Privacy Policy

This page describes how the FA.B! Project website is managed as regards the personal data of users who consult it. This is information given pursuant to Art. 13 of Leg. Dec. no. 196/2003 (Data Protection Law) and to Art. 13 of EU regulation 2016/679 (otherwise known as General Data Protection Regulation, GDPR) on the protection of natural persons with regard to the processing of personal data to those who interact with the website accessible via data communication starting from the address www.fabtogether.net, which corresponds to the first page of Project website.

This information refers only to the Project website and not to any other websites that may be consulted by users through links.
By using this site or/and our services, you consent to the Processing of your Personal Data as described in this Privacy Policy.

 

Table of Contents

  1. Definitions used in this Policy
  2. Data protection principles we follow
  3. What rights do you have regarding your Personal Data
  4. What Personal Data we gather about you
  5. How we use your Personal Data
  6. Who else has access to your Personal Data
  7. How we secure your data
  8. Information about cookies
  9. Contact information

Definitions

Personal Data– any information relating to an identified or identifiable natural person.

Processing– any operation or set of operations which is performed on Personal Data or on sets of Personal Data. Data subject – a natural person whose Personal Data is being Processed.

Child – a natural person under 18years of age

 

Data Protection Principles

We promise to follow the following data protection principles:

  • Processing is lawful, fair, transparent. Our Processing activities have lawful grounds. We always consider your rights before Processing Personal Data. We will provide you information regarding Processing upon request.
  • Processing is limited to the purpose. Our Processing activities fit the purpose for which Personal Data was gathered.
  • Processing is done with minimal data. We only gather and Process the minimal amount of Personal Data required for any purpose.
  • Processing is limited with a time period. We will not store your personal data for longer than needed.
  • We will do our best to ensure the accuracy of data.
  • We will do our best to ensure the integrity and confidentiality of data.

 

Data Subject’s rights

The Data Subject has the following rights:

  1. Right to information – meaning you have the right to know whether your Personal Data is being processed; what data is gathered, from where it is obtained and why and by whom it is processed.
  2. Right to access– meaning you have the right to access the data collected from/about you. This includes your right to request and obtain a copy of your Personal Data gathered.
  3. Right to rectification– meaning you have the right to request rectification or erasure of your Personal Data that is inaccurate or incomplete.
  4. Right to erasure – meaning in certain circumstances you can request for your Personal Data to be erased from our records.
  5. Right to restrict processing – meaning where certain conditions apply, you have the right to restrict the Processing of your Personal Data.
  6. Right to object to processing– meaning in certain cases you have the right to object to Processing of your Personal Data, for example in the case of direct marketing.
  7. Right to object to automated Processing– meaning you have the right to object to automated Processing, including profiling; and not to be subject to a decision based solely on automated Processing. This right you can exercise whenever there is an outcome of the profiling that produces legal effects concerning or significantly affecting you.
  8. Right to data portability– you have the right to obtain your Personal Data in a machine-readable format or if it is feasible, as a direct transfer from one Processor to another.
  9. Right to lodge a complaint – in the event that we refuse your request under the Rights of Access, we will provide you with a reason as to why. If you are not satisfied with the way your request has been handled, please contact us.
  10. Right for the help of the Data Protection Authority, meaning you have the right for the help of a supervisory authority and the right for other legal remedies such as claiming damages.
  11. Right to withdraw consent – you have the right to withdraw any given consent for Processing of your Personal Data.

 

Data we gather

Information you have provided us with

This might be your e-mail address, name, etc – mainly information that is necessary for delivering you a service or to enhance your experience with us. We save the information you provide us with, in order for you to comment or perform other activities on the website. This information includes, for example, your name and e-mail address.

 

Information automatically collected about you

This includes information that is automatically stored by cookies and other session tools. For example, your IP address, etc. This information is used to improve your visitor experience. When you use our services or look at the contents of our website, your activities may be logged.

