UPDATED TO GDPR - EU REGULATION 2016/679
This section contains information on how BICICLETTA DANNATA di Boggiani Paolo manages the data of users of www.biciclettadannata.it.
The information and data you provide will be processed in compliance with the provisions of the Regulations and the confidentiality obligations that inspire the activity of BD di Paolo Boggiani.
The purpose of this document is to provide information on the methods, times and nature of the information that the data controller must provide to users when they connect to the web pages of www.biciclettadannata.it. The information is provided only for this Site and not for other websites that may be consulted by the user through links.
The data controller of the data collected through the site is BICICLETTA DANNATA di Paolo Boggiani.
Registered office in Via Felice Cavallotti n.12, Parma.
e-mail: firstname.lastname@example.org (hereinafter, "Owner").
The updated list of the Data Processors and persons in charge of processing can be found at the Controller's offices. The Controller processes the personal data of users by adopting appropriate security measures aimed at preventing unauthorised access, disclosure, modification or destruction of personal data. The processing is carried out using computer and/or telematic instruments, with organisational methods and logic strictly related to the purposes indicated. However, BD di Paolo Boggiani cannot guarantee its users that the measures adopted for the security of the Site and the transmission of data and information on the Site are able to limit or exclude any risk of unauthorised access or dispersion of data by devices belonging to the user. For this reason, we advise users of the Site to ensure that their computer is equipped with appropriate software for the protection of network data transmission (e.g. up-to-date antivirus software) and that their Internet Provider has taken appropriate measures for the security of network data transmission.
1 - Purpose of the processing
The processing we intend to carry out, with your specific consent where necessary, has the following purposes
a) to allow you to browse and consult the www.biciclettadannata.it website;
b) to respond to requests for assistance or information, which we will receive by e-mail, telephone or through the "Contact Us" form within the Site.
c) to allow the provision of the services requested.
d) to fulfil legal, accounting and tax obligations.
e) any important or computer security communications.
2 - Optional provision of data and legal basis for processing.
The conferment of data is optional; however, refusal to provide such data may make it impossible for BD di Paolo Boggiani to supply the requested service. If you do not consent to the processing of your data for marketing purposes, this will have no consequences. In any case, the consent given may be revoked by you at any time.
3 - Data provided by the user
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this Site entails the subsequent acquisition of the sender's address, which is necessary to respond to requests, as well as any other personal data included in the message. Specific summarised information will be reported or displayed on the pages of the site set up for particular services on request. Moreover, upon your specific consent - which will be requested in specific sections of the Site where present - your data may be processed to send you promotional communications by e-mail, text message, telephone. At the end of each e-mail/newsletter you will find a clear reference to the possibility of unsubscribing and a corresponding link.
We also specify that the purposes of the processing also concern the collection, storage and processing of your data for statistical analysis in anonymous and/or aggregate form, without the possibility of identifying you, aimed at verifying the quality of the services offered.
4 - Processing methods
Personal data are processed by automated tools and not for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorised access.
5 - Communication of Personal Data
Personal Data may be shared, for the purposes set out in point 1 plus, with
(a) persons typically acting as data processors and/or persons in charge of the processing i.e.:
i) persons, companies or professional firms that provide assistance and consultancy services to BD di Paolo Boggiani in accounting, administrative, legal, tax, financial and debt collection matters in connection with the provision of the Services;
ii) subjects with whom it is necessary to interact in order to provide the Services (e.g. national and foreign registration authorities to whom the technical and administrative documentation and forms of the Maintainer must be sent, authorities managing the databases containing the personal data of the assignees of domain names, subjects providing the credit card payment service, subjects and companies providing hosting services / cloud services / ssl certificates / email services and suppliers of third-party technical services, postal couriers)
(iii) parties delegated to perform technical maintenance activities (including maintenance of network equipment and electronic communication networks).
iiii) parties, entities or authorities to whom the personal data must be disclosed by law or by order of the authorities;
iiiii)persons authorized by BD di Paolo Boggiani for the processing of Personal Data necessary to perform activities strictly related to the provision of the Services, who have undertaken to maintain confidentiality or have an adequate legal obligation of confidentiality. In case of payment by credit card, the information essential for the execution of the transaction (credit/debit card number, expiration date, security code) is processed directly by the bank managing the electronic payment service used from time to time, by means of an encrypted protocol, without third parties being able to access it in any way. However, this information will never be displayed or stored by BD di Paolo Boggiani.
6 - Disclosure of personal data
Your personal data will not be disseminated.
Your data will not be transferred to a third country or international organisation. Should any of your personal data be transferred to a country within the European Union, to a third country or to an international organisation, BD di Paolo Boggiani invites you to check the processing of your personal data by these recipients on the relevant sites.
7 - Types of data processed
Navigation data During normal operation, the computer systems and software procedures used to operate the Site acquire certain personal data, the transmission of which is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and IT environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct operation, and is deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes to the detriment of the Site or to third parties: apart from this possibility, at present, data on web contacts are not stored permanently. Other personal data Other personal data - such as, by way of example but not limited to: e-mail address, name, surname - are processed for the provision of the service and possibly for sending the newsletter or promotional communications, where applicable.
8 - Data retention
Personal data will be kept for the time strictly necessary to achieve those purposes. In any case, since the processing operations are carried out for the supply of Services, BD di Paolo Boggiani will keep the personal data for the time allowed by the Italian law to protect its interests (Art. 2946 c.c. and following). Further information about the data retention period and the criteria used to determine this period can be requested by writing to the Data Controller.
9 - Rights of data subjects
We would like to remind you that you may exercise your rights at any time and ask the data controller to access your personal data and to rectify or erase it or to restrict its processing or to object to its processing, as well as the right to data portability, the right to be forgotten or the right to have your data completely erased from our systems, except for data relating to contractual and legal obligations (e.g. billing, security obligations). To exercise your rights, you may send your requests to BD di Paolo Boggiani by e-mail to: email@example.com. You have the right to receive in a structured, commonly used and machine-readable format the personal data concerning you and you have the right to transmit such data to another data controller without hindrance. Without prejudice to any other administrative or jurisdictional recourse, if you consider that the processing concerning you is in breach of the Regulation, you have the right to lodge a complaint with the Data Protection Authority.
10 - Security of the data provided
Data security is guaranteed during the use of the platform by the compliance of the procedures adopted by BD di Paolo Boggiani following the directives identified in articles 32 and 33 of Regulation (EU) 2016/679 (GDPR) In the event of a personal data breach, the data controller shall notify the breach to the competent supervisory authority pursuant to article 55 without undue delay and, where possible, within 72 hours of becoming aware of it, unless the personal data breach is unlikely to present a risk to the rights and freedoms of natural persons. A breach notification also provides for:
(a) describe the nature of the personal data breach including, where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;
(b) provide the name and contact details of the data protection officer or other contact point from which more information may be obtained
(c) describe the likely consequences of the personal data breach
(d) describe the measures taken or proposed to be taken by the controller to remedy the personal data breach and also, where appropriate, to mitigate its possible adverse effects.
11 - Amendments to this document
12 - European Data Protection Regulation - Information page
The page contains links to legislation and interpretative documents, fact sheets and thematic pages, and is continuously being updated: http://www.garanteprivacy.it/web/guest/regolamentoue