With this page we intend to provide all the information required by art. 13 of EU Regulation 2016/679 (hereinafter also "Regulation" or "RGPD") regarding the processing of personal data of visitors to this website.
The information does not concern other sites, pages or online services that can be reached via hypertext links published on this website.
The information is provided, pursuant to EU Regulation 2016/679, to all users who interact with the Site and the related services.
Pursuant to the legislation on the processing of personal data:
The Data Controller is CA.DIS. SRL, based in San Marco Argentano (CS)
The data processing that originates from the consultation of this website takes place in the European Economic Area and in compliance with European standards. The processing of users' personal data is carried out by persons authorized to process the data by the Data Controller and duly instructed in accordance with articles 4.10, 29, 32.4 of the GDPR and art. 2-quaterdecies of the Code regarding the protection of personal data Legislative Decree 196/2003 as amended by Legislative Decree no. 101/2018, by means of automated and IT tools for the time strictly necessary to achieve the purposes for which they were collected.
The Data Controller processes the personal data that comes into his possession also using IT and telematic methods on the basis of the principles of treatment pursuant to art. 5 of the GDPR (lawfulness, correctness, transparency, minimization, purpose limitation, accuracy, retention limitation, integrity and confidentiality).
The Data Controller adopts specific security measures to protect the rights and freedoms of natural persons, in particular to prevent and impede the unauthorized disclosure, modification or destruction of data, loss of data, illicit or incorrect use and access unauthorized, reducing the risks concerning the confidentiality, availability and integrity of the personal data collected, in compliance with art. 32 GDPR.
3. Purposes and Legal Bases of the Controlling
3.2 The computer systems and software procedures used for the ordinary functioning of this site acquire some personal data (navigation data) whose transmission is implicit in the use of Internet communication protocols. This category of data includes the IP addresses or domain names of the computers and terminals used by users, the addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the requested resources, the time of the request, the method used in submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment.
4. Data processors, Recipients of personal data, Dissemination
4.1 Both navigation data and those provided voluntarily by the user via e-mail messages to the published e-mail addresses may be communicated to external subjects formally appointed by the Data Controller as Data Processors and belonging to the following categories:
• companies that provide maintenance services for the Site and IT systems;
• companies that provide telematic communications services and, in particular, e-mail;
• companies that perform management and maintenance services for the Data Controller's databases.
These subjects have the right to rely on additional, their own data processors, operating in the same areas.
4.3 The data may also be communicated to additional external subjects, operating as independent Data Controllers such as the Judicial, Administrative or other public entity entitled to request them, in the cases provided for by law.
4.4 The Data will not be disseminated.
4.5 The person in charge of the controlling is the administrator of the company Data Controller.
As required by art. 37, seventh paragraph, of the GDPR, the contact details of the Data Protection Officer are shown below:
5. Data Retention Period
5.1 With reference to the navigation data collected for the purpose referred to in point 3, no. 1, they are kept for a period such as to allow the Owner to guarantee the security of the users' connection to the site.
6. Nature of the communication of the Data and consequences of any failure to provide it
6.1 For the purpose referred to in point 3, no. 1, the provision of data is necessary and not optional.
7. Transfer of data to non-EU countries
7.1 The transfer abroad thus carried out is in line with this legislation, since it is implemented only to countries that have been the subject of an adequacy decision and which, therefore, guarantee an adequate level of protection of personal data, or on the basis of contractual clauses type validated by a European Supervisory Authority and compliant with the models proposed by the Commission with Decision 2010/87/EU. With specific reference to the United States of America, any transfer of data to that country is carried out exclusively to companies certified under the Privacy Shield, an agreement which requires U.S. companies to stringent obligations to protect the personal data of European citizens and subject to the control of the US authorities.
8. Rights of the interested party
8.1 The Data Controller adopts all reasonable measures to ensure data quality and to eliminate incorrect or unnecessary personal data.
8.2 The Regulation (EU) 2016/679 recognizes you, as an interested party, various rights, which you can exercise by contacting the Data Controller at the addresses referred to in points 1 and 2 of this information.
Among the rights that can be exercised, provided that the conditions provided for by the legislation from time to time are met (in particular, articles 15 and following of the Regulation) there are:
• the right to know if the Data Controller is processing personal data concerning you and, in this case, to have access to the data being processed and all the information relating to it;
• the right to rectify inaccurate personal data concerning you and/or to integrate incomplete data;
• the right to have your personal data deleted;
• the right to limitation of treatment;
• the right to oppose the treatment;
• the right to the portability of personal data concerning you;
• the right to withdraw the consent at any time, without this affecting the lawfulness of the treatment, based on the consent, carried out before the revocation.
8.3 In any case, you also have the right to submit a formal Complaint to the Authority for the protection of personal data, according to the methods that can be found at the following link: https://www.garanteprivacy.it/home.
8.4 To receive more information on your rights, you can contact the Data Controller directly, or consult the official pages of the Guarantor Authority https://www.garanteprivacy.it/home/diritti and https://www.garanteprivacy.it/web/ guest/eu regulation/rights-of-data subjects.
8.5 To exercise the rights relating to this privacy statement, send an e-mail to firstname.lastname@example.org