Privacy Policy

Privacy Policy

The Data Controller of Personal Data, as defined below, considers the privacy of its Users of fundamental importance and ensures that the Processing of Personal Data is carried out in compliance with the current privacy legislation, and in particular the European Regulation nr. 2016/679 and the national legislation on the protection of personal data, of D. Lgs. 196/2003 for what is still in force and the relative national regulations of adaptation D. Lgs. 101/2018 on the protection of personal data. To this end, the Data Controller has adopted the following Privacy Policy in order to regulate and inform the Users of the Website of the methods and purposes of Personal Data Processing of the Users.

The User is kindly requested to read this document whenever he connects to the Site, as it may be subject to revision, additions and/or changes, due to regulatory requirements and/or changes and/or additions to the functionality of the Site.

Data Controller of Personal Data:

Ciriga Sicily Glamping – Via Del Gorgo Salato – 9714 Ispica (RG)  

E-mail address of the Data Controller: info@sicily-glamping.it
Type of Data collected

Among the Personal Data collected by the current website, as well as all the landing pages linked to it and/or related (hereinafter for the sake of brevity the “Site”), independently or through third parties, to whose privacy policy, however, please refer, there are: e-mail, personal data of different nature as specified below better, cookies and usage data.

Full details on each type of data collected are provided in the dedicated sections of this privacy policy, or through specific informative texts displayed before the collection of the data.

Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of the Site.

Unless otherwise specified, all Data requested by the Site are mandatory. If you refuse to provide them, you may not be able to provide the Service.

In cases where some Data are indicated as optional, Users are free to refrain from communicating such Data, without this having any consequences on the availability of the Service or its operation.

Users who have doubts about which Data are mandatory, are invited to contact the Data Controller.
Any use of Cookies by the Site or the owners of third party services used by the Site, unless otherwise specified, has the purpose of providing the Service requested by the User, in addition to the additional purposes described in this document and in the Cookie Policy, if available.

The User assumes responsibility for the Personal Data of third parties obtained, published or shared through the Site and guarantees that he has the right to communicate or disseminate them, freeing the Data Controller from any responsibility towards him and third parties.

METHOD AND PLACE OF PROCESSING OF THE DATA COLLECTED

The Data Controller shall take appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.

The Processing is carried out by means of computer and/ or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other parties involved in the organization of the Data Controller and/or in the management of the Site may have access to the Data (by way of example and not exhaustive: administrative, commercial, marketing, legal, system administrators, etc.) or external subjects (By way of example and not exhaustive: accountants, external lawyers, third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies and/or , providers of the address management service and sending e-mail messages, etc.) also appointed, if necessary, Data Processors by the Data Controller. The updated list of Data Processors may always be requested from the Data Controller.

legal basis of the processing

The Data Controller lawfully processes Personal Data relating to the User if one of the following conditions is met:

the Data Subject has consented to the processing of their Personal Data for one or more specific purposes, pursuant to GDPR, art. 6, paragraph 1, point a). Note: In some jurisdictions, the Data Controller may be authorised to process Personal Data without the User’s consent or without another of the legal bases specified below, until the User objects (“opt-out”) to such Processing. However, this does not apply if the Processing of Personal Data is regulated by European legislation on the protection of personal data;
the Processing is necessary for the execution of a contract with the User and/or for the execution of pre-contractual measures, pursuant to art. 6, paragraph 1, letter b) of the cd. GDPR 2016/679;
the Processing of Personal Data is necessary to fulfill a legal obligation to which the Data Controller is subject, pursuant to the GDPR, art. 6, paragraph 1, point c);
the Processing is necessary to safeguard the vital interests of the data subject or another natural person, pursuant to the GDPR, art. 6, paragraph 1, d);
the Processing is necessary for the performance of a task in the public interest or for the exercise of public powers vested in the Data Controller, pursuant to art. 6, paragraph 1, letter e) of the GDPR;
the Processing of Personal Data is necessary for the pursuit of the legitimate interest of the Data Controller or third parties, except where such interests prevail over the interests or fundamental rights and freedoms of the Data Subject who requires the protection of personal data, in particular where the Data Subject is a minor, all under the GDPR, art. 6, paragraph 1, point f).
Pursuant to art. 6 of the GDPR, the Personal Data acquired through the Site without the consent of the Data Subject will be processed by the Data Controller for the management and maintenance of the Site, to allow the use of the Services, to meet the requests of the Users, to enable effective communication with customers, to comply with legal obligations, regulations, community legislation or by orders of the Authorities or otherwise for purposes related to the activities and functions of the Data Controller or finally to prevent or discover fraudulent activities or abuses to the detriment of the Data Controller through the Site.

