Processing of personal data
The site is owned by sistemaeventi.it S.r.l., Via G. Battista Pontani 47 Perugia, firstname.lastname@example.org, +39075 5011858 and Italia Endurance A.S.D., Via Emirati Arabi Uniti, 3 Agello di Magione (hereinafter referred to as “Controller”).
This disclosure is provided by the Controller of the Site and not for other websites/pages/spaces owned by third parties potentially consulted via dedicated links.
This disclosure aims to inform users, even before accessing the various sections of the Site, how the controller handles personal data of users, and it is therefore necessary that the user read the policy before providing personal data upon registration to the Site.
Controller and processor of data
The data controller is sistemaeventi.it S.r.l., Via G. Battista Pontani 47 Perugia and Italia Endurance A.S.D., Via Emirati Arabi Uniti, 3 Agello di Magione.
In addition to the company’s employees, the processing of personal data may also be carried out by third parties, to whom the company turns for certain activities (or part of those activities) linked to or instrumental to the processing or providing of services. In this case, those subjects will be nominated as handlers or entrusted with the processing of data.
Purposes of Data Processing
Depending on the needs of the user as he accesses the various sections of the Site, herein are the purposes for the processing of personal data, meaning the data given directly by the user when filling out online forms (see the following section entitled “Nature and ways users’ personal data is acquired”) or data acquired automatically (see the following section entitled “Categories of Personal Data subject to processing) (hereinafter “Personal Data”):
- registration to the Site, if necessary, to access certain sections of the Site and to provide and manage any services offered;
- marketing activities, such as the sending of promotional or advertising material from the controller, even via e-mail, mms and sms, provided the user has provided consent and until he revokes that consent;
- personalizing the user experience on the Site and improving services and products offered to customers by the Controller (provided the user has given consent and until he revokes that consent; and following all legal requirements as pertains to this matter), analysing navigation or buying habits in order to define user profiles by using information supplied by them upon registration or when filling out questionnaires or based on actions carried out or information supplied while navigating the Site;
- meet the needs of users in terms of products offered by the Controller, advertising, or generic information (for example, in the Site’s “Contact Us” section).
How data is processed
Processing will be carried out via automated tools (for example, using electronic procedures and devices) and/or manually (for example, on paper) strictly for the time necessary to carry out the objectives for which the data was gathered, in accordance with current legal regulations as pertains to this matter.
Nature of how users’ personal data is acquired
Providing personal data is at the user’s discretion, however, it is obligatory to provide some personal data (necessary for the data fields that have an asterisk) so that the Controller can satisfy the user’s needs in terms of the functioning of the Site. In the event that the Personal Data marked by an asterisk —necessary for the requested action—is missing, partial, or incorrect, these functionalities will not be carried out. However, if optional Personal Data is missing, partial, or incorrect, this will not have any consequence.
Personal Data is collected when users fill out the proper fields in the various sections of the Site. If the user fails to fill out one or more obligatory data fields, an error message will appear with a list of all of the obligatory Personal Data missing.
Categories of Personal Data processed
In addition to Personal Data supplied directly by users (name, surname, mailing address, email address, telephone number, password, birth date, etc.), in accessing the site, there are IT systems and software procedures in place aimed at the functioning of the site that automatically and indirectly administer and/or collect some information that could be classified as personal data. The transmission of this data is implicit in the use of Internet communication protocols, including – and this list is meant to serve as an example and not be exhaustive – cookies, IP addresses, domain names of the computers used by users in connecting to the Site, URL addresses for resources requested, and time of requests made to server.
Minors under the age of 16 should not provide Personal Data without the consent of their parents or guardians. The Controller asks all of those with parental authority of minors to give them information on safe and responsible use of the Internet and web.
Cookies are lines of code that serve as digital markers sent from a server (in this case, the Site’s server) to the device of a user (generally an Internet browser) when he accesses a data page on a website; cookies are automatically memorized from the user’s browser and sent to the server that generated them each time the user accesses the same Internet page. Therefore, for example, cookies allow and/or facilitate the access to some Internet pages in order to improve the user’s navigation, or in other words, allowing for the memorization of the pages visited and other specific information, such as, the most frequently consulted pages, connection errors, etc. Therefore, in order to use this Site in the most complete and easy way, the user should configure his browser so as to be able to receive these cookies.
