PURSUANT TO ARTS. 13 AND 14 OF THE GENERAL REGULATION ON DATA PROTECTION EU 2016/679

​

The Data Controller

The Data Controller is xxxxxxxxxxxxxx.
This information is present on the website xxxxxxxxxx in order to provide information to interested users about the use of personal data in its possession.

​

Object of the treatment

The personal data held by the Data Controller are processed in compliance with the obligations of correctness, lawfulness and transparency imposed by the aforementioned legislation, protecting the privacy and rights of the interested parties.

The site collects some user data to offer its services. For details, view the information on cookies presented in this document.

The provision of data of the interested party, provided by the same through direct contact with the Owner (telephone, email, etc.) could be mandatory in order to be able to use the requested services and their failure to provide them could jeopardize access.

In cases where some data are indicated as optional, the interested party is free to refrain from communicating such data, without this having any consequence on the availability of the service or on its operation.
Interested parties who have doubts about which data are mandatory are encouraged to contact the Data Controller.

Any use of Cookies - or other tracking tools - by this website or by the owners of third-party services used by this site, unless otherwise specified, has the purpose of providing the service requested by the interested party, in addition to the further purposes described in this document and in the Cookie Policy.

Purpose of the treatment
The data of the interested party is collected to allow the Data Controller to provide its services, as well as for the following purposes: corporate communications, statistics and any display of content from external platforms.

To obtain further detailed information on the purposes of the processing and on the personal data concretely relevant for each purpose, the interested party can refer to the relative sections of this document.

 

Legal basis of the treatment
The Data Controller processes personal data relating to the interested party in the event that one of the following conditions exists:

• the interested party has given consent for one or more specific purposes. Note: the Data Controller may be authorized to process personal data without the consent of the interested party or another of the legal bases specified below, as long as the interested party does not object (so-called "opt-out") to this treatment;

• the processing is necessary for the execution of a contract with the interested party and/or for the execution of pre-contractual measures;

• the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;

• the treatment is necessary for the execution of a task of public interest or for the exercise of public powers with which the Data Controller is invested;

• the processing is necessary for the pursuit of the legitimate interest of the Data Controller or of third parties.

However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.

​

Methods of treatment

The processing will be carried out using IT and/or telematic tools and in an automated and/or manual form, in compliance with the provisions of art. 32 of the GDPR 2016/679 regarding security measures, by persons specifically appointed and in compliance with the provisions of art. 29 GDPR 2016/679.

The Data Controller adopts the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of personal data.

In addition to the Data Controller, in some cases, other subjects involved in the organization of this website (administrative, commercial, marketing, legal, system administrators) or external subjects also appointed, if necessary, as Data Processors by part of the Owner.

 

The data is processed at the Data Controller's operating offices and in any other place where the parties involved in the processing are located. For more information, contact the Owner.
The personal data of the interested party are not transferred outside the European Union.

 

 

Responsible for the treatment

For the purposes previously indicated, personal data may be communicated to third parties appropriately designated "data processors", such as third party technical service providers, hosting providers, IT companies, data digitization service companies, archiving, collection, printing and shipping and management e-mail, communication agencies, postal couriers.

The updated list of Managers can be requested from the Data Controller.

 

Storage period

​

In compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 GDPR 2016/679, subject to the expression of a free and explicit consent, the personal data of the interested party will be kept for the period of time necessary to achieve the purposes for which they are collected and processed.

Therefore:

• Personal data collected for purposes related to the execution of a contract between the Data Controller and the interested party will be retained until the execution of this contract is completed.

• Personal data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The user can obtain further information regarding the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.

When the processing is based on the data subject's consent, the Data Controller may keep the personal data longer until said consent is revoked. In particular, the subscription to the newsletter is considered valid until the interested party communicates the request for termination of their sending.

Furthermore, the Data Controller may be obliged to keep personal data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period, personal data will be deleted. Therefore, upon reaching this deadline, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.

Scope of communication and dissemination
The data collected will never be disclosed and will not be communicated without the explicit consent of the interested party, except for the necessary communications which may involve the transfer of data to public bodies, consultants or other subjects, also in their capacity as external data processors , for the fulfillment of legal obligations.

Rights of the interested party
At any time, the interested party may exercise, pursuant to articles 15 to 22 of EU Regulation no. 2016/679, the right to:
a) request confirmation of the existence or otherwise of personal data;
b) obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, when possible, the retention period;
c) obtain the rectification and cancellation of data;
d) obtain the limitation of the treatment;
e) obtain data portability, i.e. receive them from a data controller, in a structured format, commonly used and readable by an automatic device, and transmit them to another data controller without impediments;
f) oppose the treatment at any time; interested parties are reminded that, should their data be processed for direct marketing purposes, they may object to the processing without providing any reasons.

1. g) ask the data controller to access personal data and correct or cancel them or limit their processing or to oppose their processing, in addition to the right to data portability;
   h) revoke the consent at any time without prejudice to the lawfulness of the treatment based on the consent given before the revocation;
   i) lodge a complaint with a supervisory authority. The interested party has the right to lodge a complaint with the Guarantor for the Protection of Personal Data, based in Rome via di Monte Citorio 121 (tel. +39 06696771), following the procedures and indications published on the website of the Authority_cc781905- 5cde-3194-bb3b-136bad5cf58d_garanteprivacy.it