on the processing of personal data for browsing the website and cookies
pursuant to arts. 12 et seg. of Regulation (EU) 2016/679 (GDPR)
Foreword The following policy is a description of the processing carried out by the Data Controller of personal data provided by the data subject on the website.
Processing purposes For all website users, personal data may be used to:
- allow browsing of the public web pages on our website;
- check the proper functioning of the website;
Cookies definition Cookies consist of text strings that are sent by the website to the IT device to make the browsing experience more efficient.
Types of cookies Technical cookies will be downloaded when browsing the website. These include:
authentication cookies, activated only in response to specific actions carried out by users that constitute a request for services
third parties cookies, functional to:
- SPAM PROTECTION
Google reCAPTCHA (Google Inc.)
Google reCAPTCHA is an antispam provided by Google Inc. This type of service analyzes the traffic of this Application, potentially containing Personal Data of Users, in order to filter it from traffic, messages and content recognized as SPAM.
- VIEW CONTENT FROM EXTERNAL PLATFORMS
This type of services allowes to view contents hosted on external platforms directly from the pages of this Application and to interact with them.
If this type of service is installed, it is possible that it will collect traffic data relating to the pages in which it is installed even if Users do not use it.
Widget Google Maps (Google Inc.)
Google Maps is a web service that provides detailed information about geographical regions and sites managed by Google Inc. It allows to integrate these contents within the pages of the Application.
Google Fonts (Google Inc.)
Google Fonts is a web font service managed by Google Inc. that allows to integrate these contents within the pages of the Application.
- WEBSITE IMPROVEMENT
Our website made by Wordpress uses this cookie. The cookie allows the website owner to improve or change website content in real time.
- PAYMENTS MANAGEMENT
The payment data, managed in encrypted format and according to the security requirements, do not pass through Zucchetti Software Giuridico’s servers, but are acquired directly by the payment service provider who will act as an independent data controller.
For more information, please refer to the pages of payment service providers:
Axerve Ecommerce Solutions:: https://www.axerve.com/privacy-policy/servizi-di-pagamento
Cookies deactivation Users have the possibility to disable cookies at any time through their browser settings.
Cookies stored on the hard disk of your device can be deleted and you can also disable cookies by following the instructions provided by the main browsers, at the following links:
Legal basis for processing - This website processes data based on consent. By using or consulting this website, the data subject implicitly consents to the possibility of storing only those cookies that are strictly necessary ("technical cookies") for the functioning of this website.
Personal data collected and mandatory or optional nature of data provision and consequences of any refusal - Such as all websites, this website also uses log files to retain the information collected during visits by users in an automated mode. The following types of information may be collected:
- internet protocol (IP) address;
- type of browser and parameters of the device used to connect to the website;
- name of the Internet service provider (ISP);
- date and time of the visit;
- the web page from which the visitor arrives (referral) and exits to.
The above information is processed automatically and collected in order to check the proper functioning of the website, as well as for statistical or security reasons.
For security reasons (anti-spam filters, firewall, virus detection), the data recorded automatically may also include such personal data as the IP address, which may be used in compliance with the relevant current legislation to block attempts to damage the website or other users or, in any case, to block other detrimental activities or crimes. Such data is never used to identify or profile the user, but solely to protect the website and its users.
As a consequence of normal use, the IT systems and software procedures dedicated to the functioning of this website acquire certain personal data whose transmission is inherent to the use of Internet communications protocols. This category of data includes the IP addresses or domain names of the computers used to link to the website, the addresses of the resources requested in URI (Uniform Resource Identifier) notation, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the reply given by the server (success, error, etc.) and other parameters relating to the operating system and IT environment of the user.
Finally, by accessing the site, anonymous data will be recorded in order to understand the user experience.
Retention period of your data The personal data collected during the browsing session will be retained for the time needed to carry out the specified activities and for no more than 24 months.
Processing methods - Pursuant to and for the effects of Arts. 12 et seq of the GDPR, the personal data that the data subjects provide to us will be recorded, processed and retained in the Companies’ hard-copy and electronic files, with the use of adequate technical and organizational measures in order to protect such data. The processing of data subjects’ personal data may consist in any operation or set of operations described in art. 4, para. 1, point 2 GDPR.
Communication and dissemination - The personal data of the data subjects, provided through registration, may be communicated (meaning the giving of knowledge to one or more specific subjects) by the Data controller to third parties in order to implement all the necessary legal and/or contractual obligations. In particular, the personal data of the data subjects may be communicated to public authorities or offices or control authorities in order to fulfil legal and/or contractual obligations.
The personal data of the data subjects may be communicated in the following terms:
- to parties able to access the data pursuant to laws, regulations or EU legislation, within the limits envisaged in such provisions;
- to parties that need to access your data for related purposes to the relationship that exists between you and us, within the limits strictly necessary to carry out the ancillary tasks .
Rights of the data subject - Pursuant to Articles 15 et seq of the GDPR, the data subjects may exercise the following rights:
- access: to obtain confirmation of whether or not the personal data of the data subjects are processed and the right to access them; requests that are manifestly unfounded, excessive or repetitive cannot be answered;
- rectification: to correct/obtain the correction of personal data if incorrect or not updated and to complete data if incomplete;
- erasure/to be forgotten: in some cases, to obtain the erasure of the personal data provided; this is not an absolute right, as the Data controller may have legitimate interest or legal reasons to store them;
- limitation: the data will be stored, but cannot be processed further, in the cases foreseen by the regulation;
- portability: to move, copy or transfer data from the Data controller’s databases to third parties. This applies only to data provided by the data subjects for the performance of a contract or for which express consent has been given and the processing is carried out by automated mode;
- objection to direct marketing;
- withdraw of the consent at any time if processing is based on consent.
Pursuant to Art. 2-undicies of Legislative Decree 196/2003, the exercise of data subjects rights may be delayed, restricted or excluded, following justification provided without delay, unless this might compromise the purpose of the restriction, for as long as and to the extent that this constitutes a necessary and proportionate measure, taking into account the fundamental rights and legitimate interests of the data subject, in order to safeguard the interests referred to in paragraph 1, letters a) (protected interests with regard to money laundering), e) (for the conduct of defensive investigations or the exercise of a right in court) and f) (for the confidentiality of the identity of the employee who reports offenses he becomes aware of on his duties). In such cases, data subjects’ rights may also be exercised through the Personal Data Protection Authority in the manner referred to in Article 160 of said Decree. In such case, the Personal Data Protection Authority will inform the data subject that it has carried out all the necessary checks or that it has carried out a review, as well as of the data subject right to take legal action.
To exercise such rights, the data subject may contact the Data Controller.
The Company will respond within 30 days of receiving the data subject formal request.
If the abovementioned rights concerning data subject personal data are infringed, the latest may complain to the competent authority.
Contacts details of the Data Controller The Data Controller is Notaio Vincenzo Papi, with its registered office in Roma Via Francesco Cancellieri n. 2; tel. 06681902 fax 0668806906; email firstname.lastname@example.org pec email@example.com.
Data Protection Officer - Data Protection Officer has not been designated because the conditions of the art. 37 Regulation (EU) 2016/679 are not satisfied.