Information on the protection of personal data.
Art. 13 EU Reg. 679 of 27 April 2016
Domain oliocostadoro.com: the domain, reachable through the world wide web service of the Internet, at https://oliocostadoro.com/en/, consisting of data, applications, technological resources, human resources, from the organizational rules and procedures for the acquisition, storage, processing, exchange, retrieval and transmission of information.
I. Warnings and Protection of Minors
The processing of personal data will apply the principles of lawfulness, fairness and transparency. Personal data will be collected for specific, explicit, legitimate purposes (purpose limitation) and will be adequate, relevant and limited to the purposes for which they are processed (data minimization). They will always be up to date and accurate and kept for a period of time not exceeding what is necessary for the purpose of executing the Contract, without prejudice to the fulfilment of legal and tax obligations that establish longer retention periods (limitation of conservation). Personal data will be processed by adopting all appropriate security measures to ensure the integrity, confidentiality and unavailability of unauthorized third parties (integrity and confidentiality). If not expressly indicated, the provision of personal data through the collection points on the site is reserved for adults.
II. Reference standards and legal bases of processing.
The processing operations, which we will explain below in detail, have their legal basis in the rules governing your right to the protection of your personal data, your right to privacy, and finally in those that allow you to express or revoke , at any time, your informed consent to processing operations, namely: The General EU Regulation 679 of 27 April 2016 concerning the protection of individuals with regard to the processing of personal data, as well as the free movement of such data; The informed consent, manifested in accordance with the current provisions of law (Article 6 GDPR). Fulfilment of obligations or orders to which the Data Controller is bound by law or order of the Authority (Article 6 GDPR).
III. – Nature of the data being processed.
III.1. – The optional, explicit and voluntary sending of e-mails to addresses indicated on this site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services on request. In any case – where the law provides – you will be required from time to time consent to the processing of your personal data. Exclusively after your consent, where necessary, the following categories of personal data concerning you will be or may be processed for the purposes indicated.
(a). – Common personal data, identification data.
Such as Name and Surname, Year of birth, Gender, Address, City, Province, E-mail address, Telephone number, Post Code.
(b). – Technical treatment.
The IP number and the type of browser used by you for the connection to the domain https://oliocostadoro.com/en/ (non-identifying data), automatically recorded by the logic protection and control devices, are also processed. access to the domain (LOG FILES). Such personal data will be used exclusively for the purposes of control of network traffic to the sistemae.it domain. This information is not collected to be associated with identified data subjects, but which by its very nature could, through processing and association with data held from third parties, allow you to identify users. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes to the detriment of the site: except for this possibility, at present, data on web contacts do not persist for more than seven days.
(c). – Cookies.
Furthermore, COSTA D’ORO carries out the anonymous processing and analysis procedures of the data relating to the pages of the domain https://oliocostadoro.com/en/ you have visited, found through cookies. By means of these technologies (which allow you to understand your browsing preferences, by checking the areas of the domain https://oliocostadoro.com/en/ previously visited) COSTA D’ORO can customize its services to your needs , without making unnecessary registrations. (A cookie consists of a set of data that a website sends to the browser. The above data can also be stored in the computer via an anonymous tag that identifies the computer but not the user.
(d). – Particular categories of personal data.
In the event that through the COSTA D’ORO domain, the collection of particular categories of personal data is carried out pursuant to art. 9 Reg. UE 679/2016, you will be informed in advance and put in a position to express – in the manner of law – the relative consent.
IV. – Nature of the provision, data sources.
The provision of your personal data is not normally mandatory but, in some cases, it is necessary, and therefore mandatory, to allow you to benefit from the services and functionalities of the site.
IV.1. – Data whose transfer is necessary.
IV.1.1. – The provision of some personal data is necessary, and therefore mandatory, to give effect to your specific requests; you are always free / or not to provide your personal data, but in this case it may be impossible for the Data Controller to meet your requests, meet your needs or make them use, in their entirety, all the features available on the site – These identification data will be processed both on paper and electronic media, and will be stored by COSTA D’ORO exclusively for the necessary time. Once these retention times have elapsed, the personal identification data will be deleted automatically.
IV.1.2. – Data Sources.
We will collect your data, directly from you, through your interactions with the site https://oliocostadoro.com/en/
V. Purpose of the Treatment.
COSTA D’ORO, in addition to the necessary treatments in relation to legal obligations, regulations, or deriving from the order of the Authority, will carry out, only with your consent, if necessary, the operations necessary to allow you to benefit from the services and features of the site https://oliocostadoro.com/en/ and the services indicated therein.
V1. – Methods of processing your personal data.
