Politique de confidentialité
Information on the processing of personal data
Articles 13 and 14 Reg. (EU) 2016/679
In compliance with Articles 13 (for data collected from the Interested Party) and 14 (for data not collected from the Interested Party) of the Regulation (EU) 2016/679 (hereinafter also known as GDPR) the Users of this Website are provided with the following information, that refer exclusively to the processing carried out through said Website and not through other websites that may be visited via links from this, for which it is suggested to read the relevant information provided by the respective Owners.
Data Controller
Col di Betto S.S., based in Colle Umberto Vocabolo Col di Betto, 06133, Perugia – Italy
For any clarification, information, execution of the rights listed in this statement, please contact the Owner at the following email: privacy@coldibetto.com
Definitions and normative references
For the purposes of the GDPR we mean:
Personal Data: any information concerning an identified or identifiable natural person (« Interested Party »); with the term “identifiable” it is to be intended the natural person that can be identified, directly or indirectly, through a particular reference such as the name, an identification number, location data, an online identifier or one or more characteristic elements of his physical, physiological, genetic, psychic, economic, cultural or social identity;
Data Processing: any operation or set of operations carried out with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination, comparison or interconnection, limitation, cancellation, destruction or any other form of making an information available;
Data Controller: the natural or legal person, public authority, service or other entity that, individually or together with others, determines the purposes and means of the processing of personal data; when the purposes and means of such processing are determined by the Law of the EU or of the Member States, the Data Controller or the specific criteria applicable to its designation may be established by the Law of the EU or of the Member States;
Data Processor: the natural or legal person, public authority, service or other entity that processes personal data on behalf of the data controller;
User: The individual using this Website who, unless otherwise specified, coincides with the Data Subject;
Interested Party: The natural person to whom the Personal Data refers;
Legal References: This privacy statement is drawn up on the basis of multiple legislative systems, including Articles 13 and 14 of the Regulation (EU) 2016/679. Unless otherwise specified, this privacy policy applies exclusively to this Website.
Types of data collected
Among the Personal Data collected by this Website, either independently or through third parties, there are: technical cookies, name, email, telephone.
Complete details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific information texts displayed before the data is collected.
Personal Data may be freely provided by the User.
Unless otherwise specified, all data requested by this website are mandatory. If the User refuses to communicate them, it may be impossible for this Website to provide the Service.
Users who have doubts about which data are mandatory are encouraged to contact the Owner.
Legal basis of data processing
The processing of personal data is based on consent through the free and informed compilation of the appropriate information fields in the dedicated contact form.
Location
The Data is processed at the Data Controller’s operating offices and in any other place where the parties involved in the data processing are located. For more information, please contact the Data Controller.
Main purpose of data processing
The personal data of the Users of the Website, as described above, will be processed in the ways and in the forms prescribed by the GDPR, for the performance of the Website’s own functions, with particular – and exclusive – reference to the contact forms. That is, the personal data provided to the Data Controller will be processed for pursuing the following purposes:
– to follow up on specific requests addressed to the Owner by the User through the Website and its communication tools (contact forms, information request forms and likewise);
– for informative communications related to the services provided by the Data Controller and following the request for information via e-mail messages or filling out the contact form and other communication tools.
To which subjects may your Personal Data be disclosed?
The data may be disclosed to companies as well as consultants, or even to third parties who operate, even in the name and on behalf of the Data Controller, for the fulfillment of the services related to the purposes indicated in this statement.
Optional or mandatory consent
The provision of browsing data by Users, for the above purposes, depends on the degree of privacy that the User has enabled or disabled through their browser. In some cases, disabling may affect navigation on this Website.
The provision of some data is in any case necessary for the structure of the Website itself. In particular and for example:
– to send messages via contact form or for subscribing to the newsletter, the minimum data required therein, such as name, e-mail address and telephone number, are in any case mandatory.
Consequence of Non-Provision
Failure to provide personal data prevents the Data Controller from sending updates on the information requested by the User through the contact form.
What are your rights?
According to Article 15 of the Regulation, you will be able to access your Personal Data, to request correction and updates if data are incomplete or incorrect and to request their cancellation if the collection took place in violation of a law or regulation. In particular, you may exercise, at any time, the following rights towards the Data Controller:
Right of Access: you will have the right, according to Article 15, paragraph 1 of the Regulation, to obtain from the Data Controller confirmation that your Personal Data have been cancelled with not delay and, if not, to obtain such action in case: a) the Personal Data are no longer necessary to the purposes for which they were collected or otherwise processed; b) you have revoked the consent on which the processing of your personal data is based and there is no other legal basis for their processing; c) you objected to the processing of data according to Article 21, paragraph 1 or 2 of the Regulation, and there is no longer any legitimate overriding reason to proceed with processing the Personal Data; d) your Personal Data has been unlawfully processed; e) it is necessary to delete your Personal Data to fulfill a legal obligation required by a Community or internal law. In some cases, according to Article 17, paragraph 3 of the Regulation, the Data Controller is entitled not to cancel the Personal Data if their Processing is necessary, for example, for the exercise of the right to freedom, expression and information, for the fulfillment of a legal obligation, for reasons of public interest, for archiving purposes in the public interest, for scientific or historical research or for statistical purposes, for the assessment, exercise or defense of a right in court.
Right to Limit the Processing: you may obtain the limitation of the processing, according to Article 18 of the Regulation, in the event of one of the following hypotheses: a) you have contested the accuracy of your Personal Data; b) the processing is unlawful but you have objected to the cancellation of your Personal Data, requesting, instead, their use to be limited; c) although the Data Controller no longer needs them for processing purposes, your Personal Data are used to ascertain, exercise or defend a right in court; d) you have contested the processing according to Article 21, paragraph 1 of the Regulation, and verification of the possible prevalence of the Data Controller’s legitimate reasons with respect to his own is awaiting.
Right to Data Portability: you may, at any time, request and receive, according to Article 20, paragraph 1 of the Regulation, all your Personal Data processed by the Data Controller, or you may request their transmission to another data controller without impediments.
Right to Object: according to Article 21, paragraph 2 of the Regulation, you may contest, at any time, the processing of your Personal Data if these are processed for direct marketing purposes, including profiling, to the extent that it is connected to such direct marketing.
Right to Lodge a Complaint with the Supervisory Authority: if you believe that the processing of your Personal Data conducted by the Data Controller is in violation of the Regulation, you can lodge a complaint with the competent Personal Data Protection Authority.
To exercise all the aforementioned rights, simply contact the Data Controller by sending an e-mail to: privacy@coldibetto.com
Right of Withdrawal of Consent: you can revoke this consent at any time by sending an email to privacy@coldibetto.com
Or by expressing communication at the headquarters of the Data Controller.
Complaints
Each interested party has the right to lodge a complaint according to the GDPR Article 77 and following to a Supervisory Authority, which for the Italian State is identified in the Guarantor for the Protection of Personal Data.
Data transfer abroad
Data processed by the Data Controller will not be transferred abroad.
Security measures
The Data Controller processes your data in a lawful and correct manner, adopting the appropriate security measures aimed at preventing unauthorized access, disclosure, modification or unauthorized destruction of the data, as well as illicit use of the data. The processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. The data are stored in secure systems with access restrictions. Access to information is strictly limited to authorized personnel. In addition to the Data Controller, in some cases, categories of employees involved (administrative, commercial, system administrators) or external subjects may have access to the data.
How long will your data be processed?
The data provided by the Interested Party will be kept until the express revocation by the Interested Party itself, including through action on their browser, cleaning cookies and express request, or otherwise expressed.
The navigation data will be kept for the technical time necessary to fulfill the functions for which they were collected.