NOTICE AS PER ART. 13 OF THE EU REGULATION 2016/679 OF THE EUROPEAN PARLIAMENT AND COINCIL, OF 27th APRIL 2016 IN FORCE AS FROM 25th MAY 2018.
Dear user, we hereby inform you of how we will be processing your Personal Data. The website https://italyoftomorrow.com/ (hereinafter “the website”) is subject to EU Regulation 2016/679 of the European Parliament and Council of 27th April 2016 in force as from 25th May 2018 (hereinafter “the G.D.P.R.”). We therefore hereby proceed to inform you with this data protection policy declaration of the content and scope of the collection and use of your personal data (hereinafter “the data”) by the owners of the website. All definitions of terms used on the website have the same meaning as those provided in Art.4 of the G.D.P.R., including but not limited to “personal data” or “processing”, and should be read and construed in accordance to the G.D.P.R..
1. OWNER AND CONTROLLER OF THE PROCESSING - ART. 13 CO.1 LETT [A] [B] GDPR 2016/679
The owner of the processing of the collected data is:
This data is collected automatically by the IT systems and software procedures which allow for the website to work. Such collection is implicit in the use of Internet protocols. Such data are not collected with the aim of being associated to identified users, but for their nature could, through re-elaboration and association with third party data, allow to identify users. In this category are data such as IP addresses, domain names of users computers, URI (Uniform Resource Identifier) addresses of the requested resources, time of the request, method of submission of such request to the server, dimension of the file obtained in return, the numerical code indicating the status of the answer given by the server (completed, error, etc) and other parameters related to the operating system and the IT environment of the user. These data are used by the Owner only to obtain anonymous statistics on the use of the website and check on its correct performance. These data could also be used to ascertain responsibilities in the event of illicit activities which can be punished by law against the website and the Owner of the processing.
Data provided voluntarily by the user
The Owner of the processing collects some personal data (name, last name, email address, phone number, address, and others) provided voluntarily by the users of the website through dedicated registration forms or forwarded to www.italyoftomorrow.com/ by email.
3. SCOPE OF THE PROCESSING OF PERSONAL DATA AND JURIDICAL BASES
The Personal Data that the Owner of the processing obtains are exclusively those provided during the navigation and/or at the moment of submitting a request of information by sending an email or by using the contact form on the website. The Personal Data could be processed both through the use of IT tools and physical supports. In accordance with Art 6 G.D.P.R., the licit use of Personal Data will be aimed at:
allowing the navigation and use of the website
answer to the questions of the users which might reach the Owner of the processing through the contact form or email of the website
send to the user useful information, news, offers, discounts and promotions through a newsletter
By using the website, the processing of the users’ data could be based on:
4. STORAGE OF PERSONAL DATA AND RIGHT TO OBJECT
5. TRANSFER OF PERSONAL DATA TO THIRD PARTIES
In principle the Personal Data of the Website’s users will not be transferred to third parties without the express consent of the individual user. Exceptionally said Data could be transferred to third parties even without the consent of the individual user in case of an executive injunction from a competent authority or judiciary court.
The eventual transmission of Personal Data would happen in full compliance with DPL and G.D.P.R. requirements.
6. RIGHTS OF THE DATA SUBJECT
In relation with the processing of its Personal Data, the user can exercise:
Power of revocation of consent to Data processing. At any moment the user can request to the Owner of the Processing to delete their Data immediately, especially if the Data are not useful to reaching the scope they had been collected or processed for, and subject to the requirements of the applicable laws. In accordance with Artc. 7 cpv.3 G.D.P.R.. Revocation of consent does not apply to the licit processing of Data based on consent performed prior to the revocation.
Right of access by the Data Subject, by asking to the Owner of Processing if they had processed any of one’s own Data, in accordance with Art. 15 G.D.P.R..
Right to rectification and integration of Personal Data. The user has the right, even by simple integrative declaration in accordance with Art. 16 G.D.P.R. to request and obtain (without undue delay) from the Owner of the Processing the rectification of inexact or incomplete Personal Data.
Right to erasure of Personal Data. The user has the right to request and obtain (without undue delay) from the Owner of the Processing the deletion of the Personal Data for any of the reasons as per Art 17 G.D.P.R., especially if said Data is no longer necessary to the scope for which it had been collected or processed and as long as its deletion does not offend any disposition of an applicable law.
Right to restriction of processing. The user can request and obtain (without undue delay) from the Owner of the Processing the limitation of the processing of its Data in one of the events as per Art 18 G.D.P.R..
Right to Data portability. The user has the right to received in a structured format, of common use and legible from an automatic device the Personal Data provided to an Owner of Processing and has the right to transfer such Data to another Owner of Processing without impediments from the Owner of Processing the data subject originally obtained the Data from within the conditions as per Art 20 G.D.P.R..
Right to object: the user can, at any time, for the reasons and conditions as per Art. 21 G.D.P.R. has the right to object to the treatment of the Personal Data.
Right to not be subject to automated individual decision-making, including profiling which may produce juridical effects or similarly seriously affect the user, in the case that previous explicit consent wasn’t given or none of the conditions as per Art 22 G.D.P.R. has been met.
In order to exercise the above rights, the user can contact the Owner of the Processing at the address provided under Art 1 of the present Policy. The user will have to provide: name, last name, address; detail of the request, photocopy of a valid Identification Document.