Privacy Policy

Mod.: IS – Data Agg. 10/2024

Information on the Processing of Personal Data.
Articles 13 and 14 of EUROPEAN REGULATION NO. 679/2016
Legislative Decree 196/2003 amended by Legislative Decree 101/2018

Dear Interested Party,

This information outlines the methods of managing the website concerning the processing of personal data of users who consult it, as well as the data processing practices via this site. In compliance with Articles 13 (for data collected from the data subject) and 14 (for data not collected from the data subject) of Regulation (EU) 2016/679 (hereinafter GDPR), we provide users of this website with the following information, which relates exclusively to the processing carried out through this website and not through other websites that may be visited via links from this one, for which we suggest reviewing the relevant information provided by the respective Controllers. This website and any services offered through it are reserved for individuals who have reached the age of eighteen. Therefore, the Controller does not process personal data concerning individuals under the age of 18. At the request of such users, the Controller will promptly delete all personal data inadvertently collected.

1. Data Controller

The Data Controller is Agenzia Rossi di Pezzon Alfredo, with registered office at Corso Rovigno 15, 30021 Caorle (VE) – IT, VAT number: 00731390274 (hereinafter “Controller”). The Controller reserves the right to appoint a Data Processor for the management of personal data for technical assistance, maintenance, technical management, and similar purposes of this website, whose details will be communicated upon request to the addresses indicated above. The Controller and the Processor also process user data through internal personnel specifically designated with instructions for authorized processing.

2. Categories of Data Processed and Sources of Origin

Browsing Data (The IT systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes: IP addresses, the type of browser used, the operating system, domain names, and addresses of websites from which access or exit has been made, information about the pages visited by users within the site, access time, time spent on each page, internal path analysis, and other parameters related to the operating system and user’s IT environment. Such technical/informatic data are collected and used exclusively in an aggregated and anonymous manner. These data are processed to allow and control proper use of this site and to derive anonymous statistical information about its use, and they are deleted immediately after processing.)

Cookies, for which we invite you to read our Cookie Policy.
Data provided voluntarily by the user, including:

  • Common data (identifying, demographic, billing data, and similar)
  • Only exceptionally, special data (Article 9 GDPR)
  • Only exceptionally, criminal data (Article 10 GDPR)

Sources: navigation, other sites, cookies, and similar; user; public sources.

We may primarily process browsing data and cookies.

We may also process data voluntarily provided by the user, for example, through the contact form or by sending a communication via email, including common personal data (identifying, demographic, billing data, and similar) and, exceptionally, special data under Article 9 GDPR or criminal data under Article 10 GDPR, to the extent that this is necessary for the request for information received and with the consent of the data subject.

The data may come from automatic sources or from voluntary sources, as well as from public sources. For example, they may come from the user’s navigation, which may carry information related to previous consultations of other sites, particularly cookies and other similar technologies. Data may also be voluntarily provided by the user or related parties. Other data may come from public sources, such as those processed in research and obtained from registrations, public databases, and similar.

3. Purpose of Processing

The personal data of users of the website, as described above, will be processed in the ways and forms prescribed by the GDPR for the execution of the functionalities of the website, particularly but not exclusively regarding browsing the pages and the data collection procedures described therein, contact form, potential registration/access to the reserved area, newsletter subscription, and similar activities. In particular, the personal data provided to the Controller will be processed for the following purposes:

  • To follow up on specific requests made to the Controller by the user via the website and its communication tools (contact form, information request forms, and similar);
  • For informational communications regarding the services of the same Controller, following requests for information through email messages or by filling out the contact form and other communication tools;
  • For potential registration at events organized by the Controller and related activities (for example, verifying participation, notices regarding potential updates or changes to the event, etc.);
  • For other ancillary purposes related to those mentioned above and, in any case, falling within the activities of the website;