 

How we use your Personal Data

We use your Personal Data in order to:

  • provide our service to you. This includes for example registering your account; providing you with services that you have requested; communicating and interacting with you; and notifying you of changes to any services

We use your Personal Data on legitimate grounds and with your Consent.

On the grounds of entering into a contract or fulfilling contractual obligations, we Process your Personal Data for the following purposes:

  • to identify you
  • to provide you a service
  • to communicate for project promotional reasons.

 

On the ground of legitimate interest, we Process your Personal Data for the following purposes:

  • to send you personalized services;
  • to conduct questionnaires;
  • for statistical purposes

 

With your consent we Process your Personal Data for the following purposes:

  • to send you informations about the project;
  • for other purposes we have asked your consent for.

We Process your Personal Data in order to fulfil obligation rising from law and/or use your Personal Data for options provided by law. We reserve the right to anonymise Personal Data gathered and to use any such data. We will use data outside the scope of this Policy only when it is anonymised.

We might process your Personal Data for additional purposes that are not mentioned here but are compatible with the original purpose for which the data was gathered. To do this, we will ensure that:

  • the link between purposes, context and nature of Personal Data is suitable for further Processing;
  • the further Processing would not harm your interests
  • there would be appropriate safeguard for Processing. We will inform you of any further Processing and purposes.

 

Who else can access your Personal Data

We do not share your Personal Data with no one is not allowed.

 

Our project partners:

  • CENTRO INFORMAZIONE DOCUMENTAZIONE INIZIATIVA PER LO SVILUPPO – C.I.D.I.S. – ONLUS (CIDIS ONLUS), with registered office in Via Della Viola 1, Perugia 06122;
  • Hfc Hope For Children Crc Policy Center (HFC), with registered office at 75 Limassol Avenue Office 201 2nd Floor, Lefkosia 2121, Cyprus;
  • Kentro Merimnas Oikogeneias Kai Paidiou (KMOP), with registered office at 75 Skoufa Street, Athens 10680, Greece;
  • Fondazione Iniziative e Studi sulla Multietnicità – FONDAZIONE ISMU, with registered office in Via Copernico 1, Milan 20125, Italy,;
  • Porcausa De Investigacion Y Periodismo (porCausa), with registered office at Calle De La Victoria 9-1, Madrid 28012, Spain;
  • Jesuit Refugee Service Malta Foundation (JRS MALTA), with registered office at 50 Street, Triq Ix-Xorrox, St Aloysius Sports Complex, Birkirkara BKR1631, Malta.

 

Connected third parties:

  • Google LLC (Google Analytics, Google embed documents, Google surveys)
  • Facebook
  • YouTube
  • Instagram

 

How we secure your data

We do our best to keep your Personal Data safe. We use safe protocols for communication and transferring data (such as HTTPS). We use anonymising and pseudonymising where suitable. We monitor our systems for possible vulnerabilities and attacks.

Even though we try our best we cannot guarantee the security of information. However, we promise to notify suitable authorities of data breaches. We will also notify you if there is a threat to your rights or interests. We will do everything we reasonably can to prevent security breaches and to assist authorities should any breaches occur.

Children

We do not intend to collect or knowingly collect information from under 14 years old children.

Cookies and other technologies we use

We use cookies and/or similar technologies to analyse customer behaviour, administer the website, track users’ movements, and to collect information about users. This is done in order to personalise and enhance your experience with us.

A cookie is a tiny text file stored on your computer. Cookies store information that is used to help make sites work. Only we can access the cookies created by our website. You can control your cookies at the browser level. Choosing to disable cookies may hinder your use of certain functions.

We use cookies for the following purposes:

Account related cookies

If you create an account with us then we will use cookies for the management of the signup process and general administration. These cookies will usually be deleted when you log out, however in some cases, they may remain afterwards to remember your site preferences when logged out.

Login related cookies

We use cookies when you are logged in so that we can remember this fact. This prevents you from having to log in every single time you visit a new page. These cookies are typically removed or cleared when you log out to ensure that you can only access restricted features and areas when logged in.

Surveys related cookies

From time to time we offer user surveys and questionnaires to provide you with interesting insights, helpful tools, or to understand our user base more accurately. These surveys may use cookies to remember who has already taken part in a survey or to provide you with accurate results after you change pages.

Forms related cookies

When you submit data through a form such as those found on contact pages or comment forms cookies may be set to remember your user details for future correspondence.

Site preferences cookies

In order to provide you with a great experience on this site we provide the functionality to set your preferences for how this site runs when you use it. In order to remember your preferences we need to set cookies so that this information can be called whenever you interact with a page is affected by your preferences.

Third Party Cookies

In some special cases we also use cookies provided by trusted third parties. The following section details which third party cookies you might encounter through this site.

  • This site uses Google Analytics which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content. For more information on Google Analytics cookies, see the official Google Analytics page.
  • From time to time we test new features and make subtle changes to the way that the site is delivered. When we are still testing new features, these cookies may be used to ensure that you receive a consistent experience whilst on the site whilst ensuring we understand which optimisations our users appreciate the most.
  • We also use social media buttons and/or plugins on this site that allow you to connect with your social network in various ways. For these to work the following social media sites, including Facebook and YouTube, will set cookies through our site which may be used to enhance your profile on their site or contribute to the data they hold for various purposes outlined in their respective privacy policies.

You can remove cookies stored in your computer via your browser settings. Alternatively, you can control some 3rd party cookies by using a privacy enhancement platform such as optout.aboutads.info or youronlinechoices.com. For more information about cookies, visit allaboutcookies.org.

We use Google Analytics to measure traffic on our website. Google has their own Privacy Policy which you can review here. If you’d like to opt out of tracking by Google Analytics, visit the Google Analytics opt-out page.

Contact Information

We are committed to safeguarding your privacy. Contact us at @ if you have any questions or problems regarding the use of your Personal Data and we will gladly assist you.

for CIDIS ONLUS: privacy@cidisonlus.org- Laura De Rosa

for FONDAZIONE INIZIATIVE E STUDI SULLA MULTIETNICITA – FONDAZIONE ISMU: Lawyer Mariarosa Gaetano

avv.mariarosagaetano@pec.it

for :HFC HOPE FOR CHILDREN CRC POLICY CENTER: melissari.k@uncrcpc.org- Katerina Melissari for KENTROMERIMNAS OIKOGENEIAS KAI PAIDIOU: dpo@kmop.org – Pyrros Papadimitriou

for PORCAUSA DE INVESTIGACION Y PERIODISMO: Chantal.touzet@porcausa.org – Chantal Touzet for JESUIT REFUGEE SERVICE MALTA FOUNDATION: sharon@jrsmalta.org – Sharon Attard De Giovanni

 

Data Administrator

CIDIS ONLUS with registered office in Via Della Viola 1, Perugia 06122.

 

Changes to this Privacy Policy

We reserve the right to change this privacy policy to comply with all legal requirements. The latest privacy policy applies

We’ve made some important changes to our Privacy and Cookies Policy and we want you to know what this means for you and your data. These changes were made primarily in preparation for the EU’s new data privacy law, the General Data Protection Regulation (GDPR). The links to both of them you will find also at the bottom of this page.

