Following the new European Data Protection Regulation (GDPR) we have updated our Privacy Policy to tell you and explain you in a clear and immediate way the purposes, the reasons and the way in which we collect and process your personal data. We have included some details about your privacy rights and how to contact YOGA SPACE about the protection of your personal data.
the GDPR will be applied in all respects from 25 May 2018.

What are the main new features?
A complete disclosure that makes us even more transparent allowing you easy access to immediately find the information you need in relation to the methods and purposes of processing your data
Know how long your personal data will be processed and how you can exercise your rights at any time, as set out in the Regulations

INFORMATION RELATING TO THE PRIVACY POLICY OF THE SITE
1. This section contains information on how Yoga Space is managed in relation to the processing of data of Yoga Space users.
2. This information is also valid for the purposes of art. 13 of Legislative Decree no. 196/2003, Code regarding the protection of personal data, and for the purposes of Article 13 of EU Regulation no. 2016/679, concerning the protection of individuals with regard to the processing of personal data as well as the free circulation of such data, for those who interact with Yoga Space and can be reached at the address corresponding to the initial page:
www.yogaspace.it
3. The information is provided only for Yoga Space and not for other websites that may be consulted by the user via links contained therein.
4. The purpose of this document is to provide information about the methods, timing and nature of the information that data controllers must provide users when connecting to the Yoga Space web pages, regardless of the purpose of the connection itself, according to the legislation Italian and European.
5. The information may be changed due to the introduction of new regulations in this regard, therefore the user is invited to periodically check this page.
6. If the user is under the age of 16, pursuant to article 8 of the EU regulation 2016/679, he will have to legitimize his consent through the authorization of his parents or guardian.

DATA PROCESSING
1 - Data Controller
1. The data controller is the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of processing personal data. It also deals with security profiles.
2. With regard to this website, the data controller is: STUDIO YOGA DINAMICO SSDRL, Via Palma il Vecchio 12, 24128 Bergamo, PI 04171000161 for users of the Bergamo office; ASD Yoga Space, Via U. Cavalcabò 11, 26100 Cremona, CF 93057150190 for Cremona users.
For any clarification or exercise of your rights you may write to:
- info@yogaspace.it for Cremona
2 - Data processing manager
1. The controller is the natural or legal person, public authority, service or other body that processes personal data on behalf of the data controller.
2. In accordance with article 28 of the EU regulation no. 2016/679, on the appointment of the data holder, the person in charge of data processing (DPO) of the Yoga Space site was appointed. DPO that you can contact by writing to the email addresses specified above.

3. What data we process
The data we deal with are those relating to your registration on the site for the creation of your account: name, surname, mobile phone, email.
We use them to send you informative newsletters (only ours, not third parties) on events and promotions, or to resolve any problems with your bookings.
We also collect your information when you first register for courses, in the Csen Tesseremanto module: name, surname, email, mobile phone, address, tax code. This data is required by law by the CONI, which uses sports promotion bodies for correct management. We have chosen Csen.

4 - Data processing location
1. The data processing generated by the use of Yoga Space takes place at Via Palma il Vecchio 12, 24128 Bergamo for users of the yoga studio in Bergamo and at Via U. Cavalcabò 11, 26100 Cremona for the users of the yoga studio in Cremona.
2. In case of need, the data connected to the newsletter service may be processed by the data controller or persons appointed by it for this purpose at the relative site.


COOKIES
1 - Type of Cookies
1. The Yoga Space site uses cookies to make the user's browsing experience easier and more intuitive: cookies are small strings of text used to store certain information that may relate to the user, his preferences or the access device to the Internet (computer, tablet or mobile phone) and are mainly used to adapt the operation of the site to the user's expectations, offering a more personalized browsing experience and memorizing the choices made previously.
2. A cookie consists of a reduced set of data transferred to the user's browser by a web server and can only be read by the transferring server. This is not executable code and does not transmit viruses.
3. Cookies do not record any personal information and any identifiable data will not be stored. If desired, you can prevent some or all cookies from being saved. However, in this case the use of the site and the services offered may be compromised. To proceed without changing the cookie options, simply continue browsing.
The following are the types of cookies used by the site:

2 - Technical cookies
1. There are numerous technologies used to store information on the user's computer, which are then collected by the sites. Among these the most known and used is that of HTML cookies. They are used for navigation and to facilitate access and use of the site by the user. They are necessary for the transmission of communications over the electronic network or for the supplier to provide the service requested by the customer.
2. The settings to manage or disable cookies may vary depending on the internet browser used. However, the user can manage or request the general deactivation or cancellation of cookies by modifying the settings of his or her internet browser. Such deactivation can slow down or prevent access to some parts of the site.
3. The use of technical cookies allows the secure and efficient use of the site.
4. The cookies that are inserted in the browser and retransmitted by Google Analytics or through the statistics service of bloggers or similar are technical only if used for the purpose of optimizing the site directly by the owner of the site itself, which can collect information in aggregate form on the number of users and how they visit the site. Under these conditions, for analytics cookies the same rules apply, in terms of information and consent, provided for technical cookies.
5. From the point of view of duration, temporary session cookies can be distinguished that are automatically deleted at the end of the browsing session and are used to identify the user and therefore avoid the login to every page visited and the permanent ones that remain active in the PC up to upon expiration or cancellation by the user.
6. Session cookies may be installed in order to allow access and stay in the reserved area of the portal as an authenticated user.
7. They are not stored permanently but exclusively for the duration of the navigation until the browser is closed and disappear when the browser is closed. Their use is strictly limited to the transmission of session identifiers consisting of random numbers generated by the server necessary to allow a safe and efficient exploration of the site.

DATA PROCESSED
1 - Data processing mode
1. Like all websites, this site also uses log files in which information collected in an automated manner during user visits is stored. The information collected could be the following:
- internet protocol address (IP); - type of browser and parameters of the device used to connect to the site; - name of the internet service provider (ISP); - date and time of visit; - web page of the visitor's origin (referral) and exit; - possibly the number of clicks.
2. The aforementioned information is processed in an automated manner and collected in an exclusively aggregated form in order to verify the correct functioning of the site, and for security reasons. This information will be processed based on the legitimate interests of the owner.
3. For security purposes (anti-spam filters, firewalls, virus detection), automatically recorded data may also include personal data such as the IP address, which could be used, in accordance with the relevant laws in force, in order to block attempts to damage to the site itself or damage to other users, or in any case harmful activities or offenses. These data are never used for the identification or profiling of the user, but only for the purpose of protecting the site and its users, such information will be treated according to the legitimate interests of the owner.
4. If the site allows the insertion of comments, or in case of specific services requested by the user, including the possibility to send the Curriculum Vitae for a possible working relationship, the site automatically detects and records some identification data of the user , including the email address. These data are voluntarily provided by the user when requesting the service to be provided. By entering a comment or other information the user expressly accepts the privacy policy, and in particular he agrees that the contents inserted are freely disseminated also to third parties. The data received will be used exclusively for the provision of the requested service and only for the time necessary for the provision of the service.
5. The information that the users of the site will deem to make public through the services and the tools made available to them, are provided by the user knowingly and voluntarily, exempting this site from any responsibility for any violations of the laws. It is up to the user to verify that they have the permissions to enter personal data of third parties or contents protected by national and international standards.

2 - Purpose of data processing
1. The data collected by the site during its operation are used for the purpose of sending newsletters. The data collected with the Csen membership form is transmitted to the CONI through the Csen.
2. The data will be stored for the period strictly necessary to achieve the aforementioned purpose and in any case not exceeding 5 years.
3. In any case, the data collected by the site will never be provided to third parties, for any reason, unless it is a legitimate request by the judicial authority and only in the cases provided for by law. Obviously, as mentioned, sending the data of the Csen Membership to the Coni applies.
4. The data used for security purposes (blocking attempts to damage the site) are kept for the time strictly necessary to achieve the purpose previously indicated.

