Karate Coreano Tang Soo Do

The Data Controller, as specified below, in accordance with Regulation (EU) 2016/679 of April 27, 2016, regarding the protection of individuals with regard to the processing of personal data (hereinafter "Regulation"), informs you that the processing of personal data will be carried out for the purposes and in the manner outlined below.

"Processing of personal data" refers to any operation or set of operations performed with or without automated processes applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination, or any other form of making available, comparison or interconnection, limitation, deletion, or destruction.

Processing will be conducted manually (e.g., collection of paper forms) and electronically or with the aid of computerized or automated tools.

1. TYPES OF PERSONAL DATA PROCESSED

"Personal Information" or "Personal Data" are the details that identify you or allow you to be identified. We may collect personal data such as: name, gender, address, workplace, phone number, email address, professional role, date and place of birth, nationality, and other passport-related data, visa information, or other identification documents issued by the state; credit or debit card information.

2. SOURCE OF PERSONAL DATA SUBJECT TO PROCESSING

The personal data subject to processing are collected directly from the data subject.

3. PURPOSE OF DATA COLLECTION (ART. 13 PAR.1 LETTER C – GDPR 2016/679)

A. To provide quality service to our guests

Your personal information is collected to assist with reservations and to provide the requested services at our facilities, to meet your needs during your stay, and/or to contact you regarding issues related to your stay with us. Our goal is to offer superior service, whether for a single stay or repeated visits.

4. LEGAL BASIS FOR PROCESSING (ART. 13 PAR.1 LETTER C – GDPR 2016/679)

The legality of personal data processing by the data controller is ensured as it complies with letters a) and c) of Article 6, paragraph 1 of Regulation (EU) 2016/679.

5. NATURE OF DATA PROVISION - CONSEQUENCES OF REFUSING CONSENT (ART. 13 PAR.2 LETTER E – GDPR 2016/679)

If processing is necessary to comply with a legal obligation to which the data controller is subject (Art. 6 Par. 1 letter c – GDPR 2016/679), the data controller is not required to obtain specific consent. If the data subject chooses not to provide the personal data, the consequence would be the inability to establish or continue the contractual relationship. Outside the aforementioned cases, personal data processing is optional and may only occur with explicit consent.

6. DATA COMMUNICATION (ART. 13 PAR.1 LETTER E – GDPR 2016/679)

In accordance with Article 13, paragraph 1, letter e of GDPR 2016/679, we indicate the subjects or categories of subjects who might become aware of your personal data:

Data Processors (employees and collaborators)

Data Controllers (consultants, service providers)

Joint Controllers

7. METHOD OF PROCESSING

Processing will be carried out manually and/or automatically by authorized personnel, in compliance with Articles 30, 32, and 35 of Regulation (EU) 2016/679, under the supervision of the Data Protection Officer.

8. DATA SUBJECT RIGHTS (CHAPTER III – GDPR 2016/679)

Articles 12 – 22 of the Regulation grant the data subject specific rights, including:

Access: Requesting access to your personal data, allowing you to receive a copy of the data we hold and verify its accuracy.

Correction: Requesting correction of any incomplete or inaccurate data we hold about you.

Deletion: Requesting deletion of your personal data where there is no valid reason for us to continue processing it. This includes exercising the right to be forgotten, processing of data illegally, or complying with local law requirements.

Objection: Objecting to the processing of personal data where we rely on legitimate interests or for direct marketing purposes. This right applies if there are particular reasons affecting your rights and freedoms.

Restriction: Requesting restriction of processing in specific situations, such as when verifying the accuracy of data or when the processing is unlawful but you do not wish to have the data deleted.

Transfer: Requesting the transfer of personal data to you or to a third party in a structured, commonly used, and machine-readable format.

Withdrawal of Consent: Withdrawing consent at any time where it is required for processing, though this does not affect the lawfulness of processing before withdrawal.

To exercise any of these rights, please contact us using the contact details provided below or by emailing info@karatecoreano-tangsoodo.com.

If you are not satisfied with our response or believe we are not processing your personal data in accordance with data protection laws, you have the right to lodge a complaint with the Data Protection Authority (http://www.garanteprivacy.it/). We would appreciate the opportunity to address your concerns before you contact the Authority, so please reach out to us first.

9. DATA RETENTION PERIOD (ART. 13 PAR. 2 LETTER A – GDPR 2016/679)

The data processing will not exceed the time necessary for the purposes for which the data were collected, as specified in the individual purposes. However, if the data subject believes, for any reason, that the processing purpose has been fulfilled, they can exercise their right by sending a formal request to info@karatecoreano-tangsoodo.com.

10. ROLES (ART. 13 PAR. 2 LETTER B – GDPR 2016/679)

Data Controller

Karate Coreano Tang Soo Do

00133 Rome

Tel: +39 3803480003

E-Mail: info@karatecoreano-tangsoodo.com

Data Processor

Emiliano De Santis