We inform you that your personal data processing will comply with current legislation and will be based on principles of correctness, lawfulness, transparency and protection of privacy and rights.
Since this statement is provided solely for this Website, we assume no responsibility for other websites (including social networking platforms) that may be consulted and suggest, however, that users refer to the rules and regulations on privacy of all third parties with whom they may come into contact before communicating personal data and/or information.
Data Controller contact details
Pursuant to articles no. 4 and 24 of EU Regulation 679/2016, the Data Controller is the company Selvolina di Peters Arturo & C S.a.s., (VAT no. 00433270204), with registered office in Castel Goffredo (MN), Contrada Selvole, 29, e-mail: firstname.lastname@example.org.
Types of data processed
The computer systems and software procedures used to run this website passively acquire some personal data during their normal operation.
In particular, such data can be collected:
- through the browser: most browsers collect some information, including the MAC address (Media Access Control), type of computer (Windows or Macintosh), screen resolution, operating system version and browser type and version;
- through pixel tags, web beacons, clear GIFs or other similar technologies: these technologies can be used in relation to some pages of this Website and HTML e-mail messages in order to, for example, monitor the actions of the Website users and email recipients, evaluate the success of the marketing campaigns and compile statistics on the use of the Website and response rates;
- through the IP address: the IP address consists of a number automatically assigned to the computer used by the user's Internet service provider (ISP). An IP address is identified and recorded automatically in the log files of the Data Controller's server at each access to the Website, next to the date of visits and page(s) viewed;
- through the use of mobile devices: the Data Controller can collect information on the user's mobile device as the unique identifier.
This information is not collected to be associated with identified subjects, directly or indirectly, as the data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing.
The data may be used by the competent authorities to ascertain responsibility in the event of cyber-crimes against this Website.
Data provided voluntarily by the user
Apart from that specified for online browsing data, the user is free to provide some data, such as those required to fill in the contact form. The optional providing of personal data by the user entails their subsequent acquisition.
If the User refuses to provide consent for data processing, some services offered by this Website may not be used.
Purpose and legal basis for processing
The legal basis we rely on to process your personal data is article 6, letters b), c) e) and f) of EU Regulation 679/2016 and art. 2-ter (3) of Italian Legislative Decree no. 101/2018, which allows us to process personal data when this is necessary to fulfil a contract or pre-contract procedures in the interest of the user, to fulfil a legal obligation to which the Data Controller is subject, to safeguard the vital interests of the User or another physical person, to perform our public tasks as a Data Controller, and to pursue the legitimate interest of the Data Controller or third parties.
You can always ask the Data Controller to clarify the legal basis of each processing activity and in particular to specify whether processing is based on the law, provided for by a contract or necessary to conclude a contract.
If data are provided voluntarily, the legal basis of processing is represented by the interested party’s consent pursuant to art. 6, letter a) of EU Regulation 679/2016.
However, in case of anonymous statistical elaborations on the use of the website and in order to check its correct functioning, privacy laws do not apply to data processing and a particular legal basis is not needed because these data are anonymized, i.e. data from which it is not possible to re-identify, even indirectly, a physical person.
Processing methods, security measures and storage times
All data collected using this website will be processed in a mainly electronic and/or telematic format. Your personal data are collected and processed by applying technical and organizational security measures appropriate to the risk and to prevent unauthorized or illicit processing, loss, destruction, access, disclosure, or even accidental data change.
The Data Controller undertakes to store your personal data for the strictly necessary period to achieve the purposes for which they are processed, subject to the need to keep them for a longer period as a result of requests from the competent authorities on prevention and prosecution of offenses or to assert or defend a right in court.
Pursuant to and in accordance with art. 33 of GDPR on personal data protection, the user should report to the Data Controller any circumstances or events from which a potential "data breach" may occur in order to allow an immediate evaluation and the adoption of any action aimed at opposing such events, by sending a specific communication to the e-mail address of the aforementioned Data Controller.
The measures adopted by the Data Controller do not exempt the user from paying the necessary attention to the use, where required, of a password/PIN of adequate complexity, which must be carefully stored and made inaccessible to others, in order to be protected from improper and unauthorized use.
Categories of personal data Recipients
In addition to the Data Controller, other subjects may have access to the data, such as those involved in the organization of this website (administrative, commercial, marketing, and legal staff, system administrators) and appointed as data processors, or external subjects (such as suppliers of third party technical services, mail carriers, hosting providers, IT companies, communication agencies) as data processing managers.
The updated list of these subjects can be requested from the Data Controller.
If your personal data are processed by extra-EU subjects, they will be transferred with the appropriate guarantees corresponding to the adequacy decisions issued by the European Commission and/or the Italian Personal Data Protection Authority.
Further information on data transfers to extra-EU countries and the guarantees adopted, as well as information on the companies appointed as personal data processing managers, can be requested from the Data Controller by e-mail.
In no case will your data be disclosed to the public.
Rights of the interested parties
In regard to personal data processing carried out through this website, you may request at any time:
- the confirmation that personal data processing is currently underway and, in this case, you can obtain access to the information referred to in art. 15 of EU Regulation no. 679/2016;
- the correction of your personal data if incorrect or their integration if incomplete, pursuant to art. 16 of EU Regulation no. 679/2016;
- the cancellation of your personal data if one of the reasons set out in art. 17 of EU Regulation no. 679/2016 subsists;
- the opposition to your personal data processing if one of the hypotheses set out in art. 21 of EU Regulation no. 679/2016 occurs;
- the revocation of the consent given.
The rights set out in articles 18 (right of limitation) and 20 (right to portability) of EU Regulation no. 679/2016, as well as the right to lodge a complaint to the Supervisory Authority are recognized when data processing is unlawful and contrary to the law in force.
You will not be able to exercise the aforementioned rights nor lodge a complaint to the Supervisory Authority if one of the hypotheses set out in art. 2-undecies (11) of the Italian Legislative Decree no. 101/2018 occurs.
How to exercise rights
To exercise these rights, you must send an email to the Data Controller (see contact details given at the beginning of this statement). A specific form is available on the Personal Data Protection Authority’s website at http://www.garanteprivacy.com/web/guest/home/docweb/-/docweb-display/docweb/9401345. This form can be filled in wholly or in part to describe what rights are to be exercised. To submit a complaint to the Supervisory Authority, please write to the following PEC address (certified e-mail): email@example.com.
Protection of minors
This privacy statement is drafted in compliance with EU Regulation no. 679/2016, Italian Legislative Decree no. 101/2018 and any other privacy provision.
Last updated: 23rd October 2018