The company TRB SRL , in the person of its legal representative, VAT number 01921660351, with headquarters in Via T. Tasso, 9 42023 Cadelbosco Sopra (RE) with email address email@example.com – PEC firstname.lastname@example.org (hereinafter, the "Site"), as data controller of the personal data users of the Site (hereinafter, the "Users") provides below the privacy information pursuant to art. 13 of EU Regulation 2016/679 of 2 7 April 2016 (hereinafter, the "Regulation", or the "Applicable Law”).
This Site and any services offered through the Site are restricted to individuals who are eighteen years of age or older. Therefore, the Owner does not collect personal data relating to individuals under the age of 18. Upon the request of Users, the Owner will promptly delete all personal data unintentionally collected relating to individuals under the age of 18.
The Owner takes the utmost account of the right to privacy and the protection of personal data of its Users. For any information in relation to this privacy statement, Users can contact the Owner in qualsiasi momento, utilizzando le seguenti modalità:
- By sending a registered letter with return receipt to the Data Controller's registered office in via T. Tasso, 9 - 42 023 Cadelbosco di Sopra (RE)
1. Purpose of the treatment
Users' personal data will be processed lawfully by the Data Controller pursuant to art. 6 of the Regulation for the following processing purposes:
provision of the service, or to allow the User to browse the Site. The User data collected by the Data Controller for this purpose includes all personal data whose transmission is implicit in the use of Internet communication protocols, which the computer systems and software procedures used to operate the Site acquire during their normal operation: the IP addresses or domain names of the computers used by the Users, the U RI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the User's IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to allow it to function correctly. Without prejudice to the provisions elsewhere in this privacy statement, in no case will the Data Controller make the Users' personal data accessible to other Users and/or third parties;
process the User's request: Users' personal data are collected and processed by the Data Controller for the sole purpose of processing their request. The User data collected by the Data Controller for this purpose includes: name, surname, email address and all other User data that may be voluntarily published in the " contact us" section. No other treatment will be carried out by the Owner in relation to the personal data of the Users. Without prejudice to the provisions elsewhere in this privacy statement, in no case will the Data Controller make the Users' personal data accessible to other Users and/or third parties.
- administrative-accounting purposes, or to carry out activities of an organisational, administrative, financial and accounting nature, such as internal organizational activities and functional activities for the fulfillment of contractual and pre-contractual obligations;
- legal obligations, behördlicher, behördlicher oder gesetzlicher Verpflichtungen und zur Feststellung der Verantwortlichkeit im Falle hypothetischer Computerkriminalität gegen die Website;
- consent given, if in the cases provided for by current legislation, the User has given consent for one or more specific purposes;
- execution of a contract, if the processing is necessary for the execution of a contract with the User and/or for the execution of pre-contractual measures.
However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each treatment and in particular to verify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.
The provision of personal data for the processing purposes indicated above is optional but necessary, since failure to provide them will make it impossible for the User to make his request to the Data Controller.
The personal data that are necessary for the pursuit of the processing purposes described in this point 1) are indicated with an asterisk in the request form.
2. Processing methods and data storage times
The Data Controller will process Users' personal data using manual and IT tools, with logic strictly related to the purposes themselves and, in any case, in order to guarantee the security and confidentiality of the data.
The personal data of the Users of the Site will be kept for the time strictly necessary to carry out the primary purposes illustrated in the previous point 1) or in any case according to what is necessary for the protection in civil law of the interests of both the Users and the Owner.
3. Scope of communication and dissemination of data
The personal data of the Users may come to the knowledge of the employees and/or collaborators of the Controller in charge of managing the Site and the requests of the Users. These subjects, who have been instructed to this effect by the Owner in accordance with Article 29 of the Regulations, will process the User's data exclusively for the purposes indicated in this notice and in compliance with the provisions of the Applicable Regulations.
Users' personal data may also be disclosed to third parties who may process personal data on behalf of the Data Controller as "External Data Processors," such as, but not limited to, IT and logistics service providers functional to the operation of the Site, service providers in outsourcing o cloud computing, professionals and consultants.
Users have the right to obtain a list of any data processors appointed by the Data Controller by making a request to the Data Controller in the manner set forth in Section 4) below.
4. Data Transfer
The Data Controller does not transfer personal data to third countries outside the EU area.
However, it reserves the right to use cloud services; in which case, the service providers will be selected from among those who provide adequate guarantees, as required by art. 46 GDPR 2 016/679.
5. Rights of the interested parties
Users will be able to exercise the rights guaranteed to them by the Applicable Regulations by contacting the Owner in the following ways:
- By sending a registered letter with return receipt to the Data Controller's registered office in via T. Tasso, 9 - 42 023 Cadelbosco di Sopra (RE).
- By sending an e-mail message to the following addresses: e-mail: email@example.com or pec: firstname.lastname@example.org.
Pursuant to the Applicable Regulations, the Data Controller informs that Users have the right to obtain indication (i) of the origin of personal data; (ii) the purposes and methods of processing; (iii) of the logic applied in case of treatment carried out with the aid of electronic instruments; (iv) of the identification details of the owner and managers; (v) of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as managers or agents.
Furthermore, Users have the right to obtain:
- access, updating, rectification or, when interested, integration of data;
- the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
- the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment is proves impossible or involves the use of means manifestly disproportionate to the protected right.
Furthermore, Users have:
- the right to withdraw consent at any time, if the treatment is based on their consent;
- the right (where applicable) to data portability (right to receive all personal data concerning them in a structured format, commonly used and readable by an automatic device), the right to limit the processing of personal data and the right to cancellation ("right to be forgotten");
- the right to object in whole or in part, for legitimate reasons, to the processing of personal data concerning them, even if pertinent to the purpose of the collection;
- if they believe that the processing that concerns them violates the Regulation, the right to lodge a complaint with a Supervisory Authority (in the Member State in which they usually reside, in the one in which they work or in the one in which the alleged violation has occurred ). The Italian Supervisory Authority is the Guarantor for the protection of personal data, with headquarters in Piazza Venezia 11, 00186 - Rome (http://www.garanteprivacy.it/).
For anything not covered by this information, please refer to Regulation (EU) 2 016/679 to Legislative Decree 196/03 as amended by Legislative Decree 101/2018 and subsequent amendments, as well as any other provision issued by the Guarantor Authority for the Protégé processing of Personal Data ("Guarantor").