It is however always possible to ask the Data Controller to clarify the concrete legal basis of each Processing and, in particular, to specify whether the Processing is based on the law, provided for by a contract, or necessary to conclude a contract.

PLACE OF PROCESSING OF PERSONAL DATA

The Data are processed at the legal and/or operational headquarters of the Data Controller and/or at any other place where the parties involved in the Processing are located and/or at the Data Controller Offices and/or at other subjects or computer systems/servers of other specially designated subjects as Responsible (external) of the Treatment

For further information, the User is invited to contact the Data Controller.

Your Personal Data may be transferred to a country other than the country where you are located. For further information on the place of processing, the User can consult the relevant section of this information.

The User has the right to obtain information about the legal basis of the transfer of Data outside the European Union or to an international public law organization or constituted by two or more countries (such as the UN)as well as the security measures taken by the Data Controller to protect the Data. If one of the above-described transfers takes place, the User may refer to the respective sections of this document or request information from the Data Controller (as specified in the section “CONTACT INFORMATION”).

storage period

The Data are processed and stored for the time required by the purposes for which they were collected.

The User can obtain further information about the retention period of the individual Personal Data processed by contacting the Data Controller (as specified in the section “CONTACT INFORMATION”).

At the end of the retention period, Personal Data will be deleted. Therefore, upon expiry of this period, the right of access, cancellation, rectification and the right to data portability, opposition and limitation to the processing of data can no longer be exercised.

PURPOSE OF THE PROCESSING OF THE COLLECTED DATA

The User’s Data are collected to allow the Data Controller to provide its Services, as well as for the following purposes:

contact the user
statistic
Viewing content from external / third-party platforms
Managing contacts and sending messages and/or newsletters
Interaction with external data collection platforms and other third parties
Targeting comportamentale e remarketing
Interaction with online quiz platforms
registration and authentication
platform services
To obtain further detailed information on the purposes of the Processing and the Personal Data concretely relevant for each purpose, the User can refer to the following section of this document.

DETAILS OF THE PROCESSING OF PERSONAL DATA

To verify the Processing of Personal Data according to the purposes pursued, the User can consult the appropriate section below.

Contact the User:
In order to contact the User, the Data Controller may use the Personal Data collected through the following means:

– Contact form; Mailing list or sending of newsletters (if the User has subscribed to the relevant service).

Personal data: name; surname; e-mail address, telephone number, gender, date of birth, Data concerning the skin, Data on products purchased/ for which the User is interested, Cookies, Usage Data, other types of Data.

The Google invisible recaptcha service is active for the contact form (see the specific section below).

statistic
The services contained in this section allow the Data Controller to monitor and analyze traffic data and serve to keep track of the User’s behavior.

These objectives are pursued by means of the following instruments:

-Google Analytics with anonymized IP;

Google Analytics is a web analytics service provided by Google for statistical purposes to understand how visitors interact with the Site, compile reports and share them with other services developed by Google. Google Analytics may use a set of cookies to collect information and generate statistics on the use of the Site, without providing personal information about individual visitors to Google. The User’s IP address is anonymized. Anonymization works by shortening the IP address of Users within the borders of the Member States of the European Union or in other countries that are parties to the Agreement on the European Economic Area. Only in exceptional cases, the IP address will be sent to Google’s servers and shortened within the United States.

However, please note that data may also be processed outside the EEA.

Please also note that as of July 16, 2020, Google no longer bases User Personal Data Processing on the EU-U.S. Privacy Shield (EU-US Privacy Shield) to transfer data from the European Economic Area and the UK to the US; from September 30, 2020, more precisely, Google has updated its legislation on the Processing of Personal Data and uses standard contractual clauses approved by the European Commission and based on the adequacy decisions of the European Commission itself on some countries, as appropriate, for data transfers from the EEA to the United States and other countries.

As for the use of cookies by Google Analytics, we invite the User, in any case, to carefully consult the relevant privacy policy and cookie policy, as well as the paragraph of this Cookie Policy “How can I give or withdraw consent to the installation of Cookies?” via your browser settings and the Privacy Shield section of this Policy.

Google Tag Manager
This Site uses Google Tag Manager. Google Tag Manager is a solution managed by Google LLC that allows you to manage the tags of managed websites using a special interface.

Google Tag Manager is a tag management system for managing JavaScript and HTML tags used for monitoring and analysis on websites. Tags are small elements of code that, among other things, are used to measure visitor traffic and behavior, to understand the effect of online advertising and social channels, to set up remarketing and targeting and to test and optimize websites.

The same Tag Manager tool (which implements tags) is a domain without cookies and does not record Personal Data. This tool allows the activation of other tags that can, for their part, record Data in certain circumstances.

For more information on the privacy policy of Google Tag Manager please consult the following link https://policies.google.com/privacy?hl=en while for the terms of use https///www.google.com/analytics/tag-manager/use -policy/ and for Google Tag Manager privacy responses https:///support.google.com/tagmanager/answer/7207086 .

Personal Data: Usage Data; other type of Data.

Viewing content from external / third-party platforms
This type of service allows you to view content hosted on external platforms directly from the pages of the Site and interact with them.

In the event that a service of this type is installed, it is possible that, even in case of lack of use in practice, the same collects traffic data related to the pages where it is installed.

These aims are pursued through:

Facebook, Facebook Widget;
On the Site there are redirection or sharing buttons to the social Facebook platform, and to the individual social network pages linked to the Data Controller.

Facebook shares information globally, both internally with Facebook companies and externally with its partners and with the people with whom you connect and share content around the world. Information controlled by Facebook may be transferred or transmitted or stored and processed in the United States or other countries outside the EEA.

As stated in the relevant policy, Facebook may use cookies to display ads and make suggestions for companies and other organizations to people who may be interested in their products, services or causes promoted, to measure the performance of advertising campaigns of companies using Facebook products, to show and measure advertisements in different browsers and devices used by the same person, to provide statistical data on people using Facebook products, people who interact with advertisers’ ads, websites and apps, and companies that use Facebook products, and to enable the functionality that allows Facebook to deliver its products.

In addition, visiting the Site may install the Facebook Pixel cookie that allows the Data Controller to monitor the conversions that occur on the Site as a result of the advertisements it is performing on Facebook.

The information collected through cookies may be shared with organizations outside Facebook, such as advertisers and/ or networks of advertisers for the publication of ads and for measuring the effectiveness of advertising campaigns.

Please also note that as of July 16, 2020, Facebook no longer bases User Personal Data Processing on the EU-U.S. Privacy Shield (EU-US Privacy Shield) to transfer data from the European Economic Area and the UK to the US; but uses standard contractual clauses approved by the European Commission and based on the adequacy decisions of the European Commission regarding certain countries, as appropriate, for data transfers from the EEA to the US and other countries.

In relation to the Privacy Shield, the User is referred to the relevant paragraph in the cookie policy.

In this case the following Personal Data are processed: Cookies; Usage Data; other types of Data.

For more information on the installation and use of cookies by Facebook, please carefully view the cookie policy. Finally, please read carefully the privacy policy of the service to obtain detailed information about the collection and transfer of Personal Data, your rights and how to configure your privacy settings to your satisfaction.

Instagram, Instagram Widget
On the Site there are redirection or sharing buttons to the Instagram social platform, owned by Facebook and the individual pages of the social network traceable to the Data Controller.

