iShot® is a registered TRADE and MARK PATENT APPROVED (pct) of MONETTI SRL property.
iShot® is a registered TRADE MARK and PATENT APPROVED (pct) of MONETTI SRL property.
INFORMATION PURSUANT TO THE RULES OF THE U.E. REGULATION No. 2016/679 (so-called GDPR)
INFORMATION PURSUANT TO THE RULES OF THE U.E. REGULATION No. 2016/679 (so-called GDPR)
Preg.mo interested in the treatment, ie the one to whom the personal data refer (including the common, sensitive, judicial or so-called details, from now on for convenience generically called personal data) that will come into contact and will have reports negotiation with the undersigned data controller La informo, which, according to the provisions of Articles 13 and ss of EU Regulation no. 2016/679 (hereinafter also only “GDPR”), the personal data you have provided to MONETTI SRL normally from the time of booking and requesting services and until the termination thereof, will be processed in compliance with the aforementioned law. For this purpose I provide you with the following information.
1.- THE IDENTITY AND CONTACT DETAILS OF THE HOLDER OF THE TREATMENT
HOLDER of the TREATMENT, that is in the meaning of which to the art. 4 GDPR that is the one who decides the purposes and means of the processing of personal data, is MONETTI SRL, c.f.-p.iva 01319680532, Strada dell’Airone 11C / 11D, 58010 Albinia GR (Italy) tel. 0564 860877 email of the Owner: firstname.lastname@example.org – from now on also called only “owner”.
2.- CONTACT DATA OF DATA PROTECTION MANAGER (DPO or RPD)
There is no legal obligation, the holder has NOT appointed a data protection officer (DPO)
3.- PERSONAL DATA PROCESSED, THE PURPOSE OF THE TREATMENT TO BE DESTINED, PROCESSING METHOD AND THE LEGAL BASIS OF TREATMENT
PERSONAL DATA PROCESSED AND HOW WE COLLECT PERSONAL DATA
The undersigned treatment holder has, as indicated in the notice, as a business object a commercial activity of:
production, design, assembly, wholesale and retail trade of products related to safety and emergency system components, control units for automation and remote controls, pyrotechnic products, explosives and accessory products, postponing otherwise to what is indicated in the Chamber of Commerce .
Given that customers are mostly made up of commercial companies in a corporate form and therefore outside the scope of application of the GDPR, nevertheless the undersigned has wanted to make its own legislation on personal data protection.
The data we process are obtained mostly directly from you, for example if you contact us directly by going to our office or via our website, via e-mail or by telephone through our direct line, in order to request information on our services o goods, if you buy one of our goods or services, for example through our websites or our social networks (Face book etc.); If you participate in an event organized by us; there are also the data collected through the Social where we also manage the reviews. Newsletters, on-line questionnaires, internet site, remote possibility of registration of Wifi asking for data entry are possible. Data may also be collected that also concerns you via the video surveillance system once it is installed.
If you provide personal data on behalf of someone else, it is your responsibility to ensure, before you do so, that you have read this Privacy Notice. If you are under 18, please do not give us any personal data, except through the person who exercises parental authority over you.
WHAT DATA CATEGORIES OF PERSONAL DATA WE COLLECT
The processing of personal data takes place in a lawful and correct, inspired by the principles of necessity, correctness, lawfulness, transparency, protection of confidentiality, relevance and non-excess or minimization of data with respect to the purposes of treatment, without prejudice to the obligations of which it is further the data controller is kept on matters of confidentiality and professional secrecy and their dissemination or communication is limited to the cases prescribed by current laws, regulations or Community legislation.
We treat the data of the following subjects even if not all are qualified as interested according to the GDPR: Customers, Users, Suppliers, Employees, Collaborators.
In general we treat name, surname, email address, residential address, domicile, telephone number, city, country, region, VAT number, tax code, bank details eg IBAN code in case of activation of payment methods eg cash orders etc.), paychecks, billing data including electronic, household, identity card, data of candidates who send their curriculum vitae. Biometric or genetic or judicial data are not processed (in the meaning referred to in the GDPR).
