Privacy policy
This is a disclosure also made pursuant to art. 13 of Legislative Decree no. 196/03 (Personal Data Protection Code) and Articles 13 and 14 of the European Regulation 679/2016 (hereinafter also “GDPR”) for those who interact with the web services directly provided by the Company. The disclosure is made for this website and not for other websites that may be consulted by the user through links. The disclosure is inspired by recommendation no. 2/2001 that the European data protection authorities, gathered in the Group established by art. 29 of Directive no. 95/46/EC, adopted on May 17, 2001, to identify some minimum requirements for the collection of personal data online, and, in particular, the methods, times, and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection. Therefore, we invite you to review our Privacy Policy, as outlined below. The Privacy Policy and Standards used for the protection of personal data are based on the following principles:
A) HOLDER OF THE PROCESSING
The data controller is the Company whose details are indicated in the footer of this website.
B) PRINCIPLE OF ACCOUNTABILITY
The processing of personal data is managed over time by individuals designated as responsible within the corporate organization.
C) PRINCIPLE OF TRANSPARENCY
The personal data is collected and subsequently processed according to the principles outlined in this Privacy Policy. At the time of potential data provision, a brief yet comprehensive information is provided to the data subject, as required by art. 13 of Legislative Decree no. 196/03 and art. 13 and 14 of the GDPR. PRINCIPLE OF RELEVANCE OF THE COLLECTION.
Personal data is processed lawfully and fairly; it is collected for specified, explicit, and legitimate purposes; it is relevant and not excessive for the purposes of processing; and it is kept for the time necessary for the purposes of collection.
D) PRINCIPLE OF PURPOSE LIMITATION
The purposes of the processing of personal data are made known to the data subjects at the time of collection. Any new data processing, if unrelated to the stated purposes, is activated after providing new information to the data subject and obtaining any required consent, as stipulated by Legislative Decree no. 196/03 and the GDPR. In any case, personal data is not disclosed to third parties or disseminated without the prior consent of the data subject, except as expressly indicated by art. 24 of Legislative Decree no.196/03 and the GDPR.
E) PRINCIPLE OF VERIFIABILITY
Personal data is accurate and kept up to date. They are also organized and stored in a way that gives the data subject the possibility to know, if desired, which data has been collected and recorded, as well as to control its quality and request any correction, integration, deletion due to a violation of the law, opposition to processing, and to exercise all other rights, in accordance with and within the limits of art. 7 of Legislative Decree no. 196/03 and art. 15 and following of the GDPR. This can be done at the addresses indicated in the Information pursuant to art. 13 of Legislative Decree no. 196/03 and art. 13 and 14 of the GDPR available on the Company’s website.
F) PRINCIPLE OF SECURITY
The personal data is protected by technical, computer, organizational, logistical, and procedural security measures against the risks of destruction or loss, even accidental, and unauthorized access or unauthorized processing. These measures are periodically updated based on technological progress, the nature of the data, and the specific characteristics of the processing, constantly monitored, and verified over time. Third parties providing any type of support for the services requested by the Company, involving the processing of personal data, are designated as Data Processors by the Company and are contractually bound to comply with measures for the security and confidentiality of the processing. The identity of these third parties is disclosed to users. The Company also disclaims any responsibility for the rules and methods of managing personal data on other websites accessible from our pages through links and references;
The contents of any email services, web spaces, chat forums provided to users.
The processing related to the web services offered by this site takes place at the Company’s premises, and possibly at the locations of the Data Processors, and is carried out by persons in charge of processing assigned to manage the requested services, marketing activities – if requested by the user – data retention activities, and occasional maintenance operations.
G) SCOPE OF DATA DISCLOSURE
The personal data provided may be disclosed to third parties to fulfill legal obligations, comply with orders from public authorities authorized to do so, or assert or defend a right in court. If necessary for specific requested services or products, personal data may be communicated to third parties acting as independent data controllers, performing functions strictly related and instrumental to the provision of services or supply of products. Without such communication, these services and products could not be provided. Personal data will not be disseminated unless required by the requested service.