Ex art 26 GDPR 2016/679

SUMMARY OF

JOINT CONTROLLERHIP AGREEMENT

for the implementation of the project “Family Based care for children in migration” – acronym FA.B! “Project Number 958056

(Art. 26 of EU Regulation 2016/679)

 

BY AND BETWEEN THE UNDERSIGNED PARTIES

The CENTRO INFORMAZIONE DOCUMENTAZIONE INIZIATIVA PER LO SVILUPPO – C.I.D.I.S. – ONLUS (CIDIS

ONLUS), with registered office in Via Della Viola 1, Perugia 06122, in the person of its legal representative Maria Teresa Terreri

And legal entities

Hfc Hope For Children Crc Policy Center (HFC), with registered office at 75 Limassol Avenue Office 201 2nd Floor, Lefkosia 2121, Cyprus, Legal Representative Joseph Borghese;

Kentro Merimnas Oikogeneias Kai Paidiou (KMOP), with registered office at 75 Skoufa Street, Athens 10680, Greece, Legal Representative Georgios Christopoulos

Fondazione Iniziative e Studi sulla Multietnicità – FONDAZIONE ISMU, with registered office in Via Copernico 1, Milan 20125, Italy, Legal Representative Mariella Enoc;

Porcausa De Investigacion Y Periodismo (porCausa), with registered office at Calle De La Victoria 9-1, Madrid 28012, Spain, Legal Representative Lucila Rodríguez- Alarcón;

Jesuit Refugee Service Malta Foundation (JRS MALTA), with registered office at 50 Street, Triq Ix-Xorrox, St Aloysius Sports Complex, Birkirkara BKR1631, Malta, Legal Representative Katrine Camilleri

hereinafter jointly referred to as “Parties” or “Joint Project Partners”, each a “Partner” of the project

(Omissis)

Item

  1. By this agreement (hereinafter the “Agreement”), of which the recitals are an integral and substantial part, the Parties regulate their respective roles and responsibilities regarding compliance with the obligations arising from the Applicable Legislation, with particular regard to the exercise of the rights of the data subject, and their respective functions of communication of the information referred to in Articles 13 and 14 of the GDPR.
  2. The Joint Controllers shall at all times perform their obligations in accordance with the terms of this Agreement and in such a way as to process the data without violating the provisions of the Applicable Legislation.
  3. The Joint Controllership referred to in this Agreement refers to the processing of personal data as identified in art.2 of this agreement, carried out within the Project through the computerized tools used for the collection, sharing and processing of personal data.
  4. The Parties are jointly and severally obliged to prepare and keep up to date all the documentation relating to the fulfilments provided for by the regulations in force concerning the protection of personal data, according to the roles and responsibilities defined in this agreement.
  5. Where the purposes and methods of processing have not been jointly determined, each Party operates as an autonomous Data Controller under Article 4 No. 7) of the GDPR. It is therefore excluded from the Joint Controllership what is managed independently by each Partner within the tasks/work packages of its direct responsibility, as identified by the Project, or is processed based on any consent given to the Party by the data subject, is managed for administrative purposes, in fulfilment of its own institutional obligations or in accordance with the provisions of law and regulations applicable to it.

(Omissis)

 

Personal data security obligations

  1. The Joint Controller are required to implement, in accordance with the principles applicable to the processing of personal data, all appropriate technical and organisational security measures to protect the personal data processed within the scope of the activity referred to in this Agreement and to regularly verify compliance with such measures
  2. Each Joint Controller authorises, informs, and instructs its personnel involved in processing on the organisational methods, operating procedures, management of paper documentation, use of IT tools and the functions of the information systems.
  3. The Parties agree that for the system referred to in art. 3, paragraph 1, the identification, adoption, and implementation of security measures on the information system used and shared in the context of the supply of the services referred to in the foregoing is the responsibility of CIDIS. He therefore has the exclusive task of regularly verifying compliance with these measures for the timely recovery of the availability of personal data processed in the event of a physical or technical incident and to perform periodic monitoring of the level of security achieved, to make it always adequate to the risk
  4. Each Joint Controller is instead responsible for the identification of the subjects to be enabled/disabled to the system and for the assignment of the relevant authorizations (profiles) for the use of the system and the protection of the confidentiality of personal data.
  5. In particular, the Joint Controller undertake:
    1. to respect the principle of necessity by reducing to a minimum the use of personal and identification data so as to exclude the processing when the purposes pursued can be achieved by means of anonymous data or methods that allow the identification of the person concerned only if necessary; to respect the principles of “privacy by design” and “privacy by default” – to avoid making copies, extractions, duplications, even partial ones, for reasons not related to the purposes of the processing referred to in the introduction, to document the aforementioned security operations and, if requested, to show each Joint Controller every supporting document;
    2. not to communicate to unauthorised parties or to disseminate personal data and information of a strictly confidential nature, also in relation to the technological equipment and/or organisational and procedural methods of which they may become aware in their relations with another Joint Controller.
  6. Each Joint Controller assumes the responsibility to ensure compliance with the provisions on security and protection of personal data, in accordance with the technical, organisational, and behavioural rules also concerning the information content of this Agreement.

