Privacy Policy
HOW WE USE YOUR PERSONAL DATA
Pursuant to and for the purposes of art. 13 of Regulation (EU) no. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the "Regulation" or the "GDPR") and of the legislative decree 30 June 2003, n. 196 "Code regarding the protection of personal data" ("Code") (Code and Regulation also defined jointly as "Regulations") we inform interested parties (see the definition of "Data Subjects" below) that their Personal Data will be processed in compliance with the current Regulations and what is specified below.
Definizioni
- Authorized, natural persons authorized to carry out Processing operations under the direct authority of the Controller or of the Processor, pursuant to art. 29 of the GDPR and art. 2-quaterdecies of the Code.
- Communication, giving knowledge of Personal Data to one or more specific subjects other than the Data Subject, the representative of the Controller in the territory of the State, the Processor and the Authorized, in any form, including by making them available.
- Cookies, have the meaning set forth in article 7.1.
- Designated, the natural persons to whom specific tasks and functions related to the Processing of Personal Data are attributed and who operate under the authority of the Controller or the Processor, pursuant to art. 2-quaterdecies of the Code.
- Personal Data or Data, means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- Dissemination, giving knowledge of Personal Data to indeterminate subjects, in any form, including by making them available.
- Supervisory Authority, the supervisory authority referred to in art. 51 of the GDPR.
- Information or Privacy Policy, this document.
- Data Subject or User, indicates the natural person who uses the Site.
- Security Measures, the complex of technical, IT, organizational, logistical and procedural measures adopted by the Controllers to guarantee an adequate level of security to the risk of the Processing, pursuant to art. 32 of the GDPR.
- Processor, means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.
- Site, this website.
- Controller, means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data; where the purposes and means of such Processing are determined by Union or Member State law, the Controller or the specific criteria for its nomination may be provided for by Union or Member State law.
- Processing, means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Types of Data processed
Data provided directly by the Data Subject, understood as that Data provided by the Data Subject for the purpose of requesting information regarding the services offered by the Controllers (e.g. name, surname, email). The Data Subject is informed that the provision of the aforementioned Data is optional, but that, in the event of failure to provide the same, it will not be possible for the Controllers to respond to the request for information.
Data collected automatically by the Site, e.g. IP address. Those Data are collected automatically by the Site to respond to the User's HTTP request and generate/send the information requested by the latter (e.g. generate the web page).
Purposes of the Processing
Purpose Legal Basis Data retention period A) The Personal Data referred to in art. 1.1 are processed in order to respond to the User's request for information A) Processing is necessary for the performance of a contract to which the Data Subject is party or in order to take steps at the request of the Data Subject prior to entering into a contract. It’s not necessary the Data Subject’s consent. 24 months from the request for information B) The Controllers process the User's Personal Data pursuant to art. 1.2 to ensure that the Site will function properly (the HTTP protocol requires that server receives a request from a certain IP address and sends the response to that address) B) Processing is necessary for the purposes of the following legitimate interests pursued by the Controllers: provide Users with server-generated web pages. 7 days from connection to the Site. Processing methods and categories of recipients
Unless otherwise expressly provided for in this Privacy Policy, the Data Subject is informed that the Processing of his Personal Data is carried out using manual systems and/or IT, telematic or automated systems, in compliance with the principles of relevance, lawfulness, fairness and purposes laid down by the Regulations.
The Controllers process the Personal Data of the Data Subject by adopting the appropriate Security Measures aimed at minimizing the risks of unauthorized access, Dissemination, loss and destruction of the aforementioned Data, pursuant to the Regulations.
The Data Subject is also informed that the Processing of Personal Data for the fulfillment of the aforementioned purposes may be carried out by the Controllers directly or by availing themselves of the collaboration of other subjects, such as Processors, Designated, Authorized (e.g. Controllers collaborators). In particular, Personal Data could be communicated to the following categories of Processors: (i) e-mail service providers; (ii) hosting service providers (Hetzner).
Processors list can be consulted at any time by submitting a request to the email address indicated in the following art. 7.1.
Transfer of Personal Data
The Data Subject is informed that the Personal Data processed by the Controllers may be transferred to other countries belonging to the European Union.
The Data Subject is informed that the Personal Data processed by the Controllers may be transferred to other countries outside the European Union, for which an adequacy decision of the Commission exists.
Rights of the Data Subject
The Data Subject may exercise at any time, by means of a communication to be sent to the addresses referred to in the following art. 6.1, the rights provided for in the Regulations pursuant to articles 15-22. In particular:
- The Data Subject has the right to ask the Controllers to access Personal Data, pursuant to and within the limits set out in art. 15 of the Regulation.
- The Data Subject has the right to ask the Controllers to correct inaccurate Personal Data, pursuant to and within the limits set out in art. 16 of the Regulation.
- The Data Subject has the right to ask the Controllers to erase Personal Data, pursuant to and within the limits set out in art. 17 of the Regulation.
