We thank you for visiting our website. In the following sections we are going to describe how we protect the personal data of our website users in compliance with section 13 of the legislative decree 196/03.
Why this information
The data processors, as hereinafter specified, are Rivareno SPA, with legal headquarters in Via dell’Unione, 3 20123 Milano, whose contacts are included in the Contacts section and visible in the website footer.
The personal data are processed by the person in charge, who is part of the company.
RELEVANT INFORMATION COLLECTION PRINCIPLE
The personal data are processed in a legal and correct way, they are recorded for specific, explicit and legitimate purposes, they are relevant and do not exceed the purposes of the processing; they are kept for the time needed to the purposes of the collection.
The purposes of the personal data processing are to be provided to the data subject when the data are collected. A new data processing, if different from the declared purposes, implies the supply of new information to the data subject and a new consent request, if required by the legislative decree 196/03. The personal data must not be communicated to third parties or disseminated without a preliminary consent of the subject, except for the cases in which it is not necessary as stated in section 24 of the legislative decree 196/03.
The personal data are rectified and updated over the time. They are organized and stored, but the subject has the right to know, if he/she wants, which data have been collected and recorded, to check their quality and ask to rectify, integrate, erase them if they were unlawfully processed. The subject might object to the data processing and exercise other rights, in compliance with section 7 of the legislative decree 196/03, by writing to the addresses stated in the ex section 13 of the legislative decree 196/03 available on the website.
The personal data might be communicated to third parties in compliance with an obligation imposed by the law, to fulfil orders given by legitimate public authorities to exercise or defend a right in a judicial court. If needed, the data for some specific services or products might be communicated to third parties, which, as independent data processors, have some functions or are instrumental to the services or products provided. Without such information, those services and products might not be provided. The personal data are not to be disseminated, except for the case in which the service provided requires them.
TYPES OF COLLECTED DATA AND PROCESSING METHODS
It is important that you know that, through the navigation on this website, your professional and personal interests might be identified: such information, however, is collected only with the purpose of providing the services you require and to check the quality of the services provided.
DATA VOLUNTARILY PROVIDED BY THE USER
The types of collected and processed data on the website are crucial to provide you with the services you require. The collected data are processed by paper, automatized and telematics methods and with logics related to the processing purposes. Your telefax and phone or mobile number and your email address might be used to provide you with the services you require. It is quite clear that if you do not provide those data, the services that need the use of these tools might not be provided. If you do not consent to the use of your email, phone, mobile phone or telefax for advertising or direct sale or interactive advertising communication purposes, such tools will not be used for this purpose. Specific information will be included in the pages dedicated to the personal data provision. If you voluntarily send an email to the address of the website, then the website will obtain your email address and the information included in the message, those personal data will be used only to provide you with the service or product required.
It is useful to know how the software gets some personal data while normally working, especially if the data are transferred in an implicit way by means of the Internet communication protocols. Even if such information is not associated to specific users; by its nature, if it is combined with other data collected by third parties (for example your Internet service provider), it might be used to identify the users. This category includes the IP addresses or the domain names of the computers used by the users to access the website, the URL (Uniform Resource Locator) of the requested resources, the time of the request, the method used to send the request to the server, the size of the answer file, the numeric code which shows the answer given by the server (error, success, etc.) and other parameters referred to the operative system and to the IT environment of the user. These data are used for anonymous statistical purposes about the use of the website and to check its functioning. The data processor and, according to the services required, the persons in charge store, for a limited period of time in compliance with the law, the LOG of the navigations/accesses with the purpose of fulfilling the orders of the judiciary authorities or other legitimate public bodies which request the log to investigate IT crimes. Except for what is specified for the navigation data, the user is free to provide or not the personal data required in the service registration forms. In these forms some data are mandatory, which means such data are necessary to provide the requested service. If those data are not provided, the service might not be provided and the user might not benefit from its opportunities. When providing the data, in compliance with section 13 of the legislative decree 196/03, the data subject receives complete and concise information about the purposes and methods to process his/her data, the subjects or categories of subjects whose personal data might be communicated and the situations in which they might be communicated, the rights stated in section 7 of the legislative decree 196/03 (access, integration, update, rectification, erasure for law violation, opposition to the data process etc.), the identity and the headquarters of the data processor and of the person(s) in charge of processing the data. The subject is asked to give his free, informed consent in a specific and documented way in compliance with the law, if it is necessary by law. If the data are provided in subsequent moments, it is possible to integrate the previous information and ask for a new consent to the data processing in compliance with the Code.
SAFETY MEASURES ADOPTED TO PROTECT THE COLLECTED DATA
Rivareno SPA use “safe” technologies and software to protect the personal data against their dissemination, alteration or improper use. The data protection measures aim to reduce the destruction or loss, even if accidental, of the data, the non-authorized access or the non-authorized data processing, which is not in compliance with the purposes of the collection. Such safety measures are the minimum safety measures stated by the law (minimum safety measures stated by sections 33 to 36 of the legislative decree 196/03). At any time the data subject has the right to receive a confirmation of the existence of his/her data, their content, origin, to check if they are correct or ask to update, integrate or rectify them (section 7 of the legislative decree 196/03). In compliance with the same section, the data subject has the right to ask for the erasure, anonymization, blocking of data that have been processed unlawfully or object, on legitimate grounds, to their processing. The requests must be sent to the email address firstname.lastname@example.org or to Via dell’Unione, 3 20123 Milano, Italy.