GDPR Policy
AP 11 bis
The Office is committed to protecting personal data (such as name, surname, affiliation, address, telephone number, bank and payment details) collected from its customers and from participants at the congresses and events it organises.
Please read this short message, which seeks to address your needs and justifiable concerns in simple language.
The Office plans, organises and manages congresses and events, manages language and translation services, plans training activities and provides association management services for medical and scientific organisations.
Whenever you transfer your data to us, you consent to the processing described in this document, which is intended to guarantee security, integrity and privacy in accordance with EU Regulation 2016/679 (GDPR).
This message applies only to this site and not to other websites that you can access through our links.
1. For which purposes do we process your data and why we can process your data (legal basis of the processing)
a) we provide services requested by you and/or available on this site; the legal basis is the execution of a contract you are part of, the execution of pre-contractual measures requested by you or an ad-hoc consent on your part
b) we fulfil contractual, legal, regulatory or EU obligations and comply with accounting, tax and administrative obligations; the legal basis is to fulfil a legal obligation to which we are subject as controller.
c) we send information on activities and invitations to events; the legal basis is an ad-hoc consent on your part.
2. How we process data and for how long
The data will be processed on paper forms and/or computerised or electronic media according to principles of lawfulness and fairness and in such a way as to protect your privacy. The data will be protected and stored in accordance with current legislation, in the manner required to pursue the aforementioned purposes and will be kept for the time required by civil and tax laws. The data may be on third-party platforms.
3. What happens if you do not allow us to process your data
Transfer of the data required for the purposes referred to in point 1(a) and (b) is necessary in order to run our business properly and to manage and provide the associated services effectively. Sometimes we need to obtain specific data in order to ensure we can provide you with the service you requested (for example, to ensure that the restaurant does not serve dishes containing substances that you have specifically asked to avoid or that you are provided with the necessary assistance if you have specific mobility needs). Failure to transfer the data will mean we cannot do what you have asked us to do.
Transfer of data requested for the purposes referred to in point 1(c) is optional and we must obtain your specific consent; if you do not give us your consent for these activities, this will not affect provision of the requested service. Please note that our communication is never invasive. Try giving us your consent, you can always withdraw it with one click.
4. Who has access to your data
Your data may be communicated to the following categories and subjects:
- regarding point 1(a) and b):
- it may become known to our employees and partners, in their capacity as in-house or outsourced data processors and/or system administrators;
- it may be outsourced to third party companies or other subjects (for example to banks holding our current accounts, accountancy firms that help us with accounting and payroll management, our consultants, insurance companies that cover the events in which you participate etc.) that act as external data processors for us, i.e. the Data Controller.
- relevant data may be communicated in accordance with official procedures to third parties that contribute to our business activities in various ways (the following list provides examples but is not exhaustive: Agenas [Italian agency for regional health services that processes CME credits], airlines, hotels, caterers, car rentals, organizers and sponsors, translators, interpreters, etc.).
- regarding point 1. point c): to subjects appointed by us
Your personal data cannot be disclosed.
5. Where your data is kept (transfer)
Personal data is stored on servers located within the European Union.
6. Your rights
You have the right to obtain confirmation from the data controller, i.e. from us, that personal data concerning you is being processed and, in this case, you have the right to access, rectify or erase the data or restrict its processing. You also have the right to object to processing at any time, including processing for direct marketing and automated decision-making purposes. You have the right to portability and to withdraw consent at any time, without affecting the lawfulness of the processing based on consent before its withdrawal, and to lodge a complaint with a supervisory authority. You can exercise your rights at any time by sending us a written request addressed to THE OFFICE SRL, Via San Nicolò 14 - 34121 TRIESTE (TS) or sending an email to cancel@theoffice.it.
7. Data controller
The Data Controller is THE OFFICE SRL, Via San Nicolò 14 - 34121 TRIESTE, tel. 040368343.