EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016
WHY THIS INFORMATION
Pursuant to Article 13 of Regulation (EU) 2016/679 ("GDPR - General Data Protection Regulation") hereinafter "Regulation", the processing of personal information concerning you, which we will come into possession of, will be based on principles of correctness, lawfulness, purpose limitation and conservation, data minimization, accuracy, integrity and transparency and protection of your privacy and your rights.
Therefore we inform you of the following:
IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER / DPO (DATA PROTECTION MANAGER)
The data owner is Unitoo di Maradonna Claudio – Via Circonvallazione Sud 28/A, Monteprandone (AP), 63076 - P.IVA: IT02324570445 - Email: email@example.com - Tel: +39 351 617 2117
PURPOSE OF THE PROCESSING AND TYPES OF DATA PROCESSED
The Personal Data collected by the Site are as follows:
Navigation dataThe computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes the IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used in the submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment. These data, necessary for the use of web services, are also processed for the purpose of:
- statistical research/analysis on aggregate or anonymous data, therefore without the possibility of identifying the user, aimed at measuring the correct functioning of the Site, measuring traffic and evaluating usability and interest;
Data communicated by the userThe optional, explicit and voluntary sending of messages to the contact addresses of the Data Controller, the private messages sent by users to the institutional profiles/pages on social media (where this possibility is foreseen), as well as the compilation and forwarding of the data requested through the "Contacts" form on the site, involve the acquisition of the sender's contact data, necessary to reply, as well as all personal data included in communications. The Data Controller will process these data in compliance with the Regulations, assuming that they refer to you or to third parties who have expressly authorized you to provide them on the basis of an appropriate legal basis that legitimizes the processing of the data in question.
- fulfill the pre-contractual and contractual obligations deriving from existing relationships with you;
- administrative and accounting management of the relationship required by law.
RECIPIENTS OR CATEGORIES OF RECIPIENTS OF THE DATA
The data processed for the purposes referred to in point 2 may be communicated to internal or external staff, legal persons involved in the process of completing the services requested by the interested party, including, by way of example, those in charge of sending emails and analysis of the functioning of the Site, which act on the basis of specific instructions provided regarding the purposes and methods of the processing itself. The list is available at the headquarters of the Data Controller at the request of the interested party. The Personal Data processed are not transferred to Recipients who are located outside the European Economic Area.
PERIOD OF STORAGE OF PERSONAL DATA
The retention period of personal data begins from the moment of the provision of the same by the interested party and ends with the exercise of the right to cancel the data by the interested party by registered letter with return receipt to the address Via Circonvallazione Sud 28/A , Monteprandone (AP), 63076, Italy or communication by certified e-mail: firstname.lastname@example.org
OPTIONAL NATURE OF DATA PROVISION AND CONSEQUENCES OF ANY REFUSAL
The provision of the data necessary for the fulfillment of the contact request and/or information is optional. However, in the event of failure to provide the requested data, the data subject will not be able to receive the information and support requested.
LEGAL BASIS OF THE PROCESSING
Pursuant to Article 6 of the GDPR 679/2016, the processing of data for the purposes listed in point 2 of this document has a legal basis on the explicit consent of the interested party (Article 6 letter a); in the execution of a contract of which the interested party is a party (Article 6 letter b) and in the legitimate interest of the owner (Article 6 letter f) based on the relevant relationship between the interested party and the data controller provided that the rights do not prevail and the freedoms of the interested party. The legitimate interests of the Data Controller do not prevail over the interests, rights and freedoms of the data subject.
RIGHTS OF THE INTERESTED PARTY
At any time, the interested party may exercise his rights towards the data controller, pursuant to articles 15, 16, 17, 18, 20, 21 of the GDPR 679/2016. Specifically, the interested party has the right:
- access to personal data by making an appropriate request (Article 15);
- to obtain the rectification (Article 16)
- to the cancellation of the same (oblivion) (Article 17);
- to the limitation of the processing that concerns him (Article 18);
- to data portability (Article 20);
- to oppose the processing (Article 21);
- to revoke the consent without prejudice to the lawfulness of the processing provided before the revocation, (Article 13 paragraph 2 letter C);
- to lodge a complaint with a supervisory authority (Article 13 paragraph 2 letter D).
AUTOMATED DECISION-MAKING PROCESS AND PROFILING
The collection and processing of data does not provide for any type of automated decision-making and / or profiling by the Data Controller.