The processing of data provided in a general manner will be carried out, including as a result of automatic collection during navigation, solely for the purposes of verifying and controlling access to the website. This also applies to technical cookies, understood as session cookies, functionality, or analytics that meet the requirements specified by the Data Protection Authority. In particular, concerning the latter, it is clarified that they can be assimilated to technical cookies when they are created and used directly by the website. In any case, for said analytics cookies, the website, also in accordance with the clarifications from the Data Protection Authority, has provided for the anonymization of IP addresses and the amendment of data processing; the collection and use of the aforementioned browsing data (provided that the IP addresses are anonymized) allows for monitoring the performance of the website and enables improvements to the service offered, providing users with a better browsing experience. Please refer to the specific Cookie Policy for further information.

4. Legal Basis for Processing

The processing of personal data is based on the fulfillment of contractual or pre-contractual obligations related to the request made by the user (for example, requests for information about the services provided by the Controller, requests for quotes, etc.), and, where necessary, on consent through the free and informed completion of the specific information fields in the form dedicated to data collection and the checking of the appropriate checkbox where provided.

It is specified that filling out the specific fields provided in forms for information requests is inherent to the request itself, and therefore this involves fulfilling a pre-contractual or contractual obligation, depending on the context. Consent may be requested subsequently for the processing of additional data.

A specific privacy notice will be present wherever necessary (a notice different from this one).

The processing is also based on legitimate interest, including the right to information, for which we refer to the next paragraph.

5. Legitimate Interest of the Controller

The processing of personal data is also based on the legitimate interest of the Controller, such as the exercise of its rights within the context of the information society, the execution of the contractual performance, and the realization of direct marketing operations (in the ways, with the means, and within the times stipulated by the regulations).

6. Provision Requirement

The provision of data related to browsing by users, for the purposes mentioned above, depends on the level of privacy that the user has enabled or disabled through their browser. In some cases, disabling might impair navigation on this website. For certain modules of this website, the provision of browsing data and/or the use of technical cookies is mandatory for the correct functioning of the website itself.

The provision of some of one’s own data is necessary for the very structure of the website and its procedures. Any request for other optional data will be preceded by an appropriate approval checkbox. The provision of all other data is optional, depending on the type of information the user wishes to provide to the website.

However, the provision of an email account is necessary to respond to requests made through the contact form, as well as the other mandatory data indicated with an asterisk. Other data are optional.

Failure to provide the necessary data for the requested action (for example, the email account via the information request form using this method) will render it impossible for the Controller to fulfill the request.

PROVISIONS APPLICABLE TO ALL PROCESSING

In any case, even where the data subject has consented to authorize the Controller to pursue all the purposes mentioned in the above points, they will still remain free to revoke it at any time.

It is specifically and separately informed, as required by Article 21 of the Regulation, that the data subject has the right to object at any time to the processing of their personal data carried out for the purposes mentioned above and that, if the data subject objects to the processing, the personal data can no longer be processed for such purposes.

7. Possible Recipients of Personal Data

Data may be communicated to companies connected, affiliated, or controlled by the Controller, as well as to consultants or third parties operating, even in the name and on behalf of the Controller, for the execution of the services related to the purposes indicated in this information notice, both within and outside the EU (in the latter case, only to subjects adhering to the current regulations).

Browsing data and similar (to which reference is made above), as well as profiling cookies, including third-party cookies (for which reference is made to the Cookie Policy of this website), will be communicated to the respective third parties involved, provided that they do not manage them directly as Data Controllers.

In any case, data may be communicated to Data Processors, as well as to persons authorized for processing and properly instructed, always within the framework of the purposes of the processing.

For brevity, we will not provide a complete list of recipients. This will be available upon request at the address [email protected].

8. Data Transfer Abroad

The personal data of users may be transferred outside the European Union. In this case, the Data Controller will ensure that the transfer is carried out in compliance with the applicable regulations, ensuring the highest standards of protection for personal data in the transfer to third countries.