USERS: Those who access the WEB services we offer (website and Facebook and other social networks if they are active); name, surname, email address, telephone number, mobile phone number, residential address.
SUPPLIERS: Company name, VAT number, iBan code, Address of the office, e-mail address, telephone number, mobile phone number, country, region.
CUSTOMERS: Name, surname, email address, residential address, telephone number, city, country, region, VAT number, tax code, purchase history.
EMPLOYEES and co-workers: office clerks the trader processes their data and hiring / training courses / residence / medical certificates and they process company data eg. of colleagues and customers on documents and management; employees in the warehouse and direct sales to the counter have access to the management system and to the personal data – accounting cards of the customers themselves so the owner processes their data and they process those of the company; other employees manage only the goods (we process their data but they do not process company and customer data) – as for the production workers, the owner deals with their data and hiring / training courses / residence / medical certificates, but they do not come in contact with company data.
technicians for interventions: the owner processes their data and they come in contact with the basic data of our customers eg: residence, domicile and address.
In addition, at the time of purchase and the stipulation of a possible loan, the following additional requirements are requested: Iban Code, payroll, family unit, identity card, health card, driving license, tax documentation, etc.
The data of users on the web are currently collected by nomra for ecommerce, for the purpose of soft marketing and improvement of the service and kept for legal obligation; customer data, such as paychecks, identity documents, family units, bank details, etc. are collected for the execution of sales contracts or (if required) financing. All other customer data is collected by law and improvement of services; Supplier data is collected by law and internal functions necessary for the activity.
With regard to the so-called sensitive or particular data processed, apart from those of employees or collaborators to fulfill legal obligations, the undersigned holder may occasionally process health data concerning you and / or your children under 18, necessary for obtain, if any, subsidies or discounts due to the presence of disability or incapacity, also referred to in the note “law 104” or in the event of any request for damages.
Trying to define what is now explained below are the following categories of personal data concerning you and / or your children under 18 and can be collected through the various services and contact channels described in this Privacy Notice:
a) Contact details – information regarding name, address, telephone number, useful data for issuing / sending documents (invoices – ddt etc.), organization of interventions also at their home, shipment of goods, email address, to contact them in order to organize interventions and for any communications – reminders; internal annotations to list communications made and answers / info provided by the customer; IP address (eg data for registration on the site and, if present, in case of use of the WIFI service).
b) Payment details – Information relating to the payment systems chosen by you, such as credit card number, debit card, IBAN ID, etc., bank details for issuing orders or requests for payment, ri.ba , even for unpaid debts.
c) Complete identification data – information relating to your identity, including the tax code, the residence, derived from the identity documents required by law such as identity card, passport, driving license, etc.
d) Interest and preferences – information that you provide us with regard to your interests, for our commercial purpose or ancillary services, if and when activated.
e) Other personal data – optional information that you provide to us for the exclusive purpose of personalizing the service.
f) Use of the Site information relating to the way in which it uses our site, opens or forwards our communications, including information collected through cookies and other tracking technologies.
g) Your account details – information to your account on our site.
h) Images – images that depict your person collected through photos and / or videos made during events organized with us with your consent or via the video surveillance system installed.
i) Data relating to your state of health or other data belonging to particular categories – information that you provide us with regard to some of your physical conditions (eg in the presence of invalidity or if you have difficulty in ambulating or if you are entitled to to the law 104 foreseen for specific hypotheses of disability / invalidity etc.)
Therefore, within the limits of the purposes and methods described in this Notice, information that may be considered as “Simple or common personal data”, which include your personal details, your bank details, your contact details (such as for example, mobile phone number, e-mail address, hereinafter, jointly, “Personal Data”) and as “Special Data” as characterized, in accordance with the GDPR, by a particular nature; they refer, in fact, to physical health and, more generally, they are able to provide information on the state of health of the user.
