Dear Data Subject, we at S.O.G.E.O. srl Impresa Sociale have a great respect for the privacy of Users. The data that will be possibly communicated by the User through the Website will be treated with the utmost care and with all the instruments necessary to guarantee their security, in full compliance with the rules and regulations in force in terms of the protection of confidentiality. We wish to inform you that the “European Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data” (hereafter “GDPR”) provides for the protection of natural persons in relation to the processing of personal data as a fundamental right. According to article 13 of the GDPR, we therefore inform you that:
A. DATA CATEGORIES:
The data undergoing processing may be your personal data such as:
- a. Data collected automatically
The IT systems and the applications dedicated to the operation of this website detect, during their normal operation, certain data (whose transmission is inherent in the using of Internet communication protocols) potentially associated with identifiable users. The collected data include the IP addresses and the domain names of the computers used by the users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters concerning the operating system, the browser and the computer environment used by the user, name of the Internet service provider (ISP), date and time of visit, web page of origin of the visitor (referral) and exit.
- b. Data provided voluntarily by the user
- c. Cookies
- d. Plug-in
The site also incorporates plug-ins and/or buttons for social networks, so that contents can easily be shared on your favourite social networks. These plug-ins are programmed so as not to set any cookies when accessing the page, to safeguard the privacy of users. Cookies are possibly set, if so provided by social networks, only when the user effectively and voluntarily uses the plug-in. Please note that if the user browses while he/she is logged into the social network, then he/she has already consented to the use of the cookies conveyed through this site at the time of registration to the social network. The collection and use of the information obtained through the plug-in are governed by the respective privacy policies of the social networks, to which reference should be made.
B. DATA CONTROLLER:
The Data Controller is S.O.G.E.O. srl Impresa Sociale located in L.go Visconti 4 – 22012 Cernobbio, Como – P.I. 03200630139, contactable by phone at no. 031 3347503 or by email at firstname.lastname@example.org.
C. SOURCE OF PERSONAL DATA:
The personal data held by the Data Controller are collected directly from the data subject.
D. DATA PROCESSING PURPOSES AND LEGAL BASIS:
The processing of your data has the following purposes and legal basis:
1. For the data collected automatically, the legal basis is the legitimate interest of the Controller and the purpose is to guarantee and improve the web browsing experience.
2. For the data provided voluntarily by the user, the legal basis is the consent and, for sending emails to our addresses, the purpose is to be able to send answers to specific requests made by the user; for the forms the purpose is indicated in the specific notice.
3. For cookies and plug-ins: Please see the specific cookies policy.
E. RECIPIENTS OF DATA:
Within the scope of the indicated processing purposes, your data may be disclosed to partners, consulting firms, private companies, third party technical service providers, hosting providers, IT companies, communication agencies, and so on.
F. TRANSFER OF PERSONAL DATA TO A THIRD COUNTRY:
This site may share some of the data collected with services located outside the European Union area. The transfer of data is permitted by virtue of an adequacy decision issued by the European Commission.
G. DATA STORAGE PERIOD:
According to the data storage limitation principle (art.5, GDPR), the verification of the obsolescence of the data stored in relation to the purposes for which they were collected is carried out periodically. In particular:
a) The data collected automatically are processed, for the period of time strictly necessary, only to obtain statistical information on the use of the site and to check its regular functioning, even for security purposes or according to the deadlines laid down by law.
b) The data provided voluntarily by the user will be kept for no longer than it is necessary for the purposes for which they are processed or according to the deadlines laid down by law.
H. SUBJECT’S RIGHTS:
The data subject has always the right to request from the Controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing, as well as the right to data portability, the right to withdraw consent claiming these and other rights provided by the GDPR through a simple communication to the Controller. The data subject shall have the right to lodge a complaint with a supervisory authority.
I. MANDATORY OR NON MANDATORY CONSENT:
The provision of your data is mandatory during the navigation of our website regarding points D.1 and D.2 of the aforementioned purposes, to allow the correct service provision. The consent to the processing of your data under point D.3 is optional and will not compromise the service provision in any way.
J. METHODS OF DATA PROCESSING:
The personal data you provided will undergo the processing in compliance with the aforementioned regulations and the confidentiality obligations central to the Controller’s activity. The data will be processed both with IT tools and on paper and any other type of appropriate support (e.g. cloud systems, filing systems, digital replacement conservation and so on), in compliance with appropriate technical and organizational security measures under the GDPR.
K. FINAL NOTES AND UPDATE METHODS:
The notice is provided only for this website and not for other websites that may be consulted by the user through links contained on this site. The notice may undergo changes due to the introduction of new rules in this regard, therefore the user is invited to periodically check this page to stay up to date on the latest legislative news. The previous versions of this notice can always be requested from the Data Controller.
L. CONTACT DETAILS OF DPO
The Data Controller is not required to appoint a DPO and therefore they did not proceed to do so. For any clarification concerning the protection of your privacy, the Data Controller can be contacted at the e-mail address: email@example.com