(art. 13 EU Regulation 2016/679)

This Policy is valid for the website where it is hosted pursuant to art. 13 of EU Regulation 2016/679 (General Data Protection Regulation; hereinafter “GDPR”) and concerns the processing of personal data of the data subject carried out by the Professional in the exercise of his professional activity.

  1. Data Controller 1.

The holder of the personal data processing is:

Farruggio Lucia

  1. Purpose

Personal data are collected and processed, both manually and through electronic systems, by the Data Controller and by personnel appointed for the following purposes: execution of the contract, pre-contractual measures and/or requests by the data subject; all in full compliance with the security and confidentiality regulations in force.

  1. Legal basis

The legal basis for the processing, as the case may be, is at least one of the following: performance of the contract with the data subject and/or pre-contractual measures; pursuit of a legitimate interest of the data controller or third parties, provided that interests and rights do not prevail; fulfilment of legal and regulatory obligations or any orders from the Authorities; exercise and/or defence of a right in the competent courts.

  1. Provision of data.

The interested party may also contact the Data Controller using the appropriate online form and/or by sending an email directly. In this case, the interested party voluntarily provides his/her data to the Owner, including his/her email address, in order to submit questions and/or be contacted.

The provision of personal data in relation to the execution of the contractual relationship and / or requests of the person concerned is mandatory; refusal to do so will make it impossible to fulfill the requested services.

  1. Methods of treatment

Personal data are processed with automated and non-automated tools, for the time strictly necessary to achieve the purposes for which they were collected. Personal data are not transferred to third parties. No data is disclosed.

The data processing takes place at the Data Controller’s office. The emails received by the User are also saved in hosting on ARUBA servers in Italy. The Professional may use cloud services from well-known providers (e.g. Google, Dropbox, Onedrive) that involve a transfer of data to the USA, authorised by the adequacy assessment of the European Commission and the guarantees provided by the so-called Privacy Shield.

The data stored on paper supports are stored in special registers and/or cards, which are stored in special containers, kept at the Owner’s premises. Adequate security measures are adopted against the risk of intrusion and unauthorised access, suitable to guarantee the integrity, availability and confidentiality of the data, as well as the protection of areas and premises relevant to their custody and accessibility.

 

  1. Communication of data and categories of recipients

Personal data may be communicated to subjects (so-called “recipients”) for the purposes determined by the legal basis applicable from time to time.

In particular, personal data may be communicated to the following categories of subjects, all with registered offices within the European Union:

– subjects that provide services and assistance to the Data Controller in managing relations with the parties concerned (management of orders, payments, invoicing, shipping, site maintenance): necessary for the execution of the contract (contractual obligation; legitimate interest);

– persons, companies, associations, professional firms providing assistance and consultancy services in favour of the Owner (legal obligations and exercise or defence of a right);

– suppliers of the Owner: necessary for the execution of the contract (contractual obligation; legitimate interest);

– colleagues, domiciliaries, consultants and other professionals, in relation to the execution of the professional assignments received (contractual obligation; legitimate interest);

 

  1. Treatment logic and storage time

The data are processed with logic related to the above mentioned purpose, so as to ensure the security and confidentiality of the data.

The data are stored at the headquarters of the Data Controller for a period of time not exceeding that necessary for the purposes for which they were collected and subsequently processed. In particular:

– in relation to the purpose of managing contractual relations with the data subject: for the entire duration of the contract;

– in relation to the fulfilment of legal obligations: for the entire duration of the relevant fulfilments;

– in relation to the exercise and/or defence of a right: until the limitation of rights and legal proceedings.

The data will be subsequently deleted and/or anonymized.

 

  1. Rights of the interested party. Opposition to processing. Complaint.

The interested party may exercise the rights provided for in Articles 15-22 of GDPR against the Data Controller, as applicable. In particular, he has the right to request access to data concerning him, updating, integration, rectification, cancellation, limitation, portability of data in open format (e.g. CSV), to revoke consent at any time without prejudice to the lawfulness of processing based on the consent given before the revocation.

For legitimate reasons, the data subject may object, in whole or in part, to the processing of personal data (art. 21 GDPR), by sending the relevant request to the Data Controller by ordinary mail, e-mail or fax. In particular, the interested party has at any time the right to oppose the sending of commercial communications.

Pursuant to Art. 77 of the GDPR, the interested party also has the right to lodge a complaint with the Control Authority of the Member State in which he or she habitually resides, where he or she works or the place where the alleged violation has occurred. In Italy, the Data Protection Supervisor, based in Rome (www.garanteprivacy.it), is responsible for the protection of personal data.

