This section provides a view of the processing of the personal data in question in a prevalent manner with respect to the competences and legal obligations relating to the website www.simonazziremo.it.
With the entry into force of the art. 13 Legislative Decree 30.06.2003 n. 196 (hereinafter, “Privacy Code”) and the EU Regulation n. 2016/679 (hereinafter, “GDPR”), the company Simonazzi Remo s.r.l. informs you that the data collected through this website www.simonazziremo.it (hereinafter referred to as the Site), will be processed in compliance with the aforementioned legislation, furthermore this treatment will be based on the principles of lawfulness and transparency, to to protect the privacy, freedom and rights of all visitors and users.
Responsibilities related to the processing – Owner
Simonazzi Remo s.r.l., E. Ferrari, 8/10 42017 Novellara (RE), Italy. PIVA 02246760355. E-mail: firstname.lastname@example.org, is the Data Controller (hereinafter the Data Controller).
Standards applicable to treatment
The Data Controller has adopted various security measures and a code of conduct relating to the legislation, for the protection of personal data acquired through the Site, against the risk of loss, accidental or intentional dissemination, abuse or alteration, applying where possible all the provisions present. in articles 32-34 of the Privacy Code and art. 32 GDPR; using standard data encryption technologies through the HTTPS protocol, as well as strict storage procedures, methods and release of access credentials (administrative backend) to the data. The aforementioned requirements and standards have been applied where possible, even in cases where the transfer of data outside the EU (third countries) is envisaged, to protect the rights of the data subjects.
Type of data processed
During user visit sessions, with the storage of cookies in the browser used by them, some data are collected in an automated, aggregate and anonymous way, some for a minimum duration relating to the duration of the session, others for a maximum duration of 26 months . Some data could be:
- Browser used
- Type of device used
- Date, time and duration of the visit
- Address of the page (s) visited
- IP address
- Name of the network of origin
- Unencrypted IP address (for security reasons to protect the data) *
*: The user’s IP address, collected and stored in clear text, is a relevant personal data that could, if crossed with other data, allow the identification of a natural person.
The following types of cookies are present on this site:
Cookies in this category include both persistent cookies and session cookies, they allow to distinguish between connected users avoiding that a service is provided to the wrong User and therefore are the consequence of an express request from the user, and are also used for security. of the site and of the users themselves. In the absence of these cookies, the site or some portions of it may not work properly. Cookies in this category are always sent from our domain, and no consent is required for them.
Cookies in this category are used to collect information on the correct use of the site and user behavior for statistical analysis purposes, to improve the site and simplify its use. This type of cookie collects information on user activity on the site and on how they arrived at the site and the pages visited. Cookies in this category are sent from the site itself or from third-party domains.
This site also acts as an intermediary for third-party cookies, used to provide additional services and features to visitors and to improve the use of the site, such as buttons for social media. Profiling cookies could be used, i.e. used by third parties in order to collect information on the behavior and interests of users in order to provide personalized advertising.
Purpose (IP): the sole purpose of this collection (IP addresses below only IP) is the legitimate defense against attacks, intrusion attempts in the administrative backend of the Site, hacking of any kind, and any type of violation, such as to represent a danger also for the data of the users that are stored or that can be illegally seized at the time of voluntary entry.
Storage location (IP):these IP data are stored exclusively on the web server where the CMS (Content Management System) resides, within the borders of the EU, at the ISP that carries out hosting activities for the Owner’s Site.
Only in particular situations, which involve a risk for the security of the data and for the Site, or in circumstances which force the Data Controller to have to exhibit for legal disputes or legal obligations, such data may be transferred to the Data Controller’s systems or its appointees or data processors, exclusively and limitedly for this specific investigation activity and / or communicated to the Authorities for the investigation of the case.
Method of collection (IP): the data is collected automatically, aggregated and anonymous. In addition to the IP address, they can include the date and time, the type of browser and device and other minor specifications, which in any case do not allow the identification of an individual.
Right to cancellation:already the art. 7 – Legislative Decree 196/2003 and now the art. 17 of the GDPR, guarantees the interested party the right to request the existence of his / her data (art. 15 GDPR) and the possible cancellation based on one of the foreseen reasons.
il Titolare dichiara di non utilizzare in alcun modo tali dati per finalità di marketing o per statistiche, o per qualsiasi altra finalità diversa da quelle suindicate, concernenti la legittima difesa per ragioni di sicurezza.
