Information under Article 13 D.lgs. 196/03 and art. 13 EU Regulation No. 679/2016
Under art. 13 of the D.Lgs. 196/2003 and art. 13 of the Reg. (GDPR), this document explains how and why we process the personal data we receive and collect when Alberto Piona’s services/websites are used, as well as some of the measures we take to protect that data.
In accordance with the current law, the treatments carried out by Alberto Piona will be based on the principles of lawfulness, fairness, transparency, limitation of purpose and preservation, data mined, accuracy, integrity and confidentiality.
- Treatment owner
The owner of the treatment is Alberto Piona (below “Owner”), based at Milan, Corso Indipendenza 5 – Mail: email@example.com
- Personal data subject to processing
The processing of personal data refers to any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or personal data sets, such as collection, registration, organization, structuring, preservation, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of provision , comparison or interconnection, limitation, deletion or destruction.
The personal data being processed, which may vary depending on the services requested, consist of: first and last name, email address, phone, tax code/VAT number, location data, an online identifier, purchases made, and other data suitable to make the user identified or identifiable (below “Personal Data“). In particular, the Personal Data processed through the Site is as follows:
(a) Navigation data
When the user visits the Owner’s websites, the servers automatically record information such as the URL, IP addresses, browser type, browser language, date and time of the request made. The transmission of this information is implicit in the use of web communication protocols.
This information is not collected to be associated with identified stakeholders, but which by its very nature could, through elaborations and associations with data held by third parties, allow to identify users.
This data is used for the sole purpose of obtaining anonymous statistical information about the use of the site and to check that it works correctly. The data could be used to establish liability in the event of cybercrime against the site or third parties. With the exception of this, this data is retained for 30 days.
b) Data provided voluntarily by the user
On the Owner’s websites, you can transmit your personal data by filling out forms or sending e-mail messages. The provision of this data takes place on an optional, explicit and voluntary basis, and involves the subsequent acquisition of the sender’s email address, necessary to respond to requests, as well as any other personal data entered for the purposes of the service and those further granted by the user. Specific summary information is present in the pages that provide the forms, with the possible indication of the obligation of the provision of the data necessary to take advantage of the specific service.
You take responsibility for the personal data of third parties, if published or shared through this site, and ensures that you have the right to communicate or disseminate it, freeing the Holder from any liability to third parties.
c) Data with interaction with social networks
In addition to filling in the appropriate registration form, the user can be allowed to register with the Services, if he has a Facebook profile, even simply clicking on the “Login with Facebook” button. In this case, Facebook will automatically send the website some personal data, specified in the appropriate “pop-up” window that appears at the time of the request, and there will be no need to fill out other forms by the user.
Among the technical cookies, which do not require an express consent for their use, the Italian Data Protection Authority also includes:
- “cookie analytics” where used directly by the site manager to collect information, in aggregate, on the number of users and how they visit the site itself;
- browsing or session cookies (to authenticate);
- feature cookies, which allow the user to navigate according to a set of selected criteria (for example, the language, the products selected for purchase) in order to improve the service rendered to the same.
For “profiling cookies”, vice versa, that is, those aimed at creating profiles related to the user and used in order to send advertisements in line with the preferences expressed by the user in the context of web browsing, a prior consent of the user is required.
Registration to the website and the services offered are aimed at people over the age of 18: for this reason, the Holder does not knowingly collect data of people under the age of 18.
The pages you visit may contain links to external websites to provide useful information to users. This policy does not apply to sites that are not managed by the Owner, so you will need to investigate privacy practices on the same external websites.
- Purpose of treatment
The processing of the data, subject to specific consent when required by the legislation, takes place for the following purposes:
- register with the Owner’s websites
- take advantage of the services/products offered by the Owner
- for control, research and analysis to manage and improve the owner’s technologies and services
- receive responses to requests addressed to the Holder
- receive information about the services/products offered by the Owner
- pre-contractual, contractual and tax obligations arising from ongoing dealings with the Holder
With specific and separate consent from the above, personal data is collected for:
- send newsletters, business communications and/or advertising material regarding products and/or services offered by the Owner.
- Legal basis for treatment
Alberto Piona treats your personal data if one or more of the following conditions are true:
- you have given consent for one or more specific purposes
- treatment is required for the execution of a contract or to fulfill pre-contractual operations
- treatment is necessary to comply with statutos obligations to which the Holder is subject
- treatment is necessary for the legitimate interest of the Owner or third parties
However, you may require the concrete legal basis for each treatment
- Optional and mandatory consent to provide personal data
You are free to provide the personal data requested from time to time; failure, partial or inaccurate, may result in the inability to take advantage of the required services.
The acquisition of consent to the processing of personal data is necessary for all the above-mentioned treatments related and/or necessary to comply with legal obligations, EU law, to fulfil obligations arising from a contract of which the person is a part or to fulfil, prior to the conclusion of the contract, to specific requests of the latter.
- Recipients of personal data
For the purposes described in Part 3 of this policy, your personal information may be shared with:
(a) persons who typically act as processors, i.e.: persons, companies or professional firms assisting and advising Alberto Piona on accounting, administrative, legal, tax, financial matters relating to the provision of services; subjects with whom you need to interact for the delivery of the Services (e.g. Hosting Providers), subjects delegated to carry out technical maintenance activities on the servers hosting the owner’s websites;
(b) entities, entities or authorities who are obliged to disclose your personal data under statutory provisions or orders of the authorities (for example, during criminal investigations Alberto Piona may receive requests from the judicial authority to provide telematics traffic logs);
(c) persons authorised by Alberto Piona to process personal data necessary to carry out activities closely related to the provision of the Services, whether they have committed to confidentiality or have an adequate legal obligation of confidentiality, such as the employees/collaborators of the Holder;
(d) business partners for their own, autonomous and distinct purposes, only if you have given a specific consent.
- Location of data processing
The processing of personal data takes place at the headquarters of Alberto Piona and is carried out by technical, administrative and commercial staff for the pursuit of the purposes described at Par. 3.
The providers servers are located in the European territory.
Additional information may be requested from the Holder.
- Data retention
Personal data will be processed for as long as it takes to achieve the objectives of Part 3 or until the consent previously expressed is revoked.
In any case, Alberto Piona is able to keep his personal data until the time allowed by Italian law to protect his own interests. More information about the data retention period and the criteria used to determine this period can be requested by writing to the Holder.
Alberto Piona takes appropriate security measures to protect the data from any unauthorized access, modification or disclosure or destruction. These measures include internal controls on the methods of data collection, storage and processing, as well as security measures to protect from any unauthorized access the systems on which personal data is stored.
- Rights of those affected
You have the right to ask the Holder, at any time, to access your personal data, to correct or delete your personal data, or to object to their treatment in the cases under Article 20 of the Regulation, you have the right to request the limitation of treatment in the cases provided by art. It is not the first time that the European Parliament has been involved in this debate. 20 of the Rules, writing to Alberto Piona – Corso Indipendenza, 5 – 20129 – Milano (MI) – P.I. 01096790918 – Mail: firstname.lastname@example.org