(EU Regulation 2016/679)
Casale Mostacciano considers the protection of personal data subjected to processing in the context of its business a priority to be achieved and maintained in its various aspects. The objective of this page, which is constantly updated, is to highlight and describe how personal data are ordered and recorded within the structure:
How this site treats your personal data
Information on the treatment of personal data
pursuant to art. 13 and 14 of Regulation (EU) 2016/679
Casale Mostacciano wants those who visit the website to feel protected about the processing of personal data, both during simple navigation and in the event that they decide to provide their personal data to take advantage of specific services or features.
THIS INFORMATION WHY
Pursuant to the General Regulation (EU) on the protection of personal data 2016/679 (hereinafter the Regulation), this page describes the methods of processing the personal data of users who consult the site accessible electronically at the following address http: // www . residencecasalemostacciano.com
HOLDER OF THE TREATMENT
The Data Controller is: Mida s.r.l.s. with headquarters in Via Enrico Giachino 35,
00144 Rome (Italy), later also Casale Mostacciano or Owner.
Contacts: – email firstname.lastname@example.org; phone (+39) 06 220.127.116.11.
LEGAL BASIS OF THE PROCESSING, PURPOSE AND TYPE OF DATA PROCESSED
Following consultation of this site, data relating to identified or identifiable persons may be processed.
Casale Mostacciano processes the personal data voluntarily requested by the user when the user consults the site or asks to use the services and features present in the same.
The data are processed for the following purposes: management of requests for information or voluntary communications by the user through email addresses, links or forms that may be prepared and present on the site; contact the user to provide feedback to a request by the same; Create an account to take advantage of the services and features offered by the website. The data are also processed to comply with legal requirements, community regulations and regulations and to assert or defend a right in court if necessary.
As required by sector legislation, the user is required to provide autonomous and specific consent for some personal data processing, in these circumstances specific and clear procedures will be prepared for the expression of his will to process the data.
During their normal operation, the IT systems and software procedures used to operate this portal acquire some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment.
These data are used for the sole purpose of obtaining general and anonymous statistical information on the use of the site, to check its correct functioning and to establish indices and are deleted after processing in compliance with regulatory provisions.
The data are not used for user identification, for profiling or for purposes other than those stated. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site, in this circumstance the requests made by the judicial authorities will be respected.
Data voluntarily provided by the user.
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address by the Owner and any other personal data entered spontaneously in the message necessary to provide feedback to requests.
The optional sending of e-mail messages by the user can also take place by filling in specially prepared forms, to be filled in by the user. In this circumstance, it is mandatory to provide some personal data in order to be able to follow up on the user’s requests and for the truthfulness of the information itself such as: “Type of contact, Name, Surname, Subject, E-mail address”. Please enter the e-mail address correctly in order to allow the owner to have correct data for the formulation of the reply.
A refusal to provide data makes it impossible to send the request itself. At the end of the compilation it is necessary to consent to the processing of personal data.
The spontaneous sending of e-mail messages by the user does not provide for management through specific databases or the creation of mailing lists; the messages remain stored in the e-mail systems of the recipient authorized to receive and process them.
The purposes for which the data sent optionally by the user are used are limited to the management of the requests themselves by the Data Controller, the processing and storage are strictly limited to the management of the request and, in any case, no later than the times prescribed by regulations, current regulations, provisions and provisions.
Other type of data processed through the website
In this website other personal data and information that are beyond the navigation and consultation of the site itself are processed. These are personal identification data referring, for example, to the people present in the organization chart and to the staff.
RECIPIENTS OF THE DATA
The personal data collected are processed by the owner’s staff who act on the basis of specific instructions provided for the purposes and methods of the processing itself.
Personal data acquired automatically by the portal’s navigation systems are not disclosed.
The personal data that the user sends spontaneously using this portal are communicated only if necessary to manage the request itself. The communication is made in compliance with the sector regulations and the expression of consent, where required by the regulations. These treatments are accompanied by specific information, beyond this, if necessary.
PLACE OF DATA PROCESSING
The processing of personal data connected to the services of this portal are owned by Mida s.r.l.s. and are managed by the same. The treatments take place at the headquarters of the owner. The management and related treatments are carried out by staff and internal collaborators (at the headquarters of the owner), in charge and authorized for the relative tasks. No data deriving from the web service is disclosed.
TRANSFER OF DATA TO A THIRD COUNTRY OR AN INTERNATIONAL ORGANIZATION
The personal data provided and processed are not subject to transfer to third countries, within or outside the European Union.
DATA RETENTION PERIOD OR CRITERIA
The data are stored in compliance with the times established by the sector regulations, the principle of proportionality and within the limits necessary to achieve the purposes described.
Each calendar year the lists of users who have visited the site will be updated providing their personal data.
It is possible to contact the Data Controller at any time for further details on the storage times.
CONSEQUENCES OF A REFUSAL TO PROVIDE DATA
Except as specified for navigation data, the user is free to provide personal data for requests for information or other communications through the spontaneous sending of e-mail messages through the links on the portal or by filling in the specially prepared forms. Failure to provide them could make it impossible to forward the request (in the circumstances of mandatory fields such as in the Contact form) or to obtain what has been requested and / or to receive feedback from the Owner.
METHOD OF TREATMENT
Personal data are processed with IT tools for the time strictly necessary to achieve the purposes for which they were collected. The data can also be processed in paper form. Specific security measures are observed for data protection and to prevent any risk of loss, illicit or incorrect use and unauthorized access.
RIGHTS OF THE INTERESTED PARTIES
At any time, interested parties can exercise the rights referred to in articles 15 and following of Regulation no. 2016/679. In the foreseen cases, it is possible to ask the Data Controller for access to personal data, rectification, cancellation, limitation of treatment or oppose the treatment.
If provided, the interested party has the right to withdraw his consent to the treatment at any time for free. The withdrawal of consent does not invalidate the treatments performed before the moment of the request for revocation.
To exercise their rights, users can contact the Data Controller:
– MIDA s.r.l.s. Via Enrico Giachino 35, 00144 Rome (Italy)
– Contacts: email email@example.com; phone Tel: (+39) 06 18.104.22.168
Interested parties who believe that the processing of personal data referred to them through this site occurs in violation of the provisions of the European Regulation and Italian legislation have the right to lodge a complaint with the supervisory authority (Privacy Guarantor), as required by the ‘art. 77 of the Regulation. They can then send a registered letter with return receipt to the Guarantor for the protection of personal data, Piazza di Montecitorio, 121, 00186 Rome;
– an e-mail to the address: firstname.lastname@example.org, or email@example.com;
– a fax to the number: 06 / 69677.3785.