SICV&GIS 2018

Privacy Policy

GENERAL DISCLOSURE

Privacy Policy – Disclosure – Articles 13 and 14 of EU Regulation 2016/679

1. Controller of data processing

OIC S.r.l, headquartered in Florence, Viale Giacomo Matteotti 7, and EPOS – headquartered in Z.A. La Pièce
2 , 1180 Rolle, Switzerland, herein after “Scientific Society”, in the persons of the pro-tempore legal
representatives, domiciled at the company headquarters, are joint Controllers, pursuant to art. 26 of the GDPR,
for processing of your personal data, and inform you, here below, regarding the method, purpose and scope of
communication and dissemination of your personal data and your rights, in conformity to EU Regulation
2016/679 and to the applicable norms regarding protection of personal data.

The Controllers can be contacted at the above addresses or by sending an e-mail to privacy@oic.it

2. Type of data, Purpose and method of data processing

With reference to the navigation experience of this web site, OIC and the Society process the following data:

Navigation data

During the course of their normal operations and for the duration of the connection, information systems and
software procedures responsible for the operation of this web site acquire some data communication of which is
implicit in the use of communication protocols on Internet.

This information is not collected for the purpose of associating it to the users; however, due to their very nature,
could through processing and association with data held by the Controllers or third parties allow identification
of the users. These data are deleted a few hours after processing.

This category is comprised of IP addresses or names in the computer domain used by the users who connect to
this site, the addresses in the Uniform Resource Identifier, the requested resources, the time of the request, the
method used when submitting a request to the server, the size of the file obtained in answer, the numeric code
indicating the status of the answer provided by the server (success, error, etc) and other parameters pertaining
to the operating system and to the computer environment of the user.

These data may be used by the Controllers for the sole purpose of obtaining anonymous statistical information
regarding the use of the site in order to identify pages preferred by the users and in order to provide increasingly
adequate contents and to verify proper operation. The data could be used to ascertain responsibility in case of
hypothetical computer-related crimes which damage the site.

Cookies

To improve the navigation experience, this site uses cookies and/or markers which technically are information
packets sent by a web server (in this case by this site) to the user’s browser or are memorized by the latter on
their own devices and automatically sent back to the server during each subsequent access to the site. In order
to learn about the types and purposes of the cookies used by the site and to show one’s own preference regarding
the use of the cookies, please consult the Cookie policy published on the home page of this site.

Personal data voluntarily provided by site users/visitors

The personal data provided by you through this site, necessary to access certain services, will be processed by
the Controllers for the sole purpose of providing said services and will be kept for the amount of time required
for their execution and will be deleted if it is no longer necessary to fulfil contractual or legal obligations and,
therefore, should it be necessary, also for the purpose of managing possible disputes and complaints. In
conformity to art. 9 of the GDPR particular categories of data are not required for navigation and for the
implementation of services, with the exception of what you may indicate in regards to any potential food
preferences or intolerances in the registration form on the website which will be processed with the sole scope
of customizing the requested service.

The data will not be disseminated but could be communicated, if necessary for the provision of the service or to
carry out the activities, to Societies that perform tasks of a technical or organizational nature necessary to provide
the requested services, as specified in the specific disclosures for the single services/events.

Following the required registration for the requested service, should you want to request/use other services or
other activities, you can use the credentials (user name/mail/password) already used for the first time
registration.
If necessary you will be asked to provide additional data required for the provision of more requested services.

Data conferment is necessary to provide the services of this site. Should it be necessary to obtain proper consent
for provision of the service, in conformity to the law and to the GDPR, this will be requested by a specific and
suitable disclosure.

Your data will be processed with the support of computer and electronic methods and is protected by means of
adequate security measures which are suitable to guarantee confidentiality and the dignity of those involved in
processing.

In particular, the above Controllers of data processing have adopted and adopt organizational measures
(assignment of roles and responsibility for implementing the activity and carrying out controls) and procedural
and technical measures (firewall, antivirus and other advanced technologies) which are appropriate to protect
your data against loss, theft and use, dissemination or unauthorized modification.

OIC and the Scientific Society process the above mentioned navigation data (anonymous) for the purpose of
monitoring the technical operation and the performance of the site, to better understand how to improve the
services and make them evolve. These data are necessary to guarantee a successful navigation experience.

These data are used for the sole purpose of obtaining anonymous statistical information regarding the use of the
site and to verify its proper operation, as best explained in the Cookie Policy published on the home page of this
site.

Should the Controllers need to communicate your personal data to third parties (for example, regarding the
services for which you are registered), they will proceed as autonomous Controllers or will be nominated as
Processors of processing.

Furthermore, your data could be communicated to subjects, institutions or authorities if such data
communication is required by law.

3. Rights

You can access all the information that concerns you at any time and can request updates, changes and
integration as well as deletion, transformation into an anonymous form or request that it be blocked.
You can oppose processing in full or partly; should opposition be expressed provision of the service will become
impossible.

In order to exercise these and other rights as specified under articles 15-22 of the GDPR you can write to the
Controllers at the above addresses or send an email to privacy@oic.it

You have the right to oppose processing of your data as well as presenting a complaint to the Authority for the
protection of personal data according to Art. 77 of the EU Regulation 2016/679.

4. Modification and updates

In the course of time this disclosure could undergo changes – also resulting for the entry in force of new norms
for this sector, updates and the provision of new services as a result of technological innovations – and therefore
we ask you to periodically consult this page.

