Mod.: IS – Data updated as of 02/2022
Personal Data Processing Policy
Articles 13 and 14 EUROPEAN REGULATION NO. 679/2016
Legislative Decree 196/2003 amended by Legislative Decree 101/2018
Dear Interested Party,
This policy describes how this website is managed in relation to User Personal Data Processing and the data processing practices applied on this website. In compliance with art.13 (for the collection of data) and 14 (for data which has not been collected) of (EU) Regulation 2016/679 (from herein GDPR), we would like to inform the Users of this website of the following information, which refers exclusively to the processing performed through this website and not other websites that were visited by clicking on links featured on this website; for those websites, we advise you to read the Information Policy of said websites written by their Processors. This website and the services it provides are reserved to people of 18 years of age or over. The Data Processor will not process personal data pertaining to individuals under the age of 18. Upon request of said Users, the Data Processor will immediately delete all personal data which has been involuntarily collected.
1. Data Processor
The Data Processor is INTERMEETING srl, located in Via Fornaci 239/A – 35129 Padua (PD), Fiscal Code and VAT no.: 02227260284, (herein after the “Processor”). The Data Processor reserves the right to appoint a web agency or consultant − whose information can be shared upon request made to the address provided above − to act as Processing Manager of the personal data managed for purposes of technical assistance, maintenance, technical management and other of this website. The Processor and Manager will process the User Data also relying on the support of their internal staff, purposely selected, instructed, and authorised to perform said procedure.
The Data Protection Officer (DPO) can be contacted at this number: +39 049 7386856 and via e–mail: firstname.lastname@example.org.
2. Category of Processed Data and Sources of Origin
Navigation Data (IT systems and software procedures designed for the functioning of this website) over the course of its normal processing acquires certain personal data, the transfer of which is implicit in the use of Internet communication protocols. This category of data includes: IP addresses, the type of browser used, the operating system, the domain name and the websites where the access or exit occurred, the information on the pages visited by the users on their website, the time of access, how long the user stayed on a single page, the analysis of the internal procedure and other parameters pertaining to the operational system and the user‘s IT environment. This technical/IT data is gathered and used exclusively in an aggregate and anonymous form. Said data is processed with the purpose of allowing and managing the correct use of this website and obtaining anonymous statistical information on the use of said data, which is deleted immediately after use).
Data voluntarily provided by the user, including:o Shared data (Identification, personal, invoicing, and the like)o Only in exceptional cases, specific data (art. 9 GDPR)o Only in exceptional cases, penal data (art. 10 GDPR)
We may firstly process navigation data and cookies.
We may also process the data provided voluntarily by the user, for example through contact forms or by sending a communication via e–mail, including shared personal data (ID, personal, invoicing, and the like) and, in exceptional cases, specific data in accordance with art.9 GDPR or penal laws in accordance with art. 10 GDPR within the strict limits of what is viewed as necessary from the information request received and upon prior consent of the interested party.
The data may come from automated sources, voluntary sources, or public sources. For example, it could come from user navigation, which may also contain information relating to previous consultations of other websites, including cookies and other similar technologies. The data could also be shared voluntarily by the user or subjects connected to it. Other data could come from public sources, such as, for example, data processed in the context of research and from company registered reports, public databases, or the like.
3. Purpose of the Data Processing
Personal data of website users, as mentioned above, is subject to processing according to the methods and in the ways set forth by the GDPR for the execution of the website‘s functionalities, with specific, but not exclusive, reference to the navigation of the pages and procedures described herein for the collection of data, contact forms, any registration procedures/access to reserved areas, subscriptions to newsletters, and the like. In particular, the personal data given to the Data Processor will be processed for the following purposes:
to execute specific requests made by the User through the website and its communications tools (contact forms, information request forms, and the like);
to provide information about the services of the Data Processor, following the request of information gathered through e–mails, contact forms or other communications tools;
for any subscriptions to events organised by the Processor or any related activities (for example, assessing participation, providing information about any updates or changes to the event, etc.);
for other purposes which are accessory to or are connected to the ones indicated above and which fall under the activities of the website.
4. Legal Basis of the Data Processing
Personal data processing is based on the compliance of contractual or precontractual obligations pertaining to the request made by the User (for example, information requested pertaining to services carried out by the Processor, budget request, etc.) and, where necessary, as to consent through the free and informed compilation of the designated information sections on the form dedicated to the collection and transfer of data and ticking the designated checkboxes, where available.
The compilation of designated fields in the form to request information is intrinsic to the request itself; therefore, this entails the execution of a pre–contractual or contractual obligation, according to the context. Consent can be requested subsequently for the processing of additional data.
In any case, the processing is also based on the legitimate interest, including the right to information; see the following paragraph.
5. Legitimate Interest of the Provider
Personal data processing is also based on the legitimate interest of the Data Provider to exercise his/her own rights within the context of the information and execution of the contractual service and the realisation of direct marketing operations (in the ways, with the means and in the time frames indicated in the regulation).