In any case, the user can request further details regarding the protection of their personal data by sending an email to [email protected].

9. Data Retention Period

Personal data will be retained only for the time necessary to fulfill the purposes for which they were collected and subsequently processed. In any case, the data retention period will not exceed 12 months following the last contact.

Data retention will also be guaranteed based on the legal obligations imposed on the Controller regarding data retention, especially concerning accounting data, billing documents, etc.

10. Right to Withdraw Consent (Methods of Exercising Rights)

Consent, where applicable, can be withdrawn at any time and/or data subjects can exercise their rights by sending:
– A registered letter with return receipt to the address indicated on the letterhead;
– An email to the following address: [email protected].

11. Complaints

Each Data Subject has the right to lodge a complaint pursuant to Articles 77 and following of the GDPR with a supervisory authority, which in Italy is identified as the Garante for the Protection of Personal Data. The forms, methods, and deadlines for filing complaints are established and governed by the applicable national legislation. The complaint does not affect administrative and judicial actions, which can be alternatively brought before the Garante or the competent Court in Italy.

12. Profiling

The personal data provided through browsing this website and any forms published therein may be subject to profiling by third-party providers through third-party cookies.

Profiling allows these third-party providers, who are independent Data Controllers for their respective personal data processing for profiling purposes, distinct from the Controller of this website, to assess certain personal aspects of the Data Subject, particularly regarding their preferences, interests, and tastes in relation to the pages visited and activities performed, in order to enable these independent Data Controllers to offer the Data Subject a more specific service tailored to their needs.

For more information, users are invited to read the Cookie Policy.

13. Data Controller, Authorized Personnel, Data Processors

Below we provide some information that it is necessary to bring to your attention, not only to comply with legal obligations but also because transparency and correctness towards Data Subjects are fundamental to our activity.

Data Controller: The Data Controller of your personal data is Agenzia Rossi di Pezzon Alfredo, responsible for the legitimate and correct use of your personal data, and you can contact them for any information or request at the following contacts: phone +39 0421 299354, email: [email protected].

Authorized Personnel: The updated list of authorized personnel is kept at the Data Controller’s headquarters.

Data Processors: For brevity, the detailed list of these figures is available at our headquarters.

14. Social Media Plug-ins

This site may contain plug-ins from certain social media (e.g., Facebook). Social plug-ins are special tools that allow incorporating social network functionalities directly within the site (e.g., the “like” feature from Facebook) and are marked with the logo of the respective social platform. When you visit a page of this site and interact with the plug-in (e.g., by clicking the “like” button) or decide to leave a comment, the corresponding information is transmitted directly from the browser to the social network platform (in this case, Facebook) and stored by it. For information about the purposes, types, and methods of collection, processing, use, and retention of personal data by the social network platform, as well as how to exercise your rights, please consult the social network’s privacy policy.

15. Links to Third-Party Sites

From this site, it is possible to connect via specific links to other third-party websites. The Controller declines any responsibility regarding the possible management of personal data by third-party sites and concerning the management of authentication credentials provided by third parties.

16. Cookies

Cookies are packets of information sent by a web server (e.g., the site) to the user’s Internet browser, which automatically stores them on the computer and automatically returns them to the server on each subsequent access to the site. For information on the characteristics, types, usage methods, and options to remove, delete, or disable cookies present on the website, please refer to the specific Cookie Policy.

The Data Controller
Agenzia Rossi di Pezzon Alfredo

Contact Us

Agenzia Rossi di Pezzon Alfredo is pleased to receive comments regarding this privacy notice.

We invite you to contact us at the following address: [email protected]

 

Mod. ICONT – Data Updated 10/2024

Information on the Processing of Personal Data

Pursuant to Art. 13 of EU REGULATION NO. 679/2016

Dear Data Subject,

Agenzia Rossi di Pezzon Alfredo, as the Data Controller pursuant to Article 13 of EU Regulation No. 679/2016 “General Data Protection Regulation (GDPR)” (hereinafter EU Regulation), which contains provisions regarding the processing of personal data, intends to inform you about the processing of your personal data.

