Owner of the data treatment.
In addition to the owner company as identified above, any partner sites that from time to time participate in data processing activities can take on the role of independent data controllers.
Object of the treatment.
1) Navigation data
During their normal operation, the IT systems and software procedures used to operate this website acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data on web contacts are not kept, however, for more than seven days, except for any investigations of computer crimes against the site.
No data deriving from the web service will be communicated or disseminated.
2) Data provided voluntarily by users / visitors
If users / visitors, by connecting and / or registering to this site, send their personal data to access certain services, or to make e-mail requests, they are aware that this entails the acquisition by the Owner of the sender's address. and / or others
any personal data that will be processed exclusively to respond to the request, or for the provision of the service. The personal data provided by users / visitors will be communicated to third parties only if the communication is necessary to comply with the requests of the users / visitors themselves or by legal obligation (as in the case of billing).
The treatment is carried out through automated tools (e.g. using electronic procedures and media) and / or manually (e.g. on paper) for the time strictly necessary to achieve the purposes for which the data were collected and, in any case, in accordance with
current regulatory provisions on the matter. Specific security measures are observed to prevent data loss, illicit or non-illegal use
correct of the same and unauthorized access, so as to allow access only to persons in charge or managers appointed in accordance with the provisions of the law in force. The list of external managers pursuant to art. 28 of EU Regulation 679/2016 is available at the headquarters of the Data Controller or by sending a remote request to the addresses indicated above.
Purpose of the treatment.
In addition to those indicated in the individual information that precede the compilation of the forms of the various sections of the site, the purposes of the processing carried out by the Data Controller must be understood as:
a) collection and storage and processing for the purpose of establishing and operating and administrative management of the contractual relationship connected with the performance of the established contractual relationship and the provision of the service offered on the site;
b) use of the user's personal data (in particular the e-mail address) to make direct marketing communications;
c) processing of the personal data provided and of those derived from browsing the site in order to provide a service consistent with the indications transmitted during the use of the service;
d) collection, storage and processing of data to carry out anonymous and / or aggregate statistical analysis;
e) purposes functional to the performance of our business, such as offering personalized content such as newsletter services or sending direct marketing communications.
E-commerce and Payments
Your data may be processed for the management of trolleys, orders, any user profile and include personal data, addresses, purchase list, reports and notes. The personal data provided could also be processed through delegated third parties (home delivery, mailing and data entry companies), for the administrative management of orders and purchases. The payment system provides for the communication of some data to the banks providing the service as independent data controllers.
Legal basis of the treatment.
The legal basis for the processing of customer data carried out by the owner through the site in the epigraph indicated consists, as regards the indications referred to in the previous point a) in the contract entered into, or in the pre-contractual phase connected to it, with the interested parties, while for what sub b), c), d), e) the legal basis is to be found in the legitimate interest of the Owner in the free economic initiative referred to in art. 41 of the Constitution. As regards further and future purposes that may require consent, it will be requested in a specific form and likewise must be considered a valid legal basis.
In addition to the owner, in some cases, categories of managers and authorized persons involved in the corporate organization (administrative, commercial, marketing, legal, accountants, system administrators) may have access to the data. In addition, the Data Controller may make use of external subjects (such as third party technical service providers, carriers, hosting providers, cloud services, IT companies, communication agencies) who will be appointed External Managers. The updated list of Managers can always be requested from the Data Controller, by contacting the address indicated above.
Transfer to a third country.
The owner does not transfer the data of the Customers / Users / navigators of the site, to other countries outside the European Union.
The data processed by the Data Controller will never be disclosed.
Place of data processing.
The treatments connected to the web services of this site take place in Italy and therefore, on the basis of Reg. 2016/679 / EU to be considered suitable as it falls within the EU context. The data are processed only by technical staff of the Office in charge of processing. In case of need, the data connected to the newsletter service may be processed by the staff of the company that manages the Data Center (responsible for processing pursuant to article 28 of Reg. 2016/679 / EU), at the company's headquarters.
Time and place of data storage.
The data are processed for the time necessary to perform the service requested by the User and then destroyed with secure means of destruction, such as paper shredders, and wiping for data on computer media.
Optional or mandatory provision of data.
Apart from what is specified for navigation data that acquire data automatically, users / visitors are free to provide their personal data or not to provide it. Their absence can only make it impossible to obtain what is requested. The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests for services, products or information, as well as any other personal data included in the message.
Rights of the interested parties.
The subjects to whom the personal data refer have the right at any time pursuant to the GDPR to obtain confirmation of the existence or otherwise of the same data and to know its content and origin, verify its accuracy or request its integration or updating, or rectification.
Requests should be addressed to Sintel IT Srl based in Rome in Via Luigi Lilio 95, CAP 00142, tel. 0642872123, mail firstname.lastname@example.org, PEC email@example.com. In relation to the processing of the aforementioned data, the customer has the right to obtain from the owner:
1. confirmation of the existence or not of your personal data, their communication in an intelligible form and knowledge of their origin, as well as the logic on which the treatment is based;
2. the cancellation, within a reasonable period, of your data, their transformation into anonymous form or the blocking of those processed in violation of the law;
3. updating of data, their correction or, when interested, their integration;
4. certification that the operations referred to in points 2) and 3) above have been brought to the attention of those to whom they have been communicated, provided that it is not impossible or involves a disproportionate use of means;
5. the Customer / user also has the right to obtain the correction or cancellation of the data concerning him or the limitation of the treatment;
6. the Customer / user has the right to withdraw the consent relating to optional treatments that are not connected to the execution of the contract signed with the Owner;
7. the customer / user also has the right to oppose for legitimate reasons the processing of personal data concerning him, even if pertinent to the purpose of the collection, to request portability, to exercise the right to be forgotten, as well as to contact the ordinary judicial authority or the supervisory authority responsible for the protection of personal data for any violation it believes to have suffered, at the PEC firstname.lastname@example.org or by registered mail with return receipt or by hand delivery to the Guarantor for the protection of personal data, which is based in Rome (Italy), Piazza Venezia n. 11 - 00187 Rome.
Automated decision-making processes.
Automated decision-making processes are not carried out on the aggregated data collected, except for the better management of the site.
This site and the owner's services are not intended for minors under the age of 18 and the owner does not intentionally collect personal information relating to minors. In the event that information on minors were unintentionally registered, the Data Controller will delete them in a timely manner, at the request of the users.