Personal data and personal identifiable information
“Personal data” means any information relating to an identified or identifiable natural person who can be identified, directly or indirectly, by reference to any other piece of identifying information, including a personal identification number. “Personal identifiable information” is Personal Data that can be used to directly identify the Data Subject (name, surname, email address, postal address, telephone number, etc.).
The computer systems and software procedures necessary for the operation of this website acquire, during their ordinary operation, some Personal Data whose transfer is included in the use of Internet communication protocols. This information is not collected in order to be associated with identified Data Subjects, but could nonetheless, by its very nature, allow Users to be identified through processing and association with data held by third parties. Data that fall under this category include the IP addresses or domain names of the computers used by the Users who visit the website, the URI (Uniform Resource Identifier) form addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response data from the server (a good outcome, error, etc.) and other parameters relating to the User’s operating system and computing environment. These data are used for the sole purposes of gathering anonymous statistical information on site use and checking that the site is functioning properly. Legal defence – The User's Personal Data may be used for the legal defence of the Data Controller or in the preliminary stages leading to a possible legal action, against improper use of the policy or of related services by the User. The data could be used to ascertain responsibility in the event of hypothetical computer crimes detrimental to the website. Maintenance – The User’s Personal Data may be processed with additional methods and purposes related to systems maintenance.
These data are collected for technical reasons, for the purpose of guaranteeing a seamless connection configuration and for convenience of use of the Internet site, as well as to assess the system's security and stability. The legal basis for data processing is set out in article 6, paragraph 1, subsection 1(f) of the GDPR. A legitimate interest on the part of the DATA CONTROLLER must have its basis in the purposes for data collection listed above. Under no circumstances shall the DATA CONTROLLER use the data collected to draw conclusions about the User.
Assessment is conducted only for statistical purposes and contains no references to individuals. The DATA CONTROLLER collects, uses and transmits other Personal Data only if permitted to do so by law or if authorised by the User to collect data.
Data supplied voluntarily by the User
Voluntarily supplied Personal Data will be processed for the following reasons:
- performing operations tightly linked or instrumental to managing relationships with Users or visitors to the site;
- statistical analyses, including in anonymous and/or aggregate form;
- statistical analyses aimed to check the quality of the services offered by the site.
Specifically, when contacting the DATA CONTROLLER, for instance using the contact form or via email, the information provided by the User will be saved in order to process the User’s request and against the eventuality that the User should have further questions. The legal basis for data processing is also set out in article 6, paragraph 1, subsection 1(f) of the GDPR. A legitimate interest on the part of the DATA CONTROLLER is to ensure the User’s complete satisfaction, thus making the DATA CONTROLLER’s own services more appealing. By optionally, explicitly and voluntarily sending an email to one of the addresses provided here, the User acknowledges that their address will be acquired (which is necessary to respond to their requests) along with any other Personal Data provided. Specific disclosures are provided on different Site pages in relation to particular services or processing requirements for the Data provided by the User or the Data Subject.
If the User subscribes to the DATA CONTROLLER’s newsletter, the DATA CONTROLLER uses the User’s email address to send the newsletter. The User may cancel their subscription at any time. Their email address will not be used for any other purpose. The User’s data will be processed exclusively on the basis of the consent provided by the User. The legal basis for this is set out in article 6, paragraph 1, subsection 1(a) of the GDPR.
Supplementation with third-party services and content
In some cases, this website may include third-party content, like Google Maps, RSS feeds or charts from other websites. This circumstance presupposes that the providers of said content (hereinafter the “providers”) use the User’s IP address. Without the User’s IP address, it would be impossible to send content to the User's browser. The IP address is therefore needed to display said content. The DATA CONTROLLER makes every effort to use only content the providers of which will employ the User’s IP address solely for the purposes of providing said content. Nonetheless, the DATA CONTROLLER has no power to control whether or not the providers store the IP address for statistical purposes, for example.
Additional information about specific services and social-media plug-ins are available in the detailed explanations contained in the data protection statement.
Reasons for the data processing for which consent is being provided where necessary
Voluntarily supplied personal information will be processed for the following reasons, until an objection is made:
- performing operations strictly connected or instrumental to managing relationships with Users or visitors to the site;
- the collection, storage and processing of your Data for:
- statistical analyses, including in anonymous and/or aggregate form;
- statistical analyses aimed to check the quality of the services offered by the site;
Processing may be automatic or manual and employs methods and tools intended to ensure the utmost security and privacy; furthermore, it is performed by parties specifically authorised to perform said task.
Data retention period
The data shall be retained for a period no longer than is necessary for the purposes for which it was collected and subsequently processed.
At any time, the User may:
- Request information about their Data retained by the DATA CONTROLLER without providing a reason. The User shall not be obliged to bear any cost as a result of said request, with the exception of connection fees charged by the service provider.
- Have their collected Data blocked, rectified, limited or erased if the applicable legal requirements have been met.
- Object to their Data being processed for the purpose of sending newsletters or other direct advertising.
- Object to any other processing of their Personal Data, if the legal requirements for such an objection have been met.
- Withdraw the consent given to the DATA CONTROLLER to collect and use their Data, without providing a reason.
- Receive the Personal Data which they have provided in a readable format and transmit those Data to another controller.
- Lodge an appeal with a supervisory authority without prejudice to any other administrative or legal appeal.
You may request a copy of your complete rights by writing to one of the Data Controller’s addresses provided above.
Right to lodge a complaint with a Supervisory Authority
If you believe that the processing of your Data has violated your dignity, you have the right to lodge a complaint with the competent Supervisory Authority.
Scope of disclosure and transmission
In the course of processing, your Data will not be transmitted, sold or shared with third parties without your express consent. Your data may be disclosed to third parties belonging to the following categories:
- subjects who provide management services for our information systems;
- firms or companies that provide us with support or consulting services;
- the competent authorities, on request, if we must do so to fulfil an obligation under the law and/or comply with a provision issued by a state authority;
- external providers;
- companies that perform routine or emergency maintenance on our website. Your data will not be transmitted in any case.
Transfer of data abroad
The Data Subject’s Personal Data will not be transmitted to third countries. In the event that, in future, Personal Data needs to transferred to third countries or international organisations, this will be done in compliance with all of the provisions of Chapter V of Regulation (EU) 2016/679, so as to ensure a sufficient level of protection.
In the event of data being transmitted over open networks, such as the Internet, it would be impossible, given how the technology currently stands, to offer a perfect assurance that the data transmitted will be entirely protected from access by third parties. The DATA CONTROLLER therefore exhorts Users not to send confidential information over the Internet (for instance via email) without suitable protection.