Personal Data Protection Statement
in compliance with the provisions of the Articles 13 and 14
of the European Regulation n. 679/2016 (GDPR)
In compliance with the provisions set out at the Art. 13 and 14 of the European Regulation n. 679/2016 (GDPR), COSPE - Cooperazione per lo Sviluppo dei Paesi Emergenti Onlus, acting as Data Controller, informs you that your personal data, acquired during the project activities implemented in the framework of the Project “YOU(th) CARE. Engaging new generations on innovative, joint and multidimensional actions addressing the Global Challenges”, funded by the European Union (Ref: NDICI CHALLENGE/2023/448-254), will be subject to treatment based on the principles of correctness, lawfulness, transparency and protection of confidentiality, in full respect of the current regulation on the protection of personal data.
DATA CONTROLLER
The Data Controller of the personal data referred to in this notice is COSPE Onlus, with registered office in Via Scipio Slataper n. 10, 50134, Florence, Italy. The Data Protection Officer of COSPE Onlus can be contacted at the following e-mail addresses Francesca Pieraccini - privacy@cospe.org.
LEGAL BASIS AND PURPOSE FOR DATA PROCESSING
Personal data processing is subject to prior consent from the data subject (art.6 c.1 lett.a, EU Reg. 2016/679). Personal data will be collected through (insert name and link to the platform) in order to allow young people aged from 14 to 25 years to register to the YOU(th) CARE Campus and take active part in free of charge learning activities and international exchanges among Euro-Mediterranean youths and youth associations organized in the framework of the YOU(th) CARE Project, starting from September 2024 (project activities: A1.1.2 Capacity building / training (virtual and face-to-face) for youth associations and A1.1.3 YOU(th) CARE Campus to build a learning platform and share digital tools with a gender perspective). As Data Controller, COSPE Onlus will use your personal data to ensure the effective management of training sessions, facilitate the exchanges among service users within the YOU(th) CARE Community and follow up on any possible information and assistance request they might send to us. Providing your personal data is therefore required to access the learning platform (insert name and link to the platform). The revocation of the consent can be done at any time, imposing on the Controller to cease the processing of your Personal Data. However, the revocation of consent will not affect the lawfulness of the processing previously carried out. Please note that refusal to provide personal data will prevent your participation in the YOU(th) CARE Campus Platform, making it impossible for the Data Controller to fulfill the participants’ requests. Access to the platform will not be permitted to persons under the age of 14.
PROCESSING METHODS AND RECIPIENTS OF PERSONAL DATA
As Data Controller, in compliance with the provisions of art. 32 EU Reg. 2016/679, COSPE Onlus has adopted adequate technical and organizational measures to guarantee the security and confidentiality of the personal data processed. Personal data may be communicated exclusively for the purposes indicated in this notice, to third party companies or professionals either designated as Data Processors in compliance with and for the purposes set out in Article 28 of the EU Reg. 2016/679 (GDPR) or authorized to data processing in order to carry out the activities related to the implementation of the YOU(th) CARE Platform.
The list of Data Processors is available upon request to the Data Controller.
Personal data will not be transferred to third countries (outside the EU).
INTERNET AND SOCIAL MEDIA
The YOU(th) CARE Project uses internet and social media services to support communication and advocacy activities, that might be managed by third-party service providers. However, as Data Controller, COSPE Onlus will protect the confidentiality of your personal data and guarantee the safeguarding required by any possible risk of violation. Your personal data will not be disseminated or disclosed in any way to external subjects and any processing outside the YOU(th) CARE Campus platform will be subject to your prior consent.
DURATION OF DATA PROCESSING AND STORAGE
Personal data will be stored on the Data Processor's information systems for the time necessary to fulfill the purposes of the processing, using both electronic and paper archives located within the European area and protected by adequate security measures in order to prevent any risk of violation. The YOU(th) CARE Project data processing register will be integrated to the data processing register of the Data Controller. Personal data will be stored for the time necessary to fulfill the purposes indicated in the present statement and carry out investigations and security checks on possible data breaches, with the involvement of competent Authorities and/or in collaboration with third parties/recipients in charge of IT security activities.
RIGHTS OF DATA SUBJECTS
In compliance with the Art. 15 ff. of EU Reg. 2016/679 (GDPR), you may at any time exercise in front of the Data Controller your rights to: access your personal data and obtain a copy of them [right of access]; obtain rectification of the data, if inaccurate, or integration of the data, if incomplete [right of rectification]; obtain cancellation of the data, as set out in Art. 17 EU Reg. 2016/679 [right of deletion]; limit data processing, as set out in art. 18 EU Reg. 2016/679 [right of limitation]; receive processed data in a structured, commonly used and machine-readable format and request its transmission to another Data Controller [right of portability]; object at any time to the processing of your personal data [right of opposition].
In order to exercise your rights, please contact:
The Data Controller: COSPE Onlus, via Scipio Slataper n. 10, 50134, Florence (Italy), by mail (privacy@cospe.org) or phone (+39 055 473556).
It must be noted that, before providing or changing any information, it may be necessary to verify your identity.
RIGHT TO COMPLAIN
Should you consider that the processing of your personal data is in breach of the provisions set out in the EU Reg. 2016/679 (GDPR) you have the right either to lodge a complaint with the National Data Protection Authority (Art. 77 of the EU Reg. 2016/679) or to bring action before the competent courts (Art. 79 of the EU Reg. 2016/679).