In the remainder of the page we describe the methods of management of the site in relation to the processing of personal data of users who consult it.
WHY THIS NOTICE
This is an information note also pursuant to art. 13 of Legislative Decree. n. 196/03 (Code regarding the protection of personal data) and art. 13 and 14 of the European Regulation 679/2016 (hereinafter also “GDPR”) to those who interact with the web services directly provided by the Company.
The Policy and the Privacy Standards used for the protection of personal data are based on the following principles:
HOLDER OF THE TREATMENT
The data controller is the company in which references are indicated in the footer of this site.
PRINCIPLE OF LIABILITY
The processing of personal data is managed over time by managers identified within the company organization.
PRINCIPLE OF TRANSPARENCY
PRINCIPLE OF PERTINENCE OF COLLECTION
Personal data are processed in a lawful and correct manner; they are registered for specific, explicit and legitimate purposes; they are relevant and not excessive for the purposes of the processing;they are kept for the time necessary for the purposes of the collection.
PRINCIPLE OF PURPOSE OF USE
The purposes of the processing of personal data are made known to those concerned at the time of collection. Any new data processing, if unrelated to the stated purposes, are activated after new information to the interested party and any request for consent, when required by Legislative Decree. n. 196/03 and by the GDPR. In any case, personal data are not disclosed to third parties or disclosed without the prior consent of the interested party, except in the cases expressly indicated in art. 24 of Legislative Decree. n.196 / 03 and from the GDPR.
PRINCIPLE OF VERIFICABILITY
Personal data are accurate and updated over time. They are also organized and stored in such a way that the interested party is given the opportunity to know, if he wishes, what data has been collected and recorded, as well as to check its quality and request its correction, integration, cancellation due to violation of the law or opposition to the processing and to exercise all other rights, pursuant to and within the limits of art. 7 of Legislative Decree. n. 196/03 and art. 15 and ss.of the GDPR, at the addresses indicated in the Information pursuant to art. 13 of Legislative Decree.n. 196/03 and ex art. 13 and 14 of the GDPR present on the Company’s website.
Personal data are protected by technical, IT, organizational, logistic and procedural security measures, against the risk of destruction or loss, even accidental, and unauthorized access or unauthorized processing.
These measures are updated periodically on the basis of technical progress, the nature of the data and the specific characteristics of the treatment, monitored constantly and verified over time. The third parties who carry out support activities of any kind for the provision of the services requested by the Company, in relation to which they carry out processing operations of personal data, are the latter designated as Data Processors and are contractually bound to respect measures for the security and confidentiality of treatments. The identity of these third parties is made known to users.
The Company does not assume any responsibility on:
- the rules and procedures for the management of personal data of other websites, accessible from our pages through links and references;
- the contents of any e-mail services, Web spaces, chat forums provided to users.
The treatments connected to the web services offered by this site take place at the Company, and possibly at the offices of the Data Processors and are handled by persons in charge of processing the services requested, marketing activities – where requested by the user – data retention activities and occasional maintenance operations.
DATA COMMUNICATION FIELD
The personal data provided may be disclosed to third parties to comply with legal obligations, in execution of orders from public authorities entitled to this or to enforce or defend a right in court. If necessary in relation to particular services or products requested, personal data may be disclosed to third parties who perform, as independent data controllers, functions strictly connected and instrumental to the provision of services or supply of products. Without communication, these services and products could not be provided. Personal data will not be disclosed, unless the requested service requires it.
DATA SUPPLIED VOLUNTARILY BY USER
The types of personal data collected and processed on this site are those necessary for the provision of the various services provided. The collected data are processed using paper, automated and telematic methods and with logic strictly related to the purposes of the processing.Your telephone number and your e-mail address may also be used to provide services. It is therefore evident that, if such data are not provided, those services that require the use of these tools can not be provided to you. Any voluntary sending of electronic mail to the addresses indicated on the site involves the acquisition of the sender’s address as well as any other information contained in the message; such personal data will be used for the sole purpose of performing the service or provision requested.
It is useful to know that the site’s software procedures acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols.Although information is not intended to be associated with identified users, by their nature, if associated with other data held by third parties (eg its Internet service provider), could allow the identification of users. This category of data includes IP addresses or domain names of the computers used by users who connect to the site, the URL addresses (Uniform Resource Locator) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s computer environment. These data are used for the sole purpose of anonymous statistics on the use of the site and to check its correct functioning. The Data Controller and, depending on the service requested, the designated Managers retain, for a limited period according to the law, the layout (LOG) of the connections / navigations made to respond to any requests coming from the judicial authority or other public body entitled to request said route to ascertain any responsibility in case of computer crimes.
Apart from that specified for navigation data, the user is free to give or not the personal data requested in the registration form to the services. On this form, however, some data may be marked as mandatory; it must be understood that such data are necessary for the provision of the requested service. If this data is not provided, the requested service can not be provided.
At the time of the provision of data, according to the provisions of art. 13 of Legislative Decree. n.196/03 and by the art. 13 and 14 of the GDPR, the person concerned is provided with a brief but complete and transparent information on the purposes and methods of the processing, on the mandatory or optional nature of the provision of data, on the consequences of non-conferment, on the subjects or categories of subjects whose personal data can be communicated and the scope of diffusion of the data themselves, on the rights under art. 7 of Legislative Decree. n. 196/03 and art.15 and following of the GDPR (access, integration, updating, correction, cancellation for violation of the law, opposition to the treatment, etc.), on the identity and on the registered office of the Data Controller and the Data Processors. The interested party is therefore called to express his informed consent, free, expressed in a specific form and documented in the form required by law, if required by the same. If personal data transfers occur in successive phases, additions to the information already given previously and requests for new consent to the treatment provided by the Privacy Code and the GDPR can be provided.
SAFETY MEASURES ADOPTED FOR THE PROTECTION OF DATA COLLECTED
The Company uses “secure” architectures and technologies to protect personal data against undue disclosure, alteration or improper use. The protections activated against personal data are intended, in particular, to minimize the risk of destruction or loss, even accidental, of data, unauthorized access or processing not allowed or not consistent with the purposes of collection. These safety measures obviously meet the minimum requirements indicated by the Legislator (Technical Regulations regarding minimum security measures pursuant to articles 33 to 36 of Legislative Decree No. 196/03). The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or otherwise of the same data and to know its content and origin, verify its accuracy or request its integration or updating, or rectification (Article 7 of Legislative Decree No. 196/03 and Article 16 of the GDPR). Pursuant to the same article, the interested party has the right to request cancellation, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, to their treatment. Requests should be sent to the Company’s contact details indicated in the site’s footer, or you may contact Laura Ciccarese, appointed by the Company, in charge of processing, by writing to firstname.lastname@example.org or via the Via Paracadutisti Folgore, 30 70125 Bari.