For convenience of reference, within the present Information, the expression “Personal Data” shall be understood as a reference to all your personal data, unless otherwise specified.
WHAT ARE THE PURPOSES AND CONDITIONS OF LAW TO TREAT YOUR PERSONAL DATA (PURPOSE AND LEGAL BASIS OF TREATMENT)
The Personal Data collected will be processed for the purposes and on the basis of the following legal bases:
|Legal basis of the processing
|Categories a), b) (when relevant): for the management of your contractual relationship or to execute pre-contractual measures (such as, for example, the request for information or the estimate, the provision of the service). In this case, you are free to give your Personal Data also particular; however, failure to provide it (when essential to the performance of the contractual relationship) will not allow you to establish the aforementioned relationship and satisfy your request or obtain benefits
|the treatment is necessary in relation to the execution of a contract of which you are a part – art. 6 GDPR lett. B)
|Category c): for communications required by the public security regulations or fiscal obligations. Failure to provide data implies the impossibility of providing the service in its favor
|the treatment is necessary for a legal obligation – art. 6 GDPR lett.c)
|Categories d), e), f), g), h) and i) in some cases subject to your specific consent, for the personalization and improvement of the service with specific reference to specific needs. The lack of data communication does not prevent the service but prevents the personalization and improvement.
|Your consent and legitimate interest of the owner (ecommerce, marketing, satisfaction assessment, personalization of the service, etc.) ARTT. 6, 7, 9 GDPR
|Categories d), e), f), g), h) and i) subject to your specific consent the completion (and subsequent use) of surveys and to contact you, at the addresses provided, in order to verify the quality of service rendered to you and your degree of satisfaction; these activities will however be limited and limited, in the spirit of discretion of our structure and the lack of consent prevents us from getting to know its degree of satisfaction.
|your consent and legitimate interest of the holder (as specified above)
ARTICLES. 6.7, 9 GDPR
|Categories a), d), e), i) subject to your specific consent, to send you pro-memories and promotional communications; communications relating to events organized by the owner or by the commercial partners (together with “marketing purposes”) these activities will in any case be limited and limited, in the spirit of discretion of our structure. Failure to consent or revoke the consent previously provided prevents us from being able to contact you in relation to our initiatives.
|Your consent and legitimate interest of the holder (as specified above)
ARTICLES. 6.7, 9 GDPR
|Category a) to send you communications relating to services for which, if already our client, has already shown interest and stops the possibility for you to object to these communications. This activity will however be limited and limited, in the spirit of discretion of our structure. Failure to consent prevents us from being able to contact you in relation to our initiatives.
|Legitimate interest of the holder (as specified above)
ARTICLES. 6 (also letter f), 7, 9 GDPR
HOW THE TREATMENT OF YOUR PERSONAL DATA COMES
Personal Data will be processed using manual, computerized or telematic tools, suitable for guaranteeing security and confidentiality, and will be carried out by personnel duly trained in compliance with the Applicable Regulations.
In addition to cases in which it is necessary to contact you for needs related to our business, where you consent to the processing of your data for other purposes indicated herein, you may be contacted by e-mail, text message, mobile messaging or through any electronic tool equivalent or by paper mail or call by operator to all the addresses provided. If you prefer to be contacted only to one or some of these addresses, you can make a specific request by request at the email address of the holder
If you express your consent, your personal data may be processed and stored even after the statutory deadline in a computerized archive of management of customer relations and possibly stored in one or more appropriate archives or databases of the company.
Therefore the treatment is aimed only at the fulfillment of contractual and regulatory obligations, for the correct and complete execution of the requested service, received and connected to activities or other services requested by you, including the administrative management of the various contractual obligations (for example preparation, enveloping, sending correspondence and communications also in electronic format or by telephone, including via mobile phone and its messaging, etc.).
