Information on the processing of personal data pursuant to EU Regulation 2016/679
Data processing includes any operation or set of operations, carried out even without the aid of electronic instruments, relating to the protection of individuals with regard to the processing of personal data, as well as the free movement of such data (hereinafter “GDPR”).
This general information is provided in compliance with art. 13 GDPR, as well as pursuant to the Italian Legislative Decree 196/2003 (so-called “Privacy Code”) for all Subjects who consult and, more generally, interact with the services provided through the Site.
The information is valid only for this Site, therefore the Owner assumes no responsibility for any other third-party websites that may be consulted and/or accessible in any capacity via hypertext links on the Site itself.
1. Owner and Data Controller
The Data Controller is Litapat S.r.l. with office in Via Simone Martini, 125, 00142, Rome, in the person of Dr. Giulia Tagliafico (hereinafter, the “Owner”) available on the contact email: firstname.lastname@example.org.
2. Types of Data Collected
a) Browsing data
The computer systems and software procedures used to operate the Site are managed by the Owner entirely through the WordPress.org platform and acquire, during their normal operation, some personal data which transmission is implicit in the use of Internet communication protocols.
This category of data includes the IP addresses or domain names of the computers used by the Subjects who connect to the Site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (i.e. successful, error, etc.) and other parameters relating to the operating system and IT environment of the Subjects.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the Site.
The Site is set up to process data without associating them with identified Subjects, but, due to the very nature of the data, these could, through processing and association with data held by third parties, allow identification of the same.
The WordPress.org data processing policies apply to the processing, which can be consulted in detail at the following address: https://it.wordpress.org/about/privacy/
b) Data provided voluntarily by the user
Except as specified above in relation to browsing data, the Data Controller will acquire any personal data provided by the Subjects through the Site by voluntarily and explicitly sending e-mails to the addresses indicated or by filling in specifically prepared forms. Voluntary submission through these channels does not require further information or requests for consent. Specific summary information will be reported or displayed on the Site page prepared for the form. The Subjects must therefore explicitly consent to the use of the data contained in this form in order to send the request.
Through the Site, the Data Controller will not acquire data of a sensitive nature or in any case belonging to the particular categories referred to in art. 9 of the Regulation or data relating to criminal convictions or offences.
c) Cookies and other technologies
3. Purposes and Legal basis of processing
a) Provision of the requested services
The data provided voluntarily by the Subjects will be processed by the Data Controller to respond to their requests and exclusively for this purpose. The provision of such data is therefore necessary to obtain the requested service and the legal basis of the processing is article 6, paragraph 1, lett. b), GDPR.
b) Fulfillment of legal obligations
The data collected and those provided by the Subjects will also be processed by the Data Controller to fulfill legal obligations that concern him. Also, in this case, the provision of such data is mandatory and the treatment is based on the art. 6, paragraph 1, lett. c), GDPR.
c) Processing pertinent to the legitimate interest of the Data Controller
The data of the Subjects will also be processed by the Data Controller to ensure the correct functioning of the Site and its contents. Also, in this case, the provision of such data is mandatory and their treatment is based on article 6, paragraph 1, lett. f), GDPR.
4. Methods of processing
The processing of personal data takes place using paper, information technoligies, telematic and other telecommunications systems. The data processing operations are carried out in such a way as to guarantee their minimization, security and confidentiality, in full compliance with the applicable legislation (articles 5 and 32 of the GDPR, Privacy Code and provisions of the competent Authorities).
5. Retention time
The personal data collected from the Subjects will be kept for the time strictly necessary to follow up on the requests made by the same through the Site.
All additional data will be stored and processed for the period strictly necessary and, in any case, for a period not exceeding 12 months from their acquisition and/or communication, except for the renewed assignment of the same in the forms of law.
6. Data circulation
The data collected is not subject to disclosure and cannot be transferred abroad.
8. The rights of Subjects
- confirmation of the existence of the data and communication of the same;
- updating, rectification, integration, cancellation, transformation of personal data;
- the blocking of data processed in violation of the law.
Subjects may exercise their rights by writing to the Data Controller to the following e-mail address: email@example.com.