In the following pages, we describe how the site is managed with regard to the processing of the personal data of users who consult it.
The data controller is Vinness di Aniello Russo
Registered office in Via D. Colasanto 33, 80033 Cicciano ( NA )
Reg. Imprese Napoli: n° 123456 | REA: NA-917555
Contact: Tel. (+39) 081 012 1653 | Email: email@example.com
Vinness is a limited liability company administered by a sole director.
The legal representative is Aniello Russo.
PRINCIPLE OF RESPONSIBILITY
The processing of personal data is managed over time by identified managers within the organisation.
PRINCIPLE OF TRANSPARENCY
PRINCIPLE OF RELEVANCE OF THE COLLECTION
PRINCIPLE OF PURPOSE OF USE
PRINCIPLE OF VERIFIABILITY
Personal data are protected by technical, IT, organisational, logistical and procedural security measures against the risks of destruction or loss, even accidental, and against unauthorised access or unauthorised processing.
These measures are updated periodically on the basis of technical progress, the nature of the data and the specific characteristics of the processing, and are constantly monitored and verified over time. Third parties that perform support activities of any kind for the provision of the services requested by the Company, in relation to which they perform personal data processing operations, are designated by the latter as Data Processors and are contractually bound to comply with the measures for the security and confidentiality of processing. The identity of said third parties is made known to users.
The Company also accepts no liability for:
1. the rules and methods for handling personal data of other websites that can be reached from our pages through links and cross-references;
2. the contents of any e-mail services, web spaces, chat forums provided to users.
The processing operations connected to the web services offered by this site take place at the Company's premises, and possibly at the offices of the persons in charge of processing, and are carried out by persons in charge of processing who are responsible for managing the services requested, marketing activities - where requested by the user - data storage activities and occasional maintenance operations.
SCOPE OF DATA COMMUNICATION
The personal data provided may be disclosed to third parties in order to comply with legal obligations, in execution of orders from public authorities empowered to do so, or to assert or defend a right in court.
If necessary in relation to particular services or products requested, personal data may be communicated to third parties who perform, as autonomous data controllers, functions strictly connected and instrumental to the provision of services or supply of products. Without communication, these services and products could not be provided.
Personal data will not be disseminated, unless the requested service requires it.
DATA PROVIDED VOLUNTARILY BY THE USER
The types of personal data collected and processed on this site are those necessary for the provision of the various services provided. The data collected is processed using paper, automated and telematic methods and with logic strictly related to the purposes of processing. Your telephone number and e-mail address may also be used to provide you with the services.
It is therefore clear that, if this data is not provided, you will not be able to receive those services that require the use of these tools. Any voluntary sending of electronic mail to the addresses indicated on the site entails the acquisition of the sender's address as well as any other information contained in the message; this personal data will be used for the sole purpose of performing the service or provision requested.
It is useful to know that the site's software procedures acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. Although this information is not intended to be associated with identified users, by its nature, if it is associated with other data held by third parties (e.g. your internet service provider), it could allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by the users who connect to the site, the addresses in URL (Uniform Resource Locator) notation of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment.
This data is used solely for the purpose of anonymous statistics on the use of the site and to check its correct operation. The Data Controller and, depending on the service requested, the designated Managers keep, for a limited period of time in accordance with the law, the trace (LOG) of the connections/navigations made in order to respond to any requests from the judicial authorities or other public body legitimated to request said trace for the purpose of ascertaining possible liability in the event of computer crimes. Apart from what has been specified for navigation data, the user is free to provide or not to provide the personal data requested in the service registration form. On this form, however, some data may be marked as mandatory; it must be understood that this data is necessary for the provision of the requested service. If this data is not provided, the requested service cannot be provided.
At the time of providing the data, in accordance with the provisions of Art. 13 of Legislative Decree no. 196/03 and Art. 13 and 14 of the GDPR, the data subject is provided with brief but complete and transparent information on the purposes and methods of data processing, on the compulsory or optional nature of providing the data, on the consequences of not providing the data, on the subjects or categories of subjects to whom the personal data may be communicated and the scope of dissemination of the data, on the rights under Art. 7 of Legislative Decree no. 196/03 and Art. 15 et seq. of the GDPR (access, integration, updating, correction, deletion for violation of the law, opposition to processing, etc.), the identity and location of the Data Controller and Data Processors. The data subject is therefore called upon to give his or her informed, free consent, expressed in a specific form and documented in the form required by law, where required by the same. Should personal data be provided at a later stage, additions may be made to the information previously provided and new processing consents may be requested, as provided for by the Privacy Code and the GDPR. It is therefore obvious that, should such data not be provided, those services requiring the use of these tools cannot be provided to you. Any voluntary sending of e-mails to the addresses indicated on the site entails the acquisition of the sender's address as well as any other information contained in the message; such personal data will be used for the sole purpose of performing the service or provision requested.
SECURITY MEASURES TAKEN TO PROTECT COLLECTED DATA
The Company uses 'secure' architectures and technologies to protect personal data against undue disclosure, alteration or misuse. The protections put in place with regard to personal data are aimed, in particular, at minimising the risks of destruction or loss, even accidental, of data, unauthorised access or processing that is not permitted or does not comply with the purposes of collection.
These security measures obviously meet the minimum requirements set out by the legislator (Technical Regulations on minimum security measures in Articles 33 to 36 of Legislative Decree No. 196/03). The persons to whom the personal data refer have the right at any time to obtain confirmation of the existence or otherwise of such data and to be informed of their content and origin, to verify their accuracy or to request that they be supplemented or updated, or corrected (Art. 7 of Legislative Decree no. 196/03 and Art. 16 of the GDPR). Pursuant to the same article, the interested party has the right to request the deletion, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, their processing.
Requests should be addressed to the Company's contact details indicated in the footer of the site, or you may contact Vinness® appointed by the Company, the Data Processor, by writing to firstname.lastname@example.org or by post to the address Via D. Colasanto 33, 80033 Cicciano (NA).