INTRODUCTION AND REGULATORY REFERENCES
The data controller for the personal data acquired through the website is Sguardisegreti Srl based in Via Romania, 13/15 – 46042 Castel Goffredo (MN).
GENERAL PRINCIPLES ON THE PROCESSING OF THE USER’S PERSONAL INFORMATION
Your personal information will be collected, archived, processed and transmitted in accordance with the criteria established by Sguardisegreti Srl and with applicable laws, rules and regulations on data processing. The principles relating to the processing of the user’s personal information are as follows:
(1) the User’s personal information will be processed in a correct and lawful manner;
(2) the User’s personal information will be collected for specific, explicit and legitimate purposes and subsequently processed in a manner compatible with those purposes;
(3) the User’s personal information collected will be relevant, complete and proportionate to the purposes for which it is collected;
(4) the User’s personal information collected will be accurate and, if necessary, updated to the best of our ability;
(5) the User’s personal information will be protected against unauthorised access and processing through commercially and reasonable technical and organisational security measures and controls; and
(6) the User’s personal information collected will be stored as personal data for no longer than the time necessary to pursue the purposes for which the personal information was collected.
TYPES OF DATA COLLECTED
The website may collect different types of information when the user accesses or uses the Website: “Personal information” means any information that directly identifies the user or information otherwise defined as “personal identification” in accordance with current legislation. This includes, but is not limited to, information such as name and surname, company name; e-mail address; phone number, etc. The systems used may automatically record data on the use of the Website by the user. The site can record information such as the areas of the Website visited by the user, the activities carried out, the IP address or information on the computer or software used to access the Website. Similar information, such as device type and identifier, can be collected if you access the Website from a mobile device. This data is used to check its correct functioning and is deleted immediately after processing. This information could be used to ascertain responsibility in case of hypothetical cyber crimes to the detriment of the Website.
DATA PROCESSING PURPOSE
We gather, store and process your personal data for the following purposes:
• For an effective management of the Website and the services offered by it;
• To provide the services offered and manage business needs;
• For sending newsletters and for marketing activities;
• For contacting users directly (for example, by e-mail) following requests received through the website or for providing support services;
• Compliance with legal obligations.
The website does not provide a request form for the provision of data by users. The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website (through the address firstname.lastname@example.org) involves the subsequent acquisition of the sender’s address, which is necessary to answer to requests, as well as any other personal data included in the message. The processing to which the personal data referred to above will be subjected has the sole purpose of allowing our Company, the Data Controller, to answer questions, queries, requests for clarification, or to accept suggestions from the users. The data will not be disseminated and may be known by collaborators specifically designated and/or authorised to process them, as data processors or authorised persons.
DATA PROCESSING AND SECURITY PROCEDURES
The use of your personal data will take place with the support of paper, computer or electronic means for the purposes indicated below, for the time strictly necessary to achieve the purposes for which they were collected, or, where possible, until when the data controller receives a request for deletion of data for which consent to processing is optional and not mandatory. Your personal data are, in any case, processed in compliance with the provisions relating to the confidentiality of personal data contained in the Regulations and in the Provisions issued by the Data Protection Authority. We use commercially reasonable technical and organisational measures and controls to protect your personal information against loss, misuse and unauthorised access. Your personal data will be stored in databases on our servers and on those of our trusted suppliers (located in the United Kingdom), acting as processors or sub-processors within countries of the European Economic Area where approved contractual clauses for the secure transfer of data are in force. Newsletter subscription and company marketing By subscribing to our newsletter service for receiving information on promotions, offers, initiatives, etc., you agree to provide your data for this purpose. The requested data are essential for receiving our communications. To stop receiving promotional material, you can notify us at any time that you no longer wish to use this service. To do so, simply use the “Unsubscribe” option described and available at the bottom of each e-mail received.
PERSONAL DATA COMMUNICATION
With the exception of communications made in fulfilment of a legal obligation, regulation or Community legislation, your data will not be disclosed. The Data Controller collaborates with law enforcement agencies and other public entities and authorities to enforce the law and the rights of other users and third parties, including their intellectual property rights. Therefore, your personal data may be disclosed, including but not limited to, to public entities, in the event that this should be necessary for purposes of defence, state security, prevention, detection or repression of crimes, in compliance with the rules governing this matter. These public entities are entitled to request and obtain personal information concerning you also when this is necessary or appropriate for investigations or ascertainments relating to the commission of fraud, computer fraud, the violation of intellectual property rights, hacking acts or other illegal activities, which could expose either us or our users to legal, civil or criminal liability.
RIGHTS OF THE DATA SUBJECTS AND EXERCISE OF RIGHTS
In compliance with current legislation, at any time you can request:
1. Confirmation of the existence or not of your personal data;
2. To be informed of the content, origin, purposes and methods of the processing;
3. The logic applied when data is processed with the use of electronic equipment;
4. The identification details of the data controller, data processors, persons or categories of persons to whom the data may be communicated or who may come to acquire knowledge of. Furthermore, it is your right to obtain:
1. The update, adjustment, integration and the right to data portability;
2. The cancellation, transformation into anonymous form, or the blocking of data processed in violation of law;
3. The opposition in any case, for legitimate reasons, to the processing of data pertinent to the purpose of the collection. Under the Regulation, you will also have the right to lodge a complaint with a supervisory authority. To exercise your rights, you can contact the Data Controller:
Via Romania, 13/15
46042 Castel Goffredo (MN)
Tel: +39 0376 771094
Use of the website by minors
The website is not intended for persons under the age of 18. We do not intentionally collect or request personal information about minors.