I remind you that pursuant to art. 4 n. 2 GDPR data processing is any operation or set of operations performed with or without the use of automated processes and applied to personal data or sets of personal data, such as the collection, registration, organization, structuring, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction . Reference should also be made to the legislation that regulates the business of the owner and which regulates the related activities
4.- THE POSSIBLE ADDRESSEES OR THE POSSIBLE CATEGORIES OF ADDRESS OF PERSONAL DATA – therefore TO WHO WE COMMUNICATE YOUR DATA
The processing, in compliance with the provisions of the GDPR 2016/679, may take place by:
– owner’s staff (eg employees or collaborators, etc.) specially appointed by the owner, periodically also trained to protect personal data; the personnel in charge will normally only process the personal identification data and those relating to the payment of the service.
In any case, personal data may also be processed by
The data of customers and suppliers can be accessed by the accountant and the auditor (if appointed) for the correct management of company accounts. In the case of an electronic invoice, the data passes through an interchange system (SdI), managed by the Revenue Agency directly visible also by the State Accounting Office. The user data are communicated, through automated systems, to GOOGLE following its own policy conservation and privacy for the data processed;
– third parties as external process managers specifically identified such as, for example, third parties or companies that provide support services to the company’s activities, or to professionals with whom specific agreements have been signed pursuant to the Regulations or for support in the management of the activities;
– there is also the trusted IT technician and our management system who can come into contact with your data in the maintenance and revision operations of the computer hardware and software system and control of the backup copy; then there is the website operator who can view all personal data left on the web by the interested party; I remain at your disposal, upon your express request, to provide you with the name of the trusted computer technician, web agency as well as any other external manager or person in charge of processing indicated in this statement.
– At the moment we do not have a cloud manager but if there is any intention in the future, we will choose a reliable one and with servers in EU countries and that complies with the privacy legislation referred to in GDPR.
– Your personal data will also be processed by third-party external managers, eg the accountant, labor consultant, occupational physician, also in order to fulfill the obligations envisaged in the tax and accounting field and in this case only common personal data will be provided ; furthermore, if you request us, we will provide your data to those who will carry out the controls required by law.
– all’Istat if required by law;
Your personal data may also be communicated as an example to the following subjects or to the categories of persons indicated below: Banking institutions for the management of payments; Financial administrations, private companies, professional firms (lawyers in the presence of litigation, etc.) or public or private bodies in each case to fulfill regulatory obligations; lawyers, service companies, law firms for the protection of contractual rights. Regarding the payment of the owner’s compensation, except for the case of cash (within the limits of the law), whether you use your bank transfer or check or credit card or debit card, I inform you that in case of use of the service pay pal or booking and payment via the website or through the pos and in this case the data are processed exclusively and directly by the bank, and / or paypal; in any case it is possible that, by providing your bank details, even only the Iban, you can emerge where you have the current account, in which Agency etc., since the system of bank payments is so set on the basis of laws and regulations without that the holder has no decision-making power in this regard. In general, your personal data, object of treatment for the purposes indicated above, can not be disclosed to third parties except when it is necessary or required by law such as the Public Security or Judicial Authority or when the conditions of law exist; in other cases, behind your express and free consent. Personal data will in no case be disseminated (usually we refer to social media, etc.) without your consent.
– from browsing our site you can see the history of the services used, browsing history online, images of expenses incurred, acts relating to the person; in these cases your data are provided such as name, surname, address, date and place of birth, landline or mobile phone number, credit card, email address, reason of stay, data to register at Wifi if activated by the holder, data bank accounts of customers or agencies in case of return of deposits or incorrect charges. If the browsing history is not deleted by you as an internet user, it remains with all your data if, for ex. use the Pc station.
5.- TRANSFER PERSONAL DATA TO A THIRD COUNTRY OR TO AN INTERNATIONAL ORGANIZATION
The data controller does not transfer personal data to a third country that is not a member of the European Union (nor in any Member State of the European Union) or to an international organization. Furthermore, your data will not be transferred either to Member States of the European Union, or to third countries not belonging to the European Union. If there is any intention in the future, the holder will provide you with appropriate information and all that is necessary to be in line with the current privacy legislation.
