Personal data processing policy
What is this document? This documents is the personal data processing policy related the website www.privacy365.eu
Who is for? The policy is destined to all the visitors who interact with the website.
Why? National and international data protection regulations require that you – the data subject – are informed about what personal data is being processed and who will be processing it, in order to ensure that the processing is fair and transparent. In the following you will therefore see clearly listed who will process your data, what personal data will be processed, the purposes for which the personal data will be processed, for how long the data will be processed, what your rights are and how to exercise them.
Which laws are referred to this document? The policy is offered by taking in conjunction with:
- The General Data Protection Regulation (GDPR) EU 2016/679
- Legislative Decree n. 196/2003 (Privacy Code), as modified by the Legislative Decree n. 101/2018 and subsequent amendments and additions (Italian Privacy Code)
- European Directive n. 2002/58/CE (so called e-Privacy)
1) DATA CONTROLLER
PRIVACY365 ITALIA S.r.l. with registered office in viale Berna 9/B – 47924 Rimini (RN) – C.F. IT04409590405
Contact details for the exercise of the data subject’s rights: email@example.com – PEC: firstname.lastname@example.org – Tel +39 0541 1647198
2) AIMS, LEGAL BASE, RETENTION PERIOD AND NATURE OF THE PROCESSING
Your data are processed for the following aims:
- Reply to contact requests:
- the legal base of this processing is the pursuit of the legitimate interest of the Data Controller when responding at the data subject’s requests;
- the retention period of processed data for this aim lies in the amount of time necessary to process the request;
- the provision of personal data is optional, however, any refusal will make it impossible to process the request.
- To prevent or control unlawful conduct or to protect and enforce rights:
- the legal base for this processing is pursuit the legitimate interest of the Data Controller in order to prevent or pursue offences or intellectual property rights breaches (also of third parties) or informatic crimes or made through telematic networks;
- the retention period of processed data for this aim lies in the amount of time necessary to assert the Data Controller’s rights from the time you become aware of the offence or of its potential commission.
3) PERSONAL DATA PROCESSED
By processing personal data we mean any operation or a set of operations, performed with or without the aid of automated processes and applied to personal data or a set of personal data, as the recollection, the registration, the organization, the structure, the retention, the trend or change, the exfiltration, the consultation, the use, the communication through the transmission, spread or any other form available, the comparison or the interconnection, the limitation, the deletion or the disruption.
Personal data processed are the following:
- Browsing Data
Informatic systems and the software procedures used for this site adquire, during their normal exercise, some personal data which transmission is implicit in the use of Internet communication protocols.
In this category of data fall into the IP addresses or the domain names of computers and the endpoints used by the users, all the addressed in URI/URL (Uniform Resource Identifier/Locator) of requested resources, the timetable of the request, the methods which has been used to submit the request to the server, the file dimension, the code number which identifies the state of the given response by the server (successful, error etc) and other parameters related to the operational system and the information environment of the user.
Those data, necessary for the use of the web services, are also processed in order to obtain statistical information on the service use (most visited pages, number of visitors hourly, geographical areas of expertise etc.); or control the correct operation of the services offered. Browsing data do not persist more than 365 days and are immediately deleted after their combination (unless required by the judicial authority to carry out any criminal investigation).
- Data given by the user
The optional, explicit and voluntary sending of messages to the contact addresses of the Data Controller involves the acquisition of the sender’s contact data, necessary to reply, as well as all personal data included in the communications.
- Cookie and other tracking systems
Please refer to the detailed policy available at the following link: https://www.privacy365.eu/cookie-policy
4) RECIPIENTS OF PERSONAL DATA
Your personal data can be shared, for the above purposes, with:
- subjects who typically act as data processors, i.e. persons, companies or professionals who provide assistance and consultancy to the Data Controller in accounting, administrative, legal, tax, financial and credit recovery matters relating to the provision of services;
- subjects with whom it is necessary to interact for the provision of services;
- subjects, bodies or authorities to whom it is obligatory to communicate your personal data under the provisions of the law or orders of the authorities;
- staff expressly authorised by the Data Controller, necessary to carry out activities strictly related to the provision of services, who have committed themselves to confidentiality or have an adequate legal obligation of confidentiality and have received adequate operating instructions;
The full list of data processors is available by sending a written request to the Data Controller.
5) TRANSFER OF PERSONAL DATA
Some of your personal data are shared with recipients who could be out of the European Economic Area (EEA). The Data Controller ensures that the processing of Your personal data is carried out according to the Law and the Regulation. Verily, transfers can be based on an adequacy decision or on Standard Contract Terms approved by the European Commision. Further information is available at the Data Controller.
6) EXISTENCE OF AN AUTOMATED DECISION MAKING PROCESSING, INCLUDING THE PROFILING
The Data Controller does not adopt an automated decision-making process concerning the processing of personal data, including profiling, as referred to in Article 22 of the GDPR..
7) DATA ABOUT PERSONS UNDER 18 YEARS OLD
Persons under 18 years old can not provide personal data. The Data Controller will not be responsible of possible recollection of personal data, as well as false statements, offered by the minor, and in every cases, if it is seen to be used, the Data Controller will facilitate the right to access and the right to erasure forwarder by the guardian, foster or who exercises the parental responsibility.
8) RIGHTS OF THE DATA SUBJECT
Data subject has the right to obtain from the Data Controller, in certain specific cases, the access to personal data and the rectification or the erasure of the same or the treatment limiting or to oppose to the processing (Articles 15 and the following of the Law and the Regulation). The appropriate petition to the Data Controller shall be presented by contacting the email responsible for the feedback to the data subject.
9) RIGHT TO COMPLAIN
Data subjects who believe that their personal data is being processed in breach of the provisions of the GDPR have the right to lodge a complaint in the territory of the European Union with the Italian Data Protection Authority (www.gpdp.it), as provided for in Article 77 of the GDPR, or to take legal action (Article 79 of the GDPR).
The Controller reserves the right to make changes to this policy at any time. The current version is published at the following link: https://www.privacy365.eu/privacy-policy. Latest update 23/01/2021