The Data Controller processes Users’ Personal Data by adopting appropriate security measures aimed at preventing unauthorised access, disclosure, modification or destruction of Personal Data.
1) Communication and dissemination of Data
In addition to the Data Controller, in some cases, the following may have access to the Data
a) categories of Data Processors, specially trained for this purpose, involved in the organisation of the Website (administrative, sales, marketing, legal, system administrators);
b) external parties (such as third party technical service providers, hosting providers, IT companies, communication agencies) also appointed as Data Processors by the Data Controller pursuant to Art. 28 GDPR. The updated list of Data Processors, if appointed, can always be requested from the Data Controller;
c) public or private entities that can access the Data in compliance with legal obligations;
d) subjects that perform accessory and instrumental tasks with respect to the Controller’s activity
e) external parties such as partners in the organisation of initiatives and events promoted and/or sponsored by the Data Controller to which the communication of the Data proves necessary for organisational reasons
2) Data provided voluntarily by the User
The optional, explicit and voluntary sending of electronic mail, including by means of the Contact Form or by means of the addresses indicated on this Website, entails the subsequent acquisition of the sender’s address, which is necessary to reply to requests, as well as any other Personal Data included in the email. The User’s consent to the conferment of Data is necessary in order to be included in the Data Controller’s databases and for the purposes of the establishment and proper performance of what the same offers to its Users, as well as to third parties for the fulfilment of the single activity requested. Failure to provide the data therefore prevents registration in the Data Controller’s databases, the conclusion of any contracts, as well as the performance of the same and any other possible activity. Therefore, the User’s failure to provide certain Personal Data may prevent the Data Controller from providing its services. The User assumes responsibility for the Personal Data of third parties published or shared through this Website and warrants that he/she has the right to communicate or disseminate them, releasing the Owner from any liability towards third parties. Specific summary information will be progressively reported or displayed on the pages of the Website set up for particular services on request.
3) Place of Processing
Data processing takes place mainly in Italy and in the countries of the European Union. Some third party tools may process the data of the users of this website in countries outside the European Economic Area (the “Third Countries”).
Data transfer to Third Countries may also occur through the use of external tools that enable certain services (e.g. statistical analysis, newsletters, remarketing, advertising, use of social buttons).
4) Processing times
As expressly provided for in Article 5(1)(e) of the GDPR, Data are kept for the time necessary for the Processing of the same in relation to the performance of the service requested by the User, or required by the Purposes described in this document.
– Personal Data collected for Purposes related to the performance of a contract between the Data Controller and the User will be retained until the performance of such contract is completed;
– Data collected for Purposes related to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The User may obtain further information about the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller;
– Data collected on the basis of the User’s Consent may be retained until such Consent is revoked;
– Data collected for tax/administrative obligations will be kept for the time necessary to fulfil the aforementioned purposes and in accordance with the law, and in any case for a period not exceeding that dictated by civil law;
– Data may be kept by the Data Controller for a longer period in compliance with legal obligations or by order of an authority;
The User can always request the interruption of the Processing or the deletion of Data not related to the execution of the contract.
At the end of the retention period, the Personal Data will be deleted. Therefore, at the end of this period, the right of access, cancellation, rectification and the right to Data portability can no longer be exercised.
5) Purposes of the Data collected
The User’s Data are collected to enable the Website to provide its services, as well as for the following Purposes: Contacting the User, Address Management and Sending email messages, Interaction with external platforms and Statistics. In particular:
a) to comply with any type of obligation contemplated and provided for by current laws, regulations, related rules and commercial usages, in particular, in tax/fiscal matters
b) to follow up on specific requests made to the Controller by the User through the Website and its communication tools (contact form, information request forms and the like)
c) for communications of an informative nature relating to the services of the Data Controller itself, following requests for information by e-mail or by filling in the Contact Form and other communication tools
d) for other purposes incidental or related to those indicated above and in any case falling within the scope of the Website’s activities
e) for sending promotional and commercial information and offers
f) for profiling activities for marketing purposes
g) for the transfer of Data to companies and/or third parties with whom the Data Controller collaborates or has entered into agreements, who may use the Data of the Data Subject for sending communications and/or information material relating to events organised by them or services provided by them.
The types of Personal Data used for each purpose are indicated in the specific sections of this document.
For the purposes referred to in point a), processing is necessary for the performance of a contract to which the data subject is party, for the performance of pre-contractual measures or in order to comply with a legal obligation to which the data controller is subject.
For the purposes referred to in points b), c) d) the processing is optional, however, failure to provide one or more pieces of data will make it impossible to respond to your request for information and to use the services offered by the Data Controller.
For the purposes referred to in points e), f), g) the processing is based on the consent freely expressed by the Data Subject.
Details of the processing of Personal Data
Data are collected for the following Purposes and using the following services:
Contact Form (This Website)
The User, by filling in the Contact Form with his/her Data, consents to the use of such Data to respond to requests for information, or any other purpose indicated by the header of the form. Personal Data collected: Email, Name and Surname, telephone number, and any other personal data contained in the body of the message.