The regulation stipulates that anyone who processes personal data is required to inform the data subject regarding the data processed and the qualifying elements of the processing, which must always occur lawfully, fairly, and transparently, while safeguarding confidentiality and guaranteeing the rights of the data subject.

It is specified that data processing refers to any operation or set of operations concerning the collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, destruction of the data itself.

1. Data Controller

The Data Controller is Agenzia Rossi di Pezzon Alfredo, with its legal headquarters at Corso Rovigno 15, 30021 Caorle (VE), VAT number 00731390274, reachable at the following contacts: phone +39 0421 299354, email: [email protected].

Nature of Processed Data, Purposes, and Legal Basis for Processing

Nature of the processed data: In relation to the purposes of processing outlined below, it is informed that only “common personal data” will be processed, such as:

  • identifying data of the company (name, surname, email, etc.);

Purposes of processing: Your personal data will be processed for the following purposes:

  • responding to your requests: by voluntarily filling out the appropriate form found in this contact area;
  • fulfilling legal obligations;

Legal basis for processing: Personal data, for the purposes outlined in points 2A and 2B, will be processed lawfully to fulfill pre-contractual and contractual obligations between us and the user (art. 6, par. 1 lett. b), to comply with our legal obligations (art. 6 par. 1 lett. c).

Recipients of the Data and Methods of Processing; Existence of Automated Decision-Making Processes, Including Profiling

The processing of your personal data will be based on the principles of fairness, lawfulness, and transparency and may be carried out using paper and electronic tools by both authorized personnel of the writing Company authorized/appointed for the processing of personal data and external parties called to perform specific tasks on behalf of the Data Controller as Data Processors, pursuant to Art. 28 of the EU Regulation, following our letter of assignment which imposes the duty of confidentiality and security for the processing of personal data, as well as the adoption of appropriate security measures to prevent data loss, illegal and improper uses, and unauthorized access, in compliance with current regulations on the protection of personal data.

For brevity, the detailed list of such figures is available at the headquarters of the Data Controller and is at your disposal.

Your personal data will not be disseminated and will not be transferred to third countries or international organizations, nor will it be communicated to third parties except for legal or contractual obligations.

In reference to the provisions of Art. 13 of the EU Regulation, par. 2 lett. f) and Art. 14 of the EU Regulation, par. 2 lett. g), it is noted that the Data Controller currently does not use any automated decision-making system or process.

Data Retention Period

Your personal data will be retained for a period not exceeding the achievement of the purposes for which they are processed, in compliance with the principle of data retention limitation provided by the EU Regulation and/or for the time necessary for legal and contractual obligations or until the withdrawal of specific consent by the data subject, and therefore:

with reference to the purposes indicated in points 2A-2B, the data will be retained for no longer than is necessary to achieve the purposes for which they are processed and/or for the time strictly necessary to fulfill legal and contractual obligations;

To guarantee the declared retention periods, an annual verification of the processed data and the possibility of deleting them if no longer necessary for the stated purposes will be conducted.

Access to Data (Categories of Recipients to Whom Data May Be Communicated)

We also inform you that the collected data will never be disseminated and will not be communicated without your explicit consent, except for necessary communications that may involve the transfer of data to public bodies, consultants, or other subjects for the fulfillment of tax and legal obligations or for the achievement of the purposes (where authorized), following our letter of assignment which imposes on them the duty of confidentiality and security in the processing of personal data.

With reference to Art. 13, par. 1, lett. e) of the EU Regulation, we proceed to indicate the subjects or categories of subjects (properly identified and instructed) who may come to know the user’s personal data as responsible or authorized and provide the following specific list by category:

  • Members, employees, collaborators, and suppliers of the Data Controller in Italy and abroad, in their capacity as authorized/appointed and/or responsible for processing (e.g., offices: commercial, technical, administrative, legal, press; system administrators, external professionals, various service providers, etc.);
  • Partner companies and/or those directly connected with the writer, as the activities of these are essential for the completion/execution of what you requested.

