Privacy Policy
In compliance with the obligations arising from national legislation (Legislative Decree 30 June 2003, no. 196, Code regarding the protection of personal data, as updated by Legislative Decree 101/2018) and European legislation (European Regulation 2016/679, GDPR) and subsequent amendments, this website respects and protects the privacy of visitors and users, making every possible and proportionate effort not to infringe upon the rights of users. This privacy policy applies exclusively to the online activities of this site and is valid for visitors/users of the site. The purpose of the privacy policy is to provide maximum transparency regarding the information that the site collects and how it is used.Data Collected
This website collects and processes Personal Data, as defined by the GDPR, either independently, through third parties, or voluntarily provided by the user, including:- "Internet Protocol (IP) address; Type of browser and device parameters used to connect to the site; Internet service provider (ISP) name; Date and time of the visit; Referral and exit webpage of the visitor; Possibly the number of clicks. Cookies and Usage Data, collected through automated processes;"
The aforementioned information is processed in an automated form and collected exclusively in an aggregated and pseudonymized manner for the purpose of verifying the correct functioning of the site and for security reasons; these pieces of information will be processed based on the legitimate interests of the data controller. For security purposes (anti-spam filters, firewall, virus detection), automatically recorded data may also include personal data such as the IP address, which could be used, in accordance with applicable laws, to block attempts to damage the site itself or harm other users, or engage in harmful activities or criminal activities. These data are never used for the identification or profiling of the user but only for the protection of the site and its users; this information is processed based on the legitimate interests of the data controller.
- Personal data, such as personal information (in the 'stay in touch' section) ? the latter voluntarily provided by the user and not essential for the functioning of the site.
The potential use of Cookies ? or other tracking tools ? by this Website or by the owners of third-party services used by this Application, unless otherwise specified, is for the purpose of providing the Service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy, to which reference is made. The User assumes responsibility for the Personal Data of third parties obtained, published, or shared through this Application and guarantees that they have the right to communicate or disseminate them, releasing the Owner from any liability towards third parties.
Processing Modalities
The Data Controller adopts appropriate security measures to prevent unauthorized access, disclosure, alteration, or destruction of Personal Data. Processing is carried out using computer and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other parties involved internally or external subjects (such as third-party technical service providers, hosting providers, IT companies, communication agencies) may have access to the Data, appointed as Data Processors by the Data Controller.Location of Processing
The data collected by the website are processed by the Data Controller and are handled only by authorized technical personnel or individuals appointed as external Data Processors in accordance with Article 28 of EU Regulation 2016/679. The server hosting the site is located in Italy. This website may share some of the collected data with services located outside the European Union, always in compliance with the rights and guarantees provided by current regulations, pursuant to Articles 44 and following of EU Regulation 2016/679.Retention Period
Data is processed and stored for the time necessary for the purposes for which it was collected. Personal Data collected for purposes related to the performance of the service requested by the User will be retained until the completion of such service. Regarding any Personal Data collected for purposes based on the User's consent, the Data Controller may retain the Personal Data for a longer period until such consent is revoked. Additionally, the Data Controller may be obligated to retain the Personal Data for a longer period in compliance with a legal obligation or an order from an authority. At the end of the retention period, the Personal Data will be deleted. Therefore, upon expiration of this period, the right to access, delete, rectify, and the right to data portability can no longer be exercised.Purpose of the Processing of Collected Data
User data is collected for the following purposes:- Monitor the infrastructure;
- Contact the User in case of contact requests from them;
Security Measures
This website processes user data in a lawful and proper manner, adopting appropriate security measures to prevent unauthorized access, disclosure, alteration, or unauthorized destruction of data. Processing is carried out using computer and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the owner, in some cases, categories of employees involved in the organization of the site or external subjects (such as third-party technical service providers, hosting providers, IT companies, communication agencies) may have access to the data.User Rights
Regarding the personal data itself, the data subject can exercise the rights provided for in Articles 15 and following of the GDPR, specifically:Right of access (Article 15) ? This consists of obtaining confirmation from the Data Controller as to whether or not personal data concerning the data subject is being processed and, if so, gaining access to the same data and certain information (specified in the cited article) regarding the processed data.
Right to rectification (Article 16) - This gives the data subject the opportunity to modify their data if it is inaccurate.
Right to erasure (Article 17) - The data subject has the right to delete their data held by the controller when, for example, consent is revoked or the pursued purpose is achieved, or when it is unlawful. However, it may not always be possible to comply with a deletion request. This occurs, for example, when the data is needed to fulfill a legal obligation or is necessary for the defense of a right in a judicial proceeding.
Right to object (Article 21) - The possibility to object to the processing must be guaranteed when the legal basis is legitimate interest or the performance of a task carried out in the public interest. However, this right has its limits, as there may be cases where the legitimate interest of the controller prevails over that of the data subject. The key is to strike the right balance, or the processing is necessary for a task of public interest or for the establishment, exercise, or defense of a right in court.
Right to data portability (Article 20) ? This provides that, in the case of processing based on a contract or consent, upon request, the data subject is provided with their personal data in a structured, machine-readable format (JSON, XML, CSV). This right applies only to data provided voluntarily and not to inferred or derived data.
Right to withdrawal (Article 7) - In case of subscription to any form of consent required by the Data Controller, it is noted that the data subject can withdraw it at any time, subject to the mandatory obligations required by current regulations at the time of the withdrawal request, by contacting the Data Controller at the contact details provided, at the address above, or by email, specifying the subject of their request, the right they intend to exercise, and attaching a photocopy of an identity document attesting to the legitimacy of the request. The data subject has the right to lodge a complaint with the competent supervisory authority in the Member State where they habitually reside or work or in the State where the alleged violation occurred. All of the aforementioned rights can be exercised by submitting a specific request to the Data Controller through the contact channels indicated in this notice.