NOTICE FOR PROCESSING OF COMMON AND SENSITIVE PERSONAL DATA
In compliance with the obligations regarding the collection, processing and storage of personal data imposed by both national (Legislative Decree 169/2003) and European (Regulation No. 679/2016 – GDPR) regulations, it is hereby communicated that this website respects and protects the confidentiality of the personal data of visitors and users, making every possible effort not to infringe on their rights.
This site does not publish advertisements or use the data it comes into its possession to send advertisements, unless expressly authorized to do so by users, it does, however, make use of third-party services in order to improve the use of the site. These may collect user data and then use it to send personalized advertisements on other sites. In any case, this site makes all necessary and possible efforts to protect the privacy of its users and minimize the collection of personal data by third parties.
The owner as well as the person responsible for the processing of personal data collected on this site is Mr. _______________, born in ___________ on ___________ (C.F.: _______) and residing in _____________, Via _______________- C.AP. _________, which informs, pursuant to Art. 13 Legislative Decree. 30.6.2003 n. 196 (hereinafter, “Privacy Code”) and Art. 13 EU Regulation no. 2016/679 (hereinafter, “GDPR”) that users’ data will be processed in the following manner and for the following purposes:
1. Subject of processing:
The Controller processes personal, identifying data (e.g., first name, last name, document number, company name, address, telephone, e-mail, bank and payment references – hereinafter, “personal data” or also “video surveillance”) communicated by users of the site when concluding contracts for the Controller’s services. With the completion of the communication or service request forms, additional consents related to the specific purpose of the service offered are collected. Consent that the user can deny and/or revoke at any time.
- Purpose of processing:
2.1 . The processing of data collected on the site, in addition to the purposes related, instrumental and necessary to the sale of ___________, is aimed at the following purposes:
- Statistics (Analysis):
Collection of data in aggregate and anonymous form only in order to verify the proper functioning of the site. None of this information is related to natural persons who are users of the site, and it does not allow them to be identified in any way. Therefore, such use does not require users’ prior consent.
The collection of user data and information is also aimed at protecting the security of the website (spam filters, firewalls, virus detection) and of the users themselves and to prevent and/or expose fraud or abuse against the website. The data are recorded automatically and may possibly include personal data such as, for example, IP address. Said data could be used, in accordance with relevant laws, for the purpose of blocking attempts to damage the site or harm other users, or otherwise harm activities if and/or constituting a crime. This data is never used for identification or proliferation of the user and is deleted periodically. Because of this, prior consent of users is not required for the processing of the same;
- Ancillary activities:
Communicate to third parties that perform functions ancillary and/or instrumental to the operation of the services rendered by the site (exclusively Google Analitics) and to enable them to perform technical, logistical or other activities on our behalf. Said individuals have access only to the data strictly necessary to carry out the functions entrusted to them and undertake not to use the data for other purposes as well as to process the personal data of which they come into possession in accordance with current regulations;
2.2. Personal data are processed without users’ prior express consent (Art. 24 lett. a), b), (c) Privacy Code and Art. 6 lett. (b), (e) GDPR), only for the following Service Purposes:
– Conclude contracts for Holder’s services;
– Fulfilling pre-contractual, contractual and tax obligations arising from existing relationships;
– Fulfilling obligations required by law, regulation, EU legislation, or an order of the Authority (such as in the area of anti-money laundering);
– Exercise the rights of the Owner, such as the right to defense in court.
- Data collected:
- Data collected in an automated manner:
During users’ browsing, the following information may be collected and stored in the site’s server log files:
- IP address;
- Browser type;
- Parameters of the device used to connect to the site:
- Internet server provider (ISP) name;
- Date and time of visit;
- Web page of visitor origin and exit;
- Possibly the number of clicks.
Said data will be used exclusively for statistical and analytical purposes and in aggregate form only. The IP address is used for security purposes only and is not cross-referenced with any other data.
- Data conferred voluntarily:
The site may collect other data that the user will voluntarily provide, finalized useful and necessary for the purchase of products for sale. Said data will be used exclusively for this purpose, i.e. also for sending sponsorships of new book releases.
The data voluntarily provided by filling out a form are:
- Biographical data;
- E.mail address;
- Mailing address to which to deliver books;
- Data on credit cards or other payment instruments used for book purchases;
- Any additional data voluntarily provided by the user;
- Methods of processing the collected data:
The processing of personal data is carried out by means of the operations specified in Art. 4 Privacy Code and Art. 4 n. 2) GDPR and namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data. Personal data are subject to both paper and electronic and/or automated processing. The Controller will process personal data for as long as necessary to fulfill the above purposes and in any case for no longer than 5 years after the termination of the relationship for the Service Purposes.
