Privacy Policy

By consulting this WEBSITE, the data relating to identified or identifiable persons may be processed.

The “DATA CONTROLLER” of their processing is

in the person of its legal representative pro tempore

The personal data may be accessed by entities belonging to the organisation of the Data Controller, on the basis of the relevant authorisations.

Personal data may also be made available to entities not belonging to the organisational structure of the Data Controller.

In some cases, the recipients of the data will carry out processing operations in their capacity as Data Processors, exclusively on the basis of a specific contract under Article 28 of Regulation (EU) 2016/679 of the European Parliament and of the Council (the General Data Protection Regulation or “GDPR”), within the limits and according to the procedures indicated therein.

These entities may belong to the following categories:

1. a) Entities that offer website maintenance services;
2. b) Entities offering electronic communication services (e.g., hosting / email services.)

An updated list of the Data Processors is available at the Data Controller’s registered office.

The recipients not included in the abovementioned Data Processors’ list will process personal data as independent Data Controllers or Joint Data Controllers, and will be subject to the relevant obligations.

Personal data may be made available, through communication, to the following categories of entities:

supervisory and control authorities and bodies, governmental authorities that make an express request.

The personal data collected and processed through this WEBSITE are the following:

• · NAVIGATION DATA: like all websites, this WEBSITE acquires some personal data whose transmission is implicit in the use of Internet communication protocols.

This category of data includes IP addresses or domain names of the computers used for browsing and connecting to the Website, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and computer environment of the user.

• · DATA PROVIDED VOLUNTARILY BY THE USER: these are data entered optionally, explicitly and voluntarily by the user in the appropriate fields provided on this Website (name and surname, email address)

To allow the user to browse the Website

(view the web pages and use the services offered)

To comply with the obligations under applicable national and

supranational laws and regulations

To ascertain, exercise or defend the rights of the Data Controller

(detection of hypothetical cybercrimes targeting the Website, etc.).

The data provided voluntarily by the user will be processed according to the legal grounds identified at any time with specific information, provided at the time when the user performs further activities (e.g., filling out a form).

Apart from what is specified for navigation data, the user is free to give or not to give their personal data requested in the “CONTACTS” section as well as in the registration forms for services.

The processed data are processed using automated means for the time strictly necessary to achieve the purposes for which they were collected.

Specific security measures have been adopted to prevent the loss of data, their unlawful or incorrect use and unauthorised access.

The personal data collected through the use of the Website are processed for the time strictly necessary to provide the services requested and to carry out the related technical and security operations, as well as, at the end of the latter, for the time period established by the regulations in force for administrative and any defensive purposes, also connected to the potential assessment of responsibility in the case of cybercrimes.

For further details, refer to the information provided for individual, specific services.

Data subjects to whom the personal data refer shall have the right, at any time and where conditions are met, to:

1. a) obtain confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and information, in accordance with the provisions of Article 15 of the GDPR,
2. b) obtain the rectification of inaccurate personal data concerning him or her, including the right to have incomplete personal data completed, also by means of providing a supplementary statement, in accordance with the provisions of Article 16 of the GDPR,
3. c) obtain the erasure of personal data concerning him or her, in accordance with the provisions of Article 17 of the GDPR,
4. d) obtain the restriction of processing, in accordance with the provisions of Article 18 of the GDPR,
5. e) obtain data portability, in accordance with the provisions of A rticle 20 of the GDPR,
6. f) object to the processing, in accordance with the provisions of Article 21 of the GDPR.

For better management, requests should be addressed:

Please also indicate in the subject line: “Request under Regulation (EU) 2016/679” specifying the right you intend to assert, as specified above.

It is advisable to use the form made available on the Website of the competent Supervisory Authority.

In the event that the Data Subject considers that the processing concerning him or her is in breach of the GDPR, he or she has the right to lodge a complaint before a Supervisory Authority. The abovementioned Supervisory Authority may be that of the Member State in which the Data Subject normally resides, or that of the place in which the alleged breach occurred.

The data subject has the right to apply to the court if they believe that their rights under the GDPR have been violated as a result of processing. Proceedings against the Data Controller or the Data Processor shall be brought before the courts of the Member State in which the Data Controller or the Data Processor has an establishment. Alternatively, such actions may be brought before the courts of the Member State in which the Data Subject is habitually resident.