WSO Protects critical habitats and endangered species globally by means of the sustainability certifications Friend of the Sea and Friend of the Earth and the related conservation and awareness projects.

Policy and Consent Request

Pursuant to the General Data Protection Regulation (EU Regulation 2016/679)

Dear data subject, according to the indicated legislation, our processing will be based on the principles of fairness, lawfulness, transparency and protection of your privacy and rights. Therefore, in accordance with Article 13 of GDPR 2016/679, we are providing you with the following information:

PROCESSING REFERRED TO IN THE POLICY: Website WSO – Website https://www.wsogroup.org/

   Customers

Database: Website wsogroup.org
Personal Data Name
Last Name
E-mail address
State

Through electronic and traditional means

The Data Processor and Data Controller ensure data subjects that their data will be processed only for the stated purposes and only to the extent strictly necessary for processing. They also agree, within the limits of reasonableness, to modify and correct all data that could be found in the meantime to be different from the originals, to keep them up to date at all times, and to delete all those data exceeding the declared processing.

The treatment consists, for example, in operations of collection, registration, organization, conservation, extraction, consultation, use, communication, cancellation of personal data. It is carried out, for the aforementioned purposes, according to principles (pursuant to Article 5 of the GDPR n. 2016/679) of lawfulness, correctness, transparency, data minimization and accuracy. The data are processed by telephone, paper, computer and telematic methods. The processing takes place using suitable tools, technical and organizational measures adequate to guarantee security, integrity and confidentiality, avoiding in particular the risk of loss, unauthorized access, illicit use, dissemination, in compliance with the provisions of art. . 32 of the GDPR n. 2016/679, by the subjects and in compliance with the provisions of art. 29 of the GDPR n. 2016/679 and art. 2-quaterdecies of the Privacy Code.

Access to datato the employees and collaborators of the Data Controller in their capacity as persons in charge of processing and / or system administrators;to third-party companies or other subjects (by way of example: professional firms, consultants, software houses that provide management, credit institutions, insurance companies, etc.) who carry out outsourced activities on behalf of the Data Controller, in their capacity as external data processors.

  • Article 8 (Data Concerning Minors):
  • No data of minors are processed.

  • Article 9 (Other Categories of Special Data):
  • Health, biometric and judicial data are not processed.

  • Duration of Data Processing:
  • The processing has an indefinite duration:

    The company World Sustainability Organization Srl declares the processing to have an indefinite date as it will keep it going in order to continue its business.

    The Data controller and Data processor will ensure that data subjects can be assured that once the purposes of this processing have been achieved, the data will be deleted.

    Marketing purposes: Your data is processed until you request cancellation or unsubscribe from the newsletter.

  • Profiling:
  • This processing does not involve automated or profiling processes.

    The Personal Data of the interested party is transferred to countries of the European Union and to third countries, in compliance with the provisions of the Regulation. In particular, Personal Data is transferred to third countries where part of the activity is performed.

    In this regard, the following should be noted:

    there is no adequacy decision in relation to the level of data protection guaranteed in these third countries;

    in the absence of an adequacy decision, the data may be transferred to the third country only if the adequate guarantees pursuant to art. 46.2 of the Regulation, including the standard contractual clauses adopted by the Commission and/or by a national supervisory authority.

    In this case, the transfer of data to third countries takes place on the basis of the standard contractual clauses referred to in the “Commission Decision of 5 February 2010 relating to the standard contractual clauses for the transfer of personal data to data controllers established in third countries at pursuant to Directive 95/46/EC of the European Parliament and of the Council” [notified under number C(2010)/87/EU] and therefore on the basis of the consequent “Authorisation for transfers to third countries through the standard contractual clauses pursuant to Commission decision 2010/87/EU in the case of an importer established in a third country” issued by the Guarantor for the Protection of Personal Data with provisions of 27 May 2010 and 15 November 2012.

    DATA CONTROLLER: World Sustainability Organization Srl (paolobray@friendofthesea.org)

    DATA PROCESSOR: Paolo Bray (paolobray@friendofthesea.org)

    The data subject has the right, at any time, to obtain confirmation of the existence or non-existence of their data and to know its content and origin, verify its accuracy or request its integration, updating or rectification. They also have the right to request the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, their processing. Requests should be addressed to the Data Controller, World Sustainability Organization Srl at its headquarters in Via Cappuccini 8, 20122 Milan (MI) or to the email address paolobray@friendofthesea.org

    The data subject has the right to submit a complaint to the Privacy Authority if the Data Controller fails to respond to the data subject’s requests. The GDPR EU Regulation 2016/679 recognizes the following specific rights held by the data subject (http://www.garanteprivacy.it/web/guest/home/autorita):

    The data subject may, at any time, submit a complaint to the Supervisory Authority by registered letter addressed to:

    Garante per la protezione dei dati personali, Piazza Venezia 11, 00186, Roma.

    Or by certified electronic mail (pec) message addressed to: protocollo@pec.gpdp.it