Data protection policy

The Italian Society of Authors and Publishers (SIAE), pursuant to article 13 of EU Regulation ( no. 2016/679 (“the GDPR”), provides the following information with reference to Personal Data processing about Italia Music Export activities. Such information will be lawful, fair, transparent, accurate and conducted in accordance with the integrity and confidentiality principles.

  • Data Controller

The Data Controller is SIAE (Società Italiana degli Autori ed Editori) with registered office in Rome, Viale della Letteratura 30, 00144.

  • DPO

The Data Protection Officer of SIAE can be contacted at the following e-mail address: SiaeUfficioDataProtection@siae.it for any clarification regarding your Personal Data protection as well as the exercise of the rights provided for by articles 15 – 22 of the GDPR.

  • Categories of Personal Data and means of processing

The processing will concern personal data such as:

  • Identification data
  • Contact information
  • Data relating to identity documents
  • Professional data (such as the profession carried out, the professional interests)
  • Bank details (IBAN).

The data are processed with or without the support of IT tools, through appropriate technical and organizational measures to ensure an adequate level of security compared to the internal risks of the process.

  • Purposes and Lawfulness (Legal basis or ground) of Personal Data Processing

The purposes of Personal Data processing are as follows:

  1. selective sending of newsletters on Italian musical export activity and for courses and workshops, based on professional interests analysis and Personal Data provided to SIAE, as well for the promotion of Italian music abroad by sharing data of Italian operators and artists with foreign operators, also through reports and aggregated data;
  2. provision of funds and other financial forms to support the expenses related to music export of Italian operators and artists .

According to the purposes explained at point a, the lawfulness (legal basis or ground) of processing is provided for by art. 6 par. 1, letter a), given that user consent is necessary for the processing, while for the purposes at point b, it is provided for by art. 6 par. 1, letter b), given that such processing is necessary for the provision of the requested services.

  • Nature of data provision and consequences of refusal to provide data

With reference to the purposes of the processing at point 4.a, the provision of data is voluntary, but in case such Personal Data are not provided or the consent to the processing is not given, SIAE will not be able to send you any communication as explained above.

With reference to the purposes as in (b), the provision of personal data is deemed as a contractual obligation, therefore, the missing, partial or incorrect provision of personal data may result in the inability for SIAE to provide funding or other forms of economic support.

 

 

  • Data Processors

SIAE, for the purposes related to  Personal Data processing, may also use other Subjects, natural or legal persons established in the European Union, designated as Data Processor, according to Article 28 of the GDPR. The list of SIAE Data Processors is available at the SIAE registered office.

With reference to the newsletters, the mail service is performed by The Rocket Science Group LLC d/b/a MailChimp, established in the USA, whose policy about data protection can be read at https://mailchimp.com/legal/privacy

 

  • Data Retention

Personal Data collected for the purposes above specified, will be retained until explicit withdrawal  of the consent  from the Data Subjects and, in   case of funding or other forms of financial support, they will be retained for  a ten year period , according to art. 2220 of Italian Civil Code.

 

  • Rights of the data subject

It is always guaranteed to the Data Subject, except for legal limitations, the possibility to exercise the right:

  1. to access his/her personal data;
  2. to request and obtain the rectification of his/her Personal data ;
  3. to request and obtain the erasure of his/her Personal Data;
  4. to request and obtain the restriction of the processing of his/her Personal Data ;
  5. to object to processing;
  6. to object to processing at any time of personal data for direct marketing purposes, including profiling to the extent related to such direct marketing, as well as in the cases referred to in article 21, par. 1, of the GDPR;
  7. to receive the personal data provided to the Controller, in a structured, commonly used and machine-readable format and to transmit those data to another controller ;
  8. to lodge a complaint with the supervisory authority – Italian Data Protection Authority – Email garante@gpdp.it – Certified mail: protocollo@pec.gpdp.it, according to article 77 of the Regulation. To this end, it may be used the web form provided by the Italian Data Protection Authority.

Said rights can be exercised by sending a request to the following e-mail address of the SIAE Data Protection Officer: SiaeUfficioDataProtection@siae.it.

SIAE reserves the right to update this Policy in case of legislative changes and to modify it in the event SIAE intends to use said data for further purposes, which will be explained in advance and, if necessary, submitted to your consent.

In any case, the Data Subjects are suggested to periodically consult this Policy on the website www.siae.it.

THE DATA CONTROLLER

Società Italiana degli Autori ed Editori (SIAE)