6.- PERIOD OF CONSERVATION OF PERSONAL DATA OR THE CRITERIA USED TO DETERMINE THIS PERIOD
Below is a table that contains the indications of the retention times (or the criteria of determination) of Personal Data, after which your data will be deleted; in general, the personal data of customers and suppliers are kept for a maximum of 10 years for the purpose of carrying out the company’s activities; the personal data of the USERS category are kept for 180 days for statistical purposes and for the improvement of the service and for any commercial communications, but a longer deadline than the following is allowed:
Time of conservation
Categories a), b) (contract)
For the entire duration of the relationship and subsequently for 10 years also for tax and anti-money laundering purposes
The time prescribed by law
Category d), e), f), g), h), i) service improvement
24 months after the end of the contract or service
Category d), e), f), g), h), i), verify satisfaction
24 months from collection, due to the possibility, frequently in practice, of further relations with you, without prejudice to the possibility for the data subject to modify and / or revoke their will at any time regarding the consent
Category d), e), f), g), h), i), marketing
24 months from the end of your last relationship with us, due to the possibility, frequent in practice, of further relations with you, without prejudice to the possibility for the interested party to modify and / or revoke their will at any time with regard to consent
Your personal data, object of treatment for the above mentioned purposes, will be conserved for the whole duration of the contractual relationship and, in compliance with the civil and fiscal regulations, for the following ten years starting from the end of the relationship.
With your express consent, even in your interest, this holder is available to keep your personal data for a further period than the ordinary one, even for over ten years.
In any case, where provided, the data are kept for the times prescribed by the regulations in force.
7.- CONSEQUENCES OF FAILURE TO COMMUNICATE PERSONAL DATA OR REFUSAL TO TREATMENT
With regard to personal data the processing of which is necessary and functional for the performance and fulfillment of the performance and contract of which you are a part or for the fulfillment of a regulatory obligation (for example, those related to the keeping of accounting records and tax records as well as, for example, for the correct application of security measures also for the electronic tools of the owner), failure to communicate personal data or any refusal to treatment make it impossible to improve or continue the contractual relationship. In the cases instead in which you decide not to give consent for the so-called treatment. optional of your personal data, ie in cases where the performance of the service and the contractual relationship is allowed (eg processing by third party external managers, when “optional”, previously recalled or sending of advertising material, etc. ) Your data will be processed as you requested and will be processed only the data necessary for the “basic” performance and the performance of the contract. In these cases, therefore, you will not be able to use additional services of our structure as, not allowing the sending of information, you will not be aware of it. In cases where the treatment is based on consent, you have the right to revoke the consent at any time, without obviously prejudicing the lawfulness of the processing (and based on the consent given) before the revocation.
8.- RIGHTS OF THE INTERESTED PARTY
You, as an interested party, may exercise, with reference to your personal data, the rights provided for in articles 15 to 22 of the GDPR and that are delivered separately for further information and in general the right: – to see your data processed with transparency (articles 5 and 12 GDPR); – to receive the information; – right of access to your personal data; – the right to obtain correction or limitation of the processing that concerns you; – the right to obtain cancellation of the same (the right to be forgotten, in certain circumstances);
– the right to object to the treatment (interrupting the processing of your personal information); – right to data portability (law applicable to data in electronic format), as governed by art. 20 GDPR that allows, upon your request, to transfer your data from the undersigned to another holder indicated by you in electronic format, readable by the new owner; the data portability rights only apply to personal information we have obtained directly from you and only if our processing is done automatically, based on consent or execution of a contract; – the right to withdraw the consent at any time without prejudice to the lawfulness of the treatment based on consent before the revocation; – the right to lodge a complaint with the supervisory authority by contacting the competent Guarantor Authority; for further information or models you can consult the institutional website of the Privacy Guarantor www.garanteprivacy.it – the right to request any information concerning the processing of your data, also through the persons in charge of processing at the owner’s office. You can always ask us to: confirm if we are processing your personal information, receive information on how we process your data, obtain a copy of your personal information, update or correct your personal information. In particular on the right to object to the processing, you have the right to request that your personal information be processed: • for marketing purposes, • for statistical purposes, • where such processing is based on our legitimate business interests, unless we are able to demonstrate a legitimately grounded reason for such processing or if the processing of your personal information is necessary to ascertain, exercise or defend a right in court.
