INFORMATION ON THE PROCESSING OF PERSONAL DATA IN ACCORDANCE WITH ART. 13-14 OF THE GDPR (GENERAL DATA PROTECTION REGULATION) 2016/679
This page contains the extended information with the methods of processing personal data according to European legislation (EU Regulation 2016/679). According to the law, this treatment will be based on principles of correctness, lawfulness, transparency and protection of your privacy and your rights. This Privacy Policy and Cookie Policy only concerns this website which can be reached at the URL [URL TO BE DEFINED]. This information does not concern other sites, pages or online services that can be reached via hypertext links that may be published on the site but refer to resources external to the site's domain.
1. DATA CONTROLLER
The Data Controller of the collected data is [SUBJECT TO BE DEFINED] Email address of the Data Controller: [EMAIL TO BE DEFINED]
2. LEGAL BASIS
Navigation data is processed for the legitimate interest of guaranteeing the security of the site, checking its correct functioning and obtaining statistics in relation to their use (Article 6, paragraph 1, letter f of the GDPR).
The legal basis of the processing carried out on the data provided by the user is the consent (Article 6, paragraph 1, letter a of the GDPR).
3. TYPES OF DATA PROCESSED AND PURPOSE OF THE TREATMENT
• Statistics
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the navigation of the
Web sites. This information is not collected to be associated with identified interested parties; however, by their very nature they could, through processing and association with data held by third parties, allow
to identify users. These include the IP addresses or domain names of the computers used by users who connect to the site, the URL addresses of the requested resources, the time of the request,
the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server and other parameters relating to the operating system
and the platform used by the user. The above data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning; are deleted
immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site: except for this eventuality, currently the data on
web contacts do not persist for more than a few days. The owner of this site undertakes not to transfer the stored data to third parties except, upon formal request, to the competent authorities in the event that
detected any type of crime.
• Viewing content from external platforms
Not present.
• Data communicated by the user
The optional, explicit and voluntary sending of messages to the contact addresses of the Site involves the acquisition of the sender's contact details, necessary to reply, as well as the personal data included in the communications.
The data sent will be used for the sole purpose of being able to contact the user again via the references left on the contact form in order to process any requests contained in the message sent. These
submissions are kept for customer service purposes only, they are never used for marketing purposes or shared with third parties. Information submitted via email is sent to ours
email, hosted by [GOOGLE??]. Google adheres to the EU/US “Privacy Shield” policy and you can find more information about it here: Google Privacy Policy.
Web hosting (Aruba S.p.A. - Via San Clemente, 53 - 24036 Ponte San Pietro (BG) - ITALY VAT IT01573850516), is appointed data processor, processing the data on behalf of the owner. Aruba S.p.A. is in Space
European Economic and acts in accordance with European standards (privacy policy of Aruba S.p.A. – http:WWW). Google Ireland Limited is appointed data processor, processing data on behalf of the owner (Gmail).
5. DATA RECIPIENTS
The recipients of the data collected following consultation of the Site are the following subjects designated by the Data Controller, pursuant to article 28 of the Regulation, as data processors. • ARUBA
S.p.A., for the activities of: web hosting and data storage. • Google Ireland Limited (“Google”)for the activity of mail server.
6. PLACE OF DATA PROCESSING
The data collected by the site are processed at the headquarters of the Data Controller, and at the web hosting datacenter. Web hosting (Aruba S.p.A. - Via San Clemente, 53 - 24036 Ponte San Pietro (BG) - ITALY VAT IT01573850516),
which is responsible for data processing, processing the data on behalf of the owner, is located in the European Economic Area and acts in accordance with European standards. Our hosting provider Aruba S.p.A joins
to the EU/US “Privacy Shield”, ensuring data is stored securely and GDPR compliant. For more information on Aruba S.p.A.'s privacy policy, see here: Aruba Privacy Policy.
7. DURATION OF THE DATA (OF THE TREATMENT)
The treatment will have a duration no longer than that necessary for the purposes for which the data were collected, or to allow the exchange of communications between the applicant and the Data Controller.
The duration of cookies depends on their nature: session cookies expire when the user closes the browser; persistent cookies have typical expiration dates which, barring particular exceptions, they do not exceed
the 2 months.
8. OPTIONAL PROVISION OF DATA
The optional, explicit and voluntary sending of personal data - also by e-mail - to the addresses indicated on this site entails the subsequent and necessary acquisition of the sender's address - as well as
of any other data included in the message - in order to respond to requests. The user is free to provide personal data and failure to provide it may make it impossible
to be contacted. No data is communicated or disseminated, except to perform the requested service. The user is free to provide his personal data. Failure to provide such data may make it impossible to obtain what has been requested.
9. RIGHTS OF INTERESTED PARTIES
Pursuant to European Regulation 679/2016 (GDPR), the User can, according to the methods and within the limits established by current legislation, exercise the following rights:
request confirmation of the existence of personal data concerning him (right of access);
know its origin;
receive intelligible communication;
have information about the logic, methods and purposes of the processing;
request the updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary for the prosecution
the purposes for which they were collected;
in cases of treatment based on consent, receive at the sole cost of any support, your data provided to the owner, in a structured and readable form by a data processor and in a commonly used format
from an electronic device;
the right to lodge a complaint with the Supervisory Authority;
as well as, more generally, to exercise all the rights that are recognized by the current provisions of the law. Requests should be addressed to the Data Controller at the email address: [EMAIL TO BE DEFINED]