 

(Omissis)

  • Liability of the Joint Controllers towards the interested parties
  1. The Parties shall be jointly and severally liable vis-à-vis the data subjects for any damage caused by processing that does not comply with the applicable Data Protection Legislation, for the full amount of the damage resulting from the processing to ensure the effective compensation of the data subject.
  2. If one of the Joint Controller has paid the entire compensation for the damage, this Joint Controller shall be entitled to exercise recourse against the other Joint Controller for the sums paid for whatever reason in relation to the damage caused by the treatment of the other Joint Controller, to obtain the restitution of the part of the sum corresponding to the share of responsibility of each.
  3. The interested parties may act indiscriminately against each Joint Controller for the protection of their rights.

(Omissis)

 

  • Rights of the interested parties
  1. Interested parties may at any time request access to their personal data and obtain a copy of the same, their correction or integration if they consider them to be inaccurate or incomplete, as well as their cancellation, where this does not conflict with current legislation on the storage of data and with the possible need to allow the verification, exercise, or defence of a right in court.
  2. Data subjects, as provided for in Article 77 of the Regulation, also have the right to lodge a complaint with the national supervisory authority, of any of the States where the Partners are established, in the event of unlawful processing or delayed response by the data controller to a request that falls within the rights of the data subject.
  3. For the exercise of these rights, the references of the Data Protection Officer (DPOs), to whom the data subject may refer for matters relating to the processing of his/her personal data, are as follows.

 

for CIDIS ONLUS: privacy@cidisonlus.org- Laura De Rosa

for FONDAZIONE INIZIATIVE E STUDI SULLA MULTIETNICITA – FONDAZIONE ISMU: Lawyer Mariarosa Gaetano

avv.mariarosagaetano@pec.it

for :HFC HOPE FOR CHILDREN CRC POLICY CENTER: melissari.k@uncrcpc.org- Katerina Melissari for KENTROMERIMNAS OIKOGENEIAS KAI PAIDIOU: dpo@kmop.org – Pyrros Papadimitriou

for PORCAUSA DE INVESTIGACION Y PERIODISMO: Chantal.touzet@porcausa.org – Chantal Touzet for JESUIT REFUGEE SERVICE MALTA FOUNDATION: sharon@jrsmalta.org – Sharon Attard De Giovanni

It is understood that, in accordance with art. 26, par. 3 of the Regulations, independently of the provisions of this Agreement, the interested party may exercise its rights with respect to each Joint Controller.

(Omissis)

Art. 12 – Final Provisions

  1. Any amendments to this Agreement shall be made by mutual written agreement of the Parties.
  2. For any other aspect not explicitly governed by this Agreement, the provisions of current legislation on the protection of personal data shall apply.
  3. Any amendments to this Agreement shall be in writing and may only be modified by a written statement agreed upon by the Parties.
  4. The invalidity, even partial, of one or more of the clauses of this Agreement shall not affect the validity of the remaining clauses.
  5. The Parties have read and understood the contents of this Agreement and by formally adhering to it express their full agreement.