Right to limit the processing; has the right to request that the processing of your personal information be limited: • if you are considering or taking steps to respond to your request to update or correct your personal information, • if they are no longer required or required by us, but desires that we retain data to ascertain, exercise or defend a right in court, • if you have submitted an opposition to processing on the basis of our legitimate business interests and are awaiting our response to that request. If we would restrict the processing of your personal information in accordance with your request, we will inform you before involving you again in such processing.
SENDING REQUESTS RELATING TO YOUR RIGHTS:
your requests can be sent to the email address above; we will reply to all requests of this type within 30 days of receipt of the request, unless there are mitigating circumstances, in which case it may take up to 60 days for the reply. We will inform you if we anticipate that it may take more than 30 days for our response. However, some personal information may be excluded from these rights under applicable data protection laws. Furthermore, we will not respond to any request unless we can adequately verify the applicant’s identity. We could charge you, when required by the rules, a reasonable amount for the subsequent copies of the data you are requesting. Right of withdrawal of consent: you have the right to withdraw your consent to any processing that we conduct exclusively on the basis of your consent (such as sending direct marketing materials to your personal email address). You can withdraw your consent by contacting the email address above-The withdrawal of consent, however, does not affect the lawfulness of the treatment based on consent before the revocation itself.Our services are not intended for persons under 18 and personal data concerning them and we do not knowingly collect data concerning them.
9.- EXISTENCE OF AN AUTOMATED DECISION-MAKING PROCESS, INCLUDING THE PROFILING
We do not use automated decision systems and we do not resort to profiling, that is direct to use your personal data to analyze or predict aspects concerning professional performance, economic situation, health, personal preferences, interests, reliability, behavior, location or trips etc. (art.22 para 1 and 4 GDPR).
GROSSETO, 24.05.2018 THE HOLDER OF THE TREATMENT
RIGHTS OF THE INTERESTED PARTY - ART. 15 -22 GDPR
RIGHTS OF THE INTERESTED PARTY – ART. 15 -22 GDPR
Article 15 Right of access of the interested party
1. The data subject has the right to obtain from the data controller confirmation that the processing of personal data concerning him or her is in progress and, in this case, to obtain access to personal data and the following information:
a) the purposes of the processing;
b) the categories of personal data in question;
c) the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if recipients of third countries or international organizations;
(d) where possible, the retention period of the personal data provided or, if not possible, the criteria used to determine this period;
e) the existence of the right of the interested party to request the data controller to rectify or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;
f) the right to lodge a complaint with a supervisory authority;
g) if the data are not collected from the data subject, all information available on their origin;
(h) the existence of an automated decision-making process, including the profiling referred to in Article 22 (1) and (4) and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the interested party.
2. Where personal data are transferred to a third country or to an international organization, the data subject shall have the right to be informed of the existence of adequate safeguards pursuant to Article 46 relating to the transfer.
3. The data controller provides a copy of the personal data being processed. In the event of further copies requested by the data subject, the data controller may charge a reasonable fee contribution based on administrative costs. If the interested party submits the request by electronic means, and unless otherwise indicated by the interested party, the information is provided in a commonly used electronic format.
4. The right to obtain a copy referred to in paragraph 3 shall not affect the rights and freedoms of others.
Article 16 right of RECTIFICATION
The data subject has the right to obtain from the data controller the correction of inaccurate personal data concerning him without undue delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, also by providing an additional declaration.
