The provided policy is pursuant to and for the purposes of the Legislative Decree 30th June 2003, nr. 196, laid down in article 13, (Data Protection Law) and to the EU Regulation 2016/679 on data protection (GDPR, General Data Protection Regulation EU 2016/679).
In this page, the processing of personal data of the visitors of the following website/s is described: www.intelvese.it
The policy is provided only for the above mentioned websites and not for other addresses that users can reach through links.
1. DATA CONTROLLER
The data controller is: L’INTELVESE DI LUIGI TETTAMANTI
To receive any information or exercise the rights set out in articles 7 to 10 of the Legislative Decree 196/2003 and 15 to 22 of the UE Regulation Nr. 2016/679, it is possible to contact the Controller/Processor here:
E-mail address: info@intelvese.it .
Phone number: +39031278576
2. GENERAL INFORMATION VALID FOR ANY PROCESSING
All the processing operations carried out through this website are based on the principles of fairness, lawfulness and transparency. At any time, it is possible to exercise the rights set out in the articles previously mentioned by making an explicit request to the data controller or processor. It is also possible to request precise information about the subjects processing data on behalf of the controller (Controllers, Processors, etc.) During the processing, protection and confidentiality will be granted at a level that is appropriate to and compliant with article 32 of the GDPR. In case the Website was to use personal information for purposes different from the ones described in this policy, a specific consent will be asked to the User.
3. SPECIFIC INFORMATION VALID FOR ANY PROCESSING
a. Data collected through the User’s use of our services: we may collect information on the services viewed and/or used by the User, as well as on the way they are used (for instance, when the User interacts with our contents). IP addresses or domain names of computers or terminals used by the users, URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, how the request was submitted to the server, the size of the file obtained in reply, the code number indicating the state of the response from the server (successful, error, etc.) and other parameters related to the operating system and the IT environment of the user fall under this category of data.
Such data, necessary to use web services, are also processed to:
obtain statistics information about the use of the services (most viewed pages, number of visitors according to hour or day, geographical areas of origin, etc.);
monitor the correct functioning of the services offered.
Navigation data does not last for more than seven days and are deleted immediately after their aggregation (except in case of investigations of offences by Judicial authorities).
b. Cookies and similar technology: our Website uses different types of technology to collect and store information every time one of our services is visited, which may imply the use of cookies and similar technology to identify the user’s browser or device. We use such technology also to collect and store information any time the User interacts and/or purchases our services and/or services of our partners. For further information, please visit our Cookie Policy at the bottom of the home page: www.intelvese.it
c. Data provided by the user through the use of the website’s functionalities: Some sections of the website (ask for information/subscribe to our newsletter/book) require filling a module with some personal data by the user. In this case, the fairness of the processing arises from the consent given by the data subjectat the moment of the free and informed provision of his/her data, by a clear affirmative action (ticking the appropriate box). The data will only be processed for the purpose of replying to the requests of the user. The provision of data is necessary to reply in a complete and correct way to the requests. The data will be stored for periods compatible with the purposes of the collection and later deleted. The data may be disclosed to third parties only if considered useful to give a correct reply to the data subject. The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the address of the sender, as well as of other data that may be present in the mail. Such data will only be used to reply to requests. In this case, the fairness of the processing arises from the consent given by the data subject at the moment of the free and informed provision of his/her data, which already represents a clear affirmative action. Where necessary to provide further information, in addition to this policy, specific summary policies will progressively be added to or viewed on the pages of the website that are dedicated to particular on-demand services
d. Use of data for promotional purposes: The Website allows the User to be constantly updated on new products offered, promotions and/or offers by sending e-mails to the User (with the related consent to the processing for marketing purposes). Only with the explicit consent of the User, the Website will be able to use the non-mandatory personal information provided to send personalised promotions. The provision of data for Marketing purposes is optional: you can therefore decide not to provide data or to later refuse the processing of data already provided; in such case, you will not be able to receive newsletters, commercial communications and advertising material related to the services offered by the Controller. The information collected for such purpose will be stored for 24 months.
INFORMATION SHARED BY US
The Website provides third parties with personal data in the following cases:
A – With the consent of the User: the Website, in case it is needed to share confidential personal data with companies, organisations and subjects outside the Website itself, will ask the authorisation to the User;
B – To domain administrators: the domain administrator and/or third-party retailers providing assistance with the use of the service can access to the personal data of data subjects;
C – For external processing: the Website provides personal information to its affiliates and/or companies and/or trustworthy people so that they can process it based on the instructions given and in accordance with the privacy policy applied by the Website itself (and also in accordance with any other appropriate confidentiality and safety measure);
D – For legal purposes: the Website will provide personal information to companies, organisations and/or people outside the Website team in case it considers it necessary to access, use, protect or disclose such information to:
– Comply with law and current regulations, judicial proceedings and/or a mandatory governmental request;
– Apply applicable terms of service, including investigations on possible violations;
– Detect, prevent or manage fraudulent activities, problems related to safety or technical ones;
– Protect the rights, the property and/or the safety of the Website, of our Users or thepublic, as required and permitted by Law.
