Personal data are processed in accordance with the principles of relevance, lawfulness and correctness as set out in the Privacy Code, through the use of appropriate security measures and following the provision of consent by users where required.
Such data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or subsequently processed.
2. Owner and place of data processing
Pursuant to art. 28 of the Privacy Code, the owner of the Application and of the data processing is Italix Sas di Andrea Sivieri e soci, with registered office in via Divisione Folgore 5/B - 36100 Vicenza (VI), VAT no. / C.F. 04311980280, e-mail address email@example.com (hereafter the "Owner").
The data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located and are handled only by personnel in charge of processing, or by any persons in charge of occasional maintenance operations. For further information, please contact the Data Controller.
Unless the disclosure of personal data is required by law or is strictly relevant and necessary for the fulfilment of requests or contractual obligations for the performance of the service, personal data are provided voluntarily and optionally by users when activating the service, for the following purposes:
- Personalising the customer experience
- User registration and authentication
- Ensuring the correct use of the ecommerce platform
4. Types of personal data processed
A. Personal data
Personal data may be entered voluntarily by the User or collected automatically during the use of this Application.
Failure by the user to provide certain personal data may prevent this Application from providing its services.
The User assumes responsibility for the personal data of third parties published or shared through this Application and guarantees that he/she has the right to communicate or disseminate them, releasing the Owner from any liability towards third parties.
B. Navigation data
The computer systems and software procedures used to operate this Application acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category includes IP addresses, or the domain names used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained, etc.
This data is used to obtain anonymous and aggregate statistical information on the use of the Application and to check its correct functioning, and is permanently stored on third party servers (hosting providers). The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the Application.
While browsing the Application, the user may also receive cookies on his terminal equipment that are sent by different sites or web servers (called "third parties"), which may contain certain elements (images, maps, links, etc.) present on the site that the user is visiting.
Cookies are used to provide faster access to online services and to improve the user's browsing experience (session tracking, storage of user information, faster loading of content, etc.).
5. Links to third-party sites
The Owner may present or offer third-party products or services on its Application. The sites of these parties have different criteria regarding privacy that are independent of ours. The Owner therefore declines all responsibility for the content or activities of these linked sites.
6. Processing methods
The processing of the data may consist not only in their collection, but also in their recording, storage, modification, communication, deletion, dissemination, etc., and will be carried out both on paper and with the aid of electronic, computerised, telematic or otherwise innovative tools, in accordance with methods and instruments suitable to guarantee the security and confidentiality of the data, in accordance with the provisions of Articles 31 et seq. of the Privacy Code, relating to the "minimum security measures for the processing of personal data"aimed at ensuring a minimum level of protection of personal data.
In particular, all the technical, IT, organisational, logistical and procedural security measures will be adopted, as provided for by the Privacy Code, by "Annex B" to the same decree (the so-called Technical Regulations), by the various Measures issued subsequently to supplement it, so that at least the minimum level of data protection provided for by law is guaranteed.
Furthermore, the methods applied ensure that access to the data is only allowed to persons entrusted by us with the processing.
7. Rights of the persons concerned
Users have the right to contact us for any information on their personal data, to obtain confirmation of the existence or non-existence of such data and to know its content and origin, to verify its accuracy or request its integration or updating, or rectification, cancellation, transformation into anonymous form or blocking in violation of the law, as well as to oppose in any case, for legitimate reasons, its processing.
Requests may be submitted in the following ways:
- E-mail to be sent to firstname.lastname@example.org;
- Registered mail which must be sent to the address of the operating headquarters: Italix Sas di Andrea Sivieri e soci, via Rovigo 27 - 35142 Padova (PD).
Applicationwebsite, app, hardware or software tool through which users' personal data are collected.
Personal dataany information relating to a natural person who is identified or identifiable, even indirectly, by reference to any other information, including a personal identification number.
UserThe individual who uses this Application, who must be the same as the Data Subject or be authorised by him, and whose personal data are processed.
Data controllerThe Data Controller is the natural or legal person, the public administration and any other body, association or organisation which is responsible, also jointly with another data controller, for deciding on the purposes, methods of processing personal data and the tools used, including the security profile, in relation to the operation and use of this Application. The Data Controller, unless otherwise specified, is the owner of this Application.
Processing of personal dataaccording to Italian law, means any operation or set of operations, carried out even without the aid of electronic instruments, concerning the collection, recording, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, erasure and destruction of data, even if not recorded in a database.