Facebook/Instagram shares information globally, both internally with Facebook/Instagram companies and externally with partners and people with whom you connect.

Based on the relevant policies, Instagram uses cookies, pixels, local storage technologies and other similar technologies to show the User relevant content to offer the service and for reasons related to its use, as well as to collect information about your use of Instagram. Instagram may also use these technologies to remember your choices (e.g. your user name, language, or geographic area) and customize the Service to provide better features and content. Instagram and its advertising partners may use these technologies to show you ads that are relevant to your interests. These technologies store your device visits and may also be able to track your device’s browsing activities on sites and services other than Instagram. This information may be shared with organizations outside of Instagram, such as advertisers and/or networks of advertisers for advertising and for measuring the effectiveness of advertising campaigns.

Information controlled by Facebook/Instagram may be transferred and/or transmitted and/or stored and/or processed in the United States or other countries outside your country of residence or outside the EEA for the purposes described in the legislation referred to in following links: Facebook Terms; Instagram Terms .

Please also note that as of July 16, 2020, Facebook/Instagram no longer bases User Personal Data Processing on the EU-U.S. Privacy Shield (EU-US Privacy Shield) to transfer data from the European Economic Area and the UK to the US; but uses standard contractual clauses approved by the European Commission and based on the adequacy decisions of the European Commission regarding certain countries, as appropriate, for data transfers from the EEA to the US and other countries.

In relation to the Privacy Shield, the User is referred to the relevant paragraph in the Cookie Policy.

In this case the following Personal Data are processed: Cookies; Usage Data; other types of Data.

With regard to the management of cookies installed by Instagram and their deactivation methods, we invite the User to consult carefully, in addition to the relative privacy policy of the service, also the cookie policy, for detailed information about the collection and transfer of Personal Data, your rights and how to configure your privacy settings to your satisfaction.

With regard to the terms of use of the Instagram service, the User is invited to consult these conditions.

Google Maps
Google Maps is a map display service operated by Google LLC or Google Ireland Limited, depending on the location where the Site is displayed, which allows the Site to integrate such content within its pages.

Personal Data: Cookies; Usage data; other types of Data.

In relation to the methods of processing personal data and the place of processing, the User is invited to consult carefully the relevant Privacy Policy.

Data may be processed outside the EEA.

Please also note that as of July 16, 2020, Google no longer bases User Personal Data Processing on the EU-U.S. Privacy Shield (EU-US Privacy Shield) to transfer data from the European Economic Area and the UK to the US; from September 30, 2020, more precisely, Google has updated its legislation on the Processing of Personal Data and uses standard contractual clauses approved by the European Commission and based on the adequacy decisions of the European Commission itself on some countries, as appropriate, for data transfers from the EEA to the United States and other countries.

As for the use of cookies by Google Analytics, we invite the User, in any case, to carefully consult the relevant privacy policy and cookie policy, as well as the paragraph of this Cookie Policy “How can I give or withdraw consent to the installation of Cookies?” via your browser settings and the Privacy Shield section of this Policy.

Managing contacts and sending messages and/or newsletters
This type of service allows you to manage a database of email contacts, telephone contacts or contacts of any other type, used to communicate with the User.

These services may also allow the collection of data relating to the date and time of display of messages by the User, as well as the interaction of the User with them (e.g. the detection of the use of links inserted in messages).

This objective is pursued by means of the following instrument:

MailChimp
For the purpose of sending the newsletter, this Website uses the third-party mailchimp service, which analyses and classifies requests through the contact form on the Site (see: https://mailchimp.com/legal/data-processing-addendum/) Mailchimp is a software company based in the United States that provides in particular tools for social media marketing, content management, web data analysis, landing pages, customer support and search engine optimization.

Therefore, by filling in the relevant form and giving the relative consents, the e-mail address of the User is automatically inserted in a contact list (managed through Mailchimp) to which e-mails containing a periodic newsletter on the initiatives and activities of the Data Controller may be sent, including, without limitation, any awareness campaigns and/ or fundraising and/ or marketing and/ or any extraordinary newsletter for general or urgent information, including commercial and promotional.

