INFORMATION REGARDING THE PROCESSING OF PERSONAL DATA
This information is provided, pursuant to art.13 EU 2016/679 Regulation (GDPR) to users who interact with the website Glass and Glass – Murano Srl, accessible via internet starting from the address: www.glassandglass.it, corresponding to the site homepage .
This report describes how to manage only the official website of the company but not other external websites which can be consulted by the user through links.
Additional information can be provided by different access channels, divided according to the topics covered. Other information may be provided by the Site in relation to specific services.
Data Controller: Glass and Glass – Murano Srl Via Tiepolo, 3 31021 Mogliano Veneto (TV)
contact details: email@example.com
|Purpose of data processing
|Legal grounds for processing||Data retention period|
|Administrative and accounting activities in general and for the fulfillment of legal obligations, regulations and from applicable national and supranational legislation
|Need to fulfill legal obligations|
|If necessary, to ascertain, exercise or defend the rights of the Data controller in court||Legitimate interest|
|Possible contact request, sending information requested by You
|Execution of a contract which the party is interested in or execution of pre-contractual measures adopted upon request of the same party (Article 6 (1) (b) of the Regulation)||Contractual duration and, after termination, for the ordinary statutory period of 10 years. In case of judicial litigation, for the entire duration of it, until the exhaustion of the terms of practicability of the appeal|
Sending – with automated methods of contact (such as sms, mms and e-mail) and traditional (such as phone calls with operator) – of promotional and commercial communications relating to services / products offered or reporting of company events or participation in webinars, as well as for market studies and statistical analysis.
|Consent (optional and revocable at any time).
It should be noted that the Data Controller collects a single consent for the Marketing purposes described herein pursuant to the General Provision of the Guarantor for the protection of personal data “Guidelines on promotional activities and the fight against spam” of 4th July 2013.
If You wish to oppose the processing of Your data for the purposes of Marketing carried out using the means indicated herein, as well as revoke the consent given; You may at any time contact the data controller at the addresses indicated in this statement, without prejudice to the lawfulness of the treatment based on consent given prior to the revocation
|Until revocation of consent, and in any case within two years if the data are not used for the requested purposes|
|Once the retention periods indicated above elapsed, the Data will be destroyed, deleted or made anonymous, consistent with the technical cancellation and backup procedures.|
Type of Processed Data and Methods of Collection
Navigation data-log files
It is possible to access the site without the user being asked to provide any personal data. The computer systems and the applications dedicated to the functioning of this website detect, during their normal operation, some data (the transmission of which is implicit in the use of Internet communication protocols) not associated with directly identifiable users. The collected data includes the IP addresses of the users connecting to the site, the addresses in URI (Uniform Resource Identifier) of the requested resources, the time of the request and the numerical code indicating the status of the response given by the server (good end, error, etc.).
This is information that does not provide personal data of the user and which are not collected to be associated with identified data subjects, but they are technical / informatic data collected and used in an aggregate and anonymous way for the purpose of verifying the correct functioning and monitor the security of the site, improve the quality of the service and provide statistics concerning the use of the Website and proceed with the ascertainment of responsibility in case of hypothetical computer crimes against the site.
Data provided voluntarily by the user
The voluntary and explicit sending of e-mails to the addresses indicated in the different access channels of this site entails the subsequent acquisition of the address and data of the sender / user, necessary to respond to the requests produced and / or provide the requested service. We ensures, however, that this treatment will be based on principles of correctness, lawfulness and transparency and protection of confidentiality as indicated in the GDPR. In any case, before proceeding with the activation of a certain service, suitable information will be provided and, where necessary, the relative consent to the processing of personal data will be acquired. This consent may be revoked at any time, causing the use of the service in question to lapse.
The lack of consent or revocation of the consent does not imply any consequence, except for the impossibility of using the Website and / or the provision of the requested service or to obtain more detailed information on the activities of the Company.
In any case, the processing of personal data may be carried out, if necessary, for the pursuit of a legitimate interest of the data controller or on the basis of a legal obligation.In particular, obtaining the consent to the processing referred to in the previous point relating to navigation and log data is not necessary as the data are treated as responding to a legitimate interest (Recital 47 of the GDPR).
Provision of Data
Apart from what specified about navigation data, the provision of personal data by the interested party, for certain purposes described in the previous paragraph, is to be considered optional. Failure to provide data may make it impossible to use certain services provided by the site.
Methods of data processing
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they are collected in compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art.5 of the GDPR and in compliance with the mandatory time limits prescribed by law. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
Communication and / or dissemination of data
Your data, subject to processing, will not be disseminated but may be disclosed to companies contractually linked to the company, in accordance with and within the limits of the GDPR. Personal data are stored on servers located within the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU.In this case, the Data Controller hereby ensures that the transfer of non-EU data will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission.
The data may be disclosed to third parties belonging to the following categories:
-subjects providing services for the management of the information system used by the company and telecommunications networks (including e-mail);
-studies or companies in the field of assistance and consultancy relationships;
-a competent authority for the fulfillment of the law obligations and / or provisions from public bodies, on request.
The subjects belonging to the aforesaid categories perform the function of Data Processing Manager, or operate in complete autonomy as separate Data Controllers. The list of managers is constantly updated and available at the company headquarters. Any further communication or dissemination will only take place upon Your explicit consent.
This Website and the Services of the Data Controller are not intended for persons under the age of 16 and the Data Controller does not intentionally collect personal information about minors. In the event that information on minors were unintentionally registered, the Data Controller will delete them in a timely manner, at the request of users.
Rights of the interested party
Interested parties have the right to receive from the Company information about the processing of personal information by email to: firstname.lastname@example.org