Legal notice
Privacy Policy
How we collect, use and protect your personal data.
Last updated: 16 June 2025Contents
01
Data Controller
Tamsha Social Promotion Association
Piazza Mazzini, 13 – 73043 Copertino (LE) – Italy
Tax code: 93170810753
Email: tamshafenice@gmail.com
WhatsApp / Phone: +39 371 496 4978
Website: tamsha.eu
Piazza Mazzini, 13 – 73043 Copertino (LE) – Italy
Tax code: 93170810753
Email: tamshafenice@gmail.com
WhatsApp / Phone: +39 371 496 4978
Website: tamsha.eu
02
Scope
This Privacy Policy describes how Tamsha Social Promotion Association collects, processes and protects the personal data of users who access the multilingual web portal tamsha.eu, available in Italian, English, Spanish, French, German, Dutch and Portuguese (hereinafter "the Portal"). The Policy applies to all users: unregistered visitors, registered users and public or private subjects with an institutional profile.
03
Data collected and purposes
A — Unregistered visitors
For users browsing without an account, only technical navigation data is collected (IP address, browser, operating system, pages visited, access times), necessary for the system's operation and the Portal's security. This data is not linked to personal identities. Legal basis: legitimate interest of the Controller (Art. 6(1)(f) GDPR).
B — Registered users
To access reserved features, the following data is required:
Mandatory: first name, last name, email, date of birth, tax code (Italian citizens only), country, region/state, address, postal code, phone number.
Optional: Instagram username (used for attribution when publishing content).
Data is used for: account management, Portal services (itinerary logbook, cultural competitions, content submission, groups), operational account communications, periodic informational communications about association activities, management of economic contributions, Portal security and logging, and impact measurement.
Each user's profile is visible to other Portal users. By default, the following are always visible: first and last name, country, region/state, user type, achievements and numerical statistics linked to the user's participation in the Portal. Users may choose to make their registered email address visible, as well as add and display their Instagram and TikTok profiles. Further information — such as published content, completed itineraries and competitions won — is only visible if the user explicitly enables it.
Your password is encrypted: no one can access it. No Tamsha member will ever ask for your password.
Mandatory: first name, last name, email, date of birth, tax code (Italian citizens only), country, region/state, address, postal code, phone number.
Optional: Instagram username (used for attribution when publishing content).
Data is used for: account management, Portal services (itinerary logbook, cultural competitions, content submission, groups), operational account communications, periodic informational communications about association activities, management of economic contributions, Portal security and logging, and impact measurement.
Each user's profile is visible to other Portal users. By default, the following are always visible: first and last name, country, region/state, user type, achievements and numerical statistics linked to the user's participation in the Portal. Users may choose to make their registered email address visible, as well as add and display their Instagram and TikTok profiles. Further information — such as published content, completed itineraries and competitions won — is only visible if the user explicitly enables it.
Your password is encrypted: no one can access it. No Tamsha member will ever ask for your password.
C — Institutional profiles
Tamsha Social Promotion Association creates institutional profiles upon request and prior agreement with public and private subjects — regions, provinces, municipalities, companies, agencies, bodies and associations. The data visible in the profile varies according to the legal nature of the subject and the agreements in place, in compliance with applicable regulations. Institutional profiles function as showcases linked to the Portal's content.
D — Logs and geolocation
The Portal records technical access and usage data (logs) necessary to ensure account and infrastructure security, detect unauthorised access, validate user actions (itinerary completion, competitions, content publication) and protect the community. Geolocation is used to display the correct date and time, for session security and for logging purposes. Technical system specifications are not disclosed publicly to protect Portal security.
E — Economic contributions
Contributions for participation in activities (itineraries, events, courses) are handled through secure payment systems. Tamsha never stores card, bank account or payment credential data. Administrative staff access only transaction data (amount, date, identifier) for management and accounting purposes. No Tamsha member will ever ask for your personal payment credentials.
F — User-submitted content
By submitting photographs, videos, audio, articles or any other material in the context of Portal activities — including cultural competitions, galleries and initiatives — the user grants Tamsha Social Promotion Association a non-exclusive, royalty-free, perpetual licence to use and publish such content within the Portal and at related events. Attribution to the author is always guaranteed, in any context of use. On the association's official social channels, photographs and short content may be published in full, while videos, audio and longer texts may be shared in part. Ownership of the content remains with the user.
04
Public profile
The public profile shows by default: first and last name, country, region/state, user type, profile picture as a non-expandable thumbnail (or default image), aggregate numerical statistics and achievements. The following are also always visible: published images and articles, completed itineraries, competitions won, and attended initiatives and courses. Additional information may be made visible or kept private at the user's discretion. Users do not exchange direct private messages: communication takes place within groups.
05
Data retention
Registered users' data is retained for the duration of their registration. Upon account deletion, data is removed, subject to legal obligations. Technical log data is retained for the minimum time necessary for security purposes. Economic contribution data is retained for the period required by tax regulations.
06
Recipients of data
Personal data is not sold or transferred to third parties for commercial purposes. Data may be shared with: internal Tamsha staff, Portal technical providers acting as Data Processors (Art. 28 GDPR), and public or judicial authorities where required by law. Partners and sponsors present on the Portal do not receive users' personal data solely by virtue of their presence.
07
Third-party sites and services
The Portal contains links and banners to sites of partners selected by Tamsha Social Promotion Association. Once you leave the Portal, Tamsha has no control over data processing on third-party sites and accepts no liability in this regard. We recommend consulting the privacy notices of any sites you visit.
08
Your rights
As a data subject, you have the right to: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), objection (Art. 21) and withdrawal of consent (Art. 7, par. 3) at any time, without affecting the lawfulness of prior processing.
To exercise your rights or request account deletion, contact us via:
• Internal Portal messaging (for registered users)
• Email: tamshafenice@gmail.com
• WhatsApp / Phone: +39 371 496 4978
You also have the right to lodge a complaint with the Italian Data Protection Authority (garanteprivacy.it).
To exercise your rights or request account deletion, contact us via:
• Internal Portal messaging (for registered users)
• Email: tamshafenice@gmail.com
• WhatsApp / Phone: +39 371 496 4978
You also have the right to lodge a complaint with the Italian Data Protection Authority (garanteprivacy.it).
09
Security
The security of the Portal and users' data is a priority for Tamsha Social Promotion Association, which adopts robust and constantly updated technical and organisational measures. The most sensitive data, such as payment information, is never stored on the Portal. No Tamsha member — nor anyone presenting themselves as such — will ever ask for your password, your payment details or any other sensitive information linked to your account. If you receive a suspicious request, we invite you not to respond and to report it to us immediately through the contact details indicated in this document.
10
Association transparency
In accordance with Italian Law 124/2017 and Legislative Decree 117/2017, Tamsha Social Promotion Association publishes on the Portal: its statute, financial statements, public contributions received equal to or exceeding € 10,000 in the solar year, tax code and identifying data of the association, and registration numbers with sector bodies. All information is consultable in each of the Portal's languages.
11
Changes to this Policy
Tamsha Social Promotion Association reserves the right to update this Policy. Material changes affecting users' rights will be communicated promptly in the personal area. We invite you to consult this page periodically.
Regulatory references
Regulation (EU) 2016/679 (GDPR) · Legislative Decree 196/2003 as amended · Legislative Decree 117/2017 · Law 124/2017