This information is provided, pursuant to art. 13 EU Regulation 2016/679 (GDPR) and by Legislative Decree. 196/2003 amended by Legislative Decree. 101/2018 to users who interact with the DUE GI – S.R.L. DI CATTANI GIUSEPPE & C. accessible electronically from the address: https://www.duegisrl.it, corresponding to the home page of the site.

This information describes how to manage only the company’s official website but not other external websites that may be consulted by the user via links.

Additional information may be provided within the different access channels, divided on the basis of the topics covered. Other information may be provided on the Site in relation to specific services.

 

Administrative-accounting activities in general and for the fulfillment of legal obligations, regulations and applicable national and supranational legislation.

Need to fulfill legal obligations

Contractual duration and, after termination, for the ordinary prescription period of 10 years.

If necessary, to ascertain, exercise or defend the rights of the Data Controller in court

Legitimate interest

For the entire duration of the same, until the terms of enforceability of the appeals are exhausted.

Any request for contact, with the sending of information requested by you;

 

Execution of a contract of which the interested party is a party or the execution of pre-contractual measures adopted at the request of the same (Article 6 (1) (b) of the Regulation)

Time needed to provide feedback

Once the retention terms indicated above have elapsed, the Data will be destroyed, deleted or made anonymous, compatibly with the technical cancellation and backup procedures.

It is possible to access the Site without the user being asked to provide any personal data. The computer systems and applications dedicated to the operation of this website detect, during their normal operation, some data (the transmission of which is implicit in the use of Internet communication protocols) not associated with directly identifiable users. The collected data includes the IP addresses of users who connect to the site, the URI / URL (Uniform Resource Identifier / Locator) addresses of the requested resources, the time of the request and the numerical code indicating the status of the response given. from the server (successful, error, etc.). and other parameters relating to the operating system and the user’s IT environment.

This is information that does not provide the user’s personal data and that is not collected to be associated with identified data subjects, but it is technical / IT data collected and used in an aggregate and anonymous manner for the purpose of verifying correct functioning and monitor the security of the Site; improve the quality of the service and provide statistics concerning the use of the Site; proceed with the assessment of responsibility in case of hypothetical computer crimes against the site.

The optional, explicit and voluntary sending of messages to the contact addresses, as well as the compilation and forwarding of the forms on the website of the Data Controller, involves the acquisition of the sender’s contact data, as well as all personal data included in the communications. , necessary to respond to the requests produced and / or provide the requested service. However, it is ensured that this treatment will be based on principles of correctness, lawfulness and transparency and protection of confidentiality as indicated in the GDPR. In any case, before proceeding with the activation of a particular service, appropriate information will be provided and, where necessary, the relative consent to the processing of personal data will be acquired. This consent may later be revoked at any time, thus invalidating the possibility of using the service in question

Failure to provide consent or revocation of the same does not entail any consequences, except for the impossibility of using the Site and / or the provision of the requested service or obtaining more detailed information on the Company’s activities.

In any case, the processing of personal data may be carried out, if necessary, for the pursuit of a legitimate interest of the Data Controller or on the basis of a legal obligation. In particular, obtaining consent to the processing referred to in the previous point relating to navigation and log data is not necessary as the data is treated as responding to a legitimate interest (Recital 47 of the GDPR).

 

 

Apart from what is specified for navigation data, the provision of personal data by the interested party, for certain purposes described in the previous paragraph, is to be considered optional. Failure to provide them may make it impossible to use certain services provided by the site.

Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they are collected in compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 of the GDPR and in compliance with the mandatory time limits prescribed by law. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.

Your data, subject to processing, will not be disclosed but may be disclosed to companies contractually linked to the company, in accordance with and within the limits of the GDPR. Personal data is stored on servers located within the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU GDPR. In this case, the Data Controller ensures from now on that the transfer of non-EU data will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided for by the European Commission and the user will be informed.

The data may be disclosed to third parties belonging to the following categories:

The subjects belonging to the aforementioned categories perform the function of data processing manager, or operate in total autonomy as separate data controllers. The list of managers is constantly updated and available at the company headquarters. Any further communication or dissemination will take place only with your explicit consent.

The owner informs the interested party that on this site there is no automated decision-making process, so in particular there is no profiling system.

This Site and the Controller’s Services are not intended for minors under the age of 16 and the Controller does not intentionally collect personal information relating to minors. In the event that information on minors were unintentionally registered, the Data Controller will delete them in a timely manner, at the request of users.

Interested parties have the right to receive information from the Company regarding the processing of personal information by email to: privacy@duegisrl.it

Right of access: we are transparent about the data we collect and the use we make of it. You can contact us at any time by sending an email to access the information in our possession.

Right of rectification: you have the right to obtain the rectification of any inaccurate or incomplete information and request its updating and / or modification.

Right to erasure: send a request to erase all data concerning you and we will process your request within 30 days.

Right of limitation: you have the right to request that the data owner limit the processing of your data.

Right to portability: if you request it, we will export your data so that it can be transferred to third parties in a structured and commonly used and machine-readable format.

Right to object: you can unsubscribe at any time from all the specific uses we make of your data (newsletters, automatic emails, etc.).

Right to lodge a complaint: if you believe that your rights have not been respected, you can lodge a complaint with the competent authority according to the information published on the website www.garanteprivacy.it or by email to urp@gpdp.it