INFORMATION REGARDING THE PROTECTION OF PERSONAL DATA

Pursuant to article 13 of Regulation (EU) 2016/679

In compliance with the provisions pursuant to and for the purposes of article 13 of Regulation (EU) 2016/679 ______________________, in its capacity as Data Controller, in the person of its pro tempore legal representative, informs users regarding the purposes and methods of processing personal data, their scope of communication and dissemination and how they are provided.

  1. TYPE OF DATA PROCESSED

IP addresses or domain names of computers by which users connect to the Site, URI (Uniform Resource Identifier) addresses of the requested resources, time of the request, method used to submit the request to the server, size of the file obtained in response, numerical code indicating the status of the response given by the server (successful, error, etc.), other parameters relating to the operating system and the user’s IT environment, information relating to the user’s behaviour on the Site and to pages that have been visited or searched, in order to select and make specific advertisements to the Site user and data relating to browsing habits on the Site using, for example, cookies. While processing personal data that can, directly or indirectly, identify you person, we strive to comply with the principle of strict necessity. For this reason, we have configured the Site in such a way that the use of personal data is reduced to a minimum and, in such a way, as to limit the processing of personal data that allow you to be identified only in case of need or at the request of the authorities and Law Enforcement (such as, for example, as it pertains to data relating to Site traffic, the duration of your Site visit and your IP address) or to ascertain responsibility in the event of alleged cyber crimes against the Site.

Some personal data will be requested in some sections of the Site. The data to be processed will be used to respond to any requests received by you.

  1. PURPOSE AND LEGAL BASIS OF PROCESSING AND STORAGE TIMES
  1. Profiling and profiling marketing:
    • legal basis: your optional and freely given consent, which can be revoked at any time. Please refer to the specific Notice relating to the Service, which will be made available from time to time to the data subject and in the dedicated “Cookie Notice” section;
    • storage: until revocation of your consent, in any case no later than____________;
  1. prevention and repression of fraud/abuse/fraudulent activities carried out through the website:
    • legal basis: the legitimate interest of the Data Controller;
    • storage: personal data are kept for a maximum of 180 days and thereafter deleted or made anonymous;
  1. ascertainment, exercise or defence of a right of the Data Controller in court:
    • legal basis: the legitimate interest of the Data Controller;
    • storage: personal data are kept for the entire duration of the complaint and/or out-of-court and/or in-court judicial proceedings, until the terms of legal protection and/or appeals have run out.
  1. METHOD AND DATA SECURITY

Your personal data will be processed by means of automated tools in compliance with the principle of necessity and proportionality, avoiding the processing of personal data if the operations can be carried out through the use of anonymous data or by other means. We have adopted specific security measures to prevent the loss of personal data, as well as their illicit or incorrect use and unauthorized access; however, keep in mind that it is essential for the security of your data that your device be equipped with tools, to include continuously updated antivirus, and that your Internet provider safely transmit data through firewalls, spam filters and similar safeguards.

  1. COMMUNICATION AND DISCLOSURE

The data may be communicated to third parties for the performance of functional activities to the structure, such as website maintenance and management and, more generally, to all the employees, including of Third Parties (providers of services, infrastructures, IT and alike) who are involved in its management and oversight and are duly appointed as data processors. In this case, use by third parties will be in complete compliance with the principle of fairness and lawfulness.

It is not foreseen the transfer of data in countries outside UE. Otherwise, it will communicated to the user ex. Art. 13, para. 1, letter f) for 2016/679 UE Regulation, according to what required by the same Regulation.

The data will not be disclosed.

  1. DATA SUBJECT RIGHTS 

Rights pursuant to Arts. 15, 16, 17 18, 20, 21 and 22 of Regulation EU 2016/679 

As data subject, in addition to the right to file a complaint with a supervisory authority, you are also afforded the rights listed below, which you can exercise by submitting a specific written request to the Data Controller, as indicated in point 1. 

Art. 15-Right to Access 

Art. 16 – Right to Amend 

Art. 17 – Right to Delete (Right to be forgotten) 

Art. 18 – Right to Limit Processing 

Art. 19 – Requirement to Notify if data are amended or deleted

or Right to Limit Processing

Art. 20 – Right to Data Portability 

Art. 21 – Right to Object 

Art. 22- Right not to be the subject of automated decision-making, including profiling

In order to exercise the rights afforded to you by Arts. 15 et seq. of EU Regulation 2016/679, you must write to _________________________________, sent to _________________________________, to the attention of the Data Controller.

  1. DATA CONTROLLER AND DATA PROCESSORS

The data controller is Cristiano Bortolotti. 

The updated list of external processors may be consulted by submitting a written request to the data controller referred to above

  1. DATA PROTECTION OFFICER

The Data Protection Officer (“DPO”) can be reached at the administrative office in Genova – by email at: alessia@tpgs.ch