Privacy Policy — Processing of Personal Data

Data Controller

The data controller is A.S.D. Società Ginnastica Grugliasco, with registered office at Via Barletta 109/21, 10136 Turin, Italy. The person responsible for data processing is Marco Palella, who may be contacted at the email address info@turinacrocup.com.

Purpose and Legal Basis of Data Processing

• Personal data submitted through this website is collected and processed for the following purposes:
• Management of press accreditation requests for Turin Acro Cup 2026, including the evaluation of requests, communication with applicants and the issuance of accreditation credentials.
• Management of access to protected areas of the website reserved for accredited media.
• Sending of official communications, press releases and event-related information to accredited media representatives.
• Compliance with legal obligations applicable to the data controller.
• The legal basis for processing is the consent of the data subject (Article 6(1)(a) GDPR), provided at the time of submitting the accreditation request form, and the legitimate interest of the data controller (Article 6(1)(f) GDPR) in managing the press accreditation process and ensuring the orderly conduct of the event.

Categories of Data Collected

• The following categories of personal data may be collected through this website:
• Identification data: first name, last name.
• Contact data: email address, phone number, website.
• Professional data: media outlet or organisation, media type, professional role.
• Additional information voluntarily provided by the data subject in the notes field.
• Technical data: IP address, browser type, access timestamps (collected automatically for security and statistical purposes).

Data Retention

Personal data will be retained for the period strictly necessary to fulfil the purposes described above and, in any event, no longer than 24 months from the date of collection, unless a longer retention period is required by applicable legal obligations. At the end of the retention period, data will be securely deleted or anonymised.

Data Recipients

• Personal data may be communicated to the following categories of recipients, strictly in connection with the purposes described above:
• Members of the organising committee of Turin Acro Cup directly involved in the management of press accreditation.
• Technical service providers responsible for the hosting and maintenance of this website, acting as data processors pursuant to Article 28 GDPR.
• Public authorities, where disclosure is required by law.
• Personal data will not be transferred to third countries outside the European Economic Area, unless adequate safeguards are in place in accordance with Chapter V of the GDPR.

Rights of the Data Subject

• In accordance with Articles 15 to 22 of the GDPR, the data subject has the following rights:
• Right of access: the right to obtain confirmation as to whether personal data is being processed and, if so, to obtain access to such data.
• Right to rectification: the right to obtain the correction of inaccurate personal data.
• Right to erasure: the right to obtain the deletion of personal data, where one of the grounds specified in Article 17 GDPR applies.
• Right to restriction of processing: the right to obtain the restriction of processing in the cases specified in Article 18 GDPR.
• Right to data portability: the right to receive personal data in a structured, commonly used and machine-readable format.
• Right to object: the right to object to the processing of personal data on grounds relating to the data subject's particular situation.
• Right to withdraw consent: the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent given prior to withdrawal.
• To exercise any of the above rights, the data subject may send a written request to the data controller at the email address info@turinacrocup.com. The data controller will respond within 30 days of receipt of the request, in accordance with the timeframes established by the GDPR.

Right to Lodge a Complaint

The data subject has the right to lodge a complaint with the competent supervisory authority. In Italy, the supervisory authority is the Garante per la Protezione dei Dati Personali (www.garanteprivacy.it).

Security Measures

The data controller implements appropriate technical and organisational measures to ensure the security of personal data, including protection against unauthorised or unlawful processing, accidental loss, destruction or damage. These measures include the use of encrypted connections (HTTPS), access controls, regular security updates and secure data storage practices.

Changes to This Policy

The data controller reserves the right to update this privacy policy at any time. Any significant changes will be communicated through this page. Data subjects are encouraged to review this policy periodically. The date of the most recent update is indicated at the top of this document.