In accordance with article 13 Guidelines 2016/679 (GDPR) pursuant to article 13 Legislative Decree n. 196/2003 (Code on personal data protection), the policy relates to all personal data processed according to the following procedure.
The data controller is
Via Isaac Newton, 37 - 47025 Mercato Saraceno (FC)
Processed personal data are collected as directly provided by the users or automatically supplied.
a) Data directly provided by the users are all personal data entered to use the site or provided to the Data Controller in any modality.
b) Automatically collected data are browsing data. During their ordinary operation, specific computer systems and software procedures for the website acquire some personal data which transmission is implied in the use of Internet communication protocols. Such information is not collected to be connected to identified users, but, due to its very nature, could allow to identify the users by processing and association with data held by third parties or by the data controller. The category of acquired data includes IP addresses or domain names of computers used by the users who log in, addresses in URI notation, request time, method used to submit the request to the server, numerical code including the state of the request provided by the server (completed successfully, error, etc.) and other parameters related to the operating system and to the users' computer environment. The data are used only to gather statistical and anonymous information on the use of the site and to check its correct functioning. The data could be used to verify liability in case of cybercrime against the site or other users.
In particular, the following personal data are collected and processed:
- E-mail address
- Surname, name, telephone number
Automatically collected data are browsing data. Such data, though not gathered to be associated with identified users, could indirectly allow their identification, by processing and association with data gathered by the Collector. In particular:
- IP Address
- Surfing browser and device
Personal data provided shall be communicated to conveniently appointed recipients who will process the data as data supervisors and/or in charge of the processing, to comply with the agreements or connected purposes.
Legal ground and purposes of processing
The data are exclusively processed for the following purposes.
We use the data provided by the users:
- to reply to the users' specific requests
- only if the users specifically agree, to allow subscription to specific and further services such as transmission of future information and promotional material by e-mail or electronic devices.
The provision of the listed data within the "Collected Data" section for the above mentioned purposes is mandatory to allow the users to access the service. For such reason, consent is mandatory and rejection of processing, that is to say, missed, inaccurate or partial provision of data could prevent accurate provision of the service.
The provision of data for newsletters aiming at promotional, information or research purposes is non-obligatory and rejection of consent to the Processing will not allow the users to be updated about business initiatives and/or promotional campaigns, to receive offers or other promotional material and/or to be sent customised offers.
We restate that the data controller does not provide any information on the users to third parties without the users' consent, except as provided by the Law.
The data will not be spread and transferred outside the EU.
Withdrawal of consent
The users can withdraw their consent for receiving promotional and business material immediately, by sending request to the data controller's e-mail address or clicking on the unsubscription link to be found on the footer area of each promotional and business e-mail received.
Data are processed by automated devices no longer than strictly necessary for the purposes they have been collected, providing annual verification of the stored data to erase outdated ones, unless the Law provides to store information.
Generally, data processing takes place at the company headquarter, by the staff or by outside contractors, appointed in charge. The full list of the data supervisors and of those in charge of personal data processing can be required by sending specific request to the data controller's e-mail address.
Specific safety measures are followed to prevent data loss, offensive and incorrect uses, and unauthorised accesses.
IIn particular, the users have the right to receive by the data controller information about:
- the source of their personal data;
- the processing purposes and methods;
- the logic applied in case of processing carried out by electronic/computer devices;
- the identification details of the data controller, the supervisors and the appointed representative;
- the subjects and categories of subjects their data can be delivered to or those who can acknowledge them, as appointed representative in the Country, supervisors or in charge of the processing.
Moreover, the users have the right to receive by the data controller:
- updating, rectification or integration of their own data;
- erasure, transformation into anonymous form or block of data processed in breach of the Law;
- access to their own data, that is to say, confirmation whether their personal data processing is currently underway or not;
- processing restriction,
- data portability, that is to say, the right to receive their personal data in a structured format;
- the right to complain to the supervisory Authority.
Finally the users, in whole or in part and for legitimate reasons, have the right to take position against their personal data processing, though aimed at collecting purposes. In particular, the users have the right to take position against their personal data processing for advertising business material or direct sale, for market research or business communication. The requests for the above mentioned points must be sent to the data controller's e-mail address.
Updating and amendments
The data controller reserves the right to regularly change, integrate or update the Policy according to the applicable legislation and provisions adopted by the Data Protection Authority.