The User may contact the Data Controller through the appropriate form, by browsing the Website, or by e-mail. In relation to these activities, the Data Controller collects personal data relating to the Users.
This Website and the services eventually offered through the Website are reserved to subjects over the age of 18 years old. Hereby, the Data Controller does not collect personal data pertaining to subjects under the age of 18 years old. At request of the Users, the Data Controller will promptly delete all the personal data, involuntary collected, pertaining to subjects under the age of 18 years old.
Particularly, the personal data of the Users will be lawfully processed for the following purposes:
The provision of personal data for the above-mentioned processing purposes is optional but necessary, since failure to provide such data will make it impossible for the User to make their request to the Data Controller.
Personal data which are necessary for the pursuit of the processing purposes described in this paragraph 3 are indicated with an asterisk in the request form.
Processing the User’s request (as described in the previous paragraph 3, letter a)): the legal basis consists of art. 6, paragraph 1, lett. b) of the Regulation, or the processing is necessary for the performance of a contract to which the User is party or in order to take steps at the request of the data subject prior to entering into a contract.
Administrative and accounting purposes (as described in the previous paragraph 3, letter b)): the legal basis consists of art. 6, paragraph 1, lett. b) of the Regulation, as the processing is necessary for performance of a contract to which the User is party or in order to take steps at the request of the data subject prior to entering into a contract.
Legal obligations (as described in the previous paragraph 3, letter c)): the legal basis consists of art. 6, paragraph 1, lett. c) of the Regulation, as the processing is necessary for compliance with a legal obligation to which the Data Controller is subject.
The Data Controller will process the personal data of Users using manual and IT tools, with logic strictly related to the purposes themselves and, in any case, in order to guarantee the security and confidentiality of the data.
The personal data of Users will be retained for the time strictly necessary to carry out the main purposes explained in paragraph 3 above or, in any case, as necessary for the protection in civil law of the interests of both the Users and the Data Controller.
The User’s personal data may be transferred outside the European Union, and, in this case, the Data Controller will ensure that the transfer takes place in accordance with the Applicable Law and, in particular, in accordance with Articles 45 (Transfer on the basis of an adequacy decision) and 46 (Transfer subject to adequate guarantees) of the Regulation.
The personal data of the Users may be disclosed to the employees and/or collaborators of the Data Controller in charge of managing the Website and the Users’ requests. These subjects, who have been instructed to do so by the Data Controller pursuant to Article 29 of the Regulation, will process the User’s data exclusively for the purposes indicated in this policy and in compliance with the provisions of the Applicable Law.
The personal data of the Users may also be disclosed to third parties who may process personal data on behalf of the Data Controller as “Data Processors” pursuant to Article 28 of the Regulation, such as, for example, IT and logistic service providers functional to the operation of the Data Controller’s Website, suppliers of outsourcing or cloud computing services, professionals and consultants.
Users have the right to obtain a list of any data processors appointed by the Data Controller, making a request to the Data Controller in the manner indicated in paragraph 7 below.
Users may exercise their rights granted by the Applicable Law by contacting the Data Controller as follows:
Pursuant to the Applicable Law, Users have: