Privacy e GDPR
Privacy Statement EU Regulation 2016/679 e
Legislative Decree 196/2003
Pignacca Francesco Guido Giuseppe, P.I: 02547240743 as Data Controller (hereinafter, “Owner”), informs, pursuant to art. 13 D. Lgs. 196/2003 (hereinafter, “Privacy Code”) and art. 13 EU Regulation 2016/679 (hereinafter, “GDPR”), which will process user data (hereinafter “User” and / or “Users”) collected through the website www.animapuglia.it (hereinafter also ” Site “) in the manner and for the following purposes.
Type of data processed through the Site
The Data Controller processes the following types of personal data (hereinafter “data”) provided by the Users of the Site when they are consulted and browsed and in particular:
Data obtained while browsing a User on the Site
The computer systems, cookie technology and software procedures used to operate the Website acquire, during their normal operation, some data whose transmission is implicit in the use of the Internet. This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified as navigators. This category of data includes, for example, the IP addresses or the domain names of the computers used by the Users who connect to the Site, the pages visited by Users within it, the domain names and the addresses of the websites by the which the User has accessed (via referral) to the Site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used in submitting the request to the web server, the size of the file obtained in response, the numeric code indicating the status of the response given by the web server, and other parameters relating to the type of browser (eg Internet Explorer, Chrome, Firefox …), operating system (eg Macintosh, Windows) and all User’s computer environment.
This data is collected by first-party technical cookies and third-party analytical cookies. For more information on navigation data, users are invited to consult the Website Cookie Information.
Personal data provided by Users
The Site is accessible to the User without needing to be identified for the purpose of consultation. However, the User has the option, if he wishes, to provide the holder with his own identification data including for example name and surname, e-mail, in order to receive information on the structure and commercial offers on the products / services present on the site and this either directly, or by filling in the contact form or newsletter registration form.
Purpose of the processing
The data provided by the User will be processed without the prior consent of the User pursuant to art. 24 lett. b) Privacy Code and art. 6 lett. b) GDPR, for the following Service purposes:
for the management and processing of statistical surveys on the use of the Site;
to perform the maintenance and technical assistance necessary to ensure the correct functioning of the Site and the services connected to it;
to improve the quality and structure of the Site, as well as to create new services, features and / or characteristics of the same;
to allow the User to find the information to increase his knowledge on the topics present on the site and on the products and services offered by it;
to process any request for contact forwarded by the User by filling in the appropriate form or by email;
to allow the holder to exercise his rights in court and repress unlawful conduct;
to fulfill legal or regulatory obligations.
– Nature of the provision: necessary – Consequences of refusal to provide data: Failure to provide the data will prevent the Data Controller from executing the activity from the requested user. – Data protection measures: The operating system of the server, in which the website and the database are allocated, is installed on a cloud-based hardware infrastructure provided by the company Hostgator which is able to guarantee high levels of integrity, availability and confidentiality of the information.
The data held by the site owner (e-mails and names of any contacts) are stored in computers and are accessible only to the owner and protected by access passwords and external antivirus and anti-intrusion systems. Any other external iCloud systems will further ensure data retention based on current regulations.
– Nature of the provision: necessary – Consequences of refusal to provide data: Failure to provide the data will prevent the Data Controller from executing the activity from the requested user. – Data protection measures: The operating system of the server, in which the website and the database are allocated, is installed on a cloud-based hardware infrastructure provided by the company Hostgator which is able to guarantee high levels of integrity, availability and confidentiality of the information.
The data held by the site owner (e-mails and names of any contacts) are stored in computers and are accessible only to the owner and protected by access passwords and external antivirus and anti-intrusion systems. Any other external iCloud systems will further ensure data retention based on current regulations.
The data provided by the User will be processed, subject to the User’s consent pursuant to art. 23 Privacy Code and art. 6 lett. a) GDPR, for the following commercial purposes:
to allow the sending of commercial communications to the User by electronic mail on products, initiatives and / or services offered through the website and / or newsletters containing information on the services offered by the structure.
