top of page

Data protection

The Sport Diver Club Lana (hereinafter “Responsible”), in its capacity as Data Controller, informs that pursuant to art. 13 Legislative Decree no. 196 of 06/30/2003 (hereinafter “Privacy Code”) and art. 13 of Regulation (EU) No. 2016/679 (hereinafter “GDPR”) your data will be processed according to the modalities and for the following purposes:

1. Subject of data processing:

The Controller processes the personal, non-sensitive identification data (e.g. but not limited to first names, surnames, company names, telephone numbers, e-mail addresses - hereinafter "personal data" or just "data") that you When you register on the website of the Responsible (hereinafter the “Website”), when you participate in opinion polls and satisfaction surveys, when you fill in registration forms for events organized by the Responsible directly on the Website, in online explanations - or submit requests for support and ask for the newsletter to be sent.

2. Purposes of data processing:

Your personal data will be processed:

A) without your express consent (art. 24, letters a), b), c) of the Privacy Code and art. 6, letters b) and e) of the GDPR for the following official purposes:

  • administration and maintenance of the website;

  • enabling you to receive any services you may have requested;

  • Participation through the website in events organized by the person responsible (e.g. events);

  • processing of contact requests;

  • Fulfillment of requirements and obligations prescribed by law, regulations, EU legislation or official orders;

  • Fulfillment of obligations related to the administration of the association or relations with members;

  • Fulfillment of the statutory purposes of the German-Italian Chamber of Commerce to promote economic and trade relations between Italy and Germany and its task as a delegation of the German economy in Italy;

  • prevent or detect fraud or abuse of the Website;

  • Exercising the rights of controllers, such as asserting a right in court.

B) Only with your specific consent (Articles 23 and 130 of the Privacy Code and Article 7 of the GDPR) for other purposes:

  • Sending opinion and satisfaction surveys by email, sending newsletters and/or invitations to events or registrations for events in which the person responsible takes part or is the organiser.

3. Modalities of processing:

Your personal data will be processed according to the procedures referred to in art. 4 of the Privacy Code and art. 4 n. 2) of the GDPR, namely: collection, storage, organization, preservation, consultation, processing, modification, selection, extracting, comparison, use , networking, blocking, communication, erasure and destruction of the data. Your personal data will be processed both in paper form and with electronic and/or automated means using a cloud-based website managed by the company WIX in Germany.
The person responsible processes the personal data for as long as this is necessary for the above purposes, but in any case no more than 10 years after the end of the relationship for official purposes or no more than 2 years after the collection of the data for other purposes.

4. Security:

The person responsible uses numerous security measures to protect your data against loss, misuse or interference. In particular, it implements the measures referred to in articles 32-34 of the Privacy Code and article 32 of the GDPR; it uses data encryption techniques according to the AES standard (BCrypt) and the protected data transmission protocols known as HL7 and HTTPS and complies with the ISO/IEC 27000, WG3 and WG4 standards.

5. Access to Data

Your data may be made accessible for the purposes indicated in art. 2.A) and 2.B):

  • the employees of the controllers in their capacity as agents and/or internal processors and/or system administrators;

  • Third-party companies or other legal entities (e.g. DEINTERNATIONAL ITALIA Srl and DUAL.CONCEPT Srl, website providers, cloud providers, electronic payment service providers, suppliers, hardware and software support technicians, freight forwarders and carriers, credit institutions, freelancers, etc.) who carry out their activity in outsourcing for those responsible as processors.

6. Disclosure of data:

Even without your express consent (pursuant to Article 24 letters a), b) and d) of the Privacy Code and Article 6 letters b) and c) of the GDPR), the Controller is authorized to process your data for the purposes specified in Article 2 .A) to disclose the stated purposes to supervisory bodies, judicial authorities and any other legal entity to whom disclosure is required by law in order to fulfill the stated purposes. Your data will not be disclosed publicly.

7. Transmission of data:

The management and storage of personal data takes place within Europe, on servers installed in Germany by those responsible and/or by third-party companies commissioned by them, who are named as processors.

8. Type of data communication and consequences of refusal to provide information:

The communication of the data is mandatory for the purposes referred to in art. 2.A). Otherwise, neither registration on the website nor the services referred to in art. 2.A) can be guaranteed.
However, the provision of data is optional for the purposes referred to in art. 2.B). You can therefore refuse the communication of data or subsequently the processing of communicated data; in this case you will not receive e-mail invitations to events, newsletters and opinion or satisfaction surveys. In any case, you still have the right to use the services referred to in art. 2.A).

9. Rights of the data subject:

In your capacity as a data subject, you have the rights pursuant to Article 7 of the Data Protection Code and Article 15 of the GDPR, namely:

i. the right to obtain information as to whether personal data is available about you, even if it is not yet stored, and the right to have this data transmitted to you in an intelligible form;

ii. the right to obtain information about: a) the origin of the personal data; b) the purposes and modalities of the processing; c) the system applied if the data are processed electronically; d) the basic identification data of the controllers, the processors and the designated representative by virtue of art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1 of the GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as designated representatives in the national territory, managers or appointees;

You have the right to obtain: a) updating, rectification or, where interested, integration of the data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including those whose retention is unnecessary for the purposes for which they were collected or subsequently processed; c) confirmation that the operations referred to in letters a) and b) have been communicated, also as regards their content, to those to whom the data were communicated or disseminated, unless this proves impossible or involves effort would be unreasonably large in resources in relation to the protected right;

IV. the right to object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning you, even if this data is relevant to the purpose of collection; b) the processing of personal data concerning you, when this processing is carried out for the purpose of sending advertising material or direct sales, market or opinion research or commercial information, and for this purpose automatic call systems without human involvement, using e-mail and/or traditional telephone marketing and/or conventional postal advertising. The right of the data subject to object to marketing purposes by means of automated procedures as set out in point b) extends to conventional procedures; This does not affect the right of the person concerned to partially exercise the right to object. The data subject therefore has the option of receiving communications only in the traditional way, only automatic communications, or neither of the two types of communications. If applicable, you also have the rights specified in Art. 16-21 of the GDPR (right to data correction, data deletion, data processing restriction, data portability, objection) and the right to lodge a complaint with the data protection officer.

10. Possibilities of exercising rights

You can assert your rights at any time. Send about this

  • a registered letter with acknowledgment of receipt to: Sport Diver Club Duca d'Aosta-Alle, 8 , 39011 Bolzano, South Tyrol, Italy or

  • an email to

11. Minors:

This website and the services of those responsible are not intended for minors under the age of 18. The Controller does not intentionally collect personal data about minors. If information about minors has been stored unintentionally, it will be deleted immediately by the person responsible at the request of the user.

12. Controllers, processors and agents:

The data controller is Sport Diver Club Duca d'Aosta-Alle, 8, 39011 Bolzano, South Tyrol, Italy .

13. Changes to the Privacy Policy:

This privacy policy may be subject to change. It is therefore advisable to read the data protection declaration regularly and to refer to the current version.

bottom of page