This information is provided in accordance with article 13 of the Privacy Code on the protection of personal data pursuant to Legislative Decree 196/2003 (hereinafter the “Privacy Code”), the Regulation issued by the Italian Data Protection Authority “Simplified arrangements to provide information and obtain consent regarding cookies” of 8 May 2014 and Recommendation 2/2001 which the European Authorities for the protection of personal data, through the Data Protection Working Party set up by Article 29 of the Directive 95/46/EC, adopted on 17 May 2001.
Personal data are processed according to the principles of relevance, lawfulness and fairness as provided by the Privacy Code, using suitable security measures and after consent has been given by users where required.
Such data are stored in a form that allows identification of the person concerned for a period of time not exceeding that necessary for the purposes for which they were collected or subsequently processed.
2. Controller and site of data processing
In accordance with article 28 of the Privacy Code, the controller of the Application and the data processing is Nora Pezzoli, Viale Monte Ceneri 29, Milan, Italy, Tax Code PZZNRO69P41F205K, e-mail address firstname.lastname@example.org, (hereinafter the “Controller”).
The data are processed at the operational offices of the Controller and in any other place in which the parties involved in the processing are located, and they are managed only by personnel responsible for processing, or by persons appointed to carry out periodic maintenance. For further information, please contact the Controller.
Unless the disclosure of personal data is required by law or is strictly relevant and necessary for the fulfilment of requests or contractual obligations for the performance of the service, personal data are provided voluntarily and optionally by users at the time of activation of the service, for the following purposes:
Registration and authentication of the user
4. Types of personal data processed
A. Personal data
Personal data can be entered voluntarily by the User or collected automatically during use of this Application.
Failure by the user to provide certain personal data may prevent this Application from being able to provide its services.
Users are held responsible for posting or sharing personal data of third parties through this Application and guarantee to have the right to communicate or disclose them, releasing the Controller from any liability towards the third parties.
B. Browsing data
The computer systems and software procedures used to operate this Application acquire, during their normal operation, some personal data whose transmission is implicit in Internet communication protocols.
This information is not collected to be associated with an identified data subject, but by its very nature, could, through processing and association with data held by third parties, allow users to be identified. This category includes IP addresses or domain names used by users which connect to the website, the Uniform Resource Identifier of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained, etc..
These data are used to obtain anonymous and aggregate statistical information on the use of the Application and to check that it is working properly, and permanently reside on third-party servers (hosting providers). The data could be used to ascertain liability in the event of hypothetical computer crimes against the Application.
5. Links to third-party websites
The Controller can present or offer third-party products or services on its Application. The websites of such third parties adopt criteria regarding privacy that are different and unrelated to ours. Therefore, the Controller does not accept any responsibility for the content or activities of any such linked websites.
6. Methods of processing
In addition to their collection, the processing of data may consist of their recording, storage, alteration, disclosure, erasure, dissemination, analysis, etc. and will be carried out both on paper and with the use of computers and electronic networks or innovative means, in a manner and with means suitable to ensure the security and confidentiality of the data itself, in compliance with the provisions of articles 31 and following of the Privacy Code, relating to the “minimum security measures for the processing of personal data” aimed at ensuring a minimum level of protection of the personal data.
In particular, all technical, IT, organisational, logistical and procedural security measures will be adopted, as provided for in the Privacy Code, in ”Annex B” of the decree (the so-called Technical specification on minimum security measures), in the various regulations issued subsequently as additions, in order to guarantee at least the minimum level of data protection as required by law.
Furthermore, the methods applied ensure that only persons appointed by us to process the data are allowed to access the data.
7. Rights of data subjects
Users have the right to contact us for any information about their personal data, to obtain confirmation as to whether or not personal data concerning them exist and know the content and source, check their accuracy or request their integration or updating, or the rectification, erasure, anonymization or blocking of data that have been processed unlawfully as well as object in all cases, for legitimate reasons, to their processing.
Requests can be sent as follows:
- by e-mail sent to the following address: email@example.com;
- by registered post sent to the following address: Nora Pezzoli, Viale Monte Ceneri 29, Milan, Italy.
Application: website, app, hardware and software through which the personal data of users are collected.
Personal data: any information relating to an identified or identifiable natural person, directly or indirectly, by reference to any other information, including a personal identification number.
User: the individual who uses this Application, who must coincide with or be authorized by the Data subject and whose personal data are subject to processing.
Controller: a natural or legal person, public authority and any other agency, association or body which, alone or together with another controller, are responsible for the decisions regarding the purposes and methods of processing personal data and the means used, including the security profile, in relation to the operation and use of this Application. The Controller, unless otherwise specified, is the owner of this Application.
Processing of personal data: according to Italian law, this means any operation or set of operations, performed whether or not by electronic means, concerning the collection, recording, organisation, storage, consultation, processing, alteration, selection, retrieval, alignment, use, combination, blocking, disclosure, dissemination, erasure and destruction of data, also when not recorded in a database.