CSEN / ASI / CONI Certifications
Auth. law 4/2013
©2021-2025 - PI: IT01850450097
Terms and conditions
Information on the processing of personal data pursuant to Articles 13-14 EU Regulation 2016/679
Dr. LUCA FILIPPONE, as the Data Controller of your personal data, pursuant to and for the purposes
of Reg. EU 2016/679 hereinafter 'GDPR', hereby informs you that the aforementioned regulation provides for the protection of
interested with respect to the processing of personal data and that such processing will be based on the principles of fairness,
lawfulness, transparency and protection of your privacy and your rights.
Your personal data, indicated below, will be processed in accordance with the legislative provisions of the above-mentioned regulations
recall and the confidentiality obligations provided therein:
a. personal, contact and payment data – information relating to name, telephone number, address
PEO and PEC, as well as information relating to the payment of the fee for the assignment. Basis for processing:
fulfillment of contractual/pre-contractual obligations (art. 6 lett. B GDPR). The provision is mandatory for the correct
performance of the assignment.
b. data relating to health status: personal data relating to health are collected directly, in relation
to the request for the execution of evaluations, examinations, diagnostic tests, rehabilitative interventions and any other
type of professional service related to the execution of the assignment. Basis for processing:
performance of a professional service (art.9 par. 2 lett.h). The provision is mandatory for the correct
performance of the assignment.
Purpose of processing: Your data will be processed for the performance of activities necessary for prevention,
maintenance, restoration of one's own well-being, connected to the execution of the assigned task. The service and
consequently, the personal data subject to processing will be handled in full compliance with the principles of fairness,
lawfulness, transparency. Only with your specific and separate consent (art. 7 GDPR), for the following marketing purposes:
sending via e-mail, mail and/or SMS and/or telephone contacts, newsletter on professional services offered by the Data Controller free of charge or for a fee
payment (open day, seminars, information days...) and assessment of the level of satisfaction with the quality of services.
The processing of data necessary for the fulfillment of such obligations is required for the proper management of the assignment and the
their provision is mandatory for the implementation of the purposes indicated above. The Data Controller also informs that
failure to communicate, or incorrect communication of, any of the mandatory information may cause
the impossibility for the Data Controller to guarantee the adequacy of the processing itself.
Processing methods: Your personal data may be processed through electronic and paper archives. Every
processing takes place in compliance with the procedures set out in Articles 6 and 32 of the GDPR and through the adoption of appropriate
planned security measures.
Disclosure: Your personal data may be disclosed exclusively to Health Authorities, to the Authority
Judicial, and if necessary, for the performance of the requested services, to competent and duly
appointed/trained subject to confidentiality and protection of the rights of the data subject.
Health data (falling under the “special category of data” pursuant to art. 9 of the GDPR) will be disclosed, of
as a rule, only to the person concerned and only in the presence of an express written authorization to third parties.
Every suitable means will be adopted to prevent unauthorized access by third parties as well
present at the conferment.
They may be shared, in case of legal obligations, with structures/services/operators of the National Health Service or other public authorities. The
Your data will be processed only by personnel expressly authorized and duly trained by the Data Controller.
Disclosure: Your personal data will not be disclosed in any way.
Retention period: Pursuant to art. 5 of the GDPR, the retention period of your personal data is 10
years in compliance with the legal obligations established by the civil code. Personal data that is no longer necessary, or for the
for which there is no longer a legal basis for their retention, will be irreversibly anonymized or
safely deleted.
You have the right to obtain from the controller the erasure (right to be forgotten), restriction, updating, rectification,
portability, the opposition to the processing of personal data concerning you, as well as, more generally, you may exercise all
the rights provided for by Articles 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR.
In this case, it will be the professional's responsibility to verify the legitimacy of the requests, generally providing feedback within
30 days.
Data Subject Rights: According to EU Regulation 2016/679 (art. 15, 16, 17, 18, 19, 20, 21, 22):
a) The data subject has the right to obtain confirmation as to whether or not personal data concerning him or her exists, even
if not yet registered, and their communication in an intelligible form.
b) The data subject has the right to obtain information: about the origin of the personal data; about the purposes and methods of the
processing; of the logic applied in case of processing carried out with the aid of electronic tools; of the details
identification details of the data controller, the data processors, and the representative designated pursuant to Article 5, paragraph 2; of the
subjects or categories of subjects to whom personal data may be communicated or who may become aware of it
knowledge as a designated representative in the territory of the State, of managers or appointees.
c) The data subject has the right to obtain: the updating, rectification or, when interested,
the integration of data; the deletion, transformation into anonymous form, or blocking of data processed in violation of
law, including those for which retention is not necessary in relation to the purposes for which the data were
collected or subsequently processed; the certification that the operations referred to in letters a) and b) have been carried out
knowledge, also regarding their content, of those to whom the data have been communicated or disclosed,
except in cases where such compliance proves impossible or requires the use of means that are manifestly
disproportionate with respect to the protected right; data portability.
d) The data subject has the right to object, in whole or in part: for legitimate reasons, to the processing of personal data concerning him/her
concern, even if relevant to the purpose of the collection; to the processing of personal data concerning you for purposes of
sending of advertising material or direct sales or for carrying out market research or communication
commercial.
For any complaints or reports regarding the methods of data processing, it is good practice to contact the Data Controller.
However, it is possible to submit your complaints or reports to the Authority responsible for data protection, using the
relevant contact details: Data Protection Authority - piazza di Montecitorio n.121 - 00186 ROME - fax: (+39)
06.696773785 – tel. (+39) 06.696771 - PEO: garante@gpdp.it - PEC: protocollo@pec.gpdp.it.