By accepting this Privacy Policy, the User expressly consents to the Data Controller communicating and/or transferring such data to the e-mail address management service.

If you do not want mailchimp to process your Data, we recommend that you contact us in another way (e.g. by email) instead of using the contact form.

OPT-OUT: If the User does not want that . collects your Data, the User can prevent the storage of Cookies at any time using the settings of your browser.

In addition to what is stated in this section of the Privacy Policy, please refer to the mailchimp privacy and cookie policy and these links: https://mailchimp.com/legal/.

The User is informed that the Data thus collected may be used by the Data Controller also for profiling purposes (direct marketing) in order to suggest to the User the products most appropriate to his interests.

Personal Data: name and surname, e-mail address, telephone number, gender, date of birth, Skin Data, Data on products purchased/ to which the User is interested, Cookies; Usage Data; other types of Data.

Interaction with data collection platforms and other third parties
This type of service allows Users to interact with data collection platforms or other services directly from the pages of the Site in order to save and reuse data.

If one of these services is installed, it is possible that, even if the Users do not use the service, the same collects Usage Data related to the pages where it is installed.

Tools:

Google invisible reCaptcha
reCAPTCHA is a free captcha service from Google that protects websites from spam software and misuse by non-human visitors. This service is most used when filling out contact forms to ensure that specific internet actions are performed by humans and not bots. Classic captchas work with small tasks that are easy for humans to solve, but provide significant difficulties for machines. With reCAPTCHA, the User no longer has to actively solve puzzles. The tool uses modern risk techniques to distinguish people from bots. The only thing the User must do is tick the text field “I am not a robot”. However, with Invisible reCAPTCHA this is also no longer necessary. reCAPTCHA, integrates a JavaScript element in the source text, after which the tool runs in the background and analyzes the behavior of the User. The software calculates a so-called captcha score from the User’s actions. Google uses this score to calculate the probability that the User is a human before entering the captcha. reCAPTCHA e Captcha in generale vengono utilizzati ogni volta che i bot possono manipolare o abusare di determinate azioni (come registrazioni, indagini, ecc.).

By using reCAPTCHA, data is transmitted to Google to determine whether the User is truly human. reCAPTCHA therefore guarantees the security of our website and, consequently, of the User.

IP addresses and other data needed by Google for its reCAPTCHA service can be sent to Google, whose servers may be located in the USA.

First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed in the User’s browser. Then reCAPTCHA sets an additional cookie in your browser and takes a snapshot of the browser window.

The IP address that your browser transmits to Google is generally not combined with other Google data from other company services.

However, the data will be merged if you are logged into your Google account while using the reCAPTCHA plug-in.

If you wish to prevent your data and behavior from being transmitted to Google, you must completely disconnect from Google and delete all Google cookies before visiting our website or using reCAPTCHA software. Typically, data is automatically sent to Google as soon as you visit our website. To delete this data, you must contact Google Support at https://support.google.com/? hl=en-GB&tid=111401120 .

If you use our website, you agree that Google LLC and its representatives will automatically collect, modify and use the data.

You can find more information about reCAPTCHA on the Google developer page at https://developers.google.com/recaptcha/.

For more information, please read the Privacy Policy and the Google Terms of Service carefully.

Personal Data: Cookies; Usage Data; other types of Data.,

Google Tag Manager
This Site uses Google Tag Manager. Google Tag Manager is a solution managed by Google LLC that allows you to manage the tags of managed websites using a special interface.

Google Tag Manager is a tag management system for managing JavaScript and HTML tags used for monitoring and analysis on websites. Tags are small elements of code that, among other things, are used to measure visitor traffic and behavior, to understand the effect of online advertising and social channels, to set up remarketing and targeting and to test and optimize websites.

The same Tag Manager tool (which implements tags) is a domain without cookies and does not record Personal Data. This tool allows the activation of other tags that can, for their part, record Data in certain circumstances.

For more information on the privacy policy of Google Tag Manager please consult the following link https://policies.google.com/privacy?hl=en while for the terms of use https///www.google.com/analytics/tag-manager/use -policy/ and for Google Tag Manager privacy responses https:///support.google.com/tagmanager/answer/7207086 .

Personal Data: Usage Data; other type of Data.

Targeting comportamentale e remarketing
This type of service allows this Site and its partners to inform, optimize and arrange advertisements based on the past use of this Site by the User.

This activity is facilitated by tracking Usage Data and using trackers to collect information that is then transferred to partners who manage remarketing and behavioral targeting activity.

Some services offer a remarketing option based on email address lists.

Facebook e Instagram Remarketing
Facebook (e Instagram) remarketing is a service of remarketing and Behavioral targeting provided by Facebook Inc.

With the help of Facebook pixel (or equivalent functions to transfer event data or contact information via interfaces or other software in apps) Facebook (/Instagram) is able to frame visitors to this Website online services as a target for the presentation of advertisements.

Therefore, this Site uses the remarketing function “Custom Audiences” of Facebook Inc.: this allows Users of the Site to display interest-based advertisements (“Facebook Ads” or “Instagram Ads”) when they browse social networks Facebook or Instagram or other websites that use this process. This shows the ads that interest the User in order to make the online offers more interesting for him/her.

The use of Custom Audience makes the User’s browser automatically establish a direct connection to the Facebook/Instagram server.

The collected Data is processed by Facebook Inc. in the United States.

This Site has no power over the extent of the Data collected and the further use of the aforementioned Data by Facebook Inc.: please read carefully the relevant Facebook Privacy Policy and the Instagram Privacy Policy.

You can learn more about Facebook behavioural advertising by visiting this page: https:///www.facebook.com/help/164968693837950

To disable interest-based Facebook ads, please follow these instructions: https:///www.facebook.com/help/568137493302217

Facebook adheres to the Principles of self-regulation for online behavioural advertising established by the Digital Advertising Alliance. To opt-out from Facebook and other participating companies via the Digital Advertising Alliance in the United States http://www.aboutads.info/choices/ , the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http:///www.youronlinechoices.eu/ , or disable it using your mobile device settings.

Is deactivation of the “Facebook Custom Audiences” function available to users logged in to https://www.facebook.com/settings/? tab=ads# .

Personal Data: Usage data; e-mail, Cookies, other types of Data.

registration and authentication
Tools:

-WordPress.com

To register for the reserved area and to authenticate when accessing, this Site uses the WordPress platform. For more information on the processing of Data by WordPress, we invite you to read the privacy policy.

Personal data: various types of Data.

platform services
The Site was created using the WordPress.com platform.

Si invita l’Utente a visionare la relativa privacy policy.

Personal Data: various types of Data.

PRIVACY SHIELD

The Privacy Shield, or the “privacy shield” between the EU and the USA, is a self-certification mechanism for companies established in the USA that intend to receive Personal Data from the European Union. It was also considered appropriate by the European Commission in 2016.

In particular, the companies undertake to respect the principles contained in it and to provide data subjects (i.e. all subjects whose Personal Data have been transferred from the European Union) with adequate safeguards, Otherwise, the Federal Trade Commission (Federal Trade Commission) may remove the Federal Trade Commission (“Privacy Shield List”) from the list of certified companies.

However, by Decision 2016/1250 of 16 July 2020 on the adequacy of the protection offered by the EU-US Privacy Shield regime – cd. “Schrems II judgment”, the Court of Justice of the European Union (CJEU) has however that the Privacy Shield does not offer an adequate level of protection of Personal Data transferred by the EU to a company established in the United States.

With the same sentence, the European Court of Justice has instead confirmed the decision 2010/87, judging valid the contractual clauses model for the transfer of personal data from the EU to a non-EU State.

The User is invited to consult the FAQ relating to the Schrems II judgment and its effects prepared by the European Data Protection Committee (EDPB), the www.privacyshield.gov website and the Italian Privacy Supervisor’s website to better understand the issue.

communication and transfer of data

The Data Controller specifies that the utmost care and confidentiality in the Data Processing is one of its fundamental values.

