INFORMATION PURSUANT TO ARTICLE 13 OF EU REGULATION 2016/679

 

The Personal Data Controller

Rossana Fani, with registered office in Viale Ferraris 88 - 50019 Sesto Fiorentino (Firenze, Italy), is the Data Controller of your personal data.

 

Data processed

The site may process name, surname, address, contact and payment data, as well as information that the user may wish to enter in the contact form. In addition to navigation data, which may acquire, in the course of normal operation, your personal data, the transmission of which is implicit in the use of Internet communication protocols. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment, based on the type of cookies authorised by the user. Please refer to the cookies policy.

 

Purposes of processing

The purposes of the processing of personal data are:

1. responding to user requests by filling in the contact form;

2. contractual and payment management through e-commerce;

3. site functionality (cookies policy);

4. with prior consent, marketing purposes (cookies policy);

5. with prior consent, newsletter subscription.

 

Duration of processing

Personal data relating to purpose 1 will be retained for as long as necessary to enable feedback to the user. For purpose 2, the data will be processed for as long as necessary for contractual and payment management, in accordance with the law. Data given for purposes 3 and 4 will be stored for the time defined by the cookie policy. Data given for purpose 5 will be stored for 2 years. After this period of time, the data will be destroyed.

 

Nature and legal basis of the provision of data

Purposes 1, 2 and 3 are based on the fulfilment of pre-contractual and contractual obligations. Consent to the processing of data is mandatory in relation to purposes 4 and 5. Any refusal to provide data on the part of the user will prevent the Controller from fulfilling the relevant purpose.

 

Methods of data processing

The data will be processed and stored exclusively for the purposes indicated above through the use of both paper and computer media, included in relevant databases and processed with instruments suitable to guarantee the integrity, security and confidentiality of the data, in accordance with the provisions of EU Regulation 2016/679. All appropriate technical and organisational measures will be taken to ensure a level of data protection that complies with the provisions of EU Regulation 2016/679. Access will be allowed only to persons authorised in writing to process personal data. The data may also be communicated and/or collected to/from third parties. The same will be appropriately designated Personal Data Processors and will be involved in the fulfilments required by the existing legal relationship, as well as by specific legal obligations.

 

Social platforms

The website may offer gateways to so-called Social Network services and platforms. The Owner recommends exercising caution regarding the dissemination of personal information on the thematic channels through ‘comments’ or ‘public posts’ while using the aforementioned platforms. The terms of use and privacy policies applicable to each of these social media, published on their respective sites, govern the information provided. The Owner does not perform any form of control over the use of personal information communicated in a public forum, comment area, noticeboard, making the user solely responsible for any disclosure.

 

Communication to third parties and/or dissemination of data

The data may be disclosed to external parties, designated in writing, if this is necessary in order to fulfil a legal obligation, to perform obligations arising from a contract to which you are/will be a party, as well as to fulfil, prior to the conclusion of the contract, your specific requests. The recipients of the communication of your personal data can also be identified in the following categories:

  • judicial authorities, professionals, companies, public administrations or other structures designated for the performance of processing related to the fulfilment of administrative, accounting and management obligations associated with the ordinary course of the Controller's business (legal obligations)
  • suppliers and web platforms for which the sharing of data is necessary for the performance of the Controller's business and, in particular, in connection with the fulfilment of pre-contractual and contractual obligations towards the data subject (contractual obligations);

The data collected will not be disseminated in any way.

 

Intention to transfer data abroad

Data may be transferred outside the European Union for the purpose of processing payments. Such transfers are based on guarantees of adequacy.

 

Rights under EU Regulation 2016/679

The data subject may, at any time, exercise the rights set out in Article 7(3) and Articles 15 et seq. of EU Regulation 2016/679:

a)  right of access to personal data;

b)  right to obtain rectification or erasure of the same or restriction of processing;

c)  right to object to the processing;

d)  right to data portability;

e)  right to withdraw consent, where applicable (withdrawal of consent shall not affect the lawfulness of processing based on consent given before the withdrawal);

f)  right to lodge a complaint with the supervisory authority (The Italian Data Protection Authority).

The interested party may exercise the above rights by sending an e-mail to info@rossanafani.com