The treatments related to the web services of the site / portal take place at the headquarters of the aforementioned company and are only handled by the technical staff of the office authorized to process (eg Internet area), or by any external managers (outsourcers) for the performance of occasional or periodic technical operations (eg database maintenance).
Definition of "personal data"
For the purposes of this Policy, "personal data" - as better specified in Article 4 of the GDPR - means "any information concerning an identified or identifiable natural person; an identifiable natural person can be identified, either directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online ID or one or more characteristic elements of his physical identity, physiological, genetic, psychological, economic, cultural or social;
The following personal data may be collected by the Data Controller, via their website and / or portal: name, surname, address, e-mail address, information grouped solely for statistical purposes during the site consultation process and / or portal, other information voluntarily provided by the user through the online registration procedures or the completion of appropriate fields, forms, information aimed at improving and facilitating the navigation of the site.
Methods of data processing
Users can access different sections of the website without releasing any personal information. The Data Controller of your data processes and collects personal data online through its website and / or portal or other e-mail address of the Company; these treatments are carried out, mainly automated, in the following ways:
1) Data released voluntarily by users
The Data Controller of your data collects personal information and other data that are entered in the registration forms or released in the form fields of the website and / or portal, as well as forwarded to the Company by e-mail. Such data may concern information necessary to provide the services requested by the interested party (eg Newsletter) and / or to contact the interested party (name, postal address, e-mail address, telephone number, user ID and password), or even the date of birth, professional credentials, hobbies and interests of the user.
2) Browsing data collected through the use of electronic tools
The computer systems and software procedures used to operate the Data Controller's website acquire, during their normal use, a series of personal information whose transmission is implicit in the use of Internet communication protocols (for example, the IP address of the user or the domain name of the computer used to access the website, the URL of the requested resources, the time of the request or the time of the session, the method used to submit the query to the server, the size of the files received in response to the request, the numeric code concerning the status of the response given by the server and other type of information regarding the operating system and the user's IT environment). The website and / or web portal of the Data Controller of your data uses technologies such as cookies or similar for the purpose of collecting and / or transmitting personal data of users. The Data Controller of your data uses these technologies exclusively for the purpose of obtaining statistical information on the use of the site and / or web portal (eg total number of visitors on the sites, number of visitors per single web page, name of the source domain of the visitors' internet service provider). In particular, the use of session cookies (those that are removed from the user's computer when the browser is closed) is strictly limited to the transmission of information related to the user's session, of fundamental importance for safe and efficient navigation of the user. website and / or portal. Furthermore, the use of such session cookies strictly excludes the use of other technologies that could compromise the privacy of the users and does not allow the acquisition of personal identification data.
Details on the processing of personal data
The Data concerning the User is collected to allow the Owner to provide its services, as well as for the following purposes: Analytics, Contacting the User, Interaction with social networks and external platforms, Registration and authentication, Social Applications, Payment management, Interaction with support and feedback platforms, Infrastructure monitoring, Traffic optimization and distribution, Interaction with live chat platforms, Remarketing and Behavioral Targeting, Address management and sending of email messages, Displaying content from external platforms, Affiliation commercial and Heat mapping. The types of Personal Data used for each purpose are indicated in the specific sections of this document.
Purposes of processing the collected data
Personal Data may be collected for the following purposes and using one or more of the following services:
- Social Applications
- Interaction with social networks and external platforms
- Contact the user, chat and feedback
- Traffic optimization and distribution, infrastructure monitoring
- Remarketing and Behavioral Targeting
- Display of content from external platforms
- Registration and authentication
Purpose of the collection
Personal data collected by filling in the forms on the website / web portal of the data controller mentioned above are processed in order to:
allow access to services provided by the site / portal
be able to contact you at your request to provide you with the specific information and assistance you need for which you have requested our intervention.
with your specific express consent, for the sending of commercial information both with automated methods (eg email, fax, sms, mms etc.) and not automatically (eg postal mail, telephone with operator etc.)) in relation to products and services of companies and / or business partners,
with your express allowed to carry out, through electronic means, profiling activities, analysis of purchasing decisions and market research in order to improve the offer of services and commercial information.
