1. Personal Data collected from the Site
The Data Controller collects the following types of Personal Data:
A. Data and content acquired automatically when using the Site:
Technical data: the IT systems and software procedures used to operate this Site may acquire, during their normal operation, some Personal Data whose transmission is implicit in the use of internet communication protocols. This is information that is not collected to be associated with identified Users, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category includes the IP addresses, or the domain names used by Users who connect to the Site, the addresses in URI (Uniform Resource ldentifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server , the size of the file obtained, etc.
B. Personal data collected through cookies or similar technologies:
Cookies are not used for the transmission of personal information, nor are persistent cookies of any type used, or systems for tracking Users. Therefore, Users’ Personal Data are not acquired from the Site with these technologies.
The use of session cookies (which are not stored permanently on the User’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow the safe and efficient exploration of the Site.
The session cookies used on this site avoid the use of other IT techniques that are potentially detrimental to the confidentiality of users’ browsing and do not allow the acquisition of the User’s personal identification data.
The Personal Data collected can be used for the execution of contractual and pre-contractual obligations and for legal obligations.
3. Processing methods
The processing of Personal Data is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated.
In some cases, subjects involved in the organization of the Data Controller may also have access to Personal Data (such as, for example, personnel management personnel, commercial area employees, system administrators, etc.) or external subjects (such as IT companies, suppliers of services, couriers, hosting providers, etc.). Said subjects, if necessary, may be appointed Data Processors by the Data Controller, as well as accessing Users’ Personal Data whenever necessary and will be contractually obliged to keep Personal Data confidential.
The updated list of Managers can be requested via email at email@example.com.
4. Legal basis of the treatment
The processing of personal data relating to the user is based on the following legal bases:
– the consent given by the User for one or more specific purposes;
– the processing is necessary for the execution of a contract with the User and / or for the execution of pre-contractual measures;
– processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
– the processing is necessary for the execution of a public interest task or for the exercise of public powers with which the Data Controller is invested;
– the processing is necessary for the pursuit of the legitimate interest of the owner or third parties;
– the processing is necessary for the pursuit of a vital interest of the owner or third parties.
However, it is always possible to request the Data Controller to clarify the legal basis of each treatment at firstname.lastname@example.org.
Personal Data are processed at the Data Controller’s operating offices and in any other place where the parties involved in the processing are located. For further information, contact the Data Controller at the following email address email@example.com or at the following postal address C.da Ponte Valentino – Zona ASI Z3, 82100 BENEVENTO.
6. Security measures
The treatment is carried out according to methods and with suitable tools to guarantee the security and confidentiality of personal data, having the owner adopted adequate technical and organizational measures that guarantee, and allow to demonstrate, that the treatment is carried out in compliance with the reference legislation.
7. Data retention period
Personal Data will be kept for the period of time necessary to fulfill the purposes for which it was collected.
In particular, the Personal Data will be kept for the entire duration of the contractual relationship, for the execution of the obligations inherent and consequent to it, for compliance with the applicable legal and regulatory obligations, as well as for own or third party defensive purposes.
If the processing of Personal Data is based on the User’s consent, the Data Controller can keep the Personal Data until the consent is revoked.
Personal Data may be kept for a longer period if necessary to fulfill a legal obligation or by order of an authority.
All Personal Data will be deleted or stored in a form that does not allow the identification of the User within 30 days from the end of the retention period. At the end of this term, the right of access, cancellation, rectification and the right to portability of Personal Data can no longer be exercised.
8. Automated decision-making processes
All Personal Data collected will not be subject to any automated decision-making process, including profiling, which can produce legal effects for the person or which can significantly affect them.
9. User rights
Users can exercise certain rights with reference to the Personal Data processed by the Owner. In particular, the User has the right to:
– withdraw consent at any time;
– object to the processing of your Personal Data;
– access their personal data;
– verify and request correction;
– obtain the limitation of the treatment;
– obtain the cancellation of their Personal Data;
– receive your Personal Data or have it transferred to another holder;
propose a complaint to the supervisory authority for the protection of personal data and / or act in court.
To exercise their rights, Users can send a request to the owner’s contact details indicated in this document. Requests are made free of charge and processed by the Owner as soon as possible, in any case within 30 days.
10. Data Controller
The Data Controller is Salvatore Tisi, C.da Ponte Valentino – Zona ASI Z3, 82100 BENEVENTO, Tax Code TSISVT69E21A783J, email address firstname.lastname@example.org.
Last updated: 25/05/2020