CATEGORIES OF PERSONAL DATA UNDERGOING PROCESSING
During the visit to our website, we may ask the user to provide personal data or information regarding his/her identified or identifiable natural person, which may be used to contact or identify the user. Personal data include, without limitation, the user’s email address, name and last name, mobile number, residence and/or domicile, data relating to cookies and use of the website.
We may use the personal data provided to contact the user and send him/her information material such as newsletters, dedicated and promotional offers, and other information that may be of interest to the user, who at any time will be entitled to stop receiving such information by clicking the unsubscribe link contained in the emails we send.
During their normal operation, the IT systems and software procedures used to operate this website acquire some personal data, the transmission of which is implicit in the use of Internet communication protocols.
This data category includes IP addresses or domain names of users’ computers and terminals, URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of request, the method used to submit the request to the server, the size of the file obtained in response, the number code indicating the status of the response from the server (successful, error, etc..) and other parameters relating to the operating system and the IT environment of the user.
In addition, we may use and store data relating to the user geolocation, just if the user will give his/her explicit consent. We use this data to offer a customised browsing experience through our website. Geolocation may be disabled at any time by changing the settings of the mobile or fixed device used to access our services.
Cookies are text files that are stored locally on the computers of web users to allow for safely and effectively browse the website and monitor its use. This website uses technical cookies (session cookies) and third-party cookies.
The use of session cookies (which are not persistently stored on the user PC and are erased when closing the browser) is strictly limited to the transmission of session identification data (made of random numbers generated by the server) that are required to allow for browsing the website in a safe and effective way. Disabling these cookies may prevent the user from accessing online services.
PURPOSE OF THE PROCESSING
Nastrificio Giuseppe S.r.l. uses the data collected for different purposes:
- Provide the services offered and check their proper operation;
- Inform the user of any changes to the services provided;
- Provide an answer to the user’s requests;
- Obtain statistical information on the use of services (most visited pages, number of visitors per time-slot or day, geographical areas of origin, etc.) to improve the user experience;
- Monitor the use of this website.
PLACE OF PROCESSING
The data collected from the website is processed at Nastrificio Giuseppe S.r.l. registered office and at the web hosting datacentre. The web hosting is responsible for the Processing, by processing data on behalf of the Data Controller and is within the European Economic Area. For further information, please read Aruba S.p.A. privacy policy at the following link: https://hosting.aruba.it/documents/tc-files/en/7_privacypolicyhostingcart.pdf.
TYPES OF PROCESSED BROWSING DATA
During its operation, the web site collects data in an automated way (IP address, browser type, ISP name, date and time of visit, web page of origin and exit of the user).
This data is used with the sole purpose of getting anonymous statistic information on the use of the website, to monitor its proper operation, and is deleted immediately after being processed.
The data may be used to check the responsibility in the event of possible IT crimes against the website.
DATA RETENTION PERIOD
Data collected from the web site during its operation is stored for the time strictly necessary for the purposes for which data are collected and processed. At the expiry date, data will be cancelled or anonymised, unless there are additional purposes (legal obligations) for storing it.
TRASFERRING THE DATA COLLECTED TO THIRD PARTIES IN NON-EU COUNTRIES
The data collected from the web site is not provided to third parties, except for in specific cases: legitimate request by the judicial authority and under the exclusive cases provided for by the law; should it be required for the provision of a specific service requested by the user; for carrying out security or web site optimisation checks.
SECURITY MEASURES
The Data Controller processes visitors and users’ data in a lawful and correct way, by taking the appropriate security measures aimed at protecting the data against unauthorised access, dissemination, unlawful alteration or destruction. The Data Controller undertakes to protect the security of personal data during transmission, by using thw web hosting service given by Aruba S.p.A. For further information, please contact Aruba S.p.A. at the following e-mail address: privacy@staff.aruba.it.
Data is processed by means of computerised and/or telematics systems, with organisational procedures and logics that are strictly related to the above indicated purposes. Other than the Data Controller, in some cases data may be accessed by categories of people in charge who are involved in the web site management or external subjects (such as providers of third party technical services, hosting providers).
DATA SUBJECTS RIGHTS
Pursuant to European Regulation 679/2016 (GDPR), users residing within the European Economic Area (EEA), in accordance with the procedures and limitations provided for by this legislation, may exercise the following rights:
- Right of access to the data;
- Right of change and cancel the data;
- Right of restricting the Processing;
- Right of data portability;
- Right of opposing the Processing;
- Right of opposing to an automated decision-making process, including profiling.
Articles from 15 to 23 of the Regulation are available at the following link:
http://eur-lex.europa.eu/legal-content/IT/TXT/HTML/?uri=CELEX:32016R0679&from=IT.
Requests shall be addressed to the Data Controller Nastrificio Giuseppe S.r.l., with registered office in via Puglie 33/A/B – 41012 Carpi (MO), Italy, Tel: 059 699646 - Fax: 059 641223, e-mail address: info@nastrificiogiuseppe.it.