Often, browsers are set to automatically accept cookies. However, users can change the predefined configuration in order to disable or cancel cookies (one at a time or all at the same time), however, this means that some areas of the Site will not work in an optimal manner. It is also possible to change the mechanisms for saving cookies in the browser as well as the types of cookies accepted, by modifying the settings in one’s browser.
Type of Cookies and How they are Managed
- Strictly necessary cookies:
These are necessary for strictly navigating a Site and the use of its functionalities, for example, correctly visualizing the Site or accessing its reserved areas. However, if cookies are disabled, these actions will not be able to be carried out.
- Performance cookies:
They gather information on how efficiently a Site responds to user requests, even anonymously, with the only aim of improving the functionalities of a Site. For example, the pages most frequently visited by users, and if there are errors or slow performance in downloading a web page.
- Functionality cookies:
They allow a Site to remember the selections made by a user and to propose them during following visits in order to offer better, more personalized services. For example, these can be used to offer content similar to what the user requested previously.
- Targeting cookies:
These are used to offer advertising in line with the users’ interests, as per those shown while navigating the site. These are used, for example, to limit how often a certain ad is shown, or in other words, to understand the effectiveness of a campaign based on how many times the relative ad has been viewed. These cookies can be administered by third parties working for advertisers as well. The user can choose to accept (opt in) those cookies or not before they are administered. This Site does not use this type of cookies.
Cookies for Social-Media Sharing
These cookies from third parties – if links are present on the site – are used to integrate various functionalities from the main social-media channels, providing them on the site. Specifically, they allow for registration and authentication via Facebook and Google connect, as well as sharing pages and comments from the site on social media, allowing for users to put “likes” on Facebook and “+1s” on G+. Here are links to the respective cookie-policy pages in order to manage authorizations.
- Facebook – https://www.facebook.com/about/privacy
- Instagram – https://help.instagram.com/196883487377501
- Youtube – https://www.youtube.com/static?template=privacy_guidelines
- Twitter – https://twitter.com/privacy
Opting Out of Cookies
Laws on the protection of personal data allow for users to disable cookies already administered. Opting out is allowed for technical cookies (article 122 of the Code) as well as for cookies that are not part of the previously accepted technical cookies (where the user “opted in”).
As per that distinction, the user can disable and/or cancel cookies (opt out) via his browser settings and disable and/or cancel individual non-technical cookies put into place by third parties by accessing, for users located in the European Union, a site managed by the European Interactive Digital Advertising Alliance (EDAA) at www.youronlinechoices.eu. For users in the United States, the link is http://www.aboutads.info/choices/. These sites are not managed by the Controller, and therefore it assumes no responsibility for the content contained within.
How to enable or disable cookies in your Browser
The user can block cookies in his web browser. However, this may have an impact on some websites, which may not be able to correctly offer various functions if cookies are blocked. Here, we provide information on how each of the main web browsers allows for the blocking of cookies:
- Internet Explorer: http://windows.microsoft.com/it-it/internet-explorer/delete-manage-cookies#ie=ie-11
- Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
- Chrome: https://support.google.com/chrome/answer/95647?hl=it
- Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT
Categories of individuals that may have access to users’ Personal Data
Personal data may be seen by employees or collaborators of the Controller, or by third parties working directly for the Controller, designated as processors of the data as per articles 29 and 30 of the Code, and they will be given specific instructions to this end; the same may happen – carried out by the processors designated by the Controller – with employees or collaborators of the Processors.
Rights of users as per article 7 of the Code
“Article 7 – Right to access personal data and other rights”
- A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of it being already recorded, and communication of such data in intelligible form.
- A data subject shall have the right to be informed
a) of the source of the personal data;
b) of the purposes and methods of the processing;
c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2);
e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
- A data subject shall have the right to obtain
a) updating, rectification or, where interested therein, integration of the data;
b) erasure, anonymiszation or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
- A data subject shall have the right to object, in whole or in part,
a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.
Mechanisms for exercising rights as per article 7 and for accessing the list of data controllers
The user can, at any time, exercise his rights as per article 7 of the Code, by sending an email or a letter via regular mail to the Controller of the personal data.
Furthermore, the user can, provided he has given consent, oppose the processing of his data via email, clicking on the dedicated link provided in every email message.