Se il visitatore/utente del Sito, è contrario a tale pratica, è sua libera scelta la rinuncia a navigare/utilizzare il Sito www.simonazziremo.it.
Accesso ai dati (IP)
Access to the IP addresses and related data, referred to above, is strictly reserved to the Owner alone, no other party is authorized to access it, nor are such data communicated, disseminated or transferred to third parties except in exceptional cases for legal obligations. and behind documentation.
Access to data (in general)
The data can be made accessible to:
- appointees and / or internal managers of the association, who are members.
- To “third” companies. Based on the terms and conditions of the contract, established with these, the data collected are not disseminated, shared, or used in any other way that does not comply with the legislation in force and the contractual agreements established. The data processing methods, in addition to the aforementioned contractual agreements, are established by the operational settings provided by the same third-party companies, and configured in such a way as to comply with the regulations in force. In case of violation of the aforementioned provisions, or false declarations, on the part of such “third-party companies”, the Owner will in no way be held responsible for them in relation to the users / visitors of the Site.
The “third-party companies” involved are:
- MKW Web Agency via Piacenza 9, 41012 Carpi (MO) Italy, as a web master in charge of the management of the Site. Access to the IP addresses mentioned above is expressly forbidden to those following a specific letter of appointment.
- the Internet Service Provider (ISP), owner of the infrastructure that physically hosts the Site and the services connected to it for its management, such as e-mail management, is Siteground Spain S.L. Calle de Prim 19, 28004 Madrid Spain. The web and email servers are located in the Netherlands.
Other “third-party companies” or their partners could be:
- Facebook Inc. or Facebook Ireland Limited, for products like Facebook, Messenger, Instagram, WhatsApp, based in Menlo Park, USA and resp. Ireland.
- YouTube, G + and Google Maps trademarks of Google LLC (“Google”), based in 1600 Amphitheater Parkway, Mountain View, CA 94043, United States.
- Various companies that supply “plugins” (program modules), designed to perform specific functions within the site, will be listed precisely and only if they are collecting data.
Other data collection methods
On a voluntary basis, and / or through the contact form, and then via e-mail, to the address email@example.com the users / visitors of the Site can send messages after entering their data, by way of example but not exhaustive :
- First name,
- business name,
- Consent to the processing of data
this is equivalent to freely providing such data which will be stored and managed in compliance with the regulations in force. The acquisition of data, as well as any other personal data entered on an optional and intentional basis in the message, is necessary to respond to requests. In case of entering sensitive data, these will be deleted and will not be kept. The storage of data sent through this mode, is variable based on the relationships that may occur between the Owner and the user, it is therefore not predictable in itself.
The data collected may be communicated and / or disclosed to third parties only if necessary, in the cases provided for by law, in case of need for the signing of contracts and in cases for instrumental purposes the conduct of the activity itself to:
- External parties, professionals or service companies for administration and business management that work for our bill;
- Hardware and software company for maintenance operations performed on our computers;
- Banking Institutions for the management of receipts and payments deriving from normal activities in the context of an existing employment relationship;
- Possible debt collection and credit insurance companies;
- Private individuals or public bodies, exclusively for compliance with legal obligations;
- Third-party companies that own the technologies applied through cookies, to carry out:
– system functions, necessary for the correct navigation of the Site,
– activity of statistics on visits, to improve the “yield” of the pages of the Site,
– marketing activities to optimize its offer on services / products.
- Web agency for site management and maintenance.
Data life cycle
Data acquired through cookies and purpose.
When a user reaches a page of the Site, the cookie-banner is presented to manage the consent or deny the use of the cookies themselves on the browser of the user / visitor. With the exception of those Necessary, with limited duration to the session of the visit and then destroyed, the user can refuse or accept the storage of cookies in his browser, from which the execution or not of software designed to acquire data automatically, aggregated and anonymous.
Some of these collected in this way are transferred to hardware located in Italy, others in the United States and stored according to regulations, for a maximum period of 26 months. After this period, they are overwritten, which is tantamount to destroying them.