The Website may share information that do not allow personal identification with its partners, for instance to show trends related to the general use of our services and/or purchasing preferences. If the Owner of the Website was to be involved in a merger, acquisition and/or divestment, he/she will continue to grant the confidentiality of the personal information and to communicate to the interested Users the transfer of the personal information or the application of privacy regulations different from the ones here adopted.
SUBJECTS TO WHOM DATA CAN BE COMMUNICATED
Where necessary, data can be communicated to competent authorities, trustworthy subjects appointed by the Website Owner only to carry out technical and/or organizational tasks (provision of legal, accounting, tax, consultancy services and others). Personal data are not subject to disclosure.
RIGHTS OF THE DATA SUBJECT (Articles 15-21 EU Regulation 679/2016)
1. The data subject has the right to receive confirmation whether or not personal data in relation to his/her person are being processed, even though not yet recorded, and to receive the related communication in an intelligible form.
2. The data subject has the right to access his/her personal data and the following information:
A –indication of: – purposes of the processing; – personal data categories involved; – recipients or categories of recipients to whom the personal data have been or will be communicated, particularly if recipients of third-party countries or international organisations; – expected storage period of the personal data or criteria used to establish such period; – the right of the data subject to request the data owner to rectify or delete personal data or limit the processing of personal data in relation to his/her person or to object to the processing; – the right to lodge a complaint to a supervisory authority; – all the available information on its origin in case data are not collected from the subject himself/herself; – the existence of an automated decision-making process, including profiling and, at least in such cases, of significant information on the underlying reasoning, together with the importance and the expected consequences of the processing for the data subject.
B – the rectification of incorrect personal data in relation to his/her personwithout undue delay. Considering the purposes of the processing, the subject also has the right to obtain the integration of the incomplete personal data, also providing a supplementary statement;
C – the deletion of personal data in relation to his/her person without undue delay; the controller of the processing is obliged to delete personal data without undue delay if one of the following reasons applies:
– the personal data are no longer necessary for the purposes they had been collected or processed;
– the data subject withdraws his/her consent, on which the processing is based, and if there is no other legal basis for the processing;
– the data subject objects to the processing and there is no prevailing legitimate reason to proceed with the processing;
– the personal data have been unlawfully processed;
– the personal data must be deleted to fulfil a legal obligation provided for by EU or Member State law to which the data owner is subject;
– the personal data have been collected in relation to information society services.
D – the restriction of the processing in one of the following cases:
– the data subject questions the accuracy of his/her personal data for the period the data owner needs to verify the accuracy of such personal data;
– the processing is unlawful and the data subject objects to the deletion of his/her personal data, asking for a restriction instead;
– although the data controller does no longer need them for the purposes of the processing, the personal data are necessary for the data subject to establish, exercise or defend a right in court;
– the data subject objects to the processing waiting for the verification of the possibility that legitimate reasons of the data controller prevail over the ones of the data subject;
– the data subject who obtained the restriction of the processing is informed on the processing by the controller before such restriction is revoked.
3. The data controller notifies each recipient to whom the personal data have been transmitted of possible rectifications, deletions or restrictions of the processing.
4. The data subject has the right to receive in a structured, commonly used and in a format suitable for an automatic device, his/her personal data in relation to his/her person provided to a data controller and has the right to transmit such data to another data controller without hindrance from the data controller he/she provided them to. In the exercise of his/her rights in relation to the portability of the data, the data subject has the right to obtain the direct transmission of the personal data from a data controller to another, where technically possible.
5. The data subject has the right to object:
– at any time, for reasons related to his/her particular situation, to the processing of the personal data in relation to his/her person, including profiling. The controller of the processing abstains from further processing the personal data unless he/she proves the existence of compelling legitimate reasons to proceed with the processing that prevail over the interests, rights and freedom of the data subject or to establish, exercise or defend one of his/her rights in court;
– in case the personal data are processed for direct marketing purposes, including profiling, to the extent that it is linked to such direct marketing;
– in case the data subject objects to the processing for marketing purposes, the personal data will no longer be subject to the processing for such purposes.