Article. 3 of this regulation provides that: “This Regulation applies to the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not.”
Holder of the treatment (The Data Controller)
The Data Controller of the personal data of the Users of the Site is Mr. Domenico Maffia (now also the “Data Controller”), based in Kubelíkova 1224/42, 130 00, Praha 3 – Žižkov.
E-mail to contact the Data Controller and request the cancellation of your data, if collected, subject to your consent: firstname.lastname@example.org
Personal information we collect
In accordance with the new European legislation introduced by EU Regulation 679/2016, consultation of the Site and the possible Tips that the User can request through the appropriate form on the Site, may involve processing of data suitable for directly or indirectly identifying a natural person such as: name, surname, residential address, e-mail address, telephone number, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”.
The site does not require the interested party to provide so-called data “Particular”, that is, according to the provisions of the GDPR (art. 9), personal data that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, or union membership, as well as genetic data, data biometrics intended to uniquely identify a natural person, data relating to the health or sexual life or sexual orientation of the person. In the event that the requested service requires the processing of such data, the interested party will receive specific information in advance and will be asked to give explicit consent.
These data are acquired even in the absence of registration on the Site or request for information.
The navigation data are used exclusively in aggregate to process anonymous statistics on the consultation of the Site and to check its correct functioning and do not allow the identification of the users concerned, being also deleted immediately after processing in anonymous form.
They can, however, be used to ascertain responsibility in the event of computer crimes committed against the website.
Data voluntarily provided by the user
Personal data voluntarily provided by the User (such as name, surname, e-mail address) for the purpose of sending messages to the Site and / or ask for the Tips, are used for the sole purpose of responding to the needs of the interested party and to comply with legal obligations.
The legal basis of these treatments is the fulfillment of the services inherent in the requests made and the purchases made, as well as compliance with legal obligations.
The information that the Site User will deem to make public through the services and tools made available to him, is provided by the User knowingly and voluntarily, exempting the Site from any responsibility for any violation of laws.
It is up to the User to verify that they have permission to enter personal data of third parties or content protected by national and international standards.
Data collected through analytical cookies
The Site collect Device Information using the following technologies:
– “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
– “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.
– Facebook pixel and google analytics.
Additionally when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers, bank numbers and/or paypal data), email address, and phone number. We refer to this information as “Order Information”.
What we use your data for
The personal data collected is used for:
– obtain anonymous statistical information on the use of the web portal;
– to check the correct functioning of the web portal;
– the sending of communications and newsletters, in electronic format, to the e-mail address provided by the user;
– ascertaining responsibility in case of hypothetical computer crimes against the website;
– compliance with any other legal obligation not included in the previous purposes.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
The communication of data can be carried out only following a request by the Judicial Authority within the terms of the law.
Method and duration of the Data treatment
Personal data are processed through IT tools and in accordance with EU Regulation no. 679/2016.
The retention of the data processed will last for the time necessary for the purposes described in this statement and, therefore, for the minimum time necessary or up to an explicit request by the interested party and in any case in compliance with the time limits imposed by law.
The Data Controller undertakes to take all appropriate security measures to prevent the loss and alteration of personal data, as well as any illegal and unauthorized use of the same.
The data will be processed exclusively by subjects authorized by the Data Controller, including any data processors, representatives and public subjects for the fulfillment of the obligations established by law, who carry out their respective processing activities as independent data controllers.
The subjects authorized by the Data Controller who may process the data include but are not limited to: commercial and legal department collaborators, as well as suppliers of third party technical services, hosting providers and IT companies (this list is not to be considered exhaustive). However, the data processed will not be disclosed to undetermined recipients.
The security of the information collected cannot be guaranteed by possible hacker attacks and, in general, by violation of the security rules put in place for data protection.
In the event of attacks or violations, however, they will be communicated to the interested parties and to the competent authorities according to the law.
Place of Data treatment
The treatments relating to the services of the Site are carried out by personnel identified and expressly designated according to the specific purposes of the services requested and subscribed.
For the treatments in question, the Data Controller can make use of the help of external companies, consultants, consortia, suppliers of software and operating services, through identified and appointed personnel, within the scope of the intended purposes and in order to guarantee maximum security and confidentiality some data. In other cases, the personal data collected will not be disclosed to third parties, except with the express consent of the interested party, except in cases where communication to third parties is necessary to fulfill obligations imposed by laws, regulations or provisions of the supervisory authorities, or it is essential to protect the rights of other users or the website itself.
Personal data will be processed and stored, exclusively for the purposes indicated above and to store and store them securely, on remote servers managed by industry-leading providers that ensure compliance with high protection standards regarding the processing of personal data.
The data processed by the Data Controller will be managed within the European Union in compliance with the GDPR legislation.
Except in cases where the privacy legislation of the User’s country of residence provides for further protection, Users not residing in the European Union will be protected according to the GDPR legislation even in the event of data transfer to non-EU countries, where all or part of the servers used by the Site and by the Data Controller could be based.
The processing and storage of data by the extra-UE provider will take place towards an “adequate” third country pursuant to the decision taken by the European Commission, of which in particular the decision for the adequacy of the protection provided by the Canadian law on the protection of personal information and on electronic documents (Canadian Personal Information Protection and Electronic Documents Act), or on the basis of a contractual bond or standard contractual clauses approved by the European Commission, or binding corporate rules approved through the specific procedure pursuant to art. 47 GDPR.
In constant dat treatment, the interested party (Users) can exercise the following rights at any time:
– obtain confirmation of the existence or otherwise of the same data and, if so, know its content and origin;
– verify its accuracy request the correction of inaccurate data, the integration of incomplete data or the updating of old data;
– obtain the limitation of the processing, if one of the hypotheses provided for by article 18 GDPR occurs;
– request the deletion of data processed in violation of the law, or in the presence of one of the other conditions set out in article 17, paragraph 1, lett. a), b), c), e) and f) GDPR;
– oppose in any case, for legitimate reasons, to their treatment, or to oppose the treatment in the other cases provided for by article 21, paragraphs 2 and 3 and 22 GDPR;
– withdraw your consent freely given at any time to the processing of personal data for the purposes specified below;
– to obtain the release of the personal data being processed in a format compatible with standard IT applications, to allow it to be transferred to other platforms of your choice, without impeding the direct transmission of the data processed to another Data Controller, where such transmission is technically feasible (so-called right to data portability).
Requests relating to the exercise of the aforementioned rights must be sent to the Data Controller by e-mail (email@example.com).
In the event of failure or partial reply by the Data Controller to the aforementioned requests, the interested party will have the right to lodge a complaint with the Guarantor for the protection of personal data or a judicial appeal within the terms and in the manner provided pursuant to articles 77 and following EU Regulation 2016/679 (GDPR).
The Site is not intended for individuals under the age of 18.
Updates to the information
Future regulatory updates could lead to the modification of the current information, uploaded on the Site on 13.08.2020.
In the event of a change, the Data Controller will notify the Site.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e‑mail at firstname.lastname@example.org