PRIVACY POLICY
Art. 13 of the European Regulation 2016/679 (GDPR)
1. Premise
When you browse our website or use our services, we collect information and personal data concerning you. For this reason, in compliance with the provisions of EU Regulation no. 2016/679 (hereinafter “GDPR“) and any implementation laws, this document has been published (hereinafter “Privacy Policy“) for the purpose of describing what personal data we collect, the purposes and methods of their processing and the security measures we take to protect them.
This Privacy Policy constitutes the disclosure to data subjects issued pursuant to the applicable legislation on personal data protection.
We inform you that this Privacy Policy applies to the website consulted, to the services, apps and accounts on the social network (hereinafter, the “Services“) and does not apply to third-party websites that may be recalled via links or banners inside the Site.
2. Purposes of data processing
All processing connected to the web services of these Sites are handled only by technical personnel, or by any authorized personnel for specific maintenance operations. The personal data provided by users who submit requests for membership to the services offered are used only to perform the service or provision requested and are communicated to third parties only if this is necessary for that purpose.
3. Awarding and optional conferment of data
Apart from that specified for navigation data, the user is free to provide personal data requested by any computer modules (form) to access the services offered.
Failure to provide such data may make it impossible to obtain what has been requested.
4. Source of data and purpose of data processing
4.1 Navigation data
The computer systems used to operate Services can acquire, during their normal operation, personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected for the purpose of identification, but could lead to identification if, for example, they were combined with data held by third parties. This category of data includes the IP address and the domain name of your computer, the addresses in the URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the file size obtained in response, the numeric code indicating the status of the response given by the server and other parameters related to its operating system. We use this data for the sole purpose of obtaining anonymous statistical information on the use of the Services and to check its correct functioning. We delete the collected data immediately after processing. Data could be used to ascertain responsibility in the case of computer crimes committed against the Services.
4.2 Information for specific services
Browsing our Sites does not require the creation of a personal account.
However, in some parts of the Site it is possible to fill out contact forms and request or provide information. In such cases, the data processed are only those provided by the user, such as the name, surname, email address and any personal data included in the text of the message. Personal data provided spontaneously by the User through the compilation of the appropriate section will be processed by the company receiving the message exclusively for the purpose of processing the request sent by you. Further information on the processing of data can be viewed by consulting the information to the processing of data available at the time of entering the data to send your message.
4.3 Nature of the provision
Providing us with the information referred to in point 4.1. is mandatory to be able to browse our Sites. Providing the additional information referred to in 4.2. is optional. Your refusal to provide them would still allow you to use our Sites but would prevent you from using the specific Services of your interest.
5. Methods of data processing and data retention
We process your personal data through the help of electronic tools and always in compliance with the security requirements required by applicable law. Our security measures include contractual instruments with any contractor (eg service providers) or agent, in order to ensure the protection of the security and confidentiality of personal data in accordance with the provisions of the applicable legislation on personal data protection.
We keep personal data for the time necessary to fulfil the navigation purpose for which they are collected. With reference to the specific Services, the specific privacy policy can be consulted.
6. Scope of communication
6.1 Internal and external communication of personal data
Your personal data will only be processed by subjects previously authorized for processing, ie Managers.
Any third party that, as part of this procedure, is the recipient of your data may use them within the limits established by this Privacy Policy.
6.2 Transfer of data abroad
Personal data collected through the site will not be transferred outside Italy to third parties established within the European Union, or even to third countries not belonging to the European Union.
7. Rights of the interested party
At any time you can exercise the rights recognized in the light of the GDPR, as follows:
- Request for access to your personal data: you have the right to obtain from the data controller confirmation that the processing of personal data concerning you is underway and, in this case, access. Access entails the availability of certain information, including the purposes of the processing, the categories of personal data processed and the recipients to whom the data are communicated. However, there is no right of access that can be exercised absolutely and the interest of other individuals could limit its right of access. You also have the right to obtain a copy of the personal data being processed. For additional copies, an expense contribution may be applied.
- Correction of your personal data: you have the right to obtain the correction of inaccurate personal data concerning yourself, as well as to obtain the integration of incomplete personal data, also by providing an additional declaration.
- Deletion of your personal data: the right to obtain from the data controller the deletion of personal data concerning you without undue delay and the data controller is obliged to delete the personal data without undue delay if there are certain circumstances, including the elimination of the need for data with respect to the purposes for which they were collected or the withdrawal of consent.
- Limitation of the processing of your personal data: in limited circumstances – including in the event of disputing the accuracy of data – you have the right to request the limitation of the processing of personal data concerning you.
- Data portability: you have the right to receive, in a structured, commonly used and automatically readable form, personal data concerning you provided to a data controller and the right to transmit such data to another data controller without impediments on the part of the data controller who provided them if the processing was based on consent and is made by automated means.
- Opposition to processing: you have the right to object to the processing of your personal data at any time, for reasons related to your particular situation.
The right to lodge a complaint with the competent supervisory authority (the Guarantor for Personal Data Protection) remains unaffected.
To exercise these rights, please contact us using the contact details below.
8. Data controller
Following consultation of this site, data relating to identified or identifiable persons may be processed.
The Data Controller is the reference company of the site you consulted while reading this Privacy Policy.
9. Responsible for data protection
The Data Controller has appointed a Data Protection Officer (DPO) to whom it is possible to apply to exercise all the rights provided for in articles from 15 to 21 of the GDPR: right of access, rectification, cancellation, limitation, portability, opposition, as well as revoke a previously granted consent; in case of failure to reply to their requests, the interested parties may lodge a complaint with the Supervisory Authority for the protection of personal data (pursuant to Article 13, paragraph 2, letter d of the GDPR).
You can contact the DPO by writing to [email protected]