Unless otherwise specified, this policy also serves as notice – under art. 13 of EU Regulation no. 2016/679 (hereafter referred to as the “GDPR”) – to anyone (the “User”) who interacts or accesses the Site.
Personal data is information which identifies a person and may be factual or recorded information or images. Detailed information about how we use personal data or why we “process” it is is provided on the pages which request personal information for the individual services offered through the Site. The information is intended to state the limitations and methods of personal data processing for each service, and the User may freely give consent where necessary, and authorise any collection and processing of data that may be required.
Assarmatori controls and process the data.
Assarmatori controls and processes the data. Assarmatori has its registered office in Via del Babuino, 51, 00187 Rome tel. +39 06 3201244, e-mail email@example.com. An up-to-date list of data processors, if any, is available in the Data Controller’s offices.
Place and methods of data processing
Assarmatori handles the processing and use of personal information connected to its Site and services offered. Personal information is generally limited to business contact details, and includes names, roles and contact details. Information is processed at Assarmatori’s offices and handled by in-house technical staff expressly appointed in writing for processing and handling information and data in accordance with the GDPR, and / or by external personnel authorized by Assarmatori in writing pursuant to art. 28 of the GDPR.
Personal data is processed mainly in electronic form while personal information may also be collected in paper form. Personal information is stored in a form that allows the identification of the user and only for the time strictly necessary to achieve the purposes for which the data were originally collected. In no event, will use and storage exceed the limits of the law. Specific security measures are followed to prevent the loss of data, or any illicit, improper unauthorized access, in accordance with the GDPR.
In order to ensure that personal data is always accurate, up-to-date, complete and relevant, we invite users to provide any changes or to supplement their information to the following e-mail address:
Types of data processed.
i. Browsing data
The information systems and software procedures used to operate the Site, during its normal operation, collect some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified individuals, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the computers used by users who connect to the Site, the addresses in the URI addresses (Uniform Resource Identifier) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s computer environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check that its functioning correctly, and is deleted immediately after processing. However, hypothetically, the data could be used to ascertain responsibility in case of alleged cyber and security crimes against the Site.
This category also includes data processed using cookies.
ii. Personal data supplied voluntarily by Users or collected by third parties
The optional, explicit and voluntary sending of an e-mail address, message(s) to Site addresses, as well as the sending of messages via the published Forms, entails the subsequent acquisition of the sender’s address and any other personal data entered, necessary to respond to such request(s).
Detailed information can be reported or displayed from time to time, and where strictly necessary, entered on the Site for the particular service(s) request.
In addition to the foregoing, any additional personal data (such as personal data, data relating to professional activity, qualification and / or company role, contact details such as company and / or personal telephone, e-mail address) provided to the User or otherwise collected by Assarmatori from third parties, will be processed in accordance with GDPR.
Cookies are small text files which the web sites a user visits send to the user’s terminal, where they are memorised to be sent back to the site on the next visit.
The Site uses technical cookies, from Users and of third parties. These cookies are technical in nature and do not require the User’s prior consent for installation and use.
The cookies used by the Site are generally of the following sub-types:
– browsing or session cookies, which permit ordinary browsing and use of the Site. As they are not stored on the User’s computer, these cookies disappear when the browser is closed;
– analytic cookies, collects and analyses statistical information through use of computers and other devices concerning the number of Site Users ;
– social widgets & plugin: social widgets and plugins and other such applications provided by social networks or third party sites may use their own cookies to facilitate interaction with the Site;
– Internet Explorer
– Mozilla Firefox
– Google Chrome
– Apple Safari
Purpose and legal basis of the processing.
Personal data collected through the Site will be processed:
a) To respond to the User’s request(s);
b) To offer a technical platform through which contributions may be received and proposed by Assarmatori; manage the registration and authentication of those authorized to access the reserved areas of the Site;
c) with the express consent of the data subject, for the sending – also by e-mail through automated systems – of communications containing information relating to Assarmatori and to the activities it organizes, such as training sessions, newsletters, cultural initiatives, presentations, insights and updates.
Personal data processing for the purposes listed under point a) does not require the User’s consent, as this form of processing is necessary to respond to the data subject’s specific requests under art. 6, paragraph 1, letter b) of the GDPR. Processing of personal data for the purposes listed under point b) requires the User’s consent under art. 6, paragraph 1, letter a) of the GDPR.
Supplying data and consequences of failing to supply data.
Providing personal data for the purposes listed above is optional, and the sole consequence of failing to provide it will be that it will be impossible for Assarmatori to respond or complete a User’s requests or to send commercial information on products and services.
Recipients and categories of recipients.
No data will be disseminated or transferred to third parties except upon the consent of the User. Where a communication to a third party or third party suppliers must be necessary for organizational, administrative or support needs for the services provided, Assarmatori is responsible for the treatment of the information and data in accordance with the GDPR.
Personal data will be stored for a period of 24 months following the date upon which it is recorded.
Right to data access, erasure, restriction and portability.
To the User or data subject are recognized rights identified in points 12 through 22 of the GDPR. By way of example, as a data subject, you have the right to:
a) obtain confirmation of whether or not to allow your personal data to be processed;
b) when personal data is being processed, the User can obtain access one’s own personal data, including information on how it is being processed, and a copy of their personal data;
c) obtain rectification of incorrect personal data and integration of incomplete personal data;
d) obtain erasure of one’s personal data in the presence of one of the conditions listed under art. 17 of the GDPR;
e) obtain restriction of processing in the cases envisaged in art. 18 of the GDPR;
f) receive one’s own personal data electronically in an organised, legible and user-friendly format , and request its transmission to another data controller, if technically feasible.
Right to object.
Every data subject is entitled to object to processing of his or her personal data at any time. In the event of opposition, the User’s personal data will no longer be processed, unless there are legitimate reasons for proceeding with processing which prevail over the data subject’s interests, rights and freedom, or for the investigation, exercise or defence of a legal right or court proceeding.
Right to objection for data processing for marketing purposes
With reference to personal data processing for marketing purposes, each data subject may object to processing of data by sending an email to firstname.lastname@example.org.
Right to revoke consent.
If consent is required for processing of personal data, each data subject may also revoke the consent already given at any time without affecting the lawfulness of data processing with consent prior to the revocation. Consent may be revoked by sending an email to: email@example.com.
Right to make a complaint to the Data Protection Commission.
Data subjects may, make a complaint to the Data Protection Commission if they believe their rights under the GDPR have been infringed, by the methods specified on the Data Protection Commission’s web site at: www.garanteprivacy.it.