislation with regard to the
retention of data. The data voluntarily provided via contact form/e-mail by the user concerned will be stored in the data
controller's database (Integrated Information System - IIS) dedicated to the world of volunteering until the user requests
its deletion. The user may request the deletion of personal data concerning him/her at any time in the manner specified
in the following point.

Information on the processing of personal data

Last update: 28.09.2023
10. Rights of the user
At any time, in accordance with Articles 15 et seq. of EU Regulation 2016/679, the user - as a data subject - may exercise
the following rights:
1. access the data processed by the Controller, obtain information about certain aspects of the processing and
receive a copy of the processed data (Art. 15 GDPR, Right of Access).
2. verify the accuracy of data and request its update or rectification (Art. 16 GDPR, right of rectification).
3. obtain the deletion or removal of one's personal data by the Data Controller (Art. 17 GDPR, right to erasure).
4. obtain the restriction of the processing of one's data when certain conditions are met (Art. 18 GDPR, right to
restriction of processing).
5. receive their data in a structured, commonly used and machine-readable format, where technically feasible (Art.
20 GDPR, right to portability).
6. object to the processing of one's data when it is done on a legal basis other than consent (Art. 21 GDPR, right to
The exercise of the above rights may be done by sending a request by e-mail, to
The user has the right, at any time, to lodge a complaint with the competent supervisory authority, in Italy the “Garante
per la Protezione dei Dati Personali”:
Before providing a response, the data controller may need to identify the data subject by requesting that a copy of
his/her identity document be provided.
11. Third-party links and plug-ins
This policy is provided only for this Website and not also for other websites and social platforms that can be reached by
the user through links and social buttons. The latter are particular buttons on the Website that depict icons of major
social networks. Please refer to their respective privacy policies for more information on the data processing operated by
these external Parties.
12. Updates and Changes
This policy may change over time. Changes will apply from the time of publication on the Website.

Last update: 29.09.23

Something went wrong

Try again