WHO PROCESSES MY PERSONAL DATA?
Paolo Franzo C.F. FRNPLA57P24H823I P.IVA 10851250158 with firm in Milano 20122, Corso di Porta Vittoria 8
WHAT IS PERSONAL DATA AND WHAT IS PROCESSING OF PERSONAL DATA?
Personal data is any information that directly identifies or makes a natural person identifiable, such as your name, surname, tax code, address, e-mail address and also the IP address referring to your Personal Computer.
Processing of personal data means any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. In general, any process by which you can be identified is a processing of personal data.
WHAT DATA DOES THE WEBSITE COLLECT AND HOW LONG IS IT STORED?
Navigation data of an anonymous and statistical nature, necessary to ensure the correct functioning of the Website and for security reasons, are collected automatically, exclusively for the purpose of obtaining anonymous statistical information relating to the use of the Website (including, by way of example, navigation times, geographical data and other parameters relating to the user’s operating system and computer environment, type of browser and parameters of the device used to connect to the site, name of the internet service provider ISP). This information, which does not in itself identify the user, could however, also through processing and/or association with other data, held by the provider or by third parties, allow the user’s identity to be traced. For security purposes (anti-spam filters, firewalls, virus detection), the automatically recorded data may possibly also include personal data such as the IP address, which could be used, in accordance with the relevant laws in force, to block attempts to damage the site itself or to cause damage to other users, or in any case harmful or criminal activities. This data is never used for user identification or profiling, but only for the purpose of protecting the site and its users.
The personal identification data collected: the Site directly collects IP addresses, i.e. a unique identification code associated with Users’ computers. A dynamic IP address does not identify a physical person but allows for identification by cross-referencing it with other information that may be held by third parties, such as the provider, who collects sufficient data in the logs to identify him/her.
Navigation data of an anonymous and statistical nature necessary to ensure the proper functioning of the Website, which are collected automatically, exclusively for the purpose of obtaining anonymous statistical information relating to the use of the Website (including, by way of example, IP addresses, browsing times, geographical data and other parameters relating to the user’s operating system and IT environment).
This information, which does not in itself identify the user, could however, also through processing and/or association with other data, held by the provider or by third parties, allow the user’s identity to be traced.
Surfing data are not, nor will they under any circumstances be used by the Data Controller, through association processes, to carry out unwanted identification and profiling of the User.
PERSONAL DATA PROVIDED VOLUNTARILY BY THE USER.
FOR WHAT PURPOSES ARE THE DATA VOLUNTARILY PROVIDED BY THE USER PROCESSED AND FOR HOW LONG?
Personal and non-personal data collected to ensure the proper functioning of the site and for security reasons: the site collects and processes in automated and aggregate form various information about the User (such as an ID associated with the User for statistical purposes) in order to verify the proper functioning of the site, and for security reasons in particular the data collected for security reasons may include date and time of visit, web page of origin of the visitor (referral) and exit and possibly the number of clicks. Data collected via the contact form: The messages and personal data (first name, last name and e-mail address) that the contact form collects are used to process the request. Data collected via the contact form are processed as per our general policy.
Purpose: The personal data collected here are processed for the execution of pre-contractual and contractual measures.
Storage period: The data collected here can be stored for 10 (ten) years but may be deleted if the processing of this data is no longer necessary. Deletion can also be requested by the data subject.
Method of processing and removal of comment: In particular, the User consents to the contents entered being freely published and disseminated to third parties. The data collected for this purpose will be published and processed until you request their express deletion, which can be requested from the controller at any time.
WHAT SECURITY MEASURES DO WE TAKE TO ENSURE THE PROTECTION OF YOUR PERSONAL DATA?
Processing operations are carried out in such a way as to guarantee the security of data and systems. Specific security measures are adopted to minimise the risks of destruction or loss, including accidental loss, of the data, unauthorised access, unauthorised processing or processing that is not in compliance with the purposes indicated in this policy, such as the HTTPS protocol to guarantee the integrity of the personal data collected and processed.
The security measures adopted by the Site, however adequate, do not allow the risks of interception or compromise of personal data transmitted by telematic means to be absolutely excluded.
We therefore recommend that you check that the device you are using is equipped with appropriate software systems to protect the telematic transmission of data, both incoming and outgoing (e.g. up-to-date antivirus systems, firewalls and anti-spam filters).
Your personal data collected will never be disclosed or communicated to unauthorised third parties, who will only have access to statistical data, anonymous or otherwise not suitable for identifying you, and will not be transferred abroad, to countries outside the European Union that do not ensure adequate levels of protection.
If it is necessary for the provision of the services of the Site, the transfer of data to non-EU countries that do not ensure adequate levels of protection will take place only on the basis of specific contractual agreements, containing safeguard clauses for the protection of personal data, in accordance with applicable laws and regulations.
Personal data will not be transferred abroad to non-EU countries that do not ensure adequate levels of protection.
WHERE ARE YOUR PERSONAL DATA PROCESSED AND STORED?
Your data is processed at the Data Controller’s premises. The data is stored in the storage devices located within the Facility and may be stored at the web hosting datacenter.
The web hosting is responsible for processing the data, processing the data on behalf of the Controller, is in the European Economic Area and acts in accordance with European standards.
WHAT ARE YOUR RIGHTS AS A DATA SUBJECT AND HOW CAN YOU EXERCISE THEM?
As a data subject, you are entitled by law to the following rights the right to transparency regarding the processing methods, to receive specific information regarding your processed data, to access your personal data held, to have your data rectified or erased, to restrict the processing of your personal data, to receive “notifications” regarding the events referred to in the above points, to “portability” of your personal data, to object to the processing for specific and documented reasons, to lodge a complaint with a supervisory authority and to be informed by the Data Controller about the existence of any data breaches concerning you (data breaches).
All your rights as a Data Subject can always be exercised freely and free of charge by means of a request to be sent by e-mail as indicated below.
Requests should be sent to the following e-mail address firstname.lastname@example.org
The Data Controller responds to the requests of the interested parties within 30 (thirty) days from the time it receives notice of the request, which may be extended in the manner and within the limits provided for by law or, in the event of an extension, within 90 (ninety) days.
The request is formulated freely and without constraints by the Interested Party, who has the right to receive, without delay, suitable feedback and can be renewed for justified reasons with an interval of not less than ninety days.
You can avail yourself, for the exercise of your rights, of individuals, entities, associations, or bodies, conferring, for this purpose, a written proxy and, also, be assisted by a trusted person.
In order to know your rights, to lodge a complaint/appeal and to be kept up to date on the legislation on the protection of persons with regard to the processing of personal data, you may contact the Garante per la protezione dei dati personali by consulting the website at http://www.garanteprivacy.it/.
LIMITS TO THE CONTROLLER’S LIABILITY
The Controller is in no way liable for damage of any nature caused directly or indirectly by accessing its website, by the inability or impossibility of accessing it, by reliance on the information contained therein or by its use. Please note that some browsers (obsolete, lesser-known, etc.) may cause compatibility problems and the relevant pages or the various elements comprising them, their functionalities and other contents may not be correctly displayed and/or executed.
The Controller assumes no responsibility for the content published and services offered on third party web spaces to which our Site may refer, nor for how these subjects, to be considered autonomous controllers, may process your data. We therefore invite you to familiarise yourself with their privacy policies.
CHANGES AND UPDATES
Cookies are pieces of information placed on your browser when you visit a website or use a social network with your PC, smartphone, or tablet.
Each cookie contains various data such as the name of the server it comes from, a numeric identifier.
Sometimes, cookies may remain on your system for the duration of a session (i.e. until you close the browser you are using to browse the web) or for long periods and may contain a unique identifier.
There is no single category of cookie but several, all with different functions.
Some cookies are used to perform computer authentication, session tracking and storage of specific information about users accessing a web page.
These so-called technical cookies are often useful because they can make surfing and using the web quicker and faster, for example by facilitating certain procedures when you shop online, when you authenticate to restricted areas or when a website automatically recognises the language you usually use.
A particular type of cookie, known as analytics, is used by website operators to collect information, in aggregate form, on the number of users and how they visit the site itself, and thus to draw up general statistics on the service and its use.
Lastly, other cookies, known as profiling cookies, may be used to monitor and profile users during browsing, study their movements and web browsing or consumption habits (what they buy, what they read, etc.), also for the purpose of sending targeted and personalised service advertisements (so-called Behavioural Advertising).
This happens because those web spaces are designed to recognise your PC or other terminal that you use to connect to the web (smartphone, tablet), and possibly address you ‘profiled’ promotional messages based on your searches and Internet use.
Finally, it is possible to subdivide cookies according to whether they are installed directly by the site publisher or by other parties.
A web page may, in fact, contain cookies coming from other sites and contained in various elements hosted on the page itself, such as advertising banners, images, videos, so-called third-party cookies, which are usually used for profiling purposes.
For more details, see the Data Protection Authority’s website: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4020961.