 

  1. Data collected automatically through the website. Cookies.

The Data Controller is committed to protecting the privacy of visitors and users.

The computer systems and procedures used to operate the website acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols.

This category of data includes IP addresses or domain names of the computers used by users who connect to the website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and computer environment of the interested party.

This data is used for the sole purpose of obtaining anonymous information on the use of the website, as well as to check its correct functioning. The data may be used to ascertain responsibility in the event of the commission of offences.

 

COOKIE POLICY

Cookies are made up of portions of code installed inside the browser that assist the Owner in providing the Service according to the purposes described. Some of the purposes for which Cookies are installed may also require the User’s consent.

When the installation of Cookies takes place on the basis of consent, such consent may be freely revoked at any time by following the instructions contained in this document.

Cookies used:

Protection against spam:

This type of service analyses website traffic, potentially containing Personal Data of Users, in order to filter it from parts of traffic, messages and content recognised as SPAM.

Google reCAPTCHA (Google Inc.)

Google reCAPTCHA is a SPAM protection service provided by Google Inc.

The use of the reCAPTCHA system is subject to Google’s privacy policy and terms of use.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy.

 

Social Network:

This type of service allows interactions with social networks, or other external platforms, directly from the pages of the website.

The interactions and information acquired by the website are in any case subject to the privacy settings of the User relating to each social network.

If a social network interaction service is installed, it is possible that, even if Users do not use the service, the same may collect traffic data relating to the web pages where it is installed.

Like button and Facebook social widgets (Facebook, Inc.)

The “Like” button and Facebook social widgets are services of interaction with the social network Facebook, provided by Facebook, Inc.

Personal Data Collected: Cookies and Usage Data.

Place of Processing: United States – Privacy Policy.

The Tweet button and social widgets (Twitter, Inc.)

The Tweet button and social widgets of Twitter are services of interaction with the social network Twitter, provided by Twitter, Inc.

Personal Data Collected: Cookies and Usage Data.

Place of Processing: United States – Privacy Policy.

 

Pin it” button and Pinterest social widgets (Pinterest)

The “Pin it” button and Pinterest social widgets are Pinterest platform interaction services provided by Pinterest Inc.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy.

Google+ button +1 and social widgets (Google Inc.)

The +1 button and Google+ social widgets are Google+ social network interaction services provided by Google Inc.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy.

Linkedin button and social widgets (LinkedIn Corporation)

The LinkedIn button and social widgets are LinkedIn social networking services provided by LinkedIn Corporation.

Personal Data Collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy.

 

Contents from external platforms:

This type of service allows to display content hosted on external platforms directly from the pages of the website and to interact with them.

If a service of this type is installed, it is possible that, even if Users do not use the service, it may collect traffic data relating to the web pages where it is installed.

Google Maps widgets (Google Inc.)

Google Maps is a map display service operated by Google Inc. that allows the website to integrate such content into its pages.

Personal Data Collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy.

 

How can I express my consent to the installation of Cookie?

In addition to what is stated in this document, you can manage your Cookie preferences directly within your browser and prevent – for example – third parties from installing them. You can also use your browser preferences to delete cookies that have been installed in the past, including the Cookie in which you may save your consent to the installation of Cookies by this website. The User may find information on how to manage Cookies with some of the most popular browsers at the following addresses, for example: Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Internet Explorer.

With reference to Cookies installed by third parties, the User may also manage his/her settings and revoke his/her consent by visiting the relevant opt-out link (if available), using the tools described in the third party’s privacy policy or by contacting the third party directly.

Notwithstanding the above, the User may use the information provided by EDAA (EU), Network Advertising Initiative (USA) and Digital Advertising Alliance (USA), DAAC (Canada), DDAI (Japan) or other similar services. With these services you can manage the tracking preferences of most advertising tools. The Owner, therefore, advises Users to use these resources in addition to the information provided in this document.

Data Controller

The holder of the personal data processing is

Farruggio Lucia

 

Since the installation of Cookies and other tracking systems operated by third parties through the services used within WordPress cannot be technically controlled by the Owner, any specific reference to Cookies and tracking systems installed by third parties is to be considered indicative. To obtain complete information, the User is invited to consult the privacy policy of any third party services listed in this document.

Given the objective complexity of identifying technologies based on Cookies, the User is invited to contact the Owner if he would like to receive any further information on the use of Cookies.

Last update 17 June 2020