- The Data Subject has the right to ask the Controllers to restrict the Processing of Personal Data, pursuant to and within the limits set out in art. 18 of the Regulation.
- The Data Subject has the right to ask the Controllers to communicate their Personal Data in a structured and machine-readable format, pursuant to and within the limits set out in art. 20 of the Regulation.
- The Data Subject has the right to object to the Processing by the Controllers, pursuant to and within the limits set out in art. 21 of the Regulation.
- The Data Subject has the right to lodge a complaint with a Supervisory Authority.
- The Data Subject has the right to withdraw consent with reference to those Processing that are based on this legal basis. Pursuant to art. 7, paragraph 3 and art. 13, paragraph 2 lett. c) of the Regulation, the Data Subject is informed that, in any case, the withdrawal of consent does not affect the lawfulness of the Processing based on consent before the withdrawal itself.
- The Data Subject is informed that the Personal Data processed by the Controllers may be transferred to other countries outside the European Union, for which an adequacy decision of the Commission exists.
Controllers
The Controllers are Roberto Alma, C.F. LMARRT85R11H501K and Daniele Costa C.F. CSTDNL84P15D708U domiciled in 00195 Rome (RM), Lungotevere della Vittoria 9, email: info@kbl-law.com.
Cookies
General information on cookies. Cookies are small text strings that the sites visited by the user send to his terminal (usually to the browser), where they are stored and then retransmitted to the same sites on the next visit by the same user (“Cookies”). Most browsers support cookies, it being understood that users can prevent the installation of cookies and/or remove those already installed. While browsing a site, the user can also receive cookies on his device that are sent from different websites or web servers (so-called "third parties", such as, for example, cookies related to images, maps, sounds, specific links to pages from other domains). Usually there is a very large number of cookies in users' browsers with various characteristics of time retention (from 1 hour to several years) and fulfill different purposes: execution of IT authentications, session monitoring, storage of information on specific configurations regarding the users accessing the server, statistical analysis on the pages visited by the user, simplification and personalization of navigation on websites etc.
Types of cookies.Cookies are divided into:
- A) Technical cookies. Technical cookies ("Technical Cookies") as defined by the Provision of May 8, 2014 of the Italian Supervisory Authority, are those used for the sole purpose of "carrying out the transmission of a communication on an electronic communications network, or to the extent strictly necessary for the supplier of an information society service explicitly requested by the subscriber or user to provide this service" (see art. 122, paragraph 1, of the Code). They are not used for other purposes and are normally installed directly by the owner or manager of the website. They can be divided into navigation or session cookies, which guarantee the normal navigation and use of the website (allowing, for example, to make a purchase or authenticate to access restricted areas); analytics cookies, assimilated to Technical Cookies when used directly by the site operator to collect information, in aggregate form, on the number of users and how they visit the site; functionality cookies, which allow the user to navigate according to a series of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided to it. For the installation of these cookies, users' prior consent is not required. Based on the opinions of the European Supervisory Authorities, Technical Cookies include: i) session cookies that store some data entered by users (e.g. when filling out a form or shopping cart); ii) authentication cookies, to check whether the user is already authenticated or not; iii) security cookies, to verify fraud in authentication; iv) preferences cookies, to check the preferences expressed by the user regarding some navigation elements (e.g. the choice of language);
- B) Profiling Cookies. Profiling cookies ("Profiling Cookies") are cookies stored for the purpose of identifying the user's device among all those who access the web. The information contained in the cookies is used to create user profiles and to send advertising messages in line with the preferences expressed by the same in the context of surfing the web. Pursuant to art. 122 of the Code where it provides that "the storage of information in the terminal device of a contracting party or user or access to information already stored are only permitted on condition that the contracting party or user has expressed his consent after being informed with the simplified procedures referred to in article 13, paragraph 3” (art. 122, paragraph 1, of the Code). User consent is required for the installation of these cookies. In any case, the User is invited to consult the site "http://www.youronlinechoices.com/it/" where he will be able to disable or authorize the installation of advertising profiling cookies by third parties who have entered into agreements with the aforementioned site, among which there may be some of the third parties that install cookies, in relation to the use of the Site by the user.
Cookies used by the Site. This Site uses various types of technical cookies. The User is invited to consult the cookie table to view the cookies installed on the Site and to change preferences.
Management of cookies on different browsers. The User is informed that he can authorize, block or erase (in whole or in part) cookies through the specific functions of his browser or through additional third-party components. However, the deactivation of the Site's Technical Cookies may mean that some of the Site's services or features will not be available or may not function properly (e.g. the Site may require the User to enter some data or information each time the Site is accessed). For more information on how to set preferences on the use of cookies through your browser, see the following instructions:
Changes to this Privacy Policy
The Controllers reserve the right to make changes to this Privacy Policy at any time, by giving publicity to the Data Subjects by publishing it on this Site.