Article 17 Right to CANCELLATION («right to OBLIO»)
1. The data subject has the right to obtain from the data controller the deletion of personal data concerning him without undue delay and the data controller is obliged to cancel the personal data without undue delay if one of the following reasons exists:
a) personal data are no longer necessary with respect to the purposes for which they were collected or otherwise processed;
(b) the data subject revokes the consent on which the processing is based in accordance with Article 6 (1) (a) or Article 9 (2) (a) and whether there is no other legal basis for the processing ;
(c) the data subject opposes the processing pursuant to Article 21 (1) and there is no legitimate overriding reason to proceed with the processing, or opposes the processing pursuant to Article 21 (2);
d) personal data have been processed unlawfully;
e) personal data must be deleted to fulfill a legal obligation under Union or Member State law to which the controller is subject; (26)
(f) the personal data have been collected in relation to the information society service offer referred to in Article 8 (1).
2. The controller shall, if he / she has made personal data public and is obliged, pursuant to paragraph 1, to delete it, taking into account the available technology and implementation costs, shall take reasonable steps, including technical measures, to inform the data controllers who are processing personal data of the request of the person concerned to delete any link, copy or reproduction of his personal data.
3. Paragraphs 1 and 2 shall not apply to the extent that processing is necessary:
a) for exercising the right to freedom of expression and information;
(b) for the fulfillment of a legal obligation requiring treatment under Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority of which the data controller is invested; (26)
(c) for reasons of public interest in the field of public health in accordance with Article 9 (2) (h) and (i) and Article 9 (3);
(d) for the purposes of archiving in the public interest, for scientific or historical research or for statistical purposes in accordance with Article 89 (1), insofar as the right referred to in paragraph 1 risks making it impossible or to seriously affect the achievement of the objectives of this treatment; or
e) for the assessment, exercise or defense of a right in court.
Article 18 Right of LIMITATION of treatment
1. The data subject has the right to obtain from the data controller the limitation of processing when one of the following hypotheses occurs:
a) the interested party disputes the accuracy of personal data for the period necessary for the data controller to verify the accuracy of such personal data;
b) the processing is illegal and the interested party opposes the cancellation of personal data and asks instead that its use is limited;
c) although the data controller no longer needs it for processing purposes, personal data are necessary for the data subject to ascertain, exercise or defend a right in court;
d) the interested party has opposed the treatment pursuant to Article 21 (1), pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party.
2. If the processing is restricted pursuant to paragraph 1, such personal data shall only be processed, except for storage, with the consent of the data subject or for the establishment, exercise or defense of a right in court. or to protect the rights of another natural or legal person or for reasons of significant public interest of the Union or of a Member State.
3. The data subject having obtained the processing restriction pursuant to paragraph 1 shall be informed by the controller before the limitation is revoked.
Article 20 Right to data PORTABILITY
1. The data subject shall have the right to receive personal data concerning him / her provided to a data controller in a structured, commonly used and readable form by automatic device and has the right to transmit such data to another data controller without impediments on the part of the data controller to whom he has provided them if:
(a) the processing is based on consent pursuant to Article 6 (1) (a) or Article 9 (2) (a) or on a contract within the meaning of Article 6 (1) b); is
b) the treatment is carried out by automated means.
2. In exercising its rights relating to the portability of data in accordance with paragraph 1, the data subject shall have the right to obtain direct transmission of personal data from one controller to another, if technically feasible.
3. The exercise of the right referred to in paragraph 1 of this Article shall be without prejudice to Article 17. This right does not apply to the treatment necessary for the performance of a task carried out in the public interest or in connection with the exercise of official authority as the data controller is invested.
4. The right referred to in paragraph 1 must not affect the rights and freedoms of others.
Article 21 Right to OPPOSITION
1. You have the right to object at any time, for reasons connected with your particular situation, to the processing of your personal data pursuant to Article 6, paragraph 1, letters e) of), including profiling on the basis of these provisions. The data controller refrains from further processing personal data unless he demonstrates the existence of binding legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the data subject or for the assessment, exercise or the defense of a right in court.
2. If personal data are processed for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning him / her for such purposes, including profiling in so far as it is related to such marketing direct.