In the period in which they remain available for consultation, they can be used to measure the level of satisfaction and “surrender” of the pages of the Site, allow checks on the popularity, relevance and positioning of the Site based on its contents and level of ” preference ”granted by visitors.
In addition to this, they allow to verify the validity of the contents inserted, with respect to the searches carried out by visitors on search engines, and based on the results, to optimize some elements in the case.
There may be “widgets” (program GUI) or links / functions that refer to third parties, such as not exhaustive, Facebook, Messenger, Instagram, WhatsApp, Pinterest, G +, YouTube, Vimeo, etc. The collection and management through these, falls in the cases of “other third-party companies”.
Data acquired through contact form
The filling of the text boxes of the form can be used freely by the user / visitor. There are some boxes required and indicated by an asterisk, referring to the data necessary to provide the requested service, in case of failure to complete even one of these, it will not be possible to use the form. The data sent transit on different mail servers to then arrive on the mail server which is located in Italy and from there made available for consultation and archiving also on the owner’s hardware. In both locations, the data is managed and stored according to regulations. The duration is not predictable and depends on the commercial relationships that can be established between the user and the owner.
Data acquired through site registration
If there is a restricted area, with access to private / confidential pages of the Site, the user will have to perform a registration procedure to access it, and will be required to send some data necessary for the identification of the person or subject, subsequently he may access it, following a login procedure by entering your username and password. This data will be stored on the ISP’s web server that hosts the Site and is located in Italy, and will be managed by the Data Controller via computer, a copy of these data may be stored on the Data Controller hardware in compliance with the law and for security reasons.
Data acquired through opinion polls
In the event that surveys are carried out in order to know the opinions of the users interviewed, about various topics, the data collected will be stored on the ISP’s web server that hosts the Site and is located in Italy, and will be managed by the Data Controller via computer, a copy of these data may be stored on the owner’s hardware in compliance with the law and for security reasons.
Data acquired through newsletter subscription
In case of sending newsletters or e-mail marketing, the flow of data will be identical to that relating to the management of e-mails. On the Website there will be an optional subscription banner for the newsletter for which only a Name and E-mail address are required.
For each registration received, the Owner uses a validation system of the e-mail address, in which a request for explicit consent will be sent as acceptance of the receipt of the newsletter. Only when such validation and consent are received will the Data Controller send the newsletters. These may be periodic or dependent on the presence / organization of events and therefore be used as an invitation to participate in them.
The procedure for unsubscribing / canceling the service is always indicated on each newsletter and on the Website, which can be done by entering the registered e-mail address, if not already present, and confirming with a click.
There may be a last e-mail sent to the user confirming the cancellation, or a simple video message.
With regard to e-mail marketing, the GDPR expects that a relationship already exists between the Owner and the user, which is therefore a customer or is in the service, therefore consent is not required for existing customers. Only if there is a justified reason for direct e-mail marketing, therefore sending without prior consent, this is admissible after entering a clear and functional opposition procedure to the processing of user / recipient data for marketing purposes .
Data support resources
The Owner uses an IT infrastructure (hardware and software) that is constantly monitored and always up to date: devices, operating systems, antivirus, firewall, anti-malware, antispam, etc. Moreover, in all operational contexts, it uses procedures to reduce or if possible completely exclude the cyber risk (cyber risk): interruptions, unwanted accesses, data loss, infections of various kinds, brute force attacks, hacker attacks, etc.
The site uses the standard encryption protocol for HTTPS data and is protected by firewall software. Monitoring is constant, thanks to alarm reception procedures, with a high level of responsiveness.
The CMS used, which can be Joomla or WordPress, is always updated to the latest version, as are the add-ons – plugins.
System data and some collected data are hosted within the ITP’s IT infrastructure and use LAMP servers (Linux, Apache, MySQL, Php), as well as proprietary software for online management supported by cPanel as a graphical interface for web hosting.
All data collected through cookies are collected in an automated, anonymous and aggregate form and according to the Terms and conditions set by the Data Controller with third parties, which in any case, prohibit the dissemination / sharing with other entities or products of the same.
