privacy policy
NOTICE OF INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ARTICLE 13 OF REGULATION (EU) NO. 2016/679
Pursuant to and for the purposes of Article 13 of Regulation (EU) no. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, also referred to as the General Data Protection Regulation (hereinafter, the ‘GDPR’), We inform you that the personal data you voluntarily transmit and/or make available to Giuliano Pannuti (hereinafter also the ‘Data Controller’) when browsing the website www.giulianopannuti.com (hereinafter, the ‘Website’), will be processed in compliance with the current legislation on the protection of personal data, by which is meant the GDPR, d. lgs. 196/2003, as amended by d.lgs. 101/2018 (hereinafter, the ‘Privacy Code’) as well as the provisions issued from time to time by the Italian Data Protection Authority (hereinafter, the ‘Garante Privacy’) and, in any case, in compliance with the respect of the principles of privacy that inform the activity of the Data Controller.
1. Categories of personal data processed
The Data Controller shall process the following categories of personal data provided by you:
- navigation data, such as, by way of example, information relating to the device used to browse the Website, IP address, cookies, etc.
With particular reference to the use of cookies, the Data Controller informs you, in accordance with the Provision of the Garante Privcay of 10 June 2021 that, while browsing the Website, the latter uses exclusively cookies of a technical nature, i.e. essential for the correct operation of the Website;
- personal data, such as, by way of example, name and surname;
- contact data, such as, for example, e-mail addresses;
2. Purpose and legal basis of the processing
The personal data made available to the Data Controller through the Website may be used for the following purposes:
a) obligations related to the use of the Website;
b) obligations related to those to which the Data Controller is subject under the applicable law, including administrative and/or accounting obligations;
c) obligations related to the execution of a contract or pre-contractual measures adopted at your request;
d) obligations related to the need to ascertain, exercise or defend a right in judicial or administrative proceedings or in the context of arbitration or conciliation procedures.
The processing of data for the purpose under b) does not require your consent, as it is necessary to fulfill the legal obligations to which the Data Controller is subject, pursuant to art. 6, c. 1, letter. c) of the GDPR. The processing of data for the purpose under c) does not require your consent, as it is necessary for the fulfillment of contractual and/or pre-contractual obligations, pursuant to art. 6, c. 1, letter. b) of the GDPR. The processing of data for the purposes under a) and d) does not require your consent, as it is necessary for the pursuit of a legitimate interest of the Data Controller, pursuant to art. 6, c. 1, letter. f) of the GDPR.
3. Treatment methods
The processing of personal data will be carried out using suitable paper, electronic and/or telematic materials and tools, with logic strictly related to the above purposes and, in any case, in such a way as to guarantee the security and confidentiality of the data themselves.
4. Provision of data and consequences of any refusal
The provision of personal data for the purposes under b) and c) of the previous paragraph 2 is necessary for the fulfillment of legal and/or contractual obligations. Any refusal and/or provision of inaccurate and/or incomplete information could have the following possible consequences:
i. the impossibility for the Data Controller to comply with all the requirements imposed by the current legislation to which it is subject;
ii. the impossibility of stipulating the sales contract and/or guaranteeing the regular and timely execution of the relevant contractual relationship.
The provision of personal data for the purposes under a) and d) of the previous paragraph 2 is necessary for the pursuit of the legitimate interests of the Data Controller indicated above. Any refusal and/or provision of inaccurate and/or incomplete information could have the following possible consequences:
i. the impossibility for the Data Controller to comply with the obligations connected to the use of the Website, including the management and processing of any requests for information sent by you by filling in forms and/or forms on the Website;
ii. the impossibility for the Data Controller to ascertain, exercise or defend a right in judicial or administrative proceedings or in the context of arbitration or conciliation procedures.
5. Recipients or categories of recipients of personal data
Your personal data may become accessible to:
- subjects who provide the Data Controller with activities or services that are instrumental to the purposes indicated in the previous paragraph 2 (such as, by way of example, subjects, entities and/or companies that manage and/or participate in the management and/or maintenance of the Website) who, depending on the case, they will operate as Responsible Entities for the data pursuant to art. 28 of the GDPR duly appointed by the Data Controller or as independent data controllers;
- employees and collaborators of the Data Controller, who will act as authorized persons for the processing of data duly appointed by the Data Controller;
- any other person to whom the data must be communicated based on an express provision of law.
In any case, your personal data will not be disclosed to the public.
6. Transfer of data to third countries
Your personal data may be communicated and/or transferred abroad, in compliance with the provisions of current legislation, even to countries not belonging to the European Union.
In all such cases, the transfer shall be carried out on the basis of an adequacy decision of the Commission (Article 45 of the GDPR) or in accordance with standard data protection clauses or other appropriate safeguards pursuant to Articles 46 or 49 of the GDPR.
7. Duration of treatment and storage period
Your personal data will be processed only for the time necessary to achieve the purposes for which they are processed.
In particular, the data will be stored according to the following criteria:
- the data processed for purposes related to the fulfillment of legal obligations and contractual and/or pre-contractual obligations referred to in letters b) and c) of paragraph 2 "Purpose and legal basis of the processing" of this information, will be kept for a period of 10 years, unless the need for further conservation arises, to allow the Data Controller to defend his rights;
- the data processed for the pursuit of the legitimate interests referred to in letters a) and d) of paragraph 2 "Purpose and legal basis of the processing" of this information, will be kept for a maximum period of time equal to the limitation period of the enforceable rights by the Owner, as applicable from time to time.
8. Rights of the interested parties
In relation to their data, each interested party may exercise the following rights at any time, within the limits and under the conditions set out in articles 7 and 15-22 of the GDPR.
To exercise these rights, please contact the Data Controller at the email address gpannuti@gmail.com; this request will be provided with appropriate feedback without delay and, in any case, within one month of receiving the request.
In detail, each interested party has the right to
-
obtain confirmation as to whether or not personal data concerning him or her are being processed;
-
if processing is in progress, obtain access to the personal data and information relating to the processing as well as request a copy of the personal data;
-
obtain the rectification of inaccurate personal data and the integration of incomplete personal data;
-
obtain, if one of the conditions set out in the art. 17 of the GDPR, the cancellation of personal data concerning him;
-
obtain, in the cases provided for by art. 18 of the GDPR, the limitation of processing;
-
receive personal data concerning him in a structured, commonly used and machine-readable format and request their transmission to another owner, if technically feasible;
-
object at any time to the processing of personal data carried out for the pursuit of a legitimate interest of the Data Controller;
-
revoke any consent given at any time. The revocation of your consent will not affect the lawfulness of the processing based on the consent given before the revocation;
-
lodge a complaint with the Garante Privacy, if you believe that your rights under the GDPR have been violated, according to the methods indicated on the Garante Privacy's website accessible at www.garanteprivacy.it.
9. Data controller
The Data Controller of personal data is Giuliano Pannuti.