With this information notice, Matteo Panero, owner of the website www.patriciaymatteo.it, informs about the way the site is managed in relation to the processing and protection of personal data of users who navigate within it, with direct access from the home page or from other pages. Through the navigation of the site, in fact, personal data referring to identified or identifiable individuals may be collected.
The principles outlined below constitute the guidelines of the approach taken.
Users’ personal data will be:
1) processed lawfully, fairly and transparently;
2) collected for the determined, explicit and legitimate purposes specified below and subsequently processed in ways compatible with those purposes;
3) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
4) accurate and updated as necessary. In this regard, Matteo Panero shall take all appropriate measures to ensure the timely rectification and/or erasure of data that are inaccurate in relation to the purposes for which they are processed;
5) kept in a form that allows the identification of the data subject for a period of time not exceeding the achievement of the purposes for which they are processed;
6) processed in a manner that ensures adequate security of personal data, including protection, by appropriate technical and organizational measures, from unauthorized or unlawful processing as well as accidental loss, destruction or damage.
OWNER AND RESPONSIBLE PERSONS
The Data Controller is Matteo Panero, with registered office at Via delle cappelle di sopra 31, Calenzano, Florence, 50041, Italy.
An updated list of the data processors, appointed by the Controller pursuant to Article 28 of the GDPR, is available at the Controller’s registered office.
DATA PROCESSED AND PURPOSE OF PROCESSING
Navigation data: the computer systems and software procedures used to operate the website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment. The data, thus collected, could be used to ascertain responsibility in the event of any computer crimes against the site.
Data provided directly by the user: the data requested by the various sections of the above website, such as first name, last name, email are used in order to carry out the user’s requests (purely indicative and non-exhaustive examples: when requesting information or explanations by writing to the email addresses on the site’s home page or internal pages, or when spontaneously sending a curriculum vitae for the purpose of proposing oneself as a candidate, or when making direct calls or sending faxes to the numbers in the “contacts” section).
NATURE AND LEGAL BASIS OF THE PROCESSING
Browsing data are processed as they are necessary to give effect to computer and telematic protocols.
The provision of personal data by users is free and optional, however, failure to provide such data may result in the inability to access the services offered by the portal.
The legal basis for the processing is consent.
PROCESSING METHODS AND STORAGE PERIOD
Data collected through the above website are processed through computer and telematic procedures.
Data of a technical nature are stored at the company’s servers.
The personal data acquired through the Web services offered by Matteo Panero are kept at the registered office of the same mentioned above and are processed only by technical personnel authorized for processing or by authorized personnel in view of occasional maintenance work.
The aforementioned data are kept by the Owner in full compliance with the principles of necessity, minimization, limitation of storage, through the adoption of technical and organizational measures appropriate to the level of risk of processing, for a period of time not exceeding the achievement of the purposes for which they are processed and in any case for the period required by law.
RIGHTS OF THE INTERESTED PARTY
The data subject may assert pursuant to Articles 15 et seq. of the GDPR, specific rights including:
1) right to obtain confirmation as to whether or not personal data is being processed;
2) right to access the personal data and the following information (the purposes of the processing for which the personal data are intended, the categories of data, the recipients of the data, the storage period etc.);
3) right to request rectification or restriction of data processing;
4) right to obtain deletion of personal data if grounds exist;
5) right to lodge a complaint with a supervisory authority.
Finally, the data subject has the right to withdraw his or her consent to data processing at any time.
Revocation of consent does not affect the lawfulness of the processing based on the consent before revocation.
In order to enable you to exercise your rights under the Privacy Regulations, the Data Controller provides the e-mail address email@example.com
COMMUNICATION AND DISSEMINATION
The data collected will not be disseminated, sold or exchanged with third parties without the express consent of the data subject, except for possible communication to authorized third parties – committed to confidentiality or in the case appointed as data controllers ex art. 28 of the GDPR – (such as IT support companies and hosting companies) where necessary for the above purposes. The data may be communicated to the competent authorities, according to the terms of the law.
For the pursuit of the above purposes, there is the possibility of transfers of personal data to group companies located abroad. Please note that some countries do not offer the same legal protection for the processing of personal data. In such cases, Matteo Panero undertakes to ensure the presence of adequate safeguards for the protection of personal data in accordance with current legislation and to promptly notify the data subject of the aforementioned safeguards, the means to obtain a copy of such data, and the place where they have been made available.