According to the art. 13 of the EU Regulation n. 2016/679 ("General Data Protection Regulation" or "GDPR") the A.C.S.D. SHIN ZEN BI L.L.D. Milan informs those ("users" or "interested parties") who access the site starting from the address https: // and who use the services available electronically on the website of the Association, the information indicated in the information.
This information is provided exclusively in relation to the site of the Association and not in relation to other websites that could be consulted by the user via links reported or accessible on the same portal.


Data controller.
The data controller is the A.C.S.D. SHIN ZEN BI, with headquarters in via Venezia 33, 20813 Bovisio Masciago MB Italia - C.F. 91141730159 - tel. 3345964651 - mail: / pec:


Data Protection Officer
The (DPO) appointed by the Association is Sfreddo Martins Daniela, to which each interested person can write, in relation to the data processing carried out by the Association and / or in relation to your rights, to the following address: via Venezia 33, 20813 Bovisio Masciago MB Italy. The DPO can also be contacted by telephone through the Association on the number 3345964651 and by email at


Purpose of the processing and legal basis.
The personal data acquired will be processed by the Association without the consent of the interested party, pursuant to art. 6 lett. b) and e) of the GDPR, to manage and maintain the site of the Association, to allow the use of the services and the satisfaction of the requests of the users, to allow an effective institutional communication, to fulfill the obligations required by law, by a regulation, by EU legislation or by an order of the Authority or in any case connected to institutional activities and functions, or finally to prevent or detect fraudulent activities or abuses to the detriment of the Association through the association's website.
The sending of electronic mail to the institutional addresses indicated in the portal and the completion of the format entail the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the email or in the format. In this case the data acquired will be processed exclusively to respond to user requests. Specific information or indications on the relevant legislation / legal basis may be included, in relation to the particular processing of data, in specific pages of the association's website, in the format or in the document templates published on the Association's website.


Place and methods of processing.
The processing of data acquired through the website of the Association and / or connected to the services of the site itself, takes place at the offices of the Association and possibly at other subjects or computer systems / servers of other subjects specifically designated as Responsible (external) of the treatment. The processing of data takes place both on paper and through the use of IT tools, according to the principles of correctness, lawfulness, transparency, relevance and not excess with respect to the purposes of collection and subsequent treatment, subject to the adoption of adequate security measures and aimed at preventing the loss of data, illicit or incorrect use, unauthorized access and in general aimed at ensuring compliance with the provisions of the GDPR and of Legislative Decree no. 193/2006 integrated with the changes introduced by Legislative Decree 101/2018 and subsequent amendments. The data is processed exclusively by administrative and technical personnel, authorized for processing or by authorized persons for occasional maintenance operations. The association's website and online services are not intended for persons under the age of 18. Data relating to minors may be transmitted to the Association by accessing the site and services exclusively by subjects exercising parental responsibility.


Data provided voluntarily by the user
The sending of electronic mail to the addresses indicated on the site, involves the subsequent acquisition of some personal data of the applicant, including the e-mail address, necessary to respond to requests. The personal data of the user collected in the way described above or through electronic forms requesting particular services on the site, are used exclusively to find and / or respond to user requests; these data are kept for the time strictly necessary to fulfill the requests or as established by law.


Data security
Visitor / user data is processed lawfully and correctly, taking appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data. We are committed to protecting the security of personal data when they are sent, using Secure Sockets Layer (SSL) software, which encrypts information in transit. Processing is carried out using IT and / or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Owner, in some cases, they may have access to the data categories of officers involved in the organization of the site or external subjects (such as third party technical service providers, hosting providers).


Obligation or right to provide data.
The user is free to provide the personal data included in the request formats. Failure to provide the data necessary to render the service may make it impossible to obtain what is requested.


Period of conservation.
According to the art. 5 GDPR, the data will be processed and stored for a period of time not exceeding the achievement of the proper purposes of the service and of the processing and / or in compliance with the terms provided by law or regulation.
The data (IP address) used for site security purposes (blocking attempts to damage the site) is kept for 30 days. The data for analytics purposes (statistics) are stored in aggregate form for 24 months.


Communication and dissemination of data.
The data provided by Users is not intended for third parties and will not be communicated or disseminated, unless otherwise provided by law or regulation (in particular, data may be communicated to Supervisory Bodies, Judicial Authorities as well as to all other subjects to whom the communication is mandatory by law, for the fulfillment of the aforementioned purposes).


Data transfer abroad.
The data will not be transferred to third countries outside the European Area.


Rights of the interested party.
The user / interested party is guaranteed all the rights specified in the art. 15 - 20 GDPR, including the right to access, rectification and deletion of data, the right to limit and oppose treatment, the right to revoke the consent to treatment (without prejudice to the lawfulness of the processing based on the consent acquired before the revocation), as well as to lodge a complaint with the Guarantor for the Protection of Personal Data if the processing is deemed to violate the Rules. The aforementioned rights can be exercised by written communication to be sent by e-mail, e.g. or Registered at the headquarters of the Association.


Right to complain.
Interested parties who consider that the processing of their personal data carried out through this site is in violation of EU Regulation 2016/679, pursuant to art. 77, can submit a complaint to the Guarantor for the protection of personal data.

To exercise the above rights, the following model can be used:

MODEL EXERCISE OF RIGHTS INTERESTED (To be sent to the Data Controller or DPO, duly completed and signed)


Access to external linked sites.
The portal contains links to third-party sites for further convenience and user information. When the user uses these links he leaves the site of the Association by accessing a different site, on which the Association has no control and for which he has no responsibility whatsoever with regard to data processing. It is therefore advisable to examine the policy of each site that is visited.


Changes to this privacy policy.
The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page. Therefore, please check the contents often, taking as a reference the date of the last modification indicated at the bottom. In the event of non-acceptance of the changes made to this privacy policy, the User is required to cease using the functions provided by the Association and may request the Data Controller to remove their Personal Data. Unless otherwise specified, the previous privacy policy will continue to apply to the Personal Data collected up to that point.



Normative requirements
Legislative Decree 30 giugno 2003, n. 196.
GU General Series No.126 del 3.6.2014.
Privacy Regulation (UE) 2016/679 27.4.2016.
Legislative Decree n. 101 of 10 August 2018. Last update . 

Last update
                                                                                                                                                    Friday 11 August 2023, 08:00 Pm