Collected data processing method and place
The Data Controller uses appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data. Processing is carried out using IT and/or telematic tools, with organisational methods and logic strictly related to the indicated purposes. In addition to the Data Controller, in some cases, other parties involved in the organisation of this Application (administrative, commercial, marketing, legal, system administrators) or external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Controller. The updated list of Data Processors may always be requested from the Data Controller.
Legal basis for data processing
The Controller processes Personal Data relating to the User if one of the following conditions exists:
the User has given consent for one or more specific purposes (Note: in some legal systems, the Data Controller may be authorised to process Personal Data without the User’s consent or without the existence of another legal basis specified below, as long as the User does not object – so-called “opt-out” “- to such processing. However, this is not applicable if the processing of Personal Data is regulated by European legislation on the protection of Personal Data)
processing is necessary for the execution of a contract with the User and/or for the execution of pre-contractual measures
processing is necessary to fulfil a legal obligation of the Controller
processing is necessary for the performance of a task of public interest or to exercise public powers vested in the Data Controller
processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties
It is, in any case, always possible to ask the Controller to clarify the concrete legal basis of processing and in particular to specify whether processing is based on the law, established by contract or necessary to conclude a contract.
The Data is processed at the Data Controller’s operating offices and in any other place where the parties involved in processing are located. For further information contact the Controller. The User’s Personal Data may be transferred to a country other than the one where the User is located. To obtain further information on the place where processing is conducted, the User can read the section on the details of Personal Data processing. The User has the right to obtain information regarding the legal basis of the transfer of Data to outside the European Union or to an international organisation of public international law or represented by two or more countries, such as the UN, as well as regarding the security measures adopted by the Data Controller to protect the Data. The User can verify whether one of the data transfers described above takes place by reading the section of this document concerning the details on Personal Data processing or by requesting information from the Data Controller by contacting them at the numbers provided at the top.
The Data is processed and stored for the amount of time required for the purposes it was collected for. Accordingly:
The Personal Data collected for purposes related to the execution of a contract between the Controller and the User will be retained until the execution of this contract is completed.
The Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is fulfilled. The User can obtain further information on the legitimate interest pursued by the Controller in the relative sections of this document or by contacting the Controller.
When processing is based on User consent, the Controller may keep the Personal Data for longer until such consent is withdrawn. Furthermore, the Data Controller may be obligated to retain the Personal Data for a longer period in order to comply with a legal obligation or by order of an authority. At the end of the retention period, the Personal Data will be deleted. Therefore, when such a term lapses, the right to access, cancellation, rectification and portability of the Data can no longer be exercised.
Users can exercise certain rights with reference to Data processed by the Controller. The User in particular, has the right to:
Withdraw consent at any time The User can withdraw previously expressed consent to the processing of his/her Personal Data.
Refuse the processing of his/her Data The User may object to the processing of his/her Data when it takes place on a legal basis other than consent. Further details on the right to object are indicated in the section below.
Access to his/her Data The User has the right to obtain information on the Data processed by the Controller, on certain aspects of processing and to receive a copy of the processed Data.
Check and ask for his/her Data to be corrected The User can verify the correctness of his/her Data and request it to be updated or corrected.
Obtain the limitation of the data processing When certain conditions are met, the User can request the limitation of the processing of his/her Data. In this case the Controller will not process the Data for any other purpose than retention.
Obtain the deletion or removal of his/her Personal Data When certain conditions are met, the User can ask the Controller to delete his/her Data.
Receive his/her Data or have it transferred to another controller The User has the right to receive his/her Data in a structured format that is commonly used and readable by an automatic device and, where technically feasible, to obtain its unobstructed transfer to another controller. This provision is applicable when the Data is processed by automated tools and processing is based on the consent of the User, on a contract that the User is a party of or on contractual measures connected to it.
Submit complaints The User can submit a complaint to the competent personal data protection supervisory authority or take it to court.
Details on the right to object
When Personal Data is processed in the public interest, in exercising public authority that the Data Controller is vested in or to pursue a legitimate interest of the Data Controller, Users have the right to object to processing for reasons connected to their particular situation. Users are reminded that, if their Data is processed for direct marketing purposes, they may oppose processing without providing any reasons. To find out if the Data Controller is processing data for direct marketing purposes, Users can read the respective sections of this document.
