The General Data Protection Regulation (GDPR) of the European Union
INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ARTICLE 13 OF EU REGULATION 679/2016
May 2018 version.
This policy will be reviewed and amended, if necessary, in the event of regulatory adjustments.
This notice also fully respects and complies with Recommendation no. 2/2001 of the European data protection authorities adopted on 17 May 2001 to identify certain minimum requirements for collecting personal data online and in particular the manner, timing and nature of the information that the data controller must provide to users when they connect to web pages, regadless of the purpose of the connection. It is also specified that the methods of consent will be evident, brief and easily understandable and if the original conditions of consent should change, for example of the purpose of the data processing changes, additional consent will be required in accordance with European Regulation 679/2016.
According to the rules of the Regulation, the processing carried out by ROMEI SRL will be based on the principles of lawfulness, correctness, transparency, purposes and storage limitations, data minimisation, accuracy, integrity and confidentiality.
1. Data Controller
The Data Controller is ROMEI srl, legal registered address in in Scarperia e San Piero (Registered VAT No.04503100481) whom you can contact to assert your rights.
Data Controllers contact details:
- Telephone Number: +39 0558468293
- Address: Via Giuseppe di Vittorio 7, Scarperia e San Piero (FI) Italy
- Certified E-mail: firstname.lastname@example.org
- E-mail: email@example.com
2. Data Protection Manager
The data protection manager for Romei Srl is Daria Romei who can be contacted as below:
- Telephone Number: +39 0558468293 Certified E-Mail: ROMEI.SRL@PEC.IT E-mail: firstname.lastname@example.org
3. The Purpose of Data Processing
The processing we intend to carry out, with your specific consent, where necessary, is for the following purposes:
a. To enable the services you have requested, which include the collection, conservation and processing of data for the purposes of subsequent operational management (including data collection for the purposes of spontaneous applications), technical and administrative management relating to the provision of Services and communications relating to the development the established rapport.;
b. Enable navigation and browsing of the ROMEI SRL website;
c. Respond to requests for assistance or information, which we will receive by e-mail, telephone or chat through the application, or via the form provided for this purpose;
d. Fulfil legal, accounting and tax obligations;
e. To carry out direct marketing by e-mail for services similar to those you have subscribed to, unless you object to such processing initially or subsequently, for the purposes of pursuing the legitimate interest of ROMEI SRL in promoting products or services in which you may be interested; f. If necessary carry out studies, research, market statistics; send advertising material, information, commercial information or surveys to improve the service ("customer satisfaction") via e-mail or sms, and/or by telephone operator and/or via our official social networks;
g. Make personalized commercial proposals on the basis of the products or services you have purchased, or which you have been browsing on our Site;
h. Subscription to newsletters;
i. For the sole purpose of security and prevention of fraudulent conduct, the Data Controller has implemented and automated monitoring system that detects and analyses user behavour on the website, which is associated with the processing of Personal Data including the IP address.
(3.1) Legal basis and compulsory or optional nature of data processing The legal basis for the processing of Personal Data for the purposes referred to in the preceding section is Article 6(1)(b) of the Regulation, as the processing operations are necessary in order to provice of the contracted services. The provision of Personal Data for these purposes is optional, but failure to do so will make it impossible to provide the Services requested.
The purpose of the legal obligations constitutes lawful processing of Personal Data in accordance with Article 6(1)(c) of the Regulation. Once you have provided your Personal Data, the processing thereof may be necessary in order to fulfil the legal obligations to which ROMEI SRL is subject. Processing carried out for marketing and newsletter purposes as described above is based on your granting consent pursuant to Article 6(1)(a) of the Regulation. Providing your Personal Data for these purposes is entirely optional and does not compromise the use of the Services. Subsequent processing for the purpose of e-mail marketing for products or services similar to those purchased by you, instead finds its legal basis pursuant to Article 6.1.f of the Regulation, it is in the legitimate interest of ROMEI SRL to promote its products or services in a context in which the data subject may reasonably such processing, however the data subject may object to this processing at any time. If you should wish to object to the processing of your data for these marketing purposes, you mady do so at any time via your privacy settings panel or by sending a request to ROMEI SRL to email@example.com or via the method proposed in the marketing email.
4. Methods of processing
In relation to the purposes referred to in the preceding point, personal data shall be processed in compliance with the principles of confidentiality, correctness, lawfulness and transparency, by means of manual, computerized and telematic tools, with reasons strictly related to this purpose, also through the use of fax, telephone, mobile phone, electronic mail or other remote communication techniques; personal data shall be managed by implementing appropriate technical and organizational measures to ensure a level of security appropriate to the risk, pursuant to Article 32 of the GDPR. 5. Data recipients
Your Personal Data may be shared, for the purposes set out in the section above, with: a. entities typically acting as data controllers, namely: i) persons, companies or professional services firms that provide assistance and consultancy to ROMEI SRL in accounting, administrative, legal, tax, financial and credit recovery matters relating to the provision of Services; ii) parties with whom it is necessary to interact in order to provide the Services; iii) or parties delegated to carry out technical maintenance activities (including maintenance of network equipment and electronic communication networks);
b. parties, entities or authorities to whom it is mandatory to disclose your personal data by virtue of legal obligations or orders from the authorities;
c. persons authorised by ROMEI SRL for the processing of Personal Data necessary to carry out activities strictly related to the provision of Services, who are committed to confidentiality or have an appropriate legal obligation to confidentiality, such as employees of ROMEI SRL;
d. business partners for their own, independent and distinct purposes, only if you have given specific consent.
The full list of data processors is available by sending a written request to ROMEI SRL at firstname.lastname@example.org
6. Period of data retention
The data will be processed for the entire duration of the contractual relationship and also subsequently, for the fulfillment of legal obligations and for administrative and commercial purposes. 7. Data protection Rights
Pursuant to Articles 7, 15, 16, 17, 18, 20, 21 and 22 of EU Regulation No. 679/2016, the data subject has the right to obtain confirmation as to whether or not data relating to him or her are being processed and, if so, to obtain access to the data and the following information:
The person concerned has the right to the following information:
(a) the purposes of the data processing;
(b) the categories of personal data concerned;
(c) the recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular if they are recipients of non EU countries or international organisations;
(d) where possible, the proposed period of retention of personal data or, if that is not possible, the criteria used to determine that period;
(e) all available information on the origin of the data if they are not collected from the data subject;
(f) the existence of an automated decision-making procedures, including profiling.
The data subject shall also have:
(a) the right to obtain from the controller the rectification of inaccurate personal data concerning him without undue delay;
(b) the right to obtain from the controller the erasure ('right to be forgotten') of personal data concerning him without undue delay;
(c) the right to obtain from the data controller the restriction of processing;
(d) the right to object at any time, on grounds relating to their particular situation, to the processing of personal data;
(e) the right to receive personal data in a structured, commonly used and machine-readable format;
(f) the right to withdraw consent at any time;
(g) the right to lodge a complaint with a supervisory authority;
(h) the right to be informed of the existence of appropriate safeguards where personal data are transferred to a non-member country or an international organisation;
(i) the right to obtain a copy of the data subject to processing.
To exercise these rights, you may contact the Data Controller at the contact details indicated in paragraph 1 - Data Controller, by sending a request by recorded delivery letter, fax and/or e-mail.
8. Transfer of personal data
In accordance with the provisions of the relevant legislation, the personal data provided may be transferred for the purposes set out in the previous section to countries within the European Union or to countries outside the European Union. ROMEI SRL ensures that the processing of Personal Data by these Recipients will be carried out in compliance with the Regulation. Data transfer may be based on a decision of adequacy or by Standard Contractual Clauses approved by the European Commission. Additional information is available from the data controller.
What are cookies?
A Cookie is a small piece of data containing and anonymous unique identifier sent that is stored on your computer or mobile device by your web browser.
The cookie can only recognize the website that it is sent from. The browser is the software that makes it possible to surf the web by displaying and transferring information onto the users device. If your browser preference is set to accept cookies, your browser will only only detect those sent by the site itself, and not those sent to the browser from other sites.
In any event, cookies cannot cause damage to the user's computer.
ALTERNATIVE SETTING FOR COOKIES
The user's privacy is guaranteed by the fact that he/she can AT ANY TIME:
> configure your browser to accept all cookies, reject all cookies, or receive a notification when a cookie is sent,
> delete a single cookie, some cookies or all cookies.
Each browser has its own specific settings, so remember to consult the "Help" section of the browser you are using for more information on how to change your preferences.
https://support.mozilla.org/en-US/kb/clear-cookies-and-site-data-firefox Google Chrome
https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en Apple Safari
https://www.apple.com/legal/privacy/en-ww/cookies/ COOKIES USED ON THIS WEBSITE
The use of session cookies (which are not permanently stored on the user's computer and are deleted when the browser is closed) is strictly limited to the sending of session identifier cookies which are necessary to enable the safe and efficient browsing of the website.
In any event, cookies cannot cause damage to the user's computer.
(*) GOOGLE ANALYTICS
This website uses Google Analytics, a web analysis service provided by Google Inc. to generate statistics on the use of the website. Google Analytics uses "cookies", which are stored on your computer to analyse how users use the site.
The information generated by the cookies regarding the use of the website (including your IP address) will be transmitted by the browser to and stored by Google on servers at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google Analytics collects information anonymously without identifying individual visitors. The browsers do not share the proprietary cookies of the Google Analytics tool between different domains.
Google Analytics does not report actual address information: Google Analytics only reports information in such a way that only part of the IP address is used for geolocation, rather than the full address, using a method known as IP masking.
Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services to the website owner relating to website activity, connection mode (mobile, PC, browser used, etc.) and number of page views.
Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.
Google non assocerà il vostro indirizzo IP a nessun altro dato posseduto da Google. You can disable Google Analytics cookies by using the opt-out add-on provided by Google for the main browsers. In questo modo sarà possibile utilizzare anche i servizi on-line.
- Google Analytics Terms of Service - https://marketingplatform.google.com/about/analytics/terms/gb/
10. Responsible and authorized personnel
The list of those responsible for and in charge of/authorised data processing, which is constantly updated, is kept at the registered office of the Data Controller.