3. If the data subject objects to processing for direct marketing purposes, personal data are no longer processed for these purposes.
4. The right referred to in paragraphs 1 and 2 shall be explicitly brought to the attention of the interested party and shall be presented clearly and separately from any other information at the latest at the time of the first communication with the data subject.
5. In the context of the use of information society services and without prejudice to Directive 2002/58 / EC, data subjects may exercise their right to object by automated means using technical specifications.
6. Where personal data are processed for the purposes of scientific or historical research or for statistical purposes in accordance with Article 89 (1), the data subject shall have the right to object to the processing of personal data for reasons connected with his particular situation that concern him, unless the processing is necessary for the performance of a task in the public interest.
Article 22 AUTOMATED decision-making process concerning natural persons, including profiling
1. The data subject has the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or which significantly affects his person.
2. Paragraph 1 shall not apply where the decision:
a) is necessary for the conclusion or execution of a contract between the data subject and a data controller;
(b) is authorized by the law of the Union or of the Member State to which the controller is subject, which also specifies appropriate measures to protect the rights, freedoms and legitimate interests of the data subject;
c) is based on the explicit consent of the interested party.
3. In the cases referred to in paragraph 2 (a) and (c), the controller shall implement appropriate measures to protect the rights, freedoms and legitimate interests of the data subject, at least the right to obtain human intervention from the holder of the treatment, to express their opinion and to challenge the decision.
4. The decisions referred to in paragraph 2 shall not be based on the particular categories of personal data referred to in Article 9 (1), unless Article 9 (2) (a) or (g) applies, and there are no adequate measures to protect the rights, freedoms and legitimate interests of the data subject.
This information is provided also in pursuance of Section 13 and 122 of Legislative Decree 196/2003 and in pursuance of the provision by italian data protection autothority 8 may 2014 “individuazione delle modalità semplificate per l’informativa e l’acquisizione del consenso per l’uso dei cookie”, and it provides detailed information on Cookies, how they are used and how to manage them.
What are cookies?
Cookies are small text files that are automatically placed on your computer or mobile device when you visit a web site. They are stored by your Internet browser. Cookies contain basic information about your Internet use, but they do not normally identify you personally. Your browser sends these cookies back to the site every time you revisit it, so it can recognise your computer or mobile device and improve your site experience (technical cookies), or personalize your site experience to track a user’s overall activity online (profiling cookie).
Visiting a web site can receive cookies from visited web site: “First Party Cookie”. Visiting a web site can receive cookies from a web site other than the one a user is visiting: “Third Party Cookies”.
Type of cookies used by this web site
This web site uses Technical Cookies and Third Party Cookies.
This web site use Google Analytics, a service offered by Google that tracks and report with anonymous information website traffic. We use these information only to help us understand how this website in being used and how we can improve your experience on it. These information will not be used to deliver targeted marketing messages. To Google Analytics Cookie usage on website visit the official web site: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage
To provide website visitors the ability to prevent their data from being used by Google Analytics: https://tools.google.com/dlpage/gaoptout?hl=en
Policy Privacy Google Inc. http://www.google.com/intl/en/policies/privacy/
Third Party Cookies
Third party cookies are not placed by us. We would therefore suggest that you look at those third parties’ websites for information about the cookies they place and how you can manage them. For more information: http://www.youronlinechoices.com
To ensure greater transparency and convenience, we provide web site informative and modalities for control of cookies :
To delete Cookie Flash
How to disable cookie
Most browsers are configured to accept cookies. However, you can delete them through your browser settings, below is the link to pages that help you do this
To delete such cookies from your Internet browser, smartphone or tablet, please refer to the user’s guide.
By accessing the links below you can configure your browser so as not to receive more cookies
To learn more about third party cookies or marketing / retargeting visit www.youronlinechoices.com.
Third party cookies are not placed by us. We would therefore suggest that you look at those third parties websites for information about the cookies they place and how you can manage them.