CLIENT DISCLOSURE – Reference 1

(Participants) – Reference 1
Disclosure on the processing of personal data in conformity to Articles 13 and 14 of the EU Regulation
2016/679

We inform you that pursuant to Articles 13 and 14 of the EU Regulation 2016/679 “relative to the protection of
natural persons with regard to data processing as well as to free circulation of such data (the “Regulation” follows), processing of data provided by you, or acquired within the scope of our activity, will be based upon
principles of correctness, lawfulness and transparency and the safeguarding of your privacy and your rights.

1. Controllers of data processing

OIC S.r.l., headquartered in Florence, Viale Giacomo Matteotti 7, EPOS headquartered in Z.A. La Pièce 2 ,
1180 Rolle, Switzerland, herein after “Scientific Society”, in the person of the pro-tempore legal representatives,
domiciled at the company headquarters, are joint Controllers, pursuant to art. 26 of the GDPR, for processing of
your personal data, inform you, herebelow, regarding the method, purpose and scope of communication and
dissemination of your personal data and your rights, in conformity to EU Regulation 2016/679 and to the
applicable norms regarding protection of personal data.

The controllers can be contacted at the above mentioned addresses or by sending an email to privacy@oic.it

2. Type of data, Purposes and methods of processing

Your data will be processed by the joint Controllers only for the following purposes:

  1. applications for Educational Support for congress Events, application for CME procedure or for the
    fulfillment of all contractual commitments as they pertain to registration or whatever else concerns your
    participation, achieved through the processing, operating and management activities required to activate
    the economic relationship and to implement the contract
  2. to meet the requirements specified by norms of laws, regulations, national and community laws, civil
    law and tax legislation pertaining to the activity of the Controller and to existing agreements
  3. following specific consent the data may be processed by the Controllers for mailing of information
    material relating to the activities or requested services and/or other technical and commercial
    information of a promotional nature regarding activities or services that may be of interest
  4. following specific consent the data may be transferred by the Controllers to exhibitors and third parties
    other than the exhibitor that you will visit while browsing the site for the purposes of contact and
    advertising

We wish to specify that:

  • The legal basis of data processing as specified under letters a) and b) regarding the purposes of
    processing is reflected in the specific and voluntary activity of applying for Educational Support, of
    applying for CME procedure or by the contractual relationship established between the parties and by
    the fulfillment of the legal obligations connected to it.
    Processing of data supplied by you is necessary to present the application or to implement the stated
    contractual relationship of which you are a part.
    Your personal data may be transferred to travel agencies, carriers or accommodation facilities and / or
    hotels in a third country (non-EU) for the sole purpose of organizing and booking the trip related to the
    participation in the event for which you have registered.
    Lack of consent for data processing will make it impossible to proceed to the correct establishment
    and/or continuation and fulfillment of contractual commitments and relative legal obligations. The data
    will be deleted if it is no longer necessary to fulfil contractual or legal obligations.
  • The legal basis of data processing as specified under letter c) is represented by your express consent to
    such processing. Lack of consent for processing entails non usability of your data for the purposes
    specified under letter C) but does not impede provision of the service and therefore is an optional
    conferment.

The data will be kept in the headquarters of the joint Controllers for 24 months as specified in the provisions
issued on 02/24/2005 by the Authority for the protection of privacy.

All data will be treated correctly and transparently, both manually and with electronic and informatic tools; they
will be inserted in specific paper and/or electronic archives or in any other form of adequate support, and will
be constantly monitored through adequate operating procedures and safeguard measures, as established under
Art. 32 of the Regulation, for the purpose of guaranteeing the security and confidentiality of personal data in
order to prevent loss of such data, unlawful or improper use or unauthorized access.

Data will not be disseminated but can, besides being processed by individuals authorized by the joint Controllers,
be communicated only for the above indicated purposes, to:

  • subjects appointed by the joint Controllers who will process the data as external Processors in charge of
    processing as assigned by OIC S.r.l. and by the Scientific Society, and who require access to the data in
    order to perform those specific tasks of collaboration on behalf of them and which are necessary or
    functional in carrying out our activity (companies providing computer services, outsourcer
    administrators, fiscal, legal and financial consultants, other professionals);
  • subjects who will process the data as autonomous Controllers for the purposes described in this
    Disclosure and limited to what is required in order to meet contractual commitments and relative legal
    obligations.
  • subjects who need to access data in order to perform necessary or complementary services as required
    by the relationship (hotels, airline companies, etc.)
  • public and private subjects who can access data by virtue of the provisions of the laws, regulations and
    community regulations within the specified limits of such norms.

An updated list of the Processors and persons authorized to process data can be consulted at the headquarters of
the joint Controllers of processing.

3. Rights

You can access the information that concerns you at any time and request updates, changes and integration as
well as deletion, transformation into anonymous form or block data.

You can also oppose all or partial processing; if opposed it will not be possible to provide the service.

In order to exercise these and other rights as specified under articles 15-22 of the GDPR you can write to the
Controllers at the above addresses or send an email to privacy@oic.it

You have the right to oppose processing of your data and to present a complaint to the Authority for the
protection of personal data according to Art. 77 of the EU Regulation 2016/679.

4. Changes and updates

In the course of time this disclosure could undergo changes – also resulting for the entry in force of new norms
for this sector, updates and the provision of new services as a result of technological innovations – and therefore
we ask you to periodically consult this page.