Your personal data may also be communicated to external subjects recipients of the practices concerning you, in the performance of activities and to external subjects interacting with the writer, always and exclusively for activities functional to the purposes described above, external subjects called to perform specific tasks, on behalf of the Data Controller, in the capacity of Data Processors, pursuant to Art. 28 of the EU Regulation.

For brevity, the detailed list of such figures is available at our headquarters and is at your disposal.

7. Communication and Transfer of Data

Without the need for explicit consent (Art. 6 par. 1, lett. b), c), and f) of the EU Regulation), the Data Controller may communicate your data for the purposes outlined in points 2A to 2F to supervisory bodies, judicial authorities, as well as to those subjects to whom communication is mandatory by law for the fulfillment of the above-mentioned purposes.

These subjects will process the data in their capacity as independent data controllers.

Personal data is stored on devices located at the headquarters of the Data Controller or with providers within the European Union.

Your data will not be disseminated.

To ensure the security of such transfers, we only use subjects that offer the necessary guarantees to implement appropriate technical and organizational measures so that the processing carried out complies with what is provided for by the EU Regulation 679/2016.

Both concerning the data on your devices and any data present with providers, the Data Controller has implemented appropriate technical and organizational measures to ensure a suitable level of security, in full compliance with the provisions of the EU Regulation.

Consequences of Not Communicating Data

The personal data referred to in points 2A-2B of this information are necessary; without this data, it would be impossible to proceed and fulfill contractual and legal obligations.

Rights of the Data Subject

As a data subject, you have the rights referred to in Articles 15 to 22 of the EU Regulation, as outlined below, specifically you have the right to:

  • obtain confirmation of the existence and processing of personal data concerning you and, in that case, gain access to your data (so-called right of access);
  • obtain indications about the purposes of the processing, the categories of data in question, the recipients or categories of recipients to whom the data have been or will be communicated, particularly if recipients are from third countries or international organizations, the retention period of the data provided or the criteria used to determine such period; and if the data have not been collected from the data subject, to obtain all available information on their source;
  • obtain rectification of the data concerning you (so-called right of rectification);
  • obtain deletion of the data concerning you (so-called right to be forgotten);
  • obtain restrictions on processing (so-called right to restrict processing);
  • obtain data portability, i.e., receive them from a data controller in a structured, commonly used, and machine-readable format and transmit them to another data controller without hindrance (so-called right to data portability);
  • object to processing at any time (so-called right to object). It is specifically informed, as required by Art. 21 of the EU Regulation, that if personal data are processed for direct marketing purposes (including profiling), the data subject has the right to object at any time to the processing of personal data concerning them carried out for such purposes, and that if the data subject objects to processing for direct marketing purposes, personal data will no longer be processed for such purposes;
  • be informed (with the possibility to object) of the existence of automated decision-making processes concerning individuals, including profiling;
  • withdraw consent at any time without affecting the lawfulness of processing based on consent before withdrawal;
  • lodge a complaint with a supervisory authority (Garante per la Protezione dei Dati Personali).

It should be noted that there may be conditions or limitations to the rights of the data subject. Therefore, it is not certain that, for example, there is a right to data portability in all cases; this depends on the specific circumstances of the processing activity.

Another example: if you decide to object to the processing of data, the Data Controller has the right to evaluate your request, which may not be accepted in case of legitimate overriding reasons for proceeding with the processing that prevail over your interests, rights, and freedoms.

To exercise these rights, you can contact the Data Controller using the contact details provided above. If necessary, we may request additional information to verify your identity.

Amendments to This Information

This information may be subject to changes. We will notify you of any changes by publication on our website.

Date of last revision: 10/2024.