Purpose of the processing
The data collected is limited to those “Necessary” to allow an effective navigation of the Site itself, “Statistics” to help the owner of the Website to understand how visitors interact with it, collecting and transmitting information anonymously, finally, those of “Marketing” which are used to monitor visitors on websites. The intent is to display relevant and engaging ads for the individual user or visitor and therefore those of greater value to publishers and third-party advertisers in the common meaning, but on this site they are not used or shared to profile users, nor display relevant ads to their interests.
Legal bases that legitimize the processing
The consent to the processing of data by the data subject implies the recognition of legitimate intent on the part of the Data Controller to communicate its offer for products and / or services relating to the activity carried out, and for the continuity of the same, such processing is considered essential.
It is essential for the purpose of acquiring contacts for new customers, consolidating and developing existing relationships with existing customers, for the execution of a contract or to provide information that can be object of evaluation of the services offered by the Data Controller to the data subject.
It is essential to protect the data of the same concerned for security reasons, for compliance with the regulations in force, and in cases where they should be required for legal obligations.
Processing is necessary for the purposes of legitimate interests pursued by the Data Controller or by a third party, where they do not violate the rights and freedoms of the data subject who has the right to the protection of these and in particular, in cases where the data subject is a minor.
The Site and the services present are not aimed at children under the age of 16. The Data Controller is not responsible for the collection of data sent intentionally or collected and related to people of this age. If these are present, the Data Controller will provide for their immediate removal upon explicit request.
The data collected are adequate, relevant and limited to what is necessary in relation to the purposes for which they were processed.
On this Site we have chosen to use the minimum number of cookies and related functions, introduce new ones and modify existing ones, relevant for the purposes of the need to run it. In addition, those that did not respond or were superfluous with respect to compliance with the law were limited and eliminated.
The cookies on the site are of three types and also defined as:
Required. Management of cookies for the functions required by the law
Statistics. Navigation management for site optimization
Marketing. Navigation analysis to optimize the site
At this link www.aboutcookies.org you can find more information about cookies, including how you can understand what cookies have set on your device, and how you can manage and delete them.
The data is accurate and kept up to date
In compliance with art. 5.1 d) of the GDPR, the personal data managed on this Site are not shared, nor disclosed to third parties, except for data residing on web and email servers in Italy to which, for terms and conditions established with third party companies, only the Owner has access. In case of violation of these provisions, or in cases where there is a legal obligation to access, the Data Controller cannot be held guilty.
As far as possible, the Data Controller will keep the data up to date, with procedures, tools and all possible initiatives for this to happen. In consideration of the purposes of the same, these will be made available for cancellation or rectification without delay.
Duration of data retention
|Cookies – Website|
|Type of cookie||Need for processing or legal requirements||Expiry|
|Needed||Management of cookies for the functions required by the law||Session|
|Statistics||Navigation management for site optimization||26 months / Session|
|Marketing||Navigation analysis to optimize the site||Session|
|Data sent by e-mail or for newsletter registration|
|Type||Need for processing or legal requirements||Expiry|
|Needed||Newsletter management and sending||None|
|Type||Need for processing or legal requirements||Expiry|
|Needed||Security reasons only||1 month|
The interested parties are informed of the treatment
Modality of acquisition of the consent or denial to the consent of the interested subjects
Consent management is ensured by the cookie banner present at the time of connection to the Site. The data subject is informed, has tools to make an informed and explicit choice, thanks to the following elements:
Controls offered and also available for any subsequent changes, selection or selection of types of cookies, specific for each of them, explanatory sentences completed by other information such as origin, expiration, etc.
Interested parties may exercise their right of restriction and objection
The interested parties have access to the controls on the banner cookie, they can freely renounce navigation on the Site, they can revoke the consent given, even at a later time, or they can send a specific request to the Owner:
If data is transferred outside the European Union, is the data adequately protected?
The Data Controller has accepted Terms and conditions of use with third-party service providers that are responsible for data processing. Through the configuration options of the operational tools for data collection, the Owner has set the following operating parameters as the main acquisition methods and conditions of use:
- de-selection of data sharing options with other entities, outside of the skills and functions strictly connected to the tools related to the management of statistics and marketing of the site.
This Notice may be subject to change. We recommend consulting the most up-to-date version.