By registering for a mailing list or newsletter, the User’s email address is automatically added to a list of contacts to whom email messages may be sent containing information, including commercial and promotional information, relating to this Website. The User’s email address may also be added to this list as a result of registering with this Website. Personal Data collected: Email, First Name and Last Name.
Browsing and hosting data
The computer systems and software procedures used to operate this Website acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.
However, this data is not in the possession of the Data Controller, which does not even have access to it for consultation. Instead, they are stored on the web space provider’s servers.
This is information that is not collected in order to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified.
Security measures adopted
This Website has an SSL certificate and uses the HTTPS protocol to secure the moment when Personal Data is entered. With the use of this protocol, transactions and Data that are transmitted on the Websites take place with maximum security and the content of the communication is not read or manipulated in any way by third parties.
The services contained in this section only allow the Data Controller to monitor and analyse traffic data and serve to keep track of the User’s behaviour.
To continually improve the user experience on our website, we use Matomo (formerly known as Piwik), an open source web analytics tool. Matomo helps us understand how visitors interact with the site by collecting information anonymously. The collection of this data includes, but is not limited to, pages visited, length of visit, type of device used, and geographic region of access.
Importantly, Matomo is set up to respect user privacy: it does not collect full IP addresses or share data with third parties. Also, as part of our commitment to privacy, we offer visitors the option to opt out of Matomo tracking. If you choose not to be tracked, your use of the site will not be included in our analysis and will not contribute to the statistics we collect.
Our use of Matomo is in line with GDPR and other relevant privacy laws, ensuring that your data is treated with the utmost respect and security.
For more information on how Matomo protects your privacy or to exclude you from being tracked, visit https://matomo.org/privacy-policy/
Interaction with Social Networks
These services allow interactions with social networks or other external platforms directly from the pages of this Website. The interactions and information acquired by this Website are in each case subject to the User’s privacy settings relating to each social network. If a social network interaction service is installed, it is possible that, even if Users do not use the service, it may collect traffic data relating to the pages where it is installed.
1) Facebook (Meta Platforms Ireland Limited)
2) LinkedIn (LinkedIn Corporation)
3) Instagram (Meta Platforms Ireland Limited)
4) Telegram (Telegram LLC)
Content on external platforms
These services make it possible to display content hosted on external platforms directly from the pages of this Site and to interact with them. If a service of this type is installed, it is possible that, even if Users do not use the service, it may collect traffic data relating to the pages where it is installed.
1) Youtube Video Widget (Google Inc.)
2) WhatsApp (WhatsApp Ireland Limited)
Live Chat via the ‘Whatsapp’ channel can be used by users to obtain direct contact with the data controller in order to obtain more information about the services offered by the latter.
Further information on treatment
The User’s Personal Data may be used for the defence by the Data Controller in legal proceedings or in the preparatory stages to its possible establishment, against abuses in the use of the same or related services by the User. The User declares that he/she is aware that the Data Controller may be required to disclose the Data at the request of public authorities.
System logs and maintenance
For operation and maintenance purposes, this Website may collect System Logs, i.e. files that record interactions and which may also contain Personal Data, such as the User’s IP address.
Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact information.
Nature of the Data processed and consequences of refusal
The provision of browsing data by Users, for the above purposes, depends on the degree of privacy that the User has enabled or disabled through his/her browser. In some cases, disabling it may affect navigation on this Website. For certain modules of this Website, the provision of navigation data and/or the use of technical cookies is mandatory for the proper functioning of the Website. The provision of certain data of one’s own is in any case necessary for the very structure of the Website and its procedures. In particular, by way of example
– for the sending of messages through the Contact Form, the minimum data required therein are in any case compulsory, such as possibly the name/surname and/or e-mail address and/or other identification data of the sender;
Failing this, the procedure itself cannot be completed.
On the other hand, any request for other optional Data will be preceded by an approval tick. The provision of all other Data is optional, in accordance with the type of information that the User wishes to provide to the Website.
Exercise of data subject’s rights
The Data Subject has the right to exercise the faculties provided for in Articles 7, 15-22 of European Regulation 679/2016.
In particular, he/she has the right to revoke his/her consent at any time and, upon simple request to the Data Controller, he/she may request access to his/her Personal Data, receive the Personal Data provided to the Data Controller and, where possible, transmit it to another Data Controller without hindrance (so-called portability), obtain the updating, limitation of the processing, rectification of the Data and the deletion of the Data processed in breach of the applicable legislation. He/she has the right, for legitimate reasons, to object to the Processing of Personal Data concerning him/her and to the Processing for the purpose of sending advertising material, direct sales and for carrying out market research. He/she also has the right to lodge a complaint with the Garante della Privacy as supervisory authority for the protection of personal data. The interested party may exercise his/her rights by contacting the Data Controller by e-mail at: firstname.lastname@example.org