Privacy Policy
Eco-Art-System safeguards your privacy online. We use the information we collect about you to help us understand more about how our site is used and to be able to send you communications about Persia that may be of interest to you, either electronically or otherwise. The “personal information” is information that enables us to identify you, such as your email address, name, title and address.
We reserve the right to update this privacy policy at any time without prior notice. We will process data in accordance to the privacy policy that you have agreed to at the time of your consent. Upon a change in policy, we will alert you; your continued use of the website and/or its services will constitute your consent to the updated policy. Use the “Last Updated” date in this policy to determine when it was last changed. By using our website, you agree to be bound by this Policy.
OWNER AND DATA CONTROLLER
Via S.Spirito, 22/R
50125 Firenze (FI) – Italy
C.F: 94311620481.
T: (+39) 333 739 54 26
Owner contact email: info@ecoartsystem.com
TYPES OF DATA COLLECTED
Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as:
“Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
Among the types of Personal Data that this Website collects, by itself or through third parties, there are: first name; email address.
- Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.
- Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Website.
- Unless specified otherwise, all Data requested by this Website is mandatory and failure to provide this Data may make it impossible for this Website to provide its services. In cases where this Website specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.
- Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner.
- Any use of Cookies – or of other tracking tools – by this Website or by the owners of third-party services used by this Website serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy, if available.
Users are responsible for any third-party Personal Data obtained, published or shared through this Website and confirm that they have the third party’s consent to provide the Data to the Owner.
We may use your information to:
- process a donation that you have made;
- process orders that you have submitted;
- to carry out our obligations arising from any contracts entered into by you and us;
- dealing with entries into a competition;
- seek your views or comments on the services we provide;
- send you communications which you have requested and that may be of interest to you. These may include information about events, updates and other fundraising;
- process a grant or job application.
We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfill our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
Third Party Service Providers working on our behalf: We may pass your information to our third party service providers, agents subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to process donations and send you mailings). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes. Please be reassured that we will not release your information to third parties beyond PEF activities for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
When you are using our secure online donation pages, your donation is processed by a third-party payment processor, which specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us.
You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us about the vital work we do or our exciting events, then you can select your choices by ticking the relevant boxes situated on the form on which we collect your information.
We will not contact you for marketing purposes by email, phone, or text message unless you have given your prior consent. We will not contact you for marketing purposes by post. You can change your marketing preferences at any time by contacting us at: info@ecoartsysem.com.
The accuracy of your information is important to us. We are working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change your email address or any of the other information we hold is inaccurate or out of date, please email us at: info@ecoartsysem.com.
Your rights to access personal data. As a ‘data subject’, under the Data Protection Act you have the right of access to the personal data held about you. Please contact Eco-Art-System at info@ecoartsysem.com for further information. Eco-Art-System accepts the following forms of ID when information on your personal data is requested: Passport, driving license, and birth certificate.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances, you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
When you give us personal information, we take steps to ensure it is treated securely. Any sensitive information (such as credit or debit card details) is encrypted and protected with the following software 128 Bit encryption on SSL. When you are on a secure page, a lock icon will appear next to our URL.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Union (“EU”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EU. These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy. If you use our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Website (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
The Owner may process Personal Data relating to Users if one of the following applies:
- Users have given their consent for one or more specific purposes. Note: Under some legislations the Owner may be allowed to process Personal Data until the User objects to such processing (“opt-out”), without having to rely on consent or any other of the following legal bases. This, however, does not apply, whenever the processing of Personal Data is subject to European data protection law;
- provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
- processing is necessary for compliance with a legal obligation to which the Owner is subject;
- processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
- processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.
In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
The Data is processed at the Owner’s operating offices and in any other places where the parties involved in the processing are located.
Depending on the User’s location, data transfers may involve transferring the User’s Data to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.
Users are also entitled to learn about the legal basis of Data transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the Owner to safeguard their Data.
If any such transfer takes place, Users can find out more by checking the relevant sections of this document or inquire with the Owner using the information provided in the contact section.
Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.
Therefore:
- Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
- Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.
The Data concerning the User is collected to allow the Owner to provide its Service, comply with its legal obligations, respond to enforcement requests, protect its rights and interests (or those of its Users or third parties), detect any malicious or fraudulent activity, as well as the following: Contacting the User, Interaction with data collection platforms and other third parties and Managing contacts and sending messages.
For specific information about the Personal Data used for each purpose, the User may refer to the section “Detailed information on the processing of Personal Data”.
Contact form (this Application)
By filling in the contact form with their Data, the User authorizes this Application to use these details to reply to requests for information, quotes or any other kind of request as indicated by the form’s header.
Personal Data processed: email address; first name.
