Privacy policy - Zika

All fields are required.

Close Appointment form

Privacy policy

At Fondazione PENTA Onlus, we are strongly committed to protecting your privacy. You can navigate the majority of our Website without giving us any personal information about yourself. However, sometimes we need additional information about you in order to provide the information or services you are requesting.

As you may be aware, new data protection rules in the European Union (EU) known as the General Data Protection Regulation (GDPR) entered into force on May 25, 2018.  Focused on data privacy, GDPR is the new EU legal framework for the protection of personal data. It includes several key changes to existing EU data protection law, including data breach notification, accountability and enhanced individual rights. GDPR will affect all organizations and public bodies, wherever located, that handle data of persons in the EU.  Over the past few years, we have been preparing for this and are taking steps to ensure timely compliance with those rules.

To protect your privacy, we provide this notice explaining our practices in connection with information that we collect, use and disclose through activities that link to our service and the choices you can make about the way your information is collected and used.

By providing Personal Information to us, you agree to the terms and conditions of this Privacy Policy and with our Terms and Conditions.

The term ‘Fondazione PENTA Onlus’, or ‘us’ or ‘we’ refers to the owner of the website (data controller) whose registered office is Corso Stati Uniti, 4, Padova 35127, Italy.

The term ‘you’ refers to the user or viewer of our website.

This privacy notice is provided by Fondazione Penta Onlus to the visitors of the Website, pursuant to Article 13 of GDPR.                           

a) The Controller
By using the Website, you might provide us personal data. The controller of such personal data is Fondazione Penta – for the treatment and care of children with HIV (and related diseases) – Onlus with registered office at Corso Stati Uniti, 4, 35127 Padova, Italy, e-mail address: (hereinafter also referred to as the “Controller”).

b) The Data Protection Officer

The data Protection Officer, appointed by Penta according to Article 37 of the GDPR, can be contacted at the following address:

c) Place of Data Processing

The data related to the services provided by the Website are processed by the Controller at its registered office – at Corso Stati Uniti, 4, 35127 Padova, Italy – and the data processing will be carried out only by subjects expressly authorised by the Controller. For further information, please contact us at

d) Types of personal data processed

We may collect the following types of Personal Information, in a various way, including, but not limited to:

  • Information about your computer and your visit to and use of this website (this includes IP Address);
  • Personal Data freely provided from you (this includes name, email address, and any other details asked for and which you provide) whenever you fill out forms, or registration for newsletters;
  • Other personal or sensitive information related to your spontaneous forwarding of personal document (this includes Curriculum Vitae).

Failure to provide certain Personal Data may make it impossible for this Website to provide its services.

Your information will not be disclosed to any third party unless you have given your consent to such disclosure.

e) What we do with the information we gather

Your Personal Data may be collected in particular for the following reasons:

  • To respond to your inquiries and fulfil your requests (newsletter, questions and comments). Your email address may be added to the mailing list and you may receive email messages containing information about news or events;
  • To re-contact you if we have the needed to do so (voluntary submission of personal document i.e. CV);
  • To give you access to our reserved area.

We do not share personally identifiable information with unrelated Third-Parties who are not covered by this Privacy Policy without your prior permission, except to the extent reasonably necessary to:

  • Correct technical problems and malfunctions;
  • Protect the security and integrity of our Website;
  • Protect our rights, interests and property and the rights, interests and property of others;
  • Comply with laws or to respond to judicial process;
  • Provide information to law enforcement agencies or for an investigation of a matter as applicable, or otherwise as required or permitted by law.

f) Purposes and legal basis for processing

The data is collected and processed for purposes strictly related to the usage of the Website and its services. The specific purposes for processing are described in detail in the further privacy notices provided by the Website in all cases of data collection. Please read carefully the privacy notices which, from time to time, illustrate the characteristics of the processing that will be carried out by the Controller.

Your data will be processed according to Article 6, paragraph 1, letter b) of the GDPR to run the services provided by the Website (for example, to answer requests made through the Website).

g) Optional nature of the user’s decision to provide personal data

Except for what already specified regarding data related to the web browsing, the user is free to provide personal data to the Controller by filling in the “Contact form”. Failure to provide such data may result in the impossibility for the Controller to answer the user’s requests.

The data required from time to time is indicated in the data collection form on the Website and the consequences of the failure to provide such data are described in the specific privacy notices present on the data collection pages. 

 h) Links to other websites 

This privacy notice is only applicable to the Website and is not valid for any other websites that may be consulted by the user via links originating from the same. The Controller cannot be held responsible for the personal data provided by the user to third parties or to any other website that may be linked to the Website.

i) Lodge a complaint before the Data Protection Authority

Should you consider the processing of your data infringes the GDPR, you may lodge a complaint before the Italian Data Protection Authority (, or before the Data Protection Authority of the Member State of your habitual residence, place of work or place of the alleged infringement.

 j) Applicable law

This Privacy Policy is ruled by Regulation EU 2016/679, which guarantees that the processing of personal data is made in full respect of fundamental rights and freedom, as well as of the dignity of the person involved with particular reference to privacy, personal identity and the right to personal data protection.

 k) Data processing procedures and communication of data

The data can be processed both electronically and in paper form. The personal data you provide us with will be processed lawfully and correctly, in full compliance with the legislation in force, in order to guarantee the strictest confidentiality of such personal data. Specific security measures are implemented to prevent data loss, illicit use and unauthorised access.