This request may be supplemented by additional information.
Communication and / or disclosure of personal data
- When online users have authorized the release of information;
- When the data controller of the aforementioned data needs to communicate information about users to offer services and satisfy the request of an online user;
- When the data controller of the aforementioned data needs to communicate information to its partners who perform services for online users;
- When the data controller of the aforementioned data is kept, by order of the judicial authorities, to release information about users, or in accordance with local or international law, regulation or mandate
Protection of personal data
In accordance with the principle of minimization of treatment established in art. 5 GDPR, The owner of the above mentioned data processing guarantees that the processing by electronic means is carried out minimizing the use of personal data and identification data, limiting their use to the cases in which they are strictly necessary for the achievement of the goals for the which have been collected. The data controller of the aforementioned data also guarantees the adoption and compliance with specific security measures to prevent data loss, possible illicit or incorrect use of the same and unauthorized access. User data will be stored by the data controller for a maximum of two years from the last interaction with the user and up to any cancellation order by the data subject, including data that is not required to be kept in relation for the purposes for which they were collected, in compliance with the rights set out in articles 15 - 21 of the GDPR and to be implemented in the manner described in the following paragraph "Your Rights". It is the responsibility of each individual user in charge to guarantee and verify the ownership and custody of their passwords and the corresponding access codes to web resources.
Consent to the processing of personal data
The data controller of the aforementioned data processes the data of its users / customers only with the consent of the same. However, if the user does not consent to the processing of data or requests the deletion of their data, it will not be possible to access the reserved areas of the Company's website / portal.
Optional provision of data
Apart from that specified for navigation data, the user has the right to provide or not the personal data contained in the request forms and / or registration of the website / web portal of the data controller mentioned above. Failure to provide such data may make it impossible to obtain what has been requested. For completeness, it should be noted that in some cases (not subject to the ordinary management of this site) the Authority can request news and information pursuant to art. 58 GDPR, for the purpose of monitoring the processing of personal data. In these cases the answer is mandatory under penalty of administrative sanction.
Right of access to personal data and other rights
Users of the website / web portal can always contact the owner to assert their rights as provided for in articles 15 to 21 of the GDPR on the basis of which:
- The interested party has the right to obtain confirmation of whether or not personal data processing is being processed and in this case to obtain access to personal data and the following information:
a) the purposes of the processing;
b) the categories of personal data in question;
c)the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if recipients of third countries or international organizations;
d) where possible, the retention period of the personal data provided or, if not possible, the criteria used to determine this period;
e)the existence of the right of the interested party to request the data controller to rectify or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;
f) the right to lodge a complaint with a supervisory authority;
g) if the data are not collected from the data subject, all information available on their origin;
h) the existence of an automated decision-making process, including the profiling referred to in Article 22 (1) and 4 GDPR, and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of this treatment for the interested party.
- The interested party has the right to obtain:
• updating, rectification or, when interested, integration of data
• the deletion of data concerning him for the reasons specifically provided for by art. 17 GDPR
(right to be forgotten), the transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were or subsequently processed;
The owner of the processing of your data, in the event that the personal data have been made public and is obliged to delete them at the request of the interested party, shall take reasonable steps, including technical ones, to inform those who are processing personal data of the request of the is interested in canceling any link, copy or reproduction of his personal data, except in the case in which this fulfillment proves impossible or involves a use of means manifestly disproportionate to the protected right. Interested party has the right to object, pursuant to art. 21 GDPR, in whole or in part:
• for reasons connected with his particular situation to the processing of personal data concerning him, even if pertinent to the purpose of the collection. The data controller refrains from further processing personal data unless he demonstrates the existence of binding legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the data subject or for the assessment, exercise or the defense of a right in court.
• to the processing of personal data concerning him for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication.
