Dear User, thank you for visiting our website.
Below, we describe the management methods of the site concerning the processing of personal data of users who consult it.
WHY THIS NOTICE
This notice is provided pursuant to Art. 13 of Legislative Decree no. 196/03 (Personal Data Protection Code) and Articles 13 and 14 of the European Regulation 679/2016 (hereinafter also “GDPR”) to those who interact with the web services directly provided by the Company.
The information is provided for this website and not for other websites that may be consulted by the user through links. The information is inspired by recommendation no. 2/2001, which the European data protection authorities, gathered in the Working Party established under Article 29 of Directive no. 95/46/EC, adopted on May 17, 2001, to identify some minimum requirements for the collection of personal data online, including the methods, timing, and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection. We therefore invite you to read our Privacy Policy, as outlined below.
The Privacy Policy and Standards used for the protection of personal data are based on the following principles:
DATA CONTROLLER
The data controller is the Company whose details are indicated in the footer of this website.
PRINCIPLE OF RESPONSIBILITY
The processing of personal data is managed over time by individuals identified within the corporate organization.
PRINCIPLE OF TRANSPARENCY
Personal data is collected and subsequently processed according to the principles expressed in this Privacy Policy. At the time of any data provision, the data subject is provided with a brief but comprehensive information, as required by Art. 13 of Legislative Decree no. 196/03 and Articles 13 and 14 of the GDPR.
PRINCIPLE OF RELEVANCE OF COLLECTION
Personal data is processed lawfully and fairly; it is collected for specific, explicit, and legitimate purposes; it is relevant and not excessive for the purposes of the processing; it is kept for the time necessary for the purposes of the collection.
PRINCIPLE OF PURPOSE OF USE
The purposes of the processing of personal data are disclosed to data subjects at the time of collection. Any new processing of data, if unrelated to the stated purposes, is activated after a new notice to the data subject and any request for consent, as required by Legislative Decree no. 196/03 and the GDPR. In any case, personal data is not disclosed to third parties or disseminated without the prior consent of the data subject, except as expressly provided by Art. 24 of Legislative Decree no. 196/03 and the GDPR.
PRINCIPLE OF VERIFIABILITY
Personal data is accurate and updated over time. It is also organized and stored so that the data subject has the possibility to know, if desired, which data have been collected and recorded, as well as to control their quality and request their possible correction, integration, deletion due to violation of the law or opposition to the processing, and to exercise all other rights, within the limits of Art. 7 of Legislative Decree no. 196/03 and Articles 15 and following of the GDPR, at the addresses indicated in the Information pursuant to Art. 13 of Legislative Decree no. 196/03 and Articles 13 and 14 of the GDPR on the Company’s website.
PRINCIPLE OF SECURITY
Personal data is protected by technical, computer, organizational, logistical, and procedural security measures against the risks of destruction or loss, even accidental, and unauthorized access or processing.
These measures are periodically updated based on technical progress, the nature of the data, and the specific characteristics of the processing, constantly checked and verified over time. Third parties who perform any kind of support activity for the provision of services requested by the Company, in relation to which they carry out operations of processing personal data, are designated by the Company as Data Processors and are contractually bound to comply with measures for security and confidentiality of the processing. The identity of these third parties is disclosed to users.
Furthermore, the Company assumes no responsibility for:
the rules and methods of managing personal data of other websites, accessible from our pages through links and references;
the contents of any email services, web spaces, chat forums provided to users.
The processing connected to the web services offered by this site takes place at the Company, and possibly at the locations of the Data Processors, and is carried out by persons in charge of processing assigned to manage the requested services, marketing activities – if requested by the user – data retention activities, and occasional maintenance operations.
SCOPE OF DATA COMMUNICATION
The personal data provided may be communicated to third parties to fulfill legal obligations, in compliance with orders from public authorities authorized to do so, or to assert or defend a right in court. If necessary for specific services or products requested, personal data may be communicated to third parties who perform, as autonomous data controllers, functions closely related and instrumental to the provision of services or supply of products. Without such communication, these services and products could not be provided. Personal data will not be disclosed unless the requested service requires it.
DATA VOLUNTARILY PROVIDED BY THE USER
The types of personal data collected and processed on this website are those necessary for the provision of various services provided. The collected data is processed in paper, automated, and telematic formats and with strictly related logic to the purposes of the processing. To offer you services, your phone number and email address may also be used. It is therefore evident that, if such data is not provided, those services requiring the use of these tools cannot be provided. The voluntary sending of emails to the addresses indicated on the site involves the acquisition of the sender’s address as well as any other information contained in the message; such personal data will be used only to perform the requested service or provision.
BROWSING DATA
It is useful to know that the software procedures of the site acquire, during their normal operation, some personal data, the transmission of which is implicit in the use of internet communication protocols. Although they are information not intended to be associated with identified users, by their nature, if associated with other data held by third parties (e.g., your internet service provider), they could allow the identification of users. This category of data includes IP addresses or computer domain names used by users who connect to the site, URLs (Uniform Resource Locator) notation addresses of requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the user’s operating system and computer environment. This data is used solely for anonymous statistics on the use of the site and to monitor its correct functioning. The Data Controller and, depending on the service requested, the designated Data Processors retain, for a limited period according to legal requirements, the log of connections/navigations made to respond to any requests from the judicial authority or other public body authorized to request said log for the investigation of any liability in case of computer crimes.
Apart from what is specified for browsing data, the user is free to provide or not the personal data required in the registration form for services. Some data on this form may be marked as mandatory; it must be understood that such data is necessary for the provision of the requested service. If such data is not provided, the requested service cannot be
provided.
At the time of any data provision, as required by Art. 13 of Legislative Decree no. 196/03 and Articles 13 and 14 of the GDPR, the data subject is provided with a brief but comprehensive and transparent information on the purposes and methods of processing, the mandatory or optional nature of data provision, the consequences of non-provision, the subjects or categories of subjects to whom personal data may be communicated and the scope of dissemination of the data themselves, the rights under Art. 7 of Legislative Decree no. 196/03 and Articles 15 and following of the GDPR (access, integration, updating, correction, deletion due to violation of the law, opposition to processing, etc.), the identity and location of the Data Controller and the Data Processors. The data subject is therefore asked to give informed consent, freely, specifically expressed and documented in the form required by law, if required by the same. If personal data is provided in subsequent stages, additions to the previously provided information may be provided and new consents to processing may be requested as required by the Privacy Code and the GDPR.
SECURITY MEASURES ADOPTED FOR THE PROTECTION OF COLLECTED DATA
The Company uses “secure” architectures and technologies to protect personal data against unauthorized disclosure, alteration, or improper use. The protections activated against personal data aim, in particular, to minimize the risks of destruction or loss, even accidental, of data, unauthorized access, or processing not allowed or not in accordance with the purposes of the collection. These security measures obviously meet the minimum requirements indicated by the Legislator (Technical Disciplinary on minimum security measures referred to in Articles 33 to 36 of Legislative Decree no. 196/03). Data subjects have the right at any time to obtain confirmation of the existence or otherwise of such data and to know its content and origin, verify its accuracy, or request its integration or updating, or rectification (Art. 7 of Legislative Decree no. 196/03 and Art. 16 of the GDPR). Pursuant to the same article, the data subject has the right to request cancellation, transformation into anonymous form, or blocking of data processed in violation of the law, as well as to object in any case, for legitimate reasons, to their processing. Requests should be addressed to the contacts of the Company indicated in the footer of the site.
