We wish to inform you that the “European Regulation 2016/679 relating to the protection of individuals with regard to the processing of personal data, as well as the free movement of such data” (from now on “GDPR”) provides for the protection of people and other subjects with respect to the processing of personal data.
CRESPAIA, as “Owner” of the treatment, pursuant to art. 13 of the GDPR, therefore, provides you with the following information:
- will deal with the following types
- Automatically collected data:
during their normal operation, the computer systems underlying this website detect some data (the transmission of which is implicit in the use of Internet communication protocols) potentially associated with identifiable users.
Among the data collected , includes the IP addresses of the devices used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters concerning the operating system, the browser and the IT environment used by the user.
This data is processed, for the time strictly necessary, for the sole purpose of obtaining statistical information on the use of the site and to check its regular functioning. The provision of such data is mandatory as it is directly connected to the web browsing experience.
- Data voluntarily provided by the user.
These data can be provided through the voluntary and explicit sending of e-mail messages to the addresses indicated on the pages of this site. These operations do not require a request for consent. On the contrary, specific summary information will be reported or displayed on the pages of the site prepared for particular services on request (form). The user must therefore explicitly consent to the use of the data contained in these forms in order to send the request, which will entail the subsequent acquisition of the sender’s address and data, necessary to respond to the communications sent and / or provide the requested service.
- Automatically collected data:
- SOURCE OF PERSONAL DATA: The personal data that CRESPAIA will be in possession of are collected directly by the interested party when completing the contact form / sending email.
- CONTACT DATA OF THE D.P.O.: pursuant to art. 37, first paragraph, of the GDPR, CRESPAIA is not obliged to establish a D.P.O.
- HOLDER OF THE TREATMENT: The data controller is CRESPAIA – Località Prelato 8 – 61032 Fano (PU)
- PURPOSE OF DATA PROCESSING AND LEGAL BASIS: The processing of your data has your consent as a legal basis and is carried out for the following purposes:
- Improve the web browsing experience;
- send formative, informative and commercial communications in response to specific requests sent by mail / form;
- proceed with the subscription to the newsletter (without explicit consent);
- Evaluate user behavior and modify the content offer proposition according to their behavior (cookie).
- RECIPIENTS OF THE DATA: Within the limits pertinent to the indicated processing purposes, your data may be communicated to partners, consultancy companies, private companies, appointed as Data Processors by the Data Controller. Your data will not be disseminated in any way. The Managers and Persons in charge of the treatment in office are indicated in the Privacy Document, updated periodically.
TRANSFER OF DATA ABROAD:
the collected data will not be transferred abroad.
- STORAGE PERIOD:
The collected data will be kept for a period of time not exceeding the achievement of the purposes for which they are processed (“principle of limitation of conservation”, art.5, GDPR) or on the basis of the deadlines established by law. The verification of the obsolescence of the data stored in relation to the purposes for which it was collected is carried out periodically.
RIGHTS OF THE INTERESTED PARTY: The interested party always has the right to request the Data Controller to access your data, to correct or cancel them, to limit the processing or to oppose the processing, to request data portability, to withdraw consent to the processing. by asserting these and other rights provided by the GDPR through simple communication to the Data Controller. The interested party may also lodge a complaint with a supervisory authority.
- OBLIGATORY OR LESS OF DATA PROVISION: We inform you that the provision of data is optional for some fields and for others (indicated by an asterisk) mandatory and failure to provide mandatory data does not allow sending the form.
- CONSENT OBLIGATORY:
The provision of consent to the processing of data by means of a special tick is optional, but essential to proceed with sending the form.
- DATA PROCESSING METHODS:
The personal data you provide will be processed in accordance with the aforementioned legislation and the confidentiality obligations which inspire the activity of the Data Controller. The data will be processed both with IT tools and on paper and on any other type of suitable medium, in compliance with adequate technical and organizational security measures provided for by the GDPR.