– Nature of the provision: optional
– Consequences refusal to provide data: Failure to grant consent, although it will also allow the Data Controller to execute the requested activity, will prevent the Data Controller from identifying the services that are compliant and more suited to its needs.
Nature of Data Provision
The provision of data by the User is necessary for the purposes of Service referred to in point 1 of the previous paragraph and optional for the purposes of service referred to in point 2. Any refusal to provide such data may make it impossible to provide services.
Mode, Place and Duration of Treatment
The processing of user data is carried out by means of the operations indicated in art. 4 Privacy Code and art. 4 n. 2) GDPR and in particular: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, access, use, interconnection, blocking, communication, cancellation and destruction of data.
The Data Controller processes Users’ Personal Data by taking appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
Processing is carried out using IT and / or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Owner, in some cases, external Data (such as third party technical service providers, hosting providers, IT companies, communication agencies) may also have access to the Data, also appointed, if necessary, Data Processors by the Owner.
The updated list of Data Processors may always be requested from the Data Controller.
Place
The Data is processed at the Data Controller’s operational headquarters and in any other place where the parties involved in the processing are located. For further information, contact the Owner. Duration of Treatment: only for the time strictly necessary to achieve the purposes for which they were collected and, in any case, no later than 2 years from their collection for the purposes of Service referred to in point 1 paragraph II and no later than 1 year from their collection for the Commercial purposes referred to in point 2 of paragraph II.
Details on the processing of personal data:
To be able to contact the User
Contact form on the site
The User, by filling in the contact form with his own data, consents to their use to respond to requests for information, quotations, or any other nature indicated by the form header.
Personal Data collected: surname, email, telephone number, and various types of Data as specified by the privacy policy of the service.
Contact by phone
Users who have provided their telephone number may be contacted to provide more information on the requested service or, following consent, for commercial or promotional purposes related to this activity, as well as to satisfy support requests.
Personal Data collected: telephone number.
For site statistics management
The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.
Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of this site, compiling reports and sharing them with other services developed by Google.
Google may use Personal Data to contextualize and personalize the ads of its own advertising network.
Personal Data collected: Cookies and Usage Data.
Place of processing: USA – Privacy Policy – Opt Out
Google Tag Manager (Google Inc.)
Google Tag Manager is a statistical service provided by Google Inc.
Personal Data collected: Cookies and Usage Data.
Place of processing: USA – Privacy Policy
To view content from external platforms
This type of service allows you to view content hosted on external platforms directly from the pages of this site and to interact with them.
In the event that a service of this type is installed, it is possible that, even if the Users do not use the service, it collects traffic data relating to the pages in which it is installed.
Google Maps widget (Google Inc.)
Google Maps is a map visualization service managed by Google Inc. that allows this Application to integrate such content within its pages.
Personal Data collected: Cookies and Usage Data.
Place of processing: USA – Privacy Policy
Access to data
The data may be made accessible only for the purposes mentioned above to the following subjects:
Data controller (website owner) in his capacity as appointee / authorized and / or internal controller of the processing and / or system administrator and any additional internal officers / authorized specifically indicated by the Data Controller.
Third party companies or other subjects that carry out outsourced activities on behalf of the owner, (eg e-mail service manager, web agency, advertising agency, webmaster) in their capacity as external data processors pursuant to Article 29 of the Code regarding protection of personal data.
Data communication
Without the express consent of the User (as per article 24 letter a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate the data of the User for the purposes of Service pursuant to art. II.1) to Supervisory Bodies, Judicial Authorities as well as to all other subjects to whom the communication is obligatory by law for the accomplishment of the said purposes, as independent data controllers. Users’ data will not be disclosed.
Data transfer
The personal data provided by the User can be used only to allow the sending of communications related to the requested service, by e-mail or telephone for initiatives and / or services offered by the site and / or, in case of specific consent, newsletter containing in-depth information on the main topics related to the services offered.