In relation to all the purposes indicated in the previous paragraphs, your personal data will be the subject of computer and paper processing and processed by special computer procedures in order to customize the services that COSTA D’ORO is able to offer. The data will be processed in such a way as to guarantee its logical and physical security and confidentiality, and may be carried out using manual, computerized and telematic tools designed to store, transmit and share the data. The logic of the treatment will be strictly related to the purposes pursued.
VI.1. – Security and data storage.
VI.1.1. – Your personal data will be stored within the European Union, the related security policies are reviewed in accordance with the relevant Best Practices.
VI.1.2 – Profiling, automated decision making.
VII. – Recipients of data and transfers abroad.
VII.1. – Managers and persons in charge of data processing.
They may come to know the personal data, referred to in this information, as managers or persons in charge of processing: within COSTA D’ORO, qualified personnel, each limited to their duties and duties and based on the tasks assigned and instructions given. outside COSTA D’ORO third parties, also specifically designated as Managers or persons in charge of processing – of which COSTA D’ORO makes use of various services and exclusively to perform these services – each one limited to their own duties and duties and basis of the tasks assigned and the instructions given.
VII.2. – Communication (to certain external subjects) of the data.
COSTA D’ORO, for the ordinary management, accounting and administrative activities, will be able to communicate your personal data, upon acquisition of your consent in the manner of the law, where provided, in compliance with security measures, to third party service providers for the sole purpose to perform the services you have requested, such as: – postal service companies, – law firms and notaries, – consultants, also in associated form, – other service companies, as well as other entities in compliance with any legal obligations (such as institutions insurance, police forces, judicial authorities, etc.). The list of such subjects to whom the data may be communicated is available at the headquarters of the Data Controller.
VII.3. – Transfer of personal data abroad.
COSTA D’ORO does not transfer personal data abroad on its own initiative. However, some third parties, service providers, may have their servers physically located abroad (as in the case of an e-mail provider). In such cases, the transfer of data abroad will take place exclusively within the scope and in compliance with EU Reg. 679/2016 Art. 44 ss.
VII.4. – Circulation (to external undetermined subjects) of the data.
Under no circumstances will personal data be circulated.
VIII. – Rights of the interested party.
Articles 15 to 22, GDPR confer on the interested parties the exercise of specific rights. Article. 15 GDPR recognizes the right of individuals to access their personal data and to obtain a copy thereof. The right to obtain a copy of the data must not affect the rights and liberties of others. With the application for access, the interested party has the right to obtain from COSTA D’ORO confirmation whether or not data are being processed on their personal data and to know the purposes and categories of data processed, the third parties to whom data are communicated and if the data are transferred to a non-EU country with adequate guarantees. The interested party also has the right to know the storage time of their personal data and has the right to request the correction of inaccurate data and the integration of incomplete data, the cancellation (right to be forgotten) under the conditions indicated in the art. . 17, GDPR, the limitation of the processing, the revocation of consent, the portability of data and the right to object, at any time and without having to provide justifications, to the treatment for direct marketing purposes. The rights may be exercised by e-mail to the address of COSTA D’ORO, or by ordinary mail to the address indicated below. The Data Controller may need to identify the Data Subject by requesting to provide a copy of his / her ID. The interested party who believes that the processing of their personal data violates the provisions of the GDPR or of the internal regulations regarding the protection of personal data has the right to propose a complaint to the Authority for the Protection of Personal Data based in Rome, pursuant to art. 77 GDPR and / or to appeal to the judicial authority. To exercise these rights, or to obtain any other information regarding them and, more generally, to the processing of personal data, requests may be sent via e-mail to the following address: email@example.com; – by ordinary mail to COSTA D’ORO, Via Crispino Merini, 1 – 06049 – Spoleto – (PG).
IX. – Withdrawal Of Consent Questions On Privacy Access and Feedback.
If you have questions or would like more information on the processing of your personal data or exercise the rights referred to in the previous n. VI, you can send an e-mail to the administrator of the COSTA D’ORO website, writing to firstname.lastname@example.org. You can also contact us at the same address for answers about the management of information by COSTA D’ORO. Before COSTA D’ORO can provide or modify any information, you may need to verify your identity and answer some questions. Our response will be provided as soon as possible.
X. – Data Controller.
The data controller is COSTA D’ORO based in Via Crispino Merini, 1 – 06049 – Spoleto – (PG).
XI. – Responsible for the Protection of Personal Data.
COSTA D’ORO has not appointed the Person in Charge for the Protection of Personal Data since it is not held pursuant to art. 37 of the EU Reg. 679/2016.
XI.1. – Responsible for processing.
The complete list of data processors is available at the headquarters. The present mandatory information is subject to updating, depending on possible changes in the applicable legal provisions.