3 - Data provided by the user
1. As indicated above, the optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.
2. Specific summary information will be progressively reported or displayed on the pages of the site set up for particular services on request.

4 - Support in the configuration of your browser
1. The user can also manage cookies through his browser settings. However, deleting the cookies from the browser may remove the preferences set for the site.
2. For further information and support you can also visit the help page specific to the web browser you are using:
- Internet Explorer: http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies
- Firefox: https://support.mozilla.org/en-us/kb/enable-and-disable-cookies-website-preferences
- Safari: http://www.apple.com/legal/privacy/it/
- Chrome: https://support.google.com/accounts/answer/61416?hl=it
- Opera: http://www.opera.com/help/tutorials/security/cookies/
1. The art. 13, c. 2 of EU Regulation 2016/679 lists the user's rights.
2. The Yoga Space site therefore intends to inform the user about the existence:
- the right of the interested party to request the owner access to personal data (Article 15 EU Regulation), their update (Article 7, paragraph 3, letter a) of Legislative Decree 196/2003), the correction (art. 16 EU Regulation), integration (art. 7, co. 3, lett. a) D.Lgs. 196/2003) or the limitation of the treatment concerning it (art. 18 EU Regulation) or oppose, for legitimate reasons, to their treatment (art. 21 EU Regulation), in addition to the right to data portability (art. 20 EU Regulation);
- the right to request cancellation (art. 17 EU Regulation), transformation into anonymous form or blocking of data processed in violation of the law, including those for which conservation is not necessary in relation to the purposes for which the data are been collected or subsequently processed (Article 7, paragraph 3, letter b) of Legislative Decree 196/2003);
- the right to obtain the attestation that the updating, rectification, data integration, deletion, data blocking and transformation operations have been brought to the attention, also with regard to their content, of those to whom the data have been communicated or disseminated, except in the case where such fulfillment proves impossible or involves the use of means manifestly disproportionate with respect to the protected right (art. 7, co. 3, lett. c) D.lgs. 196/2003);
3. Requests can be addressed to the data controller, without formalities or, alternatively, using the model provided by the Guarantor for the Protection of Personal Data, or by sending an email to the address: fabio.pieroni@yogaspace.it
4. If the treatment is based on the art. 6, paragraph 1, lett. a) - express consent to use - or on art. 9, paragraph 2 letter. a) - express consent to the use of genetic, biometric, health-related data revealing religious or philosophical convictions or union membership, revealing racial or ethnic origin, political opinions - the user has the right to revoke consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation.
5. Likewise, in case of violation of the law, the user has the right to lodge a complaint with the Guarantor for the Protection of Personal Data, as the authority in charge of controlling the processing in the Italian State.
6. For a more in-depth examination of the rights that belong to you, see the articles 15 and ss. of the EU Regulation 2016/679 and the art. 7 of Legislative Decree 196/2003.

DATA TRANSFER TO EXTRA EU COUNTRIES
1. This site may share some of the data collected with services located outside the European Union area. In particular with Google, Facebook and Microsoft (LinkedIn) through social plugins and the Google Analytics service. The transfer is authorized and strictly regulated by article 45, paragraph 1 of EU Regulation 2016/679, for which no further consent is required. The companies mentioned above guarantee their adherence to the Privacy Shield.
2. Data will never be transferred to third countries that do not comply with the conditions set out in Article 45 et seq. Of the EU Regulation.
1. This site treats users' data in a lawful and correct manner, taking appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of the data. Processing is carried out using IT and / or telematic tools, with organizational methods and logic strictly related to the purposes indicated.
2. In addition to the owner, in some cases, the categories of employees involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external parties (such as third party technical service providers, couriers postal services, hosting providers, IT companies, communication agencies).

CHANGES TO THIS DOCUMENT
1. This document constitutes the privacy policy of this site.
2. It may be subject to changes or updates. In the case of significant changes and updates, these will be reported with specific user notifications.
3. The previous versions of the document will still be available on this page.
4. The document was updated on 05/23/2018 to comply with the relevant regulatory provisions, and in particular in compliance with EU Regulation 2016/679.