How to exercise rights
To exercise User rights, Users can address a request to the Controller’s contact details given in this document. Requests are filed free of charge and processed by the Data Controller as soon as possible, at most within one month.
Specific information notices
Defence in court
The User’s Personal Data may be used by the Controller in court or in the preparatory stages of their examination, for their defence against abuse in the use of this Application or of the connected Services by the User. The User declares to be aware that the Owner may be required to disclose the Data by order of the public authorities.
Specific information notices
Managing email addresses and the sending of emails
System and maintenance log
For needs related to operation and maintenance, this Application and any third-party services that it uses may collect system logs, i.e. files that record the interactions and that may also contain the User’s personal technical data.
Reply to “Do Not Track” requests
“Do Not Track” requests are actions that the User can take to prohibit the automatic collection of his/her own Data. This Application supports “Do Not Track” requests.
To find out if any third-party services support them, the User is invited to consult the respective Privacy Policies. The User’s navigation data is collected through the Google Analytics service (of Google Inc.): this service accepts “Do Not Track” requests through the installation of the following additional component for browser.
Information not contained in this policy
Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.
Legal definitions and references
The hardware or software tool through which User Personal Data is collected and processed.
This is the information collected automatically through this Application (also by third-party applications integrated into this Application), including: IP addresses or domain names of the computers used by the User to connect with this Application, addresses in URI notation (Uniform Resource Identifier), the time of the request, the method used to forward the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response from the server (successful, error, etc.) the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (for example the amount of time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of the consulted pages, to the parameters relating to the operating system and to the User’s IT environment.
Personal Data (or Data)
Personal Data is any information that, directly or indirectly, even in connection with any other information, including a personal identification number, either identifies an individual or makes him/her identifiable.
The interested party
The physical person that the Personal Data refers to.
Data Processor (or Processor)
The Service provided by this Application as defined in the relative terms (if any) on this site/application.
Data Controller (or Controller)
The natural or legal person, public authority, service or other body which, individually or together with others, determines the personal data processing purposes and methods and what instruments are adopted, including what security measures relative to the function and use of this Application. The Data Controller, unless otherwise specified, is the owner of this Application.
European Union (or EU)
Unless specified otherwise, any reference to the European Union contained in this document is intended as extended to all current member states of the European Union and the European Economic Area.
The individual who uses this Application which, unless specified otherwise, is also the interested party.
Cookies are short text files that are downloaded to the User’s device when visiting a Website. At each visit thereafter, cookies are sent back to the website that originated them (first-party cookies) or to another Application that recognises them (third-party cookies).
make it possible to show the most interesting advertising content for the individual users
The essential cookies cannot be disabled using the functions of this Application.
In general, cookies can be disabled through the settings on one’s browser.
Based on the function and purposes of use, cookies are divided into:
Technical cookies are the ones that require User consent.
Of all the technical cookies, we highlight the essential cookies, also called “strictly necessary” cookies, which enable functions, without which it would not be possible to make full use of this Application. These cookies are used exclusively by this Application and are therefore first-party cookies. They are only saved on the user’s device during the current session. Technical cookies are also those used to statistically analyse accesses or visits, which exclusively pursue statistical purposes and collect information in aggregate form (without the possibility of tracing the identification of the individual user).
Profiling cookies pursue the purpose of analysing User behaviour for marketing purposes.
Enabling them requires the User’s prior informed consent, which this Application can acquire exclusively through the specific banner that appears on the first visit. Consent can be withdrawn at any time by flagging the relative check box. Denying consent to the use of profiling cookies does not interfere with the possibility of using this Application, other than blocking access to the functions or contents that use these cookies.
Third-party cookies guarantee interaction with third-party Applications and can be both technical and profiling.
The characteristics of the management of the collected information are available in the individual Third-Party Application Policies. If the User decides not to grant authorisation for the use of third-party cookies, it will only be possible to use the functions of the Website that do not require these cookies.
To deny consent to the use of one or more cookies, the User is invited to follow the disabling procedure provided by the main browsers: