Privacy Policy
We are constantly committed and in this document we describe our privacy policy, indicating how your personal information is handled when you use our services and to allow you to consent to the processing of your personal data expressed and aware in the sections of THIS SITE (www .andremichielan.net) where you are asked to provide personal data.
For this reason, the contents and services offered on THIS SITE are provided only to those who explicitly request them, and specific information is published in the various sections of THIS SITE (where we collect personal data) pursuant to art. 13 of the GDPR for its acknowledgment before providing the requested data.
HOLDER OF THE TREATMENT
The DATA CONTROLLER is:
ANDREA MICHIELAN
Headquarters: Via Umbria, 11 Scorzè (VE) – 30037
VAT number: 04200040279
Email: info@andreamichielan.net
The OWNER’s structure is equipped with a Data Protection Officer (“DPO”) who is available for any information concerning the processing of personal data on THIS SITE. It is possible to contact the DPO by writing an email to info@andreamichielan.net or by sending a communication by post to the OWNER’s Headquarters (above) specifying for c.a. Data Protection Officer.
INITIAL DECLARATION
We declare that the DATA CONTROLLER applies the GDPR and provides for the protection of persons and other subjects regarding the processing of personal data. According to the indicated legislation, the treatments carried out by THIS SITE will be based on the principles of lawfulness, correctness, transparency, purpose limitation and conservation, data minimization, accuracy, integrity and confidentiality.
PERSONAL DATA OBJECT OF THE TREATMENT
By “processing of personal data” we mean any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, registration, organization, structuring, the conservation, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction(Article 4.2 of the GDPR).
We inform you that the personal data being processed will be constituted – also depending on your decisions on how to use the services of THIS SITE – by an identifier such as the name, email address, telephone number or other identification number, data relating to the location and other data suitable for making it identified or identifiable, depending on the type of services requested (hereinafter only “PERSONAL DATA”). The OWNER here does not in any case collect particular categories of data(religion, political affiliation, state of health, etc.).
The categories of PERSONAL DATA processed through THIS SITE are as follows:
Data provided voluntarily by the interested party
In the use of particular areas of THIS SITE, the processing of PERSONAL DATA voluntarily left by you may occur in order to be contacted and / or to obtain a service in exchange, such as: request for information, personalized offers, inclusion in newsletters, purchase of product or services.
Navigation data
The computer systems and software procedures used to operate THIS SITE acquire, during their normal operation, some PERSONAL DATA whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to THIS SITE, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.. These data are used for the sole purpose of obtaining anonymous statistical information on the use of THIS SITE and to check its correct functioning, to identify anomalies and / or abuses, and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site or third parties. Currently, THIS SITE is hosted on Netsons servers. THIS SITE is hosted on Netsons servers.
PURPOSE OF THE TREATMENT
The treatment we intend to carry out, with your specific consent (where necessary), has the following purposes:
- Improve navigation on the site: allow navigation, consultation and view information material on THIS SITE, as well as improve your browsing experience on THIS SITE.
- Legal obligations: to fulfill legal, accounting and tax obligations to which the CONTROLLER is subject, representing this as a legitimate processing of PERSONAL DATA (pursuant to A rt. 6.1 (c) of the GDPR).
- Responding to requests for information: Respond to requests for information, which we will receive via e-mail, telephone or chat or via the appropriate form, on services and solutions proposed on THIS SITE.
- Sending newsletters:by expressly subscribing to the Newsletter service, you agree that the e-mail address and other personal data that you have voluntarily provided us (when completing the registration form) are processed for the purpose of transmitting them periodically to the Newsletter and any other personalized service to which you subscribe, as well as to improve the effectiveness of the advertising campaigns associated with our services. By subscribing to the newsletter, you will be periodically sent e-mails containing: updates on the news of THIS SITE (new services, etc.), useful information for your business, commercial news or news from the HOLDER’s partner companies, and commercial offers of products and services offered by the Owner.Once subscribed to the newsletter, you can cancel your subscription at any time, by making an express request through the mechanism proposed in the footer of the email received.
- Marketing purposes: carry out direct marketing via e-mail (soft spam) for services similar to those subscribed or purchased by you, for the pursuit of the HOLDER’s legitimate interest in promoting products or services in which you may reasonably be interested. This unless you have opposed this treatment initially or in subsequent communications. In fact, we remind you that the treatments carried out for e-mail marketing purposes on products or services similar to those purchased by you have a legal basis in the legitimate interest of the HOLDER (ref. Recitals (47) and (70) of the GDPR, Art. 6.1 ( f) of the GDPR) to promote their products or services in a context in which the interested party can reasonably expect this type of treatment, to which he can also oppose at any time. In fact, if you wish to object to the processing of your data for marketing purposes, you can do so at any time through the mechanism proposed in the commercial email footer or by sending a request to the OWNER’s email.
- Statistical purposes and market research: to elaborate studies, research, market statistics; send you advertising material, information, commercial information, or surveys to improve the service (“customer satisfaction”) via e-mail or text message, and / or through the use of the telephone with operator and / or through the official pages of THIS SITE or on the OWNER’s social networks or other official channels.
- Fraudulent conduct: for the exclusive purposes of security and prevention of fraudulent conduct, the CONTROLLER puts in place an automatic control system that involves the detection and analysis of user behavior on the site, associated with the processing of PERSONAL DATA including the address IP. The consequences of this treatment are that if a subject attempts to engage in fraudulent conduct on THIS SITE (for example to benefit from the same promotion several times without being entitled to it) the CONTROLLER reserves the right to exclude this subject from the promotion or to adopt any other appropriate measure for their protection. This processing is also based on the HOLDER’s legitimate interest in detecting frauds and scams committed against him (ref. Recital (47) of the GDPR, Art. 6.1 (f) of the GDPR).
- Communication to third parties:only with reference to certain services, the data may be processed for purposes of communication to third parties for their third-party marketing purposes, that is to say to provide you with information and/or make offers on products, services or initiatives offered or promoted by other companies of the HOLDER and / or by its affiliated and / or controlled companies, and / or by other commercial partners and outsourcers who act as independent data controllers.
The provision of your PERSONAL DATA for the purposes of processing carried out for purposes based on the release of your consent (pursuant to A rt. 6.1 (a) of the GDPR) is entirely optional and does not affect the use of the other services of THIS SITE.
RECIPIENTS OF PERSONAL DATA
Your PERSONAL DATA may be processed by electronic means with restricted access to persons appointed and authorized by the CONTROLLER, who has prepared all the IT security measures necessary to minimize the risk of violation of privacy by third parties, and is in every moment ready to adopt the safety measures that prove indispensable.
Your PERSONAL DATA may be shared, for the “Processing Purposes” listed above, with:
- Subjects who typically act as data processors: people, companies or professional firms that provide assistance and advice to the HOLDER in management, accounting, administrative, legal, tax, financial and credit recovery matters relating to the provision of services, such as also people, companies or professional firms that carry out necessary professional assistance and consultancy activities and / or in support of the provision of the services offered on THIS SITE. The complete list of data processors is kept at the OWNER’s headquarters and you can request an updated copy at any time by sending a request to the OWNER’s email address.
- Subjects who carry out activities necessary for the services offered by the HOLDER, or subjects with whom it is necessary to interact for the provision of services, or delegated to carry out technical maintenance activities (including the maintenance of network equipment and electronic communication networks), or companies of the group or connected to the HOLDER (Italian or foreign) that carry out administrative or statistical purposes (collectively“Recipients”)
- Persons authorizedby the HOLDER to process PERSONAL DATA necessary to carry out activities strictly related to the provision of services, who are committed to confidentiality or have an adequate legal obligation of confidentiality, such as the HOLDER’s employees;
- Commercial partners for their own purposes, autonomous and distinct, for commercial information and market research, and only if you have given specific consent.