H) USER-PROVIDED DATA
I tipi di dati personali raccolti e trattati su questo sito sono quelli necessari per fornire vari servizi. I dati raccolti sono trattati in modalità cartacea, automatizzata e telematica, con logiche strettamente correlate alle finalità del trattamento. Per offrire i servizi, potrebbero essere utilizzati il tuo numero di telefono e il tuo indirizzo email. È evidente che, se questi dati non vengono forniti volontariamente, non sarà possibile fornire i servizi che richiedono l’uso di tali strumenti. L’invio volontario di posta elettronica agli indirizzi indicati nel sito comporta l’acquisizione dell’indirizzo del mittente e di eventuali altre informazioni contenute nel messaggio; tali dati personali saranno utilizzati esclusivamente per eseguire il servizio o la prestazione richiesta.
I) NAVIGATION DATA
It is useful to know that the website’s software procedures, during their normal operation, acquire some personal data, the transmission of which is implicit in the use of internet communication protocols. While these pieces of information are not intended to be associated with identified users, their nature, if linked with other data held by third parties (e.g., your internet service provider), could allow the identification of users. This category of data includes IP addresses or domain names of computers used by users connecting to the site, URL addresses (Uniform Resource Locators) of requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters related to the user’s operating system and computer environment. These data are used solely for anonymous statistics on the use of the site and to monitor its proper functioning.
The Data Controller and, depending on the requested service, the appointed Data Processors retain, for a limited period according to legal requirements, the log of connections/navigations made to respond to any requests from the judicial authority or other public body authorized to request such logs for the investigation of possible liabilities in case of computer crimes.
Apart from what is specified for navigation data, users are free to provide the personal data requested in the registration forms for services. Some data on these forms may be marked as mandatory, and users must understand that these data are necessary for the provision of the requested service. If these data are not provided, the requested service cannot be provided.
At the time of providing data, in accordance with the provisions of art. 13 of Legislative Decree no. 196/03 and art. 13 and 14 of the GDPR, the data subject is provided with information, concise but complete and transparent, about the purposes and methods of the processing, the mandatory or optional nature of providing data, the consequences of non-provision, the subjects or categories of subjects to whom the personal data may be communicated, and the extent of data dissemination. The data subject is also informed about the rights under art. 7 of Legislative Decree no. 196/03 and art. 15 and following of the GDPR (access, integration, updating, correction, deletion for violation of the law, opposition to processing, etc.), the identity and location of the Data Controller and Data Processors. The data subject is then asked to give their informed, free, specific, and documented consent in the form required by law, where required. If personal data is provided in subsequent phases, additional information may be provided in addition to the previously given information, and new consents to the processing may be requested as required by the Privacy Code and the GDPR.
L) MEASURES OF SECURITY ADOPTED TO SAFEGUARD THE COLLECTED DATA
The Company employs “secure” architectures and technologies to protect personal data against unauthorized disclosure, alteration, or improper use. The protections activated for personal data aim, in particular, to minimize the risks of destruction or accidental loss of data, unauthorized access, or processing that is not permitted or not in line with the purposes of collection. These security measures naturally comply with the minimum requirements indicated by the Legislator (Technical Regulations on minimum security measures pursuant to articles 33 to 36 of Legislative Decree no. 196/03). Individuals to whom the personal data refers have the right at any time to confirm the existence of such data, know its content and origin, verify its accuracy, or request its integration or updating, or rectification (art. 7 of Legislative Decree no. 196/03 and art. 16 of the GDPR). According to the same article, the data subject has the right to request the erasure, transformation into anonymous form, or blocking of data processed in violation of the law, as well as to object, in any case, for legitimate reasons, to their processing. Requests should be addressed to the Company’s contacts indicated in the footer of the website.