Privacy Policy

INFORMATION ON PRIVACY – PROCESSING OF PERSONAL DATA

 

We hereby wish to inform you about how we process the personal data of users who consult the  website.

Below you will find information on how we gather, use and transfer your personal data, i.e. any data that can be used to identify or contact you.

 

1. DATA CONTROLLER

The data controller is the Dicastero per la Comunicazione (hereinafter “DPC”) – Via della Conciliazione 5, 00120 – 00120 Vatican City, Phone +39 06 698 45726 e-mail: policies@spc.va  

 

2. LEGITIMACY OF THE PROCESSING OF YOUR DATA

Most of the information we collect comes directly from you: it is either provided to us voluntarily or it is necessary for the provision of our services.

DPC processes your personal data in order to fulfil its role and for the exercise, development and improvement of the services offered to users.

The provision of data, which is used exclusively for the purposes listed in point 3, is optional; however, the withholding of data and failure to consent to its processing means that DPC will not be able to provide the service correctly.

 

3. PURPOSES, TYPES OF DATA PROCESSED, AND PROCESSING METHODS

All the data of a personal nature collected will be processed solely for the purpose of carrying out DPC service activities, aimed at regular and/or one-off donations made by various methods (credit card, direct debit, or other) and for sending messages.

DPC will not process the data provided by the data subject for purposes other than those explicitly stated above.

Furthermore, DPC will not make any automated decisions on the basis of the information provided.

All the personal data collected is processed by automated and manual means for the time strictly necessary exclusively to achieve the purposes indicated above, and in such a way as to guarantee its integrity, confidentiality and security by DPC’s staff and collaborators, or by parties expressly appointed as data processors who act on the basis of specific instructions given regarding the data processing purposes and methods.

 

4. DATA RECIPIENTS

Personal data may be communicated to other public and private entities only in accordance with laws or regulations, in order to achieve the purposes listed in point 3 above. DPC will not carry out international data transfers.

 

5. COOKIES AND OTHER TRACKING SYSTEMS

DPC uses session (non-persistent) cookies strictly limited to what is necessary for the safe and efficient navigation of the site.

For detailed information on the type of cookies used, you can consult our specific COOKIE POLICY information page.

 

6. DATA STORAGE AND CUSTODY

DPC keeps the personal data it collects accurate, complete and up-to-date for as long as necessary to provide the services to which the data relates. We can assure you that all necessary steps have been taken to ensure the security of your personal data once it has been collected, through the use of limited access information systems and secure storage solutions.

 

7. RIGHTS OF DATA SUBJECTS

The persons to whom the personal data refer, in their capacity as Data Subjects, may at any time exercise:

·       the right to access the data (to know what kind of personal data DPC processes, and the characteristics of the processing carried out);

·       the right to request rectification, cancellation, or restriction of processing;

·       the right to object to processing.

The data subject also has the right to withdraw/revoke his(her consent at any time, without prejudice to the lawfulness of the processing based on the consent given before the withdrawal/revocation.

 

8. EXERCISE OF THE RIGHTS OF THE DATA SUBJECT

To exercise the rights referred to in point 7, the data subject may contact DPC by sending an email with the subject line “PERSONAL DATA” to:  policies@spc.va  

The request - whatever form it takes - must be accompanied by: name and surname of the person concerned, photocopy of Identity Document and an indication of the right you wish to exercise.

Please note that we may refuse to comply with requests we deem to be frivolous, harmful to the privacy of others, or contrary to a legitimate use of the data where this is aimed at ensuring the safety of persons, environments or property