Privacy Policy

Dear User, we thank you for visiting our site.

In the remainder of the page we describe to you how the site is managed with regard to the processing of personal data of users who consult it.

 

WHY THIS NOTICE

This information is also provided pursuant to Art. 13 of Legislative Decree no. 196/03 (Personal Data Protection Code) and Art. 13 and 14 of European Regulation 679/2016 (hereinafter also "GDPR") to those who interact with the web services directly provided by the Company.

The information is provided for this site and not also for other websites that may be consulted by the user through links. The information is based on Recommendation No. 2/2001, which the European authorities for the protection of personal data, meeting in the Group established by Article 29 of Directive No. 95/46/EC, adopted on May 17, 2001 to identify certain minimum requirements for the collection of personal data online, and, in particular, the manner, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purposes of the connection. We therefore invite you to review our Privacy Policy, outlined below.

The Privacy Policy and Standards used for the protection of personal data are based on the following principles:

 

DATA CONTROLLER

The data controller is the Company in which references are given in the footer of this site.

 

PRINCIPLE OF RESPONSIBILITY

The processing of personal data is managed over time by managers identified within the company organization.

 

PRINCIPLE OF TRANSPARENCY

Personal data are collected and subsequently processed according to the principles expressed in this Privacy Policy. At the time of any provision of data, the interested party is provided with a brief but complete information notice, according to the provisions of art. 13 of Legislative Decree no. 196/03 and art. 13 and 14 of the GDPR.

 

PRINCIPLE OF RELEVANCE OF COLLECTION

Personal data are processed lawfully and fairly; are recorded for specified, explicit and legitimate purposes; are relevant and not excessive for the purposes of processing; and are kept for as long as necessary for the purposes of collection.

 

PRINCIPLE OF PURPOSE OF USE

The purposes of personal data processing are made known to the data subjects at the time of collection. Any new data processing, if unrelated to the stated purposes, is activated after new information to the data subject and possible request for consent, when required by Legislative Decree no. 196/03 and the GDPR. In any case, personal data are not communicated to third parties or disseminated without the prior consent of the interested party, except in the cases expressly indicated by art. 24 of Legislative Decree n.196/03 and the GDPR.

 

PRINCIPLE OF VERIFIABILITY

Personal data are accurate and updated over time. They are also organized and stored in such a way that the data subject is given the opportunity to know, if he/she so desires, what data have been collected and recorded, as well as to check their quality and request their possible correction, integration, cancellation for violation of the law or opposition to processing and to exercise all other rights, pursuant to and within the limits of Art. 7 of Legislative Decree no. 196/03 and art. 15 et seq. of the GDPR, at the addresses indicated in the Notices ex art. 13 of Legislative Decree no. 196/03 and ex art. 13 and 14 of the GDPR on the Company's website.

 

PRINCIPLE OF SECURITY

Personal data are protected by technical, computer, organizational, logistical and procedural security measures against the risks of destruction or loss, even accidental, and unauthorized access or unauthorized processing.

These measures are updated periodically according to technical progress, the nature of the data and the specific characteristics of the processing, constantly monitored and verified over time. Third parties that carry out support activities of any kind for the provision of services requested by the Company, in relation to which they perform personal data processing operations, are designated by the latter as Data Processors and are contractually bound to comply with measures for the security and confidentiality of processing. The identity of said third parties is made known to users.

The Society also assumes no responsibility for:

the rules and methods of handling personal data of other Web sites, which can be reached from our pages through links and cross-references;

The contents of any e-mail services, Web spaces, chat forums provided to users.

Processing related to the web services offered by this site takes place at the Company, and possibly at the offices of the Data Processors, and is handled by data processors in charge of managing the services requested, marketing activities - where requested by the user - data storage activities and occasional maintenance operations.

 

SCOPE OF DATA COMMUNICATION

The personal data provided may be communicated to third parties to fulfill legal obligations, in execution of orders from public authorities legitimized to do so or even to assert or defend a right in court. If necessary in relation to particular services or products requested, personal data may be communicated to third parties who perform, as independent data controllers, functions closely related and instrumental to the provision of services or supply of products. Without communication, these services and products could not be provided. Personal data will not be disseminated, unless the requested service requires it.

 

DATA VOLUNTARILY PROVIDED BY THE USER

The types of personal data collected and processed on this site are those necessary for the provision of the various services provided. The data collected are processed by paper, automated and telematic methods and with logic strictly related to the purposes of processing. Your telephone number your e-mail address may also be used to offer you the services. It is therefore clear that, if these data are not provided, those services that require the use of these tools cannot be provided to you. Any voluntary sending of electronic mail to the addresses listed on the site involves the acquisition of the sender's address as well as any other information contained in the message; these personal data will be used only to perform the service or provision requested.

 

NAVIGATION DATA

It is useful to know that the site's software procedures acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. Although this information is not intended to be associated with identified users, by its nature, if associated with other data held by third parties (e.g. its internet service provider), it could allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the addresses in URL (Uniform Resource Locator) notation of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment. These data are used only for the purpose of anonymous statistics on the use of the site and to check its correct functioning. The Data Controller and, depending on the service requested, the designated Managers keep, for a limited period of time according to the law, the trace (LOG) of the connections/navigations made in order to respond to any requests from the judicial authorities or other public body entitled to request said trace for the ascertainment of any responsibility in case of computer crimes.

Apart from what is specified for navigation data, the user is free to give or not to give the personal data requested on the registration form for services. On that form, however, some data may be marked as mandatory; it should be understood that these data are necessary for the provision of the requested service. If these data are not provided, the requested service cannot be provided.

At the time of any provision of data, in accordance with the provisions of Art. 13 of Legislative Decree no. 196/03 and Art. 13 and 14 of the GDPR, the interested party is provided with a brief but complete and transparent information on the purposes and methods of processing, on the compulsory or optional nature of the provision of data, on the consequences of failure to provide data, on the subjects or categories of subjects to whom the personal data may be communicated and the scope of dissemination of such data, on the rights under Art. 7 of Legislative Decree no. 196/03 and art. 15 et seq. of the GDPR (access, integration, updating, correction, deletion for violation of the law, opposition to processing, etc.), on the identity and location of the Data Controller and Data Processors. The data subject is then called upon to express his or her informed, free, specifically expressed and documented consent in the form required by law, where required by law. If the conferments of personal data occur at later stages, additions may be provided to the information already rendered previously and new processing consents provided by the Privacy Code and the GDPR may be requested.

 

SECURITY MEASURES TAKEN TO PROTECT THE DATA COLLECTED

The Company uses "secure" architectures and technologies to protect personal data against undue disclosure, alteration or misuse. The protections activated against personal data are intended, in particular, to minimize the risks of destruction or loss, even accidental, of the data, unauthorized access or processing that is not permitted or does not conform to the purposes of collection. These security measures obviously meet the minimum requirements indicated by the Legislator (Technical Regulations on minimum security measures in Articles 33 to 36 of Legislative Decree No. 196/03). The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or non-existence of the same data and to know its content and origin, verify its accuracy or request its integration or updating, or rectification (Art. 7 of Legislative Decree no. 196/03 and Art. 16 of the GDPR). Pursuant to the same article, the interested party has the right to request the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, their processing. Requests should be addressed to the Company's contact details indicated in the footer of the site.