Outside of this case, the management and storage of data will take place on servers located within the European Union or the USA and / or, in particular for web servers where the web space of the site resides (www.aruba. it which provides its own privacy policy – https://www.aruba.it/domini/contratti/arubapolicyprivacy.aspx). The data acquired with the consent of the user based on point 2 on the Purpose of the Treatment, will not be object of transfer outside the European Union.
Third party websites
It should be noted that if the Site contains links to websites of third parties, the Data Controller cannot exercise any control over the content of these websites or have any access to the personal data of the users visiting them .
The owners of the aforementioned websites will therefore remain the sole and exclusive owners and managers of the processing of the personal data of their users, the Data Controller remaining outside such activity as well as any liability, prejudice, cost, which may arise. from its failed or incorrect completion.
Users’ Rights
The User will have the right to exercise the rights referred to in art. 7 Privacy Code and art. 15 GDPR.
In particular, the User has the right at any time to obtain from the Data Controller confirmation of the existence or not of personal data concerning him, even if not yet recorded, and their communication in intelligible form.
In relation to the treatments described in this Notice, the interested party may, under the conditions established by the GDPR, exercise the rights sanctioned by articles 15 to 21 of the GDPR and, in particular, the following rights:
right of access – article 15 GDPR: right to obtain confirmation that a processing of personal data concerning him is in progress and, in this case, to gain access to your personal data, including a copy of the same.
right of rectification – article 16 GDPR: right to obtain, without unjustified delay, the correction of inaccurate personal data concerning him and / or the integration of incomplete personal data;
right to cancellation (right to oblivion) - article 17 GDPR: the right to obtain, without unjustified delay, the deletion of personal data concerning him.
right to limitation of treatment – article 18 GDPR: right to obtain the limitation of the treatment, when:
the data subject disputes the accuracy of the personal data, for the period necessary for the data controller to verify the accuracy of such data;
the processing is unlawful and the data subject opposes the deletion of personal data and requests instead that its use be limited;
personal data are necessary for the interested party to ascertain, exercise or defend a right in court;
the data subject has opposed the processing pursuant to art. 21 GDPR, in the period of waiting for the verification regarding the possible prevalence of legitimate reasons of the data controller with respect to those of the interested party.
right to data portability – article 20 GDPR: right to receive, in a structured format, commonly used and readable by an automatic device, the personal data concerning him provided to the Owner and the right to transmit them to another holder without impediment, if the treatment is based on consent and is carried out by automated means.
right to object – Article 21 GDPR: the right to object, at any time for reasons connected with his particular situation, to the processing of personal data concerning him based on the condition of lawfulness of the legitimate interest or execution of a task of public interest or the exercise of public authority, including profiling, unless there are legitimate reasons for the Data Controller to continue the processing that prevails over the interests, rights and freedoms of the data subject or to ascertain, exercise or defend a right in court. In addition, the right to object to processing at any time if personal data is processed for direct marketing purposes, including profiling, to the extent that it is connected to such direct marketing.
The above rights may be exercised, against the Owner, by contacting the references described above.
The exercise of rights as an interested party is free of charge pursuant to Article 12 of the GDPR. However, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Data Controller may charge a reasonable fee, in light of the administrative costs incurred to handle the request, or deny the satisfaction of his request.
RIGHT OF WITHDRAWAL:
The data subject has the right to withdraw his consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent prior to revocation.
CLAIM RIGHT:
Mode of exercise of rights
To exercise the rights referred to in the previous article, the User may, at any time, contact the owner of the site via email info@animapuglia.it
The interested party has the right to lodge a complaint with the Italian Data Protection Authority, Piazza di Montecitorio n. 121, 00186, Rome (RM)
Data Controller and Data Processor
The data controller is Pignacca Francesco Guido Giuseppe, 72017 Ostuni BR P.I: 02547240743
email: info@animapuglia.it
Information Updates
We inform you that this Information will be subject to periodic updates which will be highlighted on the Site.
Date of last modification
This information was updated on 11/05/2018.