In compliance with these provisions, and in addition to the other rights specified herein, the owner of the aforementioned data processing provides the users of their website / portal the following possibilities:
no collection of personal data: The user can choose not to provide personal data online to the data controller of the aforementioned data deciding not to insert or release personal information in the registration forms or in the form fields of the web, or in this case not using any personalized service among those available on the Company's website / portal. Some of the content and / or services of the site / portal are offered exclusively to users who release personal information or who use personalized services.
limitations on the use and communication of personal data for different purposes: Access to certain sections of content and / or services of the website of the data controller mentioned above may require the user's consent to use and release personal data in order to implement the list of contacts and / or to identify and offer additional services and promotions considered interesting for the user. Users may limit the further processing of such information by verifying or choosing the options to be set at the time the data is entered.
Furthermore, the information provided after the first registration can be modified or canceled by changing the settings previously entered in the registration form on the website / web portal of the data controller mentioned above, by accessing the "Newsletter" section on the home page. It is also possible for users to access their personal data, issued and stored on-line and, where permitted, it is also possible to update and modify personal data online.
The “cookie” technology is used to obtain information on the experience gained on the website / web portal and to allow the operation of some services that require the user to be identified in the various pages.
What are cookies?
A "cookie" constitutes information sent by a server to a browser and allows the server to collect information from the browser and vice versa. The cookie will help the website / web portal to recognize your device if the site / portal is visited again. Cookies serve many functions. For example, they can help us remember your username and your preferences, analyze the performance of our website or even allow us to recommend content that we think may be of interest to you.
Our cookies are normally anonymous and can not be linked to the user's personal data. First party cookies are associated with the domain name of the page you are visiting and allow you to identify the person by cross-referencing our database, they can only be assigned upon explicit request by users and in order to allow their immediate identification for access restricted areas of the website, without users having to manually enter the login and password. The user's identity is never, in any case, included directly in the cookie and can not be intercepted.
Every time you access the website / web portal, regardless of the presence or absence of a cookie, we register the type of browser, the operating system and the host together with the source URL of the visitor, as well as the information on the requested page. This data can, therefore, be used in aggregate and anonymous form to perform statistical analysis on the use of the website.
Types of cookies
The cookies used on the website / web portal are divided into 4 types:
- Technical cookies
- Performance and functionality cookies
- Statistical cookies
- Profiling cookies
Necessary for navigation within the site / portal and the use of some of its functions (eg timing of the display of some pages in cd mode "pop-up", etc.).
Performance and functionality cookies
The performance cookies collect anonymous information on the pages visited by users. They are used to track the most searched pages and are useful for improving links between pages and for determining the reason for possible error messages. Functionality cookies also memorize the choices made by the user in order to improve navigation and your online experience.
Provided and managed by third parties to statistically analyze accesses to the site / portal. The information is collected only in anonymous and aggregate form and no personal data of the users is stored. You can decide not to use these cookies by following the information in the section Purpose of processing the collected data.
Provided and managed by third parties to generate specific advertising messages based on the browsing habits and interests of individual users. These cookies do not, however, use sensitive user data. "The storage of information in the terminal equipment of a contractor or a user or access to information already stored is only permitted on condition that the contractor or the user has given his consent after being informed by simplified procedures referred to in Article 13, paragraph 3 "(Article 122, paragraph 1, of the Code). See section Purposes of processing the collected data.
Browser settings (art.122, paragraph 2, of the privacy code and Cookie Law - Directive 2009/136 EC)
The functionality of cookies can be deactivated through the appropriate page made available by EDAA (European Interactive Digital Advertising Alliance) http://www.youronlinechoices.com/it/, or by acting on the settings related to the privacy of your browser. Without prejudice to the foregoing, it is necessary to note that the deactivation of cookies may affect the correct functioning of certain sections of the Website / portal. Each browser manages cookies differently. To disable them, follow the instructions of your browser at the address www.allaboutcookies.org.
What happens to cookies that have been downloaded in the past?
We will read or write cookies solely based on the level of preference indicated in the cookie setting tool. Cookies present before changing your settings will remain on your computer and you can remove them using your browser settings.
Can we know if our users open our emails?
Our emails can contain a "web beacon pixel" that can let us know if our emails have been read and can check if you have clicked on the links contained in the email. We may use this information for various purposes, including determining which of our emails are of greater interest among users and ask if users who do not open our emails wish to continue receiving them. The pixels will be deleted when you delete the email. From that moment on we will not be able to obtain any data, but we will keep the data already in our possession.