Privacy Policy

INFORMATION RELATING TO THE PRIVACY POLICY OF THE SITE

This is to provide you below with the fundamental information pursuant to Article 13 EU Regulation No. 2016/679 (hereinafter, “GDPR”) regarding the processing of your personal data by DATA Officine S.n.c di Data Francesco & C. in relation to your browsing on our website www.dataofficine.it and use of the services offered.

SUBJECT: Information pursuant to and for the purposes of the GDPR EU 2016/679 relating to the protection of personal data processing.

OBJECT OF TREATMENT

The Data Controller processes personal, identifying and non-sensitive data (including but not limited to, first name, last name, company name, address, telephone, e-mail – hereinafter, “personal data” or also “data”) communicated by you when registering on the Data Controller’s website www.dataofficine.it (hereinafter, “Site”), participating in opinion and approval surveys, filling out registration forms through the Site at events or webinars organized by the Data Controller, requesting clarifications or support requests online, and sending newsletters.

PURPOSE OF TREATMENT

Your personal data are processed: A) without your express consent and Art. 6(b), (e) GDPR), for the following Service Purposes: to manage and maintain the Site (including the management of 1st and 3rd party cookies see cookies policy on page https://dataofficine.it/cookie-policy/); To enable you to take advantage of the Services that you may have requested; participate via the Site in initiatives organized by the Owner (e.g., events); process a contact request; fulfill obligations required by law, regulation, EU legislation or an order of the Authority; prevent or detect fraudulent activity or abuse harmful to the Site; exercise the rights of the Data Controller, such as the right to exercise a right in court. B) Only with your specific and separate consent (Art. 7 GDPR), for the following Other Purposes: To send you by e-mail opinion and approval surveys, newsletters and/or invitations to events or to register you for events to which the Controller is a party or which it organizes.

TYPES OF DATA PROCESSED

Through the Site, the following may be collected and processed: navigation data; personal data voluntarily provided by the user in the forms within the Site or through the e-mail account in the contact section.

FINALITÀ E BASE GIURIDICA DEL TRATTAMENTO

In the cases referred to in the paragraph PURPOSE OF THE PROCESSING art. A) the legal basis for the processing of your personal data is to execute a contract with you or to provide the service that you have specifically requested or to comply with a legal obligation or to protect our legitimate interest. The processing of personal data for the purposes referred to in the paragraph PURPOSE OF THE PROCESSING art. A) does not require your consent as the processing is necessary to fulfill specific requests of the data subject pursuant to Art. 6, c. 1, lett. b) of the GDPR. In the cases referred to in the paragraph PURPOSE OF THE PROCESSING art. B) the legal basis of the processing of your personal data is to execute a contract with you or to provide the service, The provision of data is mandatory and therefore the refusal to provide them in whole or in part will result in the impossibility for the Writer to execute the contract.

PROVISION OF DATA AND CONSEQUENCES IN CASE OF FAILURE TO PROVIDE DATA

The provision of data for the purposes set forth in paragraph PURPOSES OF THE PROCESSING art.A) is mandatory. Without them, we will not be able to guarantee you either registration on the Site or the Services referred to in the paragraph PURPOSES OF THE PROCESSING art.A). On the other hand, the provision of data for the purposes set forth in paragraph PURPOSES OF THE PROCESSING art.B) is optional. You can therefore decide not to provide any data or to deny later the possibility of processing data already provided: in this case, you will not be able to receive e-mail invitations to events, newsletters and opinion and liking surveys. In any case, you will continue to be entitled to the Services referred to in the paragraph PURPOSES OF THE PROCESSING art.A).

TREATMENT MODALITIES

The processing of your personal data is carried out by means of the operations indicated in Art. 4 Privacy Code and Art. 4 No. 2) GDPR and namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data. Your personal data are subject to both paper and electronic and/or automated processing.

RECIPIENTS OR CATEGORIES OF RECIPIENTS

Personal data may be made accessible to, brought to the attention of or communicated to the following parties, who will be appointed by, as appropriate, as data processors or persons in charge: companies of the group of which the Data Controller is part (parent companies, subsidiaries, affiliates), employees and/or collaborators in any capacity whatsoever of the Data Controller and/or companies of the group of which the Data Controller is part; public or private entities, natural or legal persons, which the Controller uses for the performance of activities instrumental to the achievement of the above purpose or to which the Controller is required to communicate personal data, by virtue of legal or contractual obligations.

DATA TRANSFER ABROAD

In order to fulfill the data management referred to in the paragraph PURPOSES OF DATA PROCESSING art. A) and B), some of your personal data may be communicated, to subjects at EU and non-EU Third Countries. Should it become necessary, the writer will be entitled to move the data to servers at EU and non-EU Third Countries.

STORAGE PERIOD

The Data Controller will process personal data for as long as necessary to fulfill the purposes set out in point A and B under the PURPOSES OF THE PROCESSING paragraph and in any case for no longer than 10 years after the termination of the relationship for the Purposes of Service.

RIGHTS OF THE INTERESTED PARTY

Relative to the personal data itself you may exercise the rights: Right of access (Art.15): The data subject has the right to obtain from the data controller confirmation as to whether or not personal data concerning him or her are being processed and, if so, to obtain access to the personal data Right to rectification (Art.16): The data subject has the right to obtain from the data controller the rectification of inaccurate personal data concerning him/her without undue delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, including by providing a supplementary declaration. Right to Erasure (Right to be Forgotten) (Art. 17): The data subject has the right to obtain from the data controller the erasure of personal data concerning him or her without undue delay, and the data controller is obliged to erase the personal data without undue delay if one of the following grounds exists: The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; The data subject withdraws the consent on which the processing is based in accordance with Article 6(1)(a) or Article 9(2)(a) and if there is no other legal basis for the processing; The data subject objects to processing in accordance with Article 21 (Right to Object), paragraph 1, and there is no overriding legitimate ground for processing, or objects to processing in accordance with Article 21, paragraph 2; Personal data have been processed unlawfully; Personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the data controller is subject. The right to lodge a complaint with the Data Protection Authority at email garante@gpdp.it or at the PEC address: protocollo@pec.gpdp.it

HOW TO EXERCISE RIGHTS

You may at any time exercise your rights by sending: a registered letter AR to DATA Officine S.n.c di Data Francesco & C. – Headquarters located in Via Busano, n° 55 – 10080 Rivara (TO). a PEC to the address info@pec.dataofficine.it

MINORS

This Site and the Owner’s Services are not intended for minors under the age of 18, and the Owner does not intentionally collect personal information referring to minors. In the event that information about minors is unintentionally recorded, the Owner will delete it in a timely manner upon users’ request.

CHANGES TO THIS POLICY

This Policy is subject to change. We therefore recommend that you check this Policy regularly and refer to the most current version. The latest version of the Privacy Policy, in each case, is posted on this page, indicating the date it was last updated.

OWNER, MANAGER AND APPOINTEES

The Data Controller is DATA Officine S.n.c di Data Francesco & C., P.IVA 10899920010 with registered and operative office in Via Busano, n° 55 – 10080 Rivara (TO). The updated list of data processors is kept at the operating headquarters of the Data Controller. Last updated on 15/02/2022