Disclosure pursuant to EU regulation 2016/679 (“GDPR”)
WHO WE ARE: THE “HOLDER OF THE TREATMENT”
The “holder” of the treatment is: RM S.r.l. with registered office in Via Cella 275/L – San Bartolo, 48125, Ravenna (Italy), VAT number 00581130390.
The contact details are as follows: Tel. +39 0544 498601, Fax +39 0544 498609 – E-mail: email@example.com
PERSONAL DATA PROCESSED AND PURPOSE OF PROCESSING
The computer systems and software procedures used for the operation of this website acquire some personal data whose transmission is implicit in the use of Internet communication protocols .This category of data includes IP addresses or domain names of computers and terminals used by users, URI/URL addresses (Uniform Resource Identifier/Locator) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters relating to the operating system and computer environment. These data, necessary for the use of web services, are also processed for the purpose of:
- obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or day, geographical areas of origin, etc.);
- check the correct functioning of the services offered.
The navigation data do not persist for more than seven days and are deleted immediately after their aggregation (except for any need to ascertain crimes by the judicial authority).
Data communicated by the use
The optional, explicit and voluntary sending of messages to the contact addresses published on the website, as well as the compilation and forwarding of the forms on the website, involve the acquisition of the sender’s contact data, necessary to respond, as well as all personal data included in the communications.
Specific information is published on the pages of the website prepared for the provision of certain services, with a request for consent to processing.
Data acquired through Social Network
If you connect to a company social page via a social login (i.e. the account of a social network you are a member of), we can collect the data that you publish on that social network, even according to the privacy settings you set (e.g. information contained in the message/post to respond to requests for information or assistance, images, or information taken from the published profile). Specific information on the processing of data by social platforms is made available by them (e.g. https://www.facebook.com/privacy/explanation).
- Facebook: Information: https://www.facebook.com/policies/cookies/
- LinkedIn: Information: https://www.linkedin.com/legal/cookie-policy
- Instagram: Information: https://help.instagram.com/519522125107875
- Youtube: Information: https://www.youtube.com/
LEGAL BASIS OF THE TREATMENT
The company may process the above personal data even without specific consent, except as required for the completion of specific forms, as the legal basis for the lawfulness of the treatment derives from the execution of pre-contractual measures taken at the request of the person concerned (eg. request for information via email), as well as for the pursuit of the legitimate interest of the company to promote and achieve its statutory purposes. The provision of data for the above purposes is free and optional, however, any refusal involves the impossibility for the company to follow up on the above purpose.
MODALITY OF THE TREATMENT
The data shall be entered into an electronic database and/or stored in paper files. The data are not subject to an automated decision-making process, nor is profiling of any kind carried out.
RECIPIENTS OF THE DATA
The personal data may be known by the collaborators and employees of the company, as authorized subjects to the treatment and specially trained. The data may be communicated to external subjects (e.g. companies that manage web platforms, associated companies, external consultants, subcontractors, etc.) for the purposes outlined above, if there is a need for their involvement. The same subjects will operate as independent Data Controllers, or will be designated as Data Processors.
PERIOD OF DATA RETENTION
The company will keep the data for the time strictly necessary to achieve the above purposes and also to respond to any need for access and recovery of data. After 24 months from the acquisition (7 days for navigation data), if there is no further need for contact or storage obligations, the data will be deleted.
THE RIGHTS OF THE INTERESTED PARTY
The rights of the interested party include those of:
- to request access to your personal data and information relating to them; the rectification of inaccurate data or the integration of incomplete data; the cancellation of personal data (if one of the conditions indicated in art. 17, paragraph 1 of the GDPR occurs and in compliance with the exceptions provided for in paragraph 3 of the same article); the limitation of the processing of personal data (if one of the hypotheses indicated in art. 18, paragraph 1 of the GDPR occurs);
- request and obtain – in cases where the legal basis of the processing is the contract or consent, and the same is carried out by automated means – personal data in a structured format and readable by automatic device, also in order to communicate such data to another holder of the treatment (so-called right to portability of personal data);
- object at any time to the processing of personal data to the occurrence of special situations concerning him;
- revoke consent at any time, limited to cases where the processing is based on consent for one or more specific purposes and concerns common personal data (e.g. date and place of birth or place of residence), or particular categories of data (e.g. data revealing health or sex life). Processing based on consent and carried out prior to the revocation of consent shall, however, retain its lawfulness;
With reference to the purposes indicated above, the interested party has the right to proceed, at any time, to the request for cessation of treatment and the sending of email communications by the company, with a request to be presented to the contacts indicated above.
RIGHT TO FILE A COMPLAIN
If the data subject considers that there is a breach in the processing of your personal data, he or she may file a complaint with the Control Authority of the place where he or she habitually resides, works or where the alleged breach has occurred. In Italy you can lodge a complaint with the Data Protection Authority.