Last update: 24 May 2018
In compliance with the obligations deriving from national legislation (Legislative Decree 30 June 2003 n.196, Code regarding the protection of personal data) and community, (European regulation for the protection of personal data n. 679/2016, GDPR) and subsequent changes, this site respects and protects the privacy of visitors and users, making every possible and proportionate effort not to infringe the rights of users.
The data controller in accordance with the laws in force is the site administrator, Company Fontana snc by Dario and Michela Fontana - Via Industriale, 22/24 - 36043 Camisano Vicentino (VI); contactable by e-mail at: firstname.lastname@example.org
Responsible for the treatment
In addition to the Data Controller, in some cases, categories of employees involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external subjects (such as suppliers of third party technical services, postal couriers) may have access to the Data. hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Managers can always be requested from the Data Controller.
Legal basis of the processing
This site processes data based on consent. By using or consulting this site, visitors and users explicitly approve this privacy statement and consent to the processing of their personal data in relation to the methods and purposes described below, including any disclosure to third parties if necessary for the provision of a service.
The provision of data and therefore the consent to the collection and processing of data is optional, the user can deny consent, and can revoke a consent already provided at any time. However, denying consent may make it impossible to provide some services and the browsing experience on the site may be compromised.
Starting from 25 May 2018 (date of entry into force of the GDPR), this site will process some of the data based on the legitimate interests of the data controller.
Data collected and purposes
Like all websites, this site also uses log files in which information collected in an automated manner during user visits is stored. The information collected could be the following:
- internet protocol (IP) address;
- type of browser and device parameters used to connect to the site;
- name of the internet service provider (ISP);
- visit date and time;
- web page of origin of the visitor (referral) and exit;
- possibly the number of clicks.
The aforementioned information is processed in an automated form and collected in an exclusively aggregated form in order to verify the correct functioning of the site, and for security reasons (from 25 May 2018 this information will be treated on the basis of the legitimate interests of the owner).
For security purposes (spam filters, firewalls, virus detection), the automatically recorded data may possibly also include personal data such as the IP address, which could be used, in accordance with applicable laws, in order to block attempts to damage the site itself or to cause damage to other users, or in any case harmful activities or constituting a crime. These data are never used for the identification or profiling of the user, but only for the purpose of protecting the site and its users (from 25 May 2018 this information will be treated on the basis of the legitimate interests of the owner).
The data received will be used exclusively for the provision of the requested service and only for the time necessary for the provision of the service.
The information that users of the site will deem to make public through the services and tools made available to them, are provided by the user knowingly and voluntarily, exempting this site from any responsibility for any violations of the laws. It is up to the user to verify that they have the permissions to enter personal data of third parties or contents protected by national and international standards.
The data collected by the site during its operation are used exclusively for the purposes indicated above and kept for the time strictly necessary to carry out the specified activities. In any case, the data collected by the site will never be provided to third parties, for any reason, unless it is a legitimate request by the judicial authority and only in the cases provided for by law.
The data used for security purposes (blocking attempts to damage the site) are kept for 7 days.
The data are processed at the operational headquarters of the Data Controller and in any other place where those involved in the treatment are located. For more information, contact the owner.
This type of service has the function of hosting data and files that allow this application to function, allow its distribution and provide a ready-to-use infrastructure to provide specific functions of this application.
Some of these services work through servers located geographically in different places, making it difficult to determine the exact place where Personal Data is stored.
Google Cloud Storage (Google Inc.)
The hosting of the site is provided at the Google Data Center, which is responsible for data processing, processing the data on behalf of the owner, is located in the European Economic Area and acts in accordance with European standards.
Transfer of data to non-EU countries
This site may share some of the data collected with services located outside the European Union area. In particular with Google, Facebook and Microsoft (LinkedIn) through social plugins and the Google Analytics service. The transfer is authorized according to specifications decisions of the European Union and the Guarantor for the protection of personal data, in particular decision 1250/2016 (Privacy Shield - here the information page of the Italian Guarantor), for which no further consent is required. The companies mentioned above guarantee their adherence to the Privacy Shield.
This site processes user data in a lawful and correct manner, adopting appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data. The processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the owner, in some cases, categories of employees involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external subjects (such as suppliers of third party technical services, postal couriers) may have access to the data. hosting providers, IT companies, communication agencies).
Pursuant to European Regulation 679/2016 (GDPR) and national legislation, the User can, according to the methods and within the limits established by current legislation, exercise the following rights:
- request confirmation of the existence of personal data concerning him (right of access);
- know its origin;
- receive intelligible communication;
- have information about the logic, methods and purposes of the processing;
- request the updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected;
- in cases of consent-based processing, receive only the cost of any support, its data provided to the owner, in a structured and readable form by a data processor and in a format commonly used by an electronic device;
- the right to lodge a complaint with the Supervisory Authority (Privacy Guarantor - link to the page of the Guarantor);
- as well as, more generally, exercise all the rights that are recognized by the current legal provisions.
Requests should be addressed to the Data Controller, who can be contacted by e-mail at: email@example.com
In the event that the data are processed on the basis of legitimate interests however, the rights of the data subjects are guaranteed (except the right to portability which is not provided for by the regulations), in particular the right to object to the processing that can be exercised by sending a request to the data controller.