6. Obligation to provide the Information
Providing the data pertaining to navigation on behalf of the Users for the purposes mentioned above depends on the degree of privacy that the User has activated or de–activated on his/her browser. In some cases, de–activation may compromise navigation on this website. For certain modules of this website, the provision of navigation data and/or the use of technical cookies is compulsory for the correct functioning of the website itself.
Providing certain data is necessary in any case for the actual structure of the website and its procedures. Any request of other optional data will feature an opt–in tick box. Providing all other data is options and is based on the type of information the User wishes to provide the website with.
Without prejudice to the afore–mentioned, for example, the provision of an e–mail account is necessary to respond to the request made through contact forms, and through other compulsory data, which features an asterisk. All other data is optional.
Failure to provide the necessary data for the action requested (for example, of the e–mail account through forms to receive information through this means) makes completing the user‘s request impossible.
PROVISIONS APPLICABLE TO ALL TYPES OF PROCESSING
In any case, once the user has provided his/her consent, authorising the Processor to execute all of the purposes in the above–mentioned points, (s)he reserves the right to revoke said authorisation(s) at any time.
It is specifically and separately made known, as requested by art.21 of the Regulation, that the interested party has the right to oppose the processing of their personal data at any time and that if, the interested party opposes processing for direct marketing purposes, the personal data can no longer be processed for said purposes.
7. Potential Personal Data Beneficiaries
Data can be given to related, connected or subsidiary companies managed by the Processor, but also consultants, third party subjects operating on behalf of the Processor, for the execution of the services connected to the purposes indicated in this Policy, both in the EU and outside the EU (in the latter case, it will exclusively be subjects applying to the regulations in force).
Navigation data and the like (see above for details), profiling cookies and third party cookies (see the CookiePolicy on this website), will be shared with the interested third parties, when these are not directly managed by the Processor.
In any case, the data can be shared with the Processing Manager and people authorised and instructed to perform the processing for the purposes indicated.
For the sake of brevity, the detailed list of these individuals is available at our premises.
8. Preservation Period
Data voluntarily provided by the Interested Party will be preserved until (s)he expressly revokes said data, also through actions on his/her browser, cookie clean–up, or direct request. Navigation data will be preserved in the respect of the principle of proportionality, in a way which allows for the identification of the interested party for a period of time no longer than the time required for the purposes for which it was gathered or processed.
Excluded from the above–mentioned terms are cases in which it is necessary to preserve the data for a longer period of time to defend a right, exercise a right or comply with any legal obligations or orders of the Authorities.
9. Rights of the Interested Party
Each User has the right to access, rectify, cancel, limit, receive a notification in the event of a rectification, cancellation or limitation, of portability, opposition and not to be the subject of an automated individual decision, including profiling, in accordance with article 15 to 22 of the GDPR. Said rights can be exercised in the ways and according to the terms set forth in art.12 GDPR, through a written communication sent to the Processor (see point 10).
The Processor will provide an appropriate response as quickly as possible and, in any case, within one month of receiving the request.
10. Right to Revoke Consent (Ways of exercising one‘s rights)
Where possible, you have the right to revoke your consent at any time and/or exercise your rights by sending:
– a registered letter with return receipt to the undersigned (see the address indicated on the headed paper)
– an e–mail to email@example.com.
Each interested party has the right to file a report in accordance with art.77 and following of the GDPR to a controlling body, which − in Italy − is the Guarantor for the Protection of Personal Data. The ways, methods and terms of the report action are set forth and disciplined by the national legislation in force. The report is without prejudice to the administrative and jurisdictional action; in Italy, the individual filing the report can contact the Guarantor or relevant Court.
The personal data provided through navigation on this website and the consequent compilation of the forms published herein can be the subject of profiling on behalf of third party providers through third party cookies.
Profiling allows third providers − independent Processors of the respective personal data processing for purposes of profiling, other that the Processor of this website − to assess specific personal aspects of the Interested Party, in particular connected to preferences, interests, tastes in reference to the pages consulted and activities performed, for the purpose of allowing said autonomous and diverse Processors to offer the Interested Party a more specific service aimed at his/her needs.
13. Processor, D.P.O., Authorised/Designated, Processing Managers
Below, we provide you with some important information not only to comply with legal provisions, but also because showing transparency and correctness towards our interested parties is an essential part of our business.
Data processor. The Data Processor responsible for processing your personal data is INTERMEETING srl. INTERMEETING srl is responsible towards you for the legitimate and correct use of your personal data and you can contact them for any information or request by calling +39 049 7386856 or e–mailing firstname.lastname@example.org
D.P.O. (Data Protection Officer). You can also contact the Data Protection Officer for information and forward requests pertaining to your data or to report unsatisfactory services or any problem you may encounter.
The Data Processor has appointed Mr Nicola Ghinello Data Protection Officer; you can contact him here: +39 348 3165267 and e–mail: nicola.ghinello@dpo–rpd.com.
Authorised/Dedicated Staff. The updated list of authorised/designated staff who handle the processing is stored at the Data Processor‘s premises.
For the sake of brevity, the detailed list of these subjects is available at our premises.
14. Social Media Plug–ins
15. Links to Third Party Websites
To get in touch
We invite you to contact us here: email@example.com.