24 October 2017

Processing of personal data by ecclesiastical entities

In the course of their activities, religious congregations are likely to collect and process personal data regarding their members, employees and faithful or third parties. This activity could be subject to Italian law.

The Italian Privacy Code sets forth the rules and requirements regarding the processing of personal data, sets sanctions for violations of such rules and provides for different regulations depending on the type of data processed.

In case of sensitive data (i.e., data pertaining to, e.g., racial or ethnic origin, political opinions, membership in parties, trade unions, associations, health etc.), the written consent of the data subject and the prior authorization by the Data Protection Authority are required.

The Italian Civil Code provides for certain exceptions in case of Religious Congregations having legal personality in Italy (i.e., civilly recognized ecclesiastical entities):

1) CIVILLY RECOGNIZED ECCLESIASTICAL ENTITIES NOT SUBJECT TO THE ITALIAN PRIVACY LEGISLATION

Civilly recognized ecclesiastical entities which meet both of the following requirements are not subject to the Italian Privacy Code:

sensitive data are processed solely for institutional religious and worship-related purposes (worship and care of souls, education of the clergy and the religious, missionary purposes, catechesis, Christian education) or for exclusively religious purposes;
such data are not disclosed or communicated to third parties.
With regards to the data processed for their institutional religious and worship-related purposes which are not disclosed to third parties, civilly recognized ecclesiastical entities are subject to the General decree of the Italian Episcopal Conference of October 20, 1999 (an Italian version of the decree may be found here).

2) CIVILLY RECOGNIZED ECCLESIASTICAL ENTITIES SUBJECT TO THE ITALIAN PRIVACY LEGISLATION

Civilly recognized ecclesiastical entities are subject to the Italian Privacy Code in the following cases:

when they process sensitive data for purposes other than religious or worship-related: assistance and charity, schooling, education and culture and, in any case, in case of commercial or for-profit activities;
when the sensitive data processed for religious and worship-related purposes are disclosed or communicated to third parties.

FLASH NEWS

Sign up to receive updates

We periodically send articles and communications of interest to Religious Congregations. Furthermore, we invite our members to all the free events we organize.

Our blog

The latest news

Articles that delve into topics of interest to Religious Congregations, written by our experts.

24 March 2022
News

The “Patrimonio Stabile” and Religious Congreg...

The Patrimonio Stabile and Insolvency Procedures; the “Destined Patrimony” of Third Sector Entities Generally, the “reputation” of the Stable Patrimony is not the best; it is often perceive...

Read more
14 March 2022
News

The “Stable Patrimony” and Religious Congregat...

The importance of the Stable Patrimony; formal assignment and identification of assets This follows upon our previous Newsflash on the same matter and is intended to provide you with some further c...

Read more
4 March 2022
News

The “Patrimonio Stabile” and Religious Congreg...

General aspects and usefulness of a legal concept which is still sometimes misunderstood On Tuesday March 29, 2022, from 09:30 to 17:30 at the Casa Maria Immacolata in Via Ezio, 28, Rome, Dikaios w...

Read more

Via Valadier 44 00193 Roma • info@dikaios.international

All rights reserved © Copyright 2017