Privacy policy
Dear User, thank you for visiting our site.
Further down the page we describe how the site is managed in relation to the processing of personal data of users who consult it.
WHY THIS NOTICE
This information is also provided pursuant to art. 13 of the Legislative Decree. n. 196/03 (Personal data protection code) and art. 13 and 14 of European Regulation 679/2016 (hereinafter also “GDPR”) to those who interact with the web services directly provided by the Company.
The information is provided for this site and not for other websites that may be consulted by the user via links. The information is inspired by recommendation no. 2/2001 that the European authorities for the protection of personal data, gathered in the Group established by art. 29 of directive no. 95/46/EC, adopted on 17 May 2001 to identify some minimum requirements for the collection of personal data online, and, in particular, the methods, times and nature of the information that data controllers must provide to data subjects. users when they connect to web pages, regardless of the purpose of the connection. We therefore invite you to read our Privacy Policy, illustrated below.
The Privacy Policy and Standards used for the protection of personal data are based on the following principles:
Data Controller
The data controller is the Company whose references are indicated in the footer of this site.
PRINCIPLE OF RESPONSIBILITY
The processing of personal data is managed over time by managers identified within the company organisation.
PRINCIPLE OF TRANSPARENCY
Personal data is collected and subsequently processed according to the principles expressed in this Privacy Policy. At the time of the provision of data, the interested party is provided with a brief but complete information notice, in accordance with the provisions of the art. 13 of the Legislative Decree. n. 196/03 and art. 13 and 14 of the GDPR.
PRINCIPLE OF RELEVANCE OF COLLECTION
Personal data is processed lawfully and correctly; are recorded for specific, explicit and legitimate purposes; are relevant and do not exceed the purposes of the processing; are kept for the time necessary for the purposes of collection.
PRINCIPLE OF PURPOSE OF USE
The purposes of the processing of personal data are made known to the interested parties at the time of collection. Any new data processing, if unrelated to the declared purposes, is activated following new information to the interested party and any request for consent, when required by the Legislative Decree. n. 196/03 and the GDPR. In any case, personal data are not communicated to third parties or disclosed without the prior consent of the interested party, except in the cases expressly indicated by the art. 24 of the Legislative Decree. n.196/03 and by the GDPR.
PRINCIPLE OF VERIFICABILITY
Personal data is accurate and updated over time. They are also organized and stored in such a way that the interested party is given the opportunity to know, if he wishes, which data have been collected and recorded, as well as to check their quality and request any correction, integration, cancellation due to violation of the law or opposition to the processing and to exercise all other rights, pursuant to and within the limits of the art. 7 of the Legislative Decree. n. 196/03 and art. 15 et seq. of the GDPR, at the addresses indicated in the Information pursuant to art. 13 of the Legislative Decree. n. 196/03 and pursuant to art. 13 and 14 of the GDPR present on the Company website.
SAFETY PRINCIPLE
Personal data are protected by technical, IT, organisational, logistical and procedural security measures, against the risks of destruction or loss, even accidental, and unauthorized access or unauthorized processing.
These measures are updated periodically based on technical progress, the nature of the data and the specific characteristics of the processing, constantly monitored and verified over time. Third parties who carry out support activities of any kind for the provision of the services requested by the Company, in relation to which they carry out personal data processing operations, are designated by the latter as Data Processors and are contractually bound to respect measures for the security and confidentiality of processing. The identity of these third parties is made known to users.
The Company also assumes no responsibility for:
the rules and methods of managing personal data of other websites, accessible from our pages through links and references;
the contents of any e-mail services, web spaces, chat forums provided to users.
The processing connected to the web services offered by this site takes place at the Company, and possibly at the offices of the Data Controllers and are handled by data processors responsible for managing the requested services, to marketing activities – where requested by the user – to data storage activities and occasional maintenance operations.
SCOPE OF DATA COMMUNICATION
The personal data provided may be communicated to third parties to fulfill legal obligations, in execution of orders from legitimate public authorities or to assert or defend a right in court. If necessary in relation to particular services or products requested, personal data may be communicated to third parties who carry out, as independent data controllers, functions strictly connected and instrumental to the provision of services or supply of products. Without communication, these services and products could not be provided. Personal data will not be disclosed unless the service requested requires it.
DATA PROVIDED VOLUNTARILY BY THE USER
The types of personal data collected and processed on this site are those necessary for the provision of the various services provided. The data collected are processed using paper, automated and electronic methods and with logic strictly related to the purposes of the processing. Your telephone number and e-mail address may also be used to offer you the services. It is therefore clear that, if such data is not provided, you will not be able to be provided with those services that require the use of these tools. Any voluntary sending of e-mails to the addresses indicated on the site involves the acquisition of the sender’s address as well as any other information contained in the message; such personal data will be used for the sole purpose of carrying out the service or provision requested.
NAVIGATION DATA
It is useful to know that the site’s software procedures acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols. Although this information is not intended to be associated with identified users, by its nature, if associated with other data held by third parties (e.g. your internet service provider), it could allow the identification of users. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URL (Uniform Resource Locator) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment. This data is used for the sole purpose of anonymous statistics on the use of the site and to check its correct functioning. The Data Controller and, depending on the service requested, the designated Managers retain, for a limited period according to the law, the trace (LOG) of the connections/navigations carried out to respond to any requests coming from the judicial authority or otherwise public body entitled to request said trace to ascertain any liability in the event of computer crimes.
Apart from what is specified for navigation data, the user is free to decide whether or not to provide the personal data requested in the service registration form. However, on this form some data may be marked as mandatory; it must be understood that such data are necessary for the provision of the requested service. If this data is not provided, the requested service cannot be provided.
At the time of any provision of data, in accordance with the provisions of the art. 13 of the Legislative Decree. n. 196/03 and art. 13 and 14 of the GDPR, the interested party is provided with information, concise but complete and transparent, on the purposes and methods of the processing, on the mandatory or optional nature of the provision of data, on the consequences of failure to provide it, on the subjects or categories of subjects to whom the personal data may be communicated and the scope of dissemination of the data themselves, on the rights referred to in the art. 7 of the Legislative Decree. n. 196/03 and art. 15 et seq. of the GDPR (access, integration, updating, correction, cancellation for violation of the law, opposition to processing, etc.), on the identity and headquarters of the Data Controller and Data Processors. The interested party is therefore called to express his informed, free consent, expressed in a specific form and documented in the form required by law, where required by the same. If the provision of personal data takes place in subsequent phases, additions to the information already provided previously may be provided and new consents to the processing required by the Privacy Code and the GDPR may be requested.
SAFETY MEASURES ADOPTED FOR THE PROTECTION OF THE DATA COLLECTED
The Company uses “secure” architectures and technologies to protect personal data against undue disclosure, alteration or improper use. The protections activated for personal data aim, in particular, to minimize the risks of destruction or loss, even accidental, of data, unauthorized access or processing that is not permitted or does not comply with the purposes of the collection. These security measures obviously meet the minimum requirements indicated by the Legislator (Technical Regulations regarding minimum security measures referred to in articles 33 to 36 of Legislative Decree no. 196/03). The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or otherwise of the same data and to know its content and origin, verify its accuracy or request its integration or updating, or rectification (art. 7 of Legislative Decree no. 196/03 and art. 16 of the GDPR). Pursuant to the same article, the interested party has the right to request the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, their processing. Requests should be addressed to the Company’s contact details indicated in the footer of the site.