Information provided pursuant to article 13 EU Regulation 2016/679 (GDPR) Data subject/user ‐ and Art. 130 ‐ Unwanted communications Legislative Decree 196/2003 contracting party
In compliance with EU Regulation 2016/679 (European data protection Regulation) we would like to provide you with the information required on the processing of personal data provided. This information is not valid for other websites possibly consulted through links present on the controller’s websites. The latter may in no way be considered responsible for third party websites. This information is provided pursuant to art. 13 of EU Regulation 2016/679 (GDPR) European data protection Regulation) and is also inspired by what is set forth in Directive 2002/58/EC, as updated by Directive 2009/136/EC, on Cookies and by what is set forth in the Provision of the Privacy Authority for the protection of personal data of 08.05.2014 on cookies.
1.CONTROLLER Grucciadesign.srls , with registered office in Via Chioggia, 66/N, 31030 – Castello di Godego (TV),in the person of the legal representative. The contact data for the Controller are as follows: T +39 351 8313300 – email address: email@example.com
Personal Data: any information concerning an identified or identifiable natural person («data subject»); we consider identifiable the natural person who can be identified, directly or indirectly, with specific reference to an identifier like a name, an identification number, location data, an on‐line identifier or one or more characteristic elements of the person’s physical, physiological, genetic, mental, economic, cultural or social identity (as an example: name, surname, date of birth, address, e‐mail, phone number etc.).
Data of contracting parties/users.
During their normal operations, the information systems and software procedures used to operate this website acquire some personal data transmitted implicitly when using Internet communication protocols. This information is not collected to be associated with identified data subjects but, due to its specific nature could, when processed and associated with data held by third parties, enable identification of users. This data category includes IP addresses nor the domain names of computers used by users connecting to the website, URI (Uniform Resource Identifier) addresses of resources requested, time of the request, method used to submit the request to the server, size of the file received in response, the numerical code indicating the status of the server’s response (successful, error, etc.) and other parameters related to the user’s operating system and computer environment.
Any data provided voluntarily
Sending personal data optionally and voluntarily (e.g. sending e‐mail messages to the addresses given on this website or filling in data collection forms on the website) implies the collection and processing by the Controller of data provided voluntarily by the users/contracting parties, needed to answer requests, and any other personal data entered in the communication
Specific information will be published on the website pages of the Authority prepared for the supply of certain services.
3.PROCESSING PURPOSE LEGAL BASIS DATA RETENTION PERIOD
|PROCESSING PURPOSE||LEGAL BASIS||DATA RETENTION PERIOD|
|Any management of personal data through forms on this website.||Please see the specific form information in the area of reference.||Please see the specific form information in the area of reference.|
4.RECIPIENTS OF PERSONAL DATA
Personal data provided will be communicated to the controller’s employees and collaborators. They will process data as persons authorised to do so acting under the authority of the Controller for the above‐listed purposes. The personal data provided could be communicated to third parties linked to the Controller contractually in order to fulfil contractual obligations and the above‐indicated purposes; more specifically, the data will be communicated to: ‐ Grucciadesign.srls; ‐ subjects belonging to the distribution network (such as importers, distributors, resellers, shipping agents, etc.); ‐subjects supplying services to manage the information system used by the controller and the telecommunication networks (including email, web platforms, clouds, software); ‐ firms or companies providing assistance and consultancy services; ‐ social network platforms; ‐authorities responsible for fulfilling legal obligations and/or the orders of public bodies, on request. The subjects belonging to the above categories act as data Processors, or operate autonomously as separate Controllers. The list of Processors is updated continuously and is available c/o the Controller’s head office and from the above contact details. Please see specific information based on data processing in specific areas.
5.TRANSFERRING DATA TO A THIRD COUNTRY
The website is hosted in an EU country. If communicated to subjects in Non‐EU Countries (for example for direct contacts with our sales /contact network, social network platforms, etc.), personal data will be transferred to Non‐EU Countries to comply with the above‐mentioned purposes. Data will be transferred within the limits and under the conditions set forth in art. 44 et seq. GDPR, to Non‐EU Countries, to subjects providing suitable guarantees for the transfer in compliance with arts. 45, 46, 47 GDPR. For information on guarantees related to transferring data to Non‐EU Countries, data subjects may write to the e‐mail address of the Controller: firstname.lastname@example.org
Except for navigation data needed to navigate the website, users /contracting parties are free to provide their personal data. Not doing so might only mean not being able to obtain the information or services requested and supplied through this website. Please see specific information based on data processing in specific areas.
7.RIGHTS OF DATA SUBJECTS (only for natural persons)
The natural person data subject may enforce his/her rights as set forth in arts. 15 et seq. of EU Regulation 2016/679, by contacting the Controller at the aforementioned contact details. More specifically, the data subject has the right, at any time, to have access to its personal data from the Controller and request information regarding processing, and may rectify, erase its personal data or restrict processing. Furthermore, when foreseen, the data subject has the right to revoke the consent granted without prejudicing the lawfulness of processing based on that consent before it was revoked. The data subject also has the right to object to processing based on its legitimate interest by writing to email@example.com. When foreseen, the data subject has the right to the portability of its personal data. In that case, the Controller will provide the data subject’s personal data in a structured, common use format, readable from an automatic device. If he/she believes that the processing of his/her personal data by the controller is in breach of Regulation (EU) 2016/679, the data subject may present a complaint to the Privacy Authority (garanteprivacy.it), or may take action in court (this for both legal and natural persons). To revoke consent to non automated profiling, it is enough to send an e‐mail at any time to firstname.lastname@example.org under the subject “no profiling”. In order not to receive automated direct marketing communications (e.g. e‐mail, SMS, social) legal persons just need to write an e‐mail at any time to the address email@example.com with subject “cancellation from automated service” or use our automatic cancellation systems set up solely for e‐mail. In order not to receive traditional direct marketing communications (phone calls with operator and paper post), write an e‐mail at any time to the address firstname.lastname@example.org with subject “cancellation from traditional service”. Please see specific information based on data processing in specific areas.
8.AMENDMENTS TO PRIVACY INFORMATION
The controller reserves the right to amend, update, add or remove parts of this privacy information. To facilitate controls, the information will contain the date it was updated.
Date updated: 08 May 2020