Your Data may be disclosed to third parties.

The Data Controller may use, to the extent necessary to provide the services, Data Processors and service providers such as, for example, authentication, hosting and maintenance services, data analysis services, messaging and-mail, delivery services, payment transaction management, solvency, address and email control.

Some of the Data Processors/service providers mentioned in the previous sections are located outside the European Union (EU)/European Economic Area (EEA). In any case, your Personal Data will be shared with countries outside the EU/EEA, provided that:

the country concerned is considered a safe third country;
the Data Controller/provider of the service in question has signed standard contracts of the European Commission relating to the transfer of Personal Data to third countries;
the Data Controller/provider of the service in question is certified according to art. 40 del GDPR o
the Data Controller/provider of the service in question has a set of approved binding business rules.
It is possible that the User’s Personal Data is disclosed or shared in order to comply with a legal obligation or the indications of a Court/Judicial Authority or any other competent body or in order to enforce or apply the Site’s Privacy Policy and/or other agreements or to protect the rights or security of the Data Controller, Data Processors, service providers and/or other third parties or for the protection against fraud or the reduction of credit risk.

It is also possible that the User’s Personal Data, and in particular the email, are communicated or shared with companies and/ or third parties with whom the Controller cooperates and/ or has concluded agreements if the Users have subscribed to the newsletter, expressly consenting with cd mode. “point and click” upon the transfer of said Data to third parties and/or companies for the purposes indicated in the relevant consent, including marketing purposes also through profiling.

user rights

The User can exercise, with reference to the Data processed by the Data Controller, the following rights:

right to withdraw consent at any time. The User may revoke the consent previously expressed to the processing of their Personal Data (see GDPR, art. 7);
right of access. The User has the right to obtain from the Data Controller the confirmation that a Personal Data concerning him is being processed or not and, in this case, to access his Personal Data and receive all the information about them (including the purposes of the processing)as well as a copy of the aforementioned Data (see GDPR, art. 15);
right to rectification of your Personal Data. The User has the right to obtain from the Data Controller the correction of inaccurate Personal Data concerning him without undue delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete Personal Data, including by providing a supplementary declaration (see GDPR, art. 16);
right to erasure (“right to be forgotten”). The User has the right to obtain from the Data Controller the cancellation of the Personal Data concerning him without undue delay in such cases: if the Personal Data are no longer necessary or the User revokes the consent on which the processing is based and there is no other legal basis for the processing or if the User opposes the processing or the Personal Data have been processed unlawfully or if they must be deleted for fulfilling a legal obligation under Union or Member State law to which the Data Controller is subject or if the Personal Data has been collected in connection with the provision of information society services (see GDPR, Art. 17);
right to restriction of processing. The User has the right to obtain from the Data Controller the limitation of the same processing in the following cases: if the accuracy of the Personal Data is disputed by the User or if the processing is illegal and the interested party opposes the cancellation of the Personal Data and asks for the limitation of their use or if the User who opposed the processing is waiting for verification on the subject the possible prevalence of the legitimate reasons of the Owner compared to those of the User (see GDPR, Art. 18);
the right to data portability. The User has the right to receive the Personal Data concerning him, which he has provided to the Data Controller, in a structured format, of common use and readable by automatic device and has the right to transmit such data to another data controller without impediment of the Data Controller to whom the personal data have been provided (see GDPR, art. 20);
right to object to the processing of Personal Data. The User may object at any time to the processing of personal data concerning him (when carried out on a legal basis other than consent). In particular, if the Personal Data are processed for direct marketing purposes, the User has the right to object at any time to the processing of personal data concerning him carried out for such purposes, including profiling to the extent it is related to such direct marketing (see GDPR, Art. 21);
right to lodge a complaint with the competent supervisory authority. The User may lodge a complaint with the competent data protection supervisory authority (in Italy: www.garanteprivacy.it) and before the competent courts of the Member States (see GDPR, art. 77 et seq.).
how to exercise the rights

To exercise their rights as indicated above, Users, without payment of any charge or consideration (except as provided for in art. 12 paragraph 5 of the GDPR), may address a request to the contact details of the Data Controller in the “CONTACTS” section:

Cookie Policy

The Site makes use of Cookies. To learn more and to read the detailed information, the User can consult the Cookie Policy.

Further information on the treatment

defense in court

The User’s Personal Data may be used by the Data Controller in court or in the preparatory phases to its possible establishment for the defense against abuse in the use of the Site or the Services connected by the User.

The User declares to be aware that the Data Controller may be obliged to disclose / communicate the Data by order of public authorities.

specific information

At your request, in addition to the information contained in this Privacy Policy, the Site may provide additional and contextual information regarding specific Services or the collection and processing of Personal Data.

Log of system and maintenance

Due to operational and maintenance needs, the Site and any third party services used by it may collect system logs, ie files that record interactions and may also contain Personal Data, such as the User IP address.

Information not contained in this Privacy Policy

Further information in relation to the Processing of Personal Data may be requested at any time to the Data Controller as specified in the section “CONTACT INFORMATION”.

changes to this privacy policy

The Data Controller reserves the right to modify or update this Privacy Policy at any time.

The User is invited to consult this page regularly to ensure that they always know the latest version of this Privacy Policy (see “Date last updated” at the end of this page). If the changes concern the processing of Personal Data whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.

DEFINITIONS AND LEGAL REFERENCES

“Cookie” o “Cookies”

Small/and portion/s of data stored within the User’s device.

“Personal Data” or “Data” or “Personal Data” or “Data”

Any information relating to a Data Subject.

“Sensitive and/or particular data”

Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or union membership, as well as processing genetic data, biometric data intended to uniquely identify a natural person, data relating to the health or sex life or sexual orientation of the person.

“Data of Use”

This information is automatically collected through the Site and/or by third-party applications integrated into the Site, including: the IP addresses or domain names of computers used by the User connecting with the Site, addresses in URI notation (Uniform Resource Identifier), the time of the request, the method used to forward the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response from the server (good end, error, etc.) the country of origin, the characteristics of the browser and the operating system used by the visitor, the various temporal connotations of the visit (such as the length of stay on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, the parameters related to the operating system and the IT environment of the User.

“Interested” or “Interested”

The identified or identifiable natural person to whom the Personal Data refers. An identifiable natural person who may be identified, directly or indirectly, with particular reference to an identifier such as name, identification number, location data, an online identifier or one or more elements characteristic of its physical, physiological, genetic, psychological, economic, cultural or social identity.

“Customer profiling”

Any form of automated processing of Personal Data consisting in the use of such Personal Data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects of professional performance, the economic situation, health, personal preferences, interests, reliability, behaviour, location or movement of that natural person.

“Service”

The service/services provided/s by the Site as defined/i in its terms (if any) on this site/application.

“Data Controller” or “Data Controller”

The natural or legal person, the public authority, the service or other body that, individually or together with others, determines the purposes and means of processing Personal Data; where the purposes and means of such processing are determined by Union or Member State law, the Controller or the specific criteria applicable to its designation may be determined by Union or Member State law. The Data Controller, as best identified above, unless otherwise specified, is the owner of the Site.

“Processing” or “Data Processing”

Any operation or set of operations, performed with or without the aid of automated processes and applied to Personal Data or sets of Personal Data, such as the collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction..

“European Union” or “EU”

Unless otherwise specified, any reference to the European Union contained in this document shall be deemed to extend to all current member states of the European Union and of the European Economic Area (cd. EEA).

“User” or “Users”

The individual or individuals who uses/does not use the Site and who, unless otherwise specified, coincide/are with the Data Subject.

legal references

This privacy policy is drawn up on the basis of current legislation on the subject, and in particular by the provisions of art. 13 and 14 of Regulation (EU) 2016/679 (cd. GDPR), from the relative regulations of adaptation D. Lgs. 101/2018, and within the limits of what is still applicable by D. Lgs. 196/2003.

Last updated: April 6, 2024.

Scroll to Top