Data will not be communicated or disseminated to third parties except within the limits and under the conditions expressly indicated in the information notices provided to the user from time to time on the Website, and only upon receipt of authorization from the same (e.g. to the companies providing services related to the Website operation).

The data will be processed only by persons expressly authorized to manage the data provided by users through the Website, identified within the Communication and Project Management Areas of Fondazione PENTA Onlus designated pursuant to art. 29 of GDPR.

The Controller use external providers to manage the Website and the Website services. For those activities, suppliers or external organisations process personal data of the users for purposes strictly related to the provision of the services, and have therefore been appointed by the Controller as data processors (according to article 28 of the GDPR). A complete list of external processors can be requested by contacting the Controller at the address provided in par. n) below.

l) Transmission of data outside the European Union

Transmission of data outside the European Union: In the case of transfer of subject’s data to a third country which is not an adequate country, the controller and the processor shall comply with the terms of the standard contractual clauses for the transfer of personal data to processors established in third countries approved by EC Commission Decision of 5 February 2010 and any subsequent amendment or re-edition.

m) Storage period

Your data will be processed for the period indicated in the specific privacy notices provided at the moment of collection.

Your data, collected through the “Contact form” of the Website will be processed for the time necessary to properly manage your request and subsequently erased.

As regards the storage period for the browsing data, please read the following paragraph dedicated to Cookies.

n) Rights of data subjects

By contacting the following e-mail address:, the user may at any time exercise the following rights (GDPR – article 15 to 22):

  • obtaining confirmation as to whether or not personal data concerning you is being processed
  • obtaining access to your personal data and to the information set out in Article 15 of the Regulation;
  • obtaining the rectification of the inaccurate personal data that concerns you without undue delay or the supplementing of incomplete personal data;
  • obtaining the erasure of the personal data that concern you without undue delay;
  • obtaining the restriction of processing the personal data that concern you;
  • being informed of any rectifications or erasures or restrictions of processing in relation to the personal data that concern you;
  • receiving in a structured, commonly used and machine-readable format the personal data that concern you;
  • objecting at any time, on grounds associated with your specific situation, to the processing of the personal data that concern you.

The full text of such rights is available on

o) Use of cookies

The Fondazione PENTA Onlus Website uses ‘cookies’.

A cookie is a small text file that is placed on your hard disk whenever you start to navigate a Website. Cookies are uniquely assigned to each user, and can only be read by a webserver within the domain that issued the cookie.

Our Website uses cookies, defined as “technical”, in order to recall information on your subsequent visits. This simplifies the process of recording your personal information, such as addresses. When you return to our Website, the information previously provided can be retrieved, allowing Fondazione PENTA Onlus features which have been customized to be easily used.

You may accept or decline cookies. Most web browsers automatically accept cookies, but users can usually modify their browser settings to decline cookies should they so prefer. If users choose to decline cookies, they may not be able to fully experience the interactive features of the ZIKAction services or website being visited.

p) Google Analytics

We may collect files that record interaction with this Website (System Logs) or use for this purpose other Personal Data (this includes IP Address). An IP address is a number assigned to you by your Internet service provider, so you can access the Internet. Although we do receive IP addresses, we do not use them to identify you personally or disclose them to others.

In accordance with art. 6, paragraph 1, point f) of GDPR, we may have access and use your IP Address through Google Analytics web analysis service utilizing the Data collected to track and examine the use of our Website, to prepare reports on its activities and share them with other Google services. Google may use the Data collected to contextualize and personalize the ads of its own advertising network.

You may selectively disable the Google Analytics’ installation on your browser, with the opt-out option provided by Google. To disable Google Analytics action, please refer to the link below:

q) Third party cookies

When visiting our Website, you may receive cookies from visited site (first part), both sites run by other organizations (third parties). Notable examples are the presence of “embed” video or “social plugin” from social networking services. These are parts of the page visited generated directly from these sites and integrated into the site’s host page. The most common use is aimed at content sharing on social networks.

The presence of these plugins entails the transmission of cookies to and from all sites managed by third parties. The management of information collected by third parties is governed by their policies.

r) Other Third-Party Websites

Our Website may contain links to other Third-Party Websites. You should carefully review the Privacy Policies and practices of other websites, as we do not have any control or responsibility over Third-Party Websites.

Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this Privacy Policy. You should exercise caution and look at the privacy statement applicable to the website in question.

s) Our commitment to children’s privacy

Protecting the privacy of the very young is especially important. For that reason, we do not intend to collect or maintain information at our Website from those we know are under 13 years of age, and no part of our Website is structured to attract anyone under 13.

t) Changes to this Privacy Policy

Penta reserves the right to revise, amend or simply update this Privacy Policy, in whole or in part, at its sole discretion, in any manner and/or at any time, without notice, including to take account of changes to the law or regulations regarding the protection of personal data. Users will be notified of changes and updates to the Privacy Policy by (i) e-mailing the registered users or (ii) publication on the homepage of the Website. Any modification will be binding as soon as published or communicated. Please access this section regularly for updates on the Privacy Policy or check your e-mail.

Contact Us

If you have any questions regarding this Privacy Policy, please contact us at


Padova, 30/07/2020