Dear User, thank you for visiting our site.
In the following page we describe the management of the site with reference to the processing of personal data of users who consult it.
Why this notice
This information is also provided pursuant to art. 13 of Legislative Decree no. 196/03 (Code on the protection of personal data) and art. 13 and 14 of European Regulation 679/2016 (hereinafter also “GDPR”) to those who interact with web services directly provided by the Company.
The information is provided for this site and not for other Web sites accessed via links.
The information is based on Recommendation 2 / 2001 that the European authorities for the protection of personal data gathered by the Group established. 29 of Directive 95/46/EC, adopted on 17 May 2001 to identify the minimum requirements for collecting personal data online, and, in particular, the manner, timing and nature of the information that data controllers must provide users when they connect to web pages, regardless of the purpose of the link.
Owner of the treatment
The owner of the data treatment is the Company whose references are indicated in the footer of this site.
Principle of responsibility
The processing of personal data is managed over time by managers identified within the company organization.
Principle of transparency
Principle of collection relevance
Personal data are processed lawfully and fairly; they are recorded for specific, explicit and legitimate purposes; they are relevant and not excessive for the purposes of processing; they are kept for the time necessary for the purposes of collection.
Principle of purpose of use
The purposes of the processing of personal data are made known to those concerned at the time of collection. Any new processing of data, if unrelated to the stated purposes, are activated after new information to the person concerned and any request for consent, when required by Legislative Decree no. 196/03 and GDPR. In any case, personal data are not communicated to third parties or disseminated without the prior consent of the person concerned, except in cases expressly indicated by art. 24 of Legislative Decree no. 196/03 and the GDPR.
Principle of verifiability
Personal data are accurate and updated over time.
They are also organized and stored in such a way as to give the person concerned the possibility to know, if he/she so desires, which data have been collected and recorded, as well as to check their quality and request their possible correction, integration, cancellation for violation of the law or opposition to their processing and to exercise all the other rights, pursuant to and within the limits of art. 7 of Legislative Decree no. 196/03 and art. 15 et seq. of the GDPR, at the addresses indicated in the Informative Notes ex art. 13 of Legislative Decree no. 196/03 and ex art. 13 and 14 of the GDPR present on the Company’s website.
Principles of security
Personal data are protected by technical, computer, organizational, logistical and procedural security measures, against the risks of destruction or loss, even accidental, and unauthorized access or treatment not allowed.
These measures are updated periodically on the basis of technical progress, the nature of the data and the specific characteristics of the processing, constantly monitored and verified over time. Third parties who carry out support activities of any kind for the provision of services requested by the Company, in relation to which they carry out personal data processing operations, are designated by the latter as Data Processors and are contractually bound to comply with the measures for the security and confidentiality of processing. The identity of these third parties is disclosed to users.
The Company also assumes no responsibility for:
- the rules and procedures for handling personal data of other websites, which can be reached from our pages through links and references
- the contents of any e-mail services, web spaces, chat forums provided to users.
- the processing operations connected to the web services offered by this site take place at the Company, and possibly at the offices of the persons in charge of processing, and are carried out by persons in charge of processing responsible for the management of the services requested, marketing activities – where requested by the user – data storage activities and casual maintenance operations.
Scope of data communication
The personal data provided may be communicated to third parties in order to comply with legal obligations, in execution of orders from public authorities legitimately entitled to do so or even to assert or defend a right in court.
If necessary, in relation to particular services or products required, personal data may be disclosed to third parties who perform, as independent data controllers, functions closely related and instrumental to the provision of services or supply of products.
Without the communication, these services and products could not be provided.
Personal data will not be disclosed, unless the requested service requires it.
Data provided voluntarily by the user
The types of personal data collected and processed on this site are those necessary for the provision of the various services provided. The collected data are treated with paper, automated and telematic modalities and with logics strictly related to the purposes of the treatment. Your telephone number and e-mail address may also be used to provide you with services. It is therefore clear that, if these data are not provided, you will not be able to receive those services that require the use of these tools. Any voluntary sending of electronic mail to the addresses indicated on the site involves the acquisition of the sender’s address as well as any other information contained in the message, these personal data will be used only to perform the service or provision requested.
It is useful to know that the software procedures of the site acquire, during their normal exercise, some personal data whose transmission is implicit in the use of internet communication protocols. Although this information is not intended to be associated with identified users, by its nature, if associated with other data held by third parties (e.g. your internet service provider), it could allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the site, URL (Uniform Resource Locator) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment. These data are used for the sole purpose of anonymous statistics on the use of the site and to check its correct functioning. The data controller and, depending on the service requested, the designated managers retain, for a limited period in accordance with the law, the trace (LOG) of the connections/navigations made in order to respond to any requests from legal authorities or other public body entitled to request this trace for the verification of any responsibility in case of computer crimes. Apart from that specified for navigation data, the user is free to give or not to give the personal data requested in the registration form for services. On this form, however, some data may be marked as required, it should be understood that such data are necessary for the provision of the requested service. If these data are not provided, the requested service will not be provided. At the moment of the eventual conferment of the data, according to what is foreseen by the art. 13 of the D.lgs. n. 196/03 and by the art. 13 and 14 of the GDPR, an informative report is given to the interested party, synthetic but complete and transparent, on the purposes and modalities of the treatments, on the obligatory or optional character of the conferment of the data, on the consequences of the missed conferment, on the subjects or on the categories of subjects to which the personal data can be communicated and the field of diffusion of the same data, on the rights of which at the art. 7 of Legislative Decree no. 196/03 and art. 15 et seq. of the GDPR (access, integration, updating, correction, cancellation for violation of the law, opposition to processing, etc.), the identity and location of the Data Controller and Data Processors. The interested party is therefore called upon to express his or her informed consent, free, expressed in a specific form and documented in the form provided for by law, where required by the same. If personal data is provided in subsequent phases, additions may be made to the information already provided previously and new consents to the processing of personal data may be required in accordance with the Privacy Code and the GDPR.
Security measures adopted for the protection of collected data
The Company uses secure architectures and technologies to protect personal data against unlawful disclosure, alteration or improper use.
The protections put in place for personal data aim, in particular, to minimize the risks of destruction or loss, even accidental, of the data, unauthorized access or processing that is not allowed or does not comply with the purposes of collection.
These security measures obviously meet the minimum requirements specified by the legislator (Technical Regulations on minimum security measures in Articles. 33 to 36 of Legislative Decree no. 196/03). The subjects whose personal data refer have the right at any time to obtain confirmation of the existence or otherwise of such data and to know its content and origin, verify its accuracy or request its integration or updating, or correction (art. 7 of Legislative Decree no. 196/03 and art. 16 of the GDPR).
In accordance with the same article, the interested party has the right to request the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, their treatment.