- Subjects, entities or authorities to whom it is mandatory to communicate your PERSONAL DATA by virtue of legal provisions or orders of the authorities (for example, requests by the judicial authority in the course of criminal investigations);
TRANSFER OF DATA
Some of your PERSONAL DATA are shared with Recipients who could be found outside the European Economic Area. The CONTROLLER ensures that the processing of his PERSONAL DATA by these Recipients takes place in compliance with the GDPR. Indeed, transfers can be based on an adequacy decision or on the Standard Contractual Clauses approved by the European Commission.
More information is available from the DATA CONTROLLER, in particular, to find out which treatments involve the transfer of the data in question outside the European Economic Area. Given that this transfer is necessary for your use of the service, according to current privacy legislation, it is justified pursuant to Art. 44 and following of CHAPTER V of the GDPR.
DATA STORAGE
In general, all PERSONAL DATA collected for the purposes described above will be processed for the time strictly necessary to achieve the same purposes. In any case, the DATA CONTROLLER will process the PERSONAL DATA up to the time allowed by Italian law to protect their interests (Article 2946 of the Italian Civil Code and subsequent amendments). The retention period of PERSONAL DATA varies according to the processing purpose for which they were collected:
- To improve navigation on the site: since these are data related to technical cookies, the details are described in the COOKIE POLICY.
- For legal obligations: they will be kept up to the time required by the specific legal obligation or applicable law, and subsequently, they may be kept for a longer period necessary in order to protect the interests of the HOLDER from possible responsibilities relating to supplies. <_
- To respond to requests for information: they will be used for the time strictly necessary to achieve the same purpose, and will subsequently be stored exclusively for management purposes and to protect the interests of the HOLDER from possible responsibilities based on such treatments.
- For sending newsletters or for marketing purposes or for statistical purposes and market research: they will be kept by the HOLDER until the consent given by the interested party is revoked. Once the consent has been revoked, the use of the data for these purposes will cease, but the OWNER may keep them in order to protect themselves from possible liabilities based on such treatments.
- To use the services of the site or to respond to requests for assistance or for communication with third parties:they will be used for the time strictly necessary to achieve the same purpose and, since such personal data are processed to provide the products/services, they will subsequently be stored for a longer period and for what may be necessary in order to protect the interests of the HOLDER from possible responsibilities relating to supplies.
In any case, the HOLDER has the possibility to keep his PERSONAL DATA up to the time allowed by Italian law to protect his interests (Art. 2947 (1) (3) of the Italian Civil Code) and in particular to protect himself from fraudulent conduct. More information regarding the data retention period and the criteria used to determine this period can be requested by email from the Data Controller.
RIGHTS OF THE INTERESTED PARTY
You have the right to ask the HOLDER, at any time, to access your PERSONAL DATA (according to Art. 15 of the GDPR), to correct them (according to Art. 16 of the GDPR), to cancel them (according to Art. 17 of the GDPR). GDPR), the limitation of processing (according to Article 18 of the GDPR) or to oppose their processing in the cases provided for by Article 21 of the GDPR, as well as to obtain the data in a structured format, commonly used and readable by an automatic device, that concern you (“portability” according to Art. 20 of the GDPR). All requests can be addressed by writing an email to the Owner, using the address indicated at the beginning of this document.
In any case, you always have the right to lodge a complaint with the competent supervisory authority (Guarantor for the Protection of Personal Data), pursuant to art. 77 of the GDPR, if you believe that the processing of your PERSONAL DATA is contrary to the legislation in force.
CHANGES
This PRIVACY POLICY is effective from 27 August 2020. The OWNER reserves the right to modify or simply update its content, in part or completely, also due to changes in the applicable legislation. If the changes to this Policy concern substantial changes in the processing or may in any case have a significant impact on the interested parties, the OWNER will take care to notify them appropriately to the interested parties.