Mailing list or newsletter (this Application)
By registering on the mailing list or for the newsletter, the User’s email address will be added to the contact list of those who may receive email messages containing information of commercial or promotional nature concerning this Application. Your email address might also be added to this list as a result of signing up to this Application or after making a purchase.
Personal Data processed: email address; first name.
This type of service makes it possible to manage a database of email contacts, phone contacts or any other contact information to communicate with the User.
These services may also collect data concerning the date and time when the message was viewed by the User, as well as when the User interacted with it, such as by clicking on links included in the message.
Mailchimp (The Rocket Science Group LLC)
Mailchimp is an email address management and message sending service provided by The Rocket Science Group LLC.
Personal Data processed: email address; first name.
Place of processing: United States – Privacy Policy.
This type of service allows Users to interact with data collection platforms or other services directly from the pages of this Website for the purpose of saving and reusing data.
If one of these services is installed, it may collect browsing and Usage Data in the pages where it is installed, even if the Users do not actively use the service.
Mailchimp widget (The Rocket Science Group LLC)
The Mailchimp widget is a service for interacting with the Mailchimp email address management and message-sending service provided by The Rocket Science Group LLC.
Personal Data processed: email address; first name.
Place of processing: United States – Privacy Policy.
To ensure that Persia’s website is well managed and to facilitate improved navigation within the site, website analytics are employed to collect aggregate data to analyse the number of visitors to different areas of the site and to make sure that the website is serving as a useful, effective information source. To opt-out of being tracked by Google Analytics across all websites, you can visit http://tools.google.com/dlpage/gaoptout.
Legal action
The User’s Personal Data may be used for legal purposes by the Owner in Court or in the stages leading to possible legal action arising from improper use of this Website or the related Services.
The User declares to be aware that the Owner may be required to reveal personal data upon request of public authorities.
Additional information about User’s Personal Data
In addition to the information contained in this privacy policy, this Website may provide the User with additional and contextual information concerning particular Services or the collection and processing of Personal Data upon request.
System logs and maintenance
For operation and maintenance purposes, this Website and any third-party services may collect files that record interaction with this Website (System logs) use other Personal Data (such as the IP Address) for this purpose.
Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning of this document.
How “Do Not Track” requests are handled
This Website does not support “Do Not Track” requests.
To determine whether any of the third-party services it uses honor the “Do Not Track” requests, please read their privacy policies.
Changes to this privacy policy
The Owner reserves the right to make changes to this privacy policy at any time by notifying its Users on this page and possibly within this Website and/or – as far as technically and legally feasible – sending a notice to Users via any contact information available to the Owner. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom.
Should the changes affect processing activities performed on the basis of the User’s consent, the Owner shall collect new consent from the User, where required.
Like many other websites, Persia website uses cookies. ‘Cookies’ are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. For example, we use cookies to store your country preference. This helps us to improve our website and deliver a more personalised service.
It is possible to switch off cookies by setting your browser preferences. For more information on how to switch off cookies on your computer, visit our full cookies policy. Turning cookies of may result in a loss of functionality when using our website.
Personal Data (or Data)
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
Usage Data
Information collected automatically through this Website (or third-party services employed in this Website), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Website, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Website) and the details about the path followed within the Website with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.
User
The individual using this Website who, unless otherwise specified, coincides with the Data Subject.
Data Subject
The natural person to whom the Personal Data refers.
Data Processor (or Data Supervisor)
The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.
Data Controller (or Owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Website. The Data Controller, unless otherwise specified, is the Owner of this Website.
This Website
The means by which the Personal Data of the User is collected and processed.
Service
The service provided by this Website as described in the relative terms (if available) and on this Website.
European Union (or EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
- Make the website work as you’d expect;
- Remember your settings during and between visits;
- Improve the speed/security of the site;
- Allow you to share pages with social networks; and
- Continuously improve the website.
- Collect any personally identifiable information;
- Collect any sensitive information; or
- Pass personally identifiable data to third parties
Most web browsers allow some control of cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, please visit www.allaboutcookies.org.
Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.
In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third-party site.
This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation). This privacy policy relates solely to this Website, if not stated otherwise within this document.
These links are for information only and inclusion does not imply any endorsement of content by Eco-Art-System nor any responsibility for accuracy or maintenance. Any changes we may make to our Cookie Statement in the future will be posted on this page.
Eco-Art-System is a non-profit association founded in 2022 focused on raising awareness on sustainability issues and the environment through creative means while also promoting the shared consciousness of protecting our planet and green thinking through fun educational activities.
Via S.Spirito, 22/R – 50125 Firenze (FI)
T: (+39) 333 739 54 26
Email: info@ecoartsystem.com
© ECO-ART-SYSTEM. All rights reserved. C.F: 94311620481.