PRIVACY INFORMATION (simplified)
The purpose of the privacy statement is to provide maximum transparency regarding the information that the site collects and how it uses it.
In compliance with the obligations deriving from the European legislation (European Regulation for the protection of personal data n. 679/2016, GDPR), and from the national legislation as well as adequate by Italy pursuant to Legislative Decree 101/18, this site respects and protects the confidentiality of visitors and users, putting in place every possible and proportionate effort not to infringe the rights of users.
In particular, this site does not publish advertisements and does not use data for the purpose of sending advertisements.
For more information you can read the complete information below.
Legal basis of the processing
This site treats data mainly based on users’ consent . The consent is given through the banner located at the bottom of the page, or through the use or consultation of the site, as conclusive behavior. By using or consulting the site, visitors and users approve this privacy statement and consent to the processing of their personal data in relation to the methods and purposes described below, including any disclosure to third parties if necessary for the provision of a service. Additional consents relating to the specific purpose of the service are collected through the communication or service request forms.
The provision of data and therefore consent to the collection and processing of data is optional, the User can deny consent, and can revoke a consent already provided at any time (through the banner placed at the bottom page or browser settings for cookies, or the Contacts link). However, denying consent may make it impossible to provide certain services and the browsing experience on the site would be compromised.
Other legal bases:
- processing is necessary for the execution of a contract with the User and / or for the execution of pre-contractual measures;
- processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
- processing is necessary for the execution of a public interest task or for the exercise of public powers with which the Data Controller is invested;
- processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.
- Statistics (analysis)
Collection of data and information in an exclusively aggregated and anonymous form in order to verify the correct functioning of the site. None of this information is related to the natural person-user of the site, and does not allow identification in any way. Consent is not required.
- Security strong>
Collection of data and information in order to protect the security of the site (anti-spam filters, firewalls, virus detection) and of Users and to prevent or unmask fraud or abuse to the detriment of the website. The data are recorded automatically and may possibly also include personal data (IP address) which could be used, in accordance with the laws in force on the subject, in order to block attempts to damage the site itself or to damage other users, or in any case harmful activities or constituting a crime. These data are never used for the identification or profiling of the User and are periodically deleted. Consent is not required.
- Ancillary activities
Communicate data to third parties who perform functions necessary or instrumental to the operation of the service (e.g. comment box), and to allow third parties to carry out technical, logistical and other activities on our behalf. Suppliers have access only to personal data that is necessary to perform their duties, and undertake not to use the data for other purposes, and are required to process personal data in accordance with current regulations.
- Data collected automatically
While browsing the Users, the following information may be collected which is kept in the site’s server (hosting) log files:
– internet protocol address (IP);
– type of browser;
– parameters of the device used to connect to the site;
– name of the internet service provider (ISP);
– date and time of visit;
– web page of origin of the visitor (referral) and exit;
– possibly the number of clicks.
- Data provided voluntarily
The site may collect other data in the event of voluntary use of services by users, such as comments, communication services (contact forms, comment box), and will be used exclusively for the provision of the requested service:
– first name;
– email address.
- Right of access : you have the right to obtain a copy of the personal data that we have and which are processed;
- Right to rectification : you have the right to rectify your personal data stored by Privacycert Lombardia s.r.l. if they are not updated or correct;
- Right to object to the processing of personal data for commercial purposes : you can request that Privacycert Lombardia s.r.l. stop sending commercial communications at any time;
- Right to object to decisions based on exclusively automated processes: may request not to be the recipient of decisions made on the basis of exclusively automated processes, including profiling;
- Right to revoke a consent given : you have the right to revoke the consent given for a given treatment at any time;
- Right to contact the Guarantor for the protection of personal data : he has the right to contact the Guarantor for the protection of personal data if he has doubts about the processing of personal data operated by Privacycert Lombardia srl
- Right to cancellation : may request that Privacycert Lombardia s.r.l. erase your personal data if the purposes of the processing have ceased and there are no legitimate interests or legal provisions that require its continuation;
- Right to object to processing : you can request that Privacycert Lombardia s.r.l. stop carrying out a specific treatment on your personal data;
- Right to limit the processing : you have the right to request that Privacycert Lombardia s.r.l. limit the processing operations on your personal data;
- Right to data portability : you have the right to obtain a copy of your data in a structured format that can be transferred electronically to another Data Controller.
However, it is always possible to request the Data Controller to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for in a contract or necessary to conclude a contract.
Purpose of the processing
The processing of data collected by the site, in addition to the related, instrumental and necessary purposes for providing the service, is aimed at the following purposes:
This site collects user data in two ways.
These data are used for statistical and analysis purposes, in an exclusively aggregated form. The IP address is used exclusively for security purposes and is not crossed with any other data.
The Data Controller adopts the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The treatment is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other subjects involved in the organization of Privacycert Lombardia S.r.l. (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, Data Processors by the Holder. The updated list of Managers can always be requested from the Data Controller.
Place of treatment
The data collected by the site are processed at the headquarters of Privacycert Lombardia S.r.l., Pass. Don Seghezzi, 2, BG 24122, Data Controller, and at the web Hosting datacenter (SiteGround Spain SL, Calle de Prim 19, 28004 Madrid, Spain), who is responsible for data processing, processing data on behalf of the owner, is located in the European Economic Area and acts in accordance with European standards.
Data retention period
The data collected by the site during its operation are kept for the time strictly necessary to carry out the specified activities. Upon expiry, the data will be deleted or anonymised, unless there are additional purposes for the conservation of the same.
The data (IP address) used for site security purposes (blocking attempts to damage the site) are kept for 7 days.
Transfer of collected data to third parties
The data collected by the site are generally not provided to third parties, except in specific cases: legitimate request by the judicial authority and only in the cases provided for by law; if it is necessary for the provision of a specific service requested by the User; for performing security checks or site optimization.
Transfer of data to non-EU countries
This site does not share data collected with services located outside the European Union area.
Exercise of User Rights
The European Regulation on the protection of personal data (2016/679), as adapted by Italy pursuant to Legislative Decree no. 101/18, guarantees you, as interested in the treatment, specific rights.
For each treatment, you can exercise the following rights:
You can also exercise the following rights when certain circumstances occur: