In observance of the obligations foreseen by the European Privacy Regulation EU/2016/679 (GDPR) we herein intend to inform you that IMMOBILIARE FAUSTA DI BAITA RICCARDO E C. - SAS, with offices in VIA FAUSTA 403/A , postcode 30013 , city CAVALLINO TREPORTI , province VE , Nation Italy , Certified Email firstname.lastname@example.org, VAT reg. no 00640680278, Tax Code 00640680278, as Data Controller and company website manager, will subject your personal data, that may be collected by us, provided by you and/or other communicated subjects, by filling out forms, browsing the web pages and using online services. Data, freely provided by you or collected in some other manner, will be processed in observance of the current privacy laws; based on the principles of correctness, legality and transparency and carried out in observance of the principles of pertinence, completeness and non-excess.
Therefore, in accordance with the contents of article 13) of the European Privacy Regulation EU/2016/679 (GDPR), we would like to inform you that:
1. PURPOSE OF PROCESSING:
A. While browsing and using the company website, the following information may be collected and processed for the exclusive purposes of security and improvement of the service offered Website access page (via query parameters in the URL)
Origin page that leads visitors
Date and time of access
Quantity of transferred data
State of access (translated page, page not found…)
Operating system and browser used
Client's IP address and possibly domain name and name of internet services provider's name
Registration data, statistics on pages visited, traffic data and advertising data (see Cookies Information Sheet).
B. If you should decide to use specific online services or need more commercial and/or assistance or technical support information, you will be asked to fill out a specific form and provide some personal data. These data will be processed to respond to requests received, provide assistance services and technical support and for the following further purposes:
B.1. regular execution of institutional activities and/or activities included in the company purpose
B.2. needs regarding the stipulation of contracts and appointments, the relative execution, subsequent amendments or
variations and for any obligation provided for to fulfil them
B.3. operational, organisational, management, fiscal, financial, insurance and accounting needs
relating to the contractual and/or precontractual relationship established
B.4. fulfil any type of obligation foreseen by laws, regulations or EU legislation.
B.5. Registration, management and storage of access logs to web applications and online services
B.6. Security regarding use of our web applications and online services
B.7. monitoring needs of product/service provision modes, relations
with suppliers and management analysis of risks connected with the contractual relationship.
B.8. If during the form filling out process or later while using our online services, you have provided, express, specific and free consent, your personal data may be also be processed for traditional marketing, online marketing, web marketing and web advertising activities.
2. PROCESSING METHODS:
Personal data using the above cookies will be processed in automated or partly automated mode and may comprise the following operations: collection, registration, organisation, storage, consultation, use, processing, modification, selection, extraction, comparison, interconnection, transmission, communication, diffusion, erasure, destruction, blocking and limitation.
Data will be processed with the use of paper copies, electronic, computer and remote devices suitable for ensuring security and confidentiality of data in compliance with the contents of article 32) of the European Privacy Regulation EU/2016/679 (GDPR) on suitable security measures.
In carrying out processing operations, however, all technical, computer, organisational, logistical, and procedural security measures will be adopted in order to guarantee the minimum level of data protection provided for by law. The methods stated above, applied to processing, will guarantee data access solely for the subjects specified in point 4).
3. LEGAL BASIS OF PROCESSING:
Providing and processing of data is:
Obligatory and does not required your consent for achieving the purposes connected with legal, regulatory or EU legislative obligations.
indispensable and does not require your consent for all vital personal data for a correct
use of web applications and online services and establishment, management and continuation of commercial and/or contractual relationship.
discretionary and requires your express consent for all personal data collected for marketing purposes
or not directly and/or indirectly connected with contractual, precontractual, legal obligations, safeguarding of vital interests, carrying out of public tasks, exercising of public powers or pursuit of legitimate interests.
Any refusal, even if legitimate, to provide all or part of the data as above, may make access and use of our web applications and online services difficult and affect the regular carrying out of the relationship with our company and in particular, for the personal data defined above as obligatory and indispensable, may make access and use of our web application and online services impossible and make it impossible on our part to carry out company operations normally and provide the requested services/products regularly.
4. PERSONAL DATA RECIPIENT CATEGORIES:
The subjects or subject categories that may learn of data or to whom personal data may be communicated are the following:
Data Controller's Legal Representative
Data Protection Officer (where appointed)
Data Processors: Consultants and Consultancy Companies, Freelance Professionals, Self-employed Workers,
Technical and Engineering Studios, Agents and Representation Agencies, Banks and Insurance Companies, Credit Collection Companies, Auditors and Auditing Firms, Accountants’ Practices, Employment Consultancy Studios, Legal Practices, Transport and Logistics Firms, Services and Doctors and Doctors’ Surgeries. Processing Appointees: General Management, Administration, Secretarial Office, Human Resources, Marketing, Commercial Area, Technical Area and Information Systems. System Administrators Personal data can also be diffused, but only in aggregate, anonymous form and for statistical purposes.
Personal data can also be communicated to public bodies, the police or other public and private subjects, but only for the purpose of fulfilling legal, regulatory or EU legislative obligations.
5. TRANSFER OF DATA OVERSEAS:
Processed data may be processed and transferred, for the purposes stated in point 1) and according to the modes set out in point 2), also to subjects set out in point 4) allocated in countries belonging to the European Union and/or outside the European Union, but solely on the basis of a Adequacy Decision by the European Commission, of Adequate Privacy Guarantees or authorisation from the Data Protection Authority.
6. STORAGE PERIOD:
The data will be collected and recorded for the sole purposes as set out in point 1) and will be stored for a period of maximum ten years from collection for administrative and accounting purposes, and no longer than twenty-four months for marketing purposes.
7. MODES FOR EXERCISING THE DATA SUBJECT'S RIGHT:
In all cases, you can always ask the Data Controller’s Legal Representative and/or the Data Protection Officer (where appointed) for a copy of your personal data, information about the location in which your personal data are processed and an updated list with ID details of all Data Processors and System Administrators authorised to process your data.
You can freely revoke your consent at any time, without any burden and prejudice for the legality of the processing carried out up to that moment and exercise the following data subject's rights towards the Data Controller as foreseen by the European Privacy Regulation EU/2016/679: Access, Rectification, Erasure, Limitation, Objection, Portability, Complaint to the Data Protection Authority.