Data used for site security purposes will be kept for 30 days.
Data collected for analytics (statistical) purposes are kept in aggregate form for 24 months;
5.Access to collected data:
Users’ data may be made accessible for the purposes of Art. 2:
– to employees and collaborators of the Data Controller, in their capacity as appointees and/or internal data processors and/or system administrators;
– to third-party companies or other entities (by way of example, credit institutions, professional firms, consultants, insurance companies for the provision of insurance services, etc.) that perform outsourcing activities on behalf of the Controller, in their capacity as external data processors.
6. Disclosure of data
Without the need for express consent (ex art. 24 lett. a), (b), (d) Privacy Code and Art. 6 lett. (b) and (c) GDPR), the Controller may disclose personal data collected for the purposes of Art. 2 to Supervisory Bodies (such as IVASS), Judicial Authorities, insurance companies for the provision of insurance services, as well as to those subjects to whom communication is obligatory by law for the fulfillment of the said purposes. These parties will process the data in their capacity as autonomous data controllers. Your data will not be disseminated.
The data are kept and controlled by adopting appropriate preventive security measures designed to minimize the risks of loss and destruction, unauthorized access, unauthorized processing, and processing that differs from the purposes for which the processing is carried out.
8. Data transfer:
The management and storage of personal data will take place in the territory of the European Union.
This site makes use of the following categories of cookies:
– analytics cookies, used directly by the site operator to collect information, in aggregate form, about the number of users and how they visit the site. They are assimilated to technical cookies if the service is anonymized.
– Profiling and marketing cookies, used exclusively by third parties other than the owner of this site to collect information about users’ browsing behavior, and interests and consumption habits, including for the purpose of providing personalized advertising.
- Disabling cookies:
Disabling cookies may prevent the proper use of some site features.
- Third-party cookies:
This site also acts as an intermediary for third-party cookies used in order to provide additional services and features to visitors and to simplify the use of the site itself, or to provide personalized advertising. It has no control over said cookies, which are entirely managed by the third parties, and has no access to the information they collect. Information about the use of said cookies and their purposes, as well as how to disable them, is provided directly by the third parties on the pages indicated below. Please note that user tracking generally does not involve user identification, unless the User is already enrolled in the service and is also already logged in, in which case it is understood that the User has already given consent directly to the third party when enrolling in the relevant service
This site uses only cookies from Google Analytics. This is in order to analyze users’ use of the site compile reports on site activity and user behavior, check how often users visit the site the ways in which the site is tracked, and which pages of the site are visited most frequently. The data collected are: browser identifier, date and time of interaction on the site, page of origin, and IP address.
Data will be processed within the European Union, where service anonymization is provided.
The data collected through this tool do not allow personal identification of users and are not cross-referenced with other information about the same person. They are processed in aggregate and anonymized form. It is also prohibited for Google Inc. The cross-referencing of data found on this site with data obtained from other services.
More information about Google Analytics cookies can be found on the Google Analytics Cookie Usage on Websites page.
Users can selectively disable data collection by Google Analitycs by installing the appropriate component provided by Google on their broswer.
- User rights:
As a data subject, each user has the right under Art. 15 GDPR and specifically the rights to: i. Obtain confirmation of the existence or non-existence of your personal data, even if not yet registered, and their communication in intelligible form; ii. Getting the indication: (a) of the origin of personal data; (b) of the purposes and methods of processing; (c) of the logic applied in the case of processing carried out with the aid of electronic instruments; (d) of the identification details of the owner, managers and designated representative under Art. 5, paragraph 2 Privacy Code and Art. 3, paragraph 1, GDPR; e) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representative in the territory of the State, as managers or appointees; iii. obtain: (a) the updating, rectification or supplementation of data; (b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed; (c) certification that the transactions referred to in subparagraphs. (a) and (b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except where this proves impossible or involves the use of means manifestly disproportionate to the right protected; iv. oppose, in whole or in part for legitimate reasons, the processing of personal data concerning them, even if relevant to the purpose of collection. Users may also exercise the rights granted to them by Articles 16-21 GDPR (Right to rectification, Right to be forgotten, Right to restrict processing, Right to data portability, Right to object), as well as the right to complain to the Data Protection Authority.
13. Ways of exercising rights:
You may exercise your rights at any time by sending a notice:
1. via certified e-mail, at: __________________2. or by A.R. mail to: _______________________________;
Owner, manager, and appointees:
The Data Controller as well as the person in charge is Mr. _________________
The updated list of data processors and processors is kept and can be consulted at the Data Controller’s office.