Promosfera srl (hereinafter: “the company” or “Promosfera”) is especially attentive and aware of the need to protect confidentiality and the fundamental rights of persons and their private lives. Since the Internet is a potentially risky means of divulging your personal data, the company has made a conscious decision to adopt rules of conduct – in compliance with Regulation (EU) 679/2016 (the General Data Protection Regulation, GDPR) – that ensure safe, controlled and confidential web browsing. This policy for safeguarding the confidentiality of information may be subject to variation in time, also depending on legislative additions and modifications or directives on the matter and we therefore invite you to return to this section of our website periodically. Please therefore read through the rules that Promosfera has imposed upon itself for collecting and processing personal data and in order to provide a satisfactory service to users of its website and to all existing and potential customers in general (hereinafter, including jointly: “the data subject” or “the data subjects”).
- to use all data given by the interested party within the context of services provided by the website;
- to reply to requests sent to the website by users;
- to send the newsletter only when requested;
- to allow users to join Promosfera social groups;
- to make data available to third parties carefully selected by us and solely for the purposes requested;
- to inform the data subject if data is sent to third parties for activities connected to his or her interests or sent to third parties if required by laws, regulations or EC directives;
- to comply with requests for data supplied to be erased, supplemented or amended and with objections to the treatment of data processed unlawfully, objections to the treatment of data for email advertising or other publicity materials including in paper format or for the purposes of telesales;
- to ensure correct and legitimate handling of your data, safeguarding your confidentiality, including by applying adequate security measures to protect the confidentiality, integrity and availability of said data.
As explained more fully in the sections that make it possible to use the services provided – by supplying your personal data – when accessing our website, the details asked for are used to deal with requests expressly made and voluntarily given by the user. In particular, the collection – and subsequent processing – of personal data are carried out for the corporate and commercial purposes of Promosfera and, more specifically:
- to deal with requests from consumers and businesses;
- to allow access to Promosfera social groups;
- to send out the newsletter requested by users
The forms to be filled in ask for personal details that are strictly necessary for the services required to be provided and failure to give such details will make it impossible to process the request, supplying such data is nevertheless voluntary. Mandatory details required are, generally, marked with an asterisk or the policy itself clarifies which details are mandatory and without which the request of the data subject cannot be fulfilled.
All processing performed by this website will take place using both paper and computerised or electronic means, for the purposes for which the data was requested and in conformity with the safety laws in force, for the purposes specified each time in the disclosure statement presented to the user.
For reasons to do with providing the service that the data subject has signed up for, the data will be made available to third parties, who will act in their own right as data controllers, and who provide services needed to fulfil the requests of the user or to whom the data must be sent in order to comply with the relevant laws and regulations.
Personal data will be made available to persons expressly authorised by Promosfera – and specifically appointed as persons in charge of processing, who perform essential processing activities in order to achieve the aforementioned purposes; the categories of persons in charge of processing are specified each time in the disclosure statement. As a general rule, these are persons who provide specific services, from administrative and IT services, to customer relations with existing and potential customers.
Data may also be forwarded to third parties when necessary to comply with laws or regulations or at the specific request of legal authorities and Police and Control bodies, to prevent and supress crime.
Personal data will not be circulated, except within the limits intrinsic to the service being used and subject to the prior consent of the user.
Promosfera srl – with registered office in Via G. Giusti 65/a, 21019 Somma Lombardo (VA) – is the data controller pursuant to and under the terms of the Regulation (EU) 679/2016, as it may decide how and for what purposes, communicated in the specific disclosure statement, the personal data provided by the user is to be collected and used. It also decides which processing instruments to use and security procedures to activate to guarantee data integrity, confidentiality and availability.
RIGHTS OF THE DATA SUBJECT
The rights to erase, modify, rectify or integrate data provided spontaneously are guaranteed, as is the right to request it be blocked, transformed into an anonymous form or to object to data being processed, for legitimate reasons, or if you do not wish to receive advertising material. By exercising these rights, it will be possible for you to control the use of your data also once it has been given to us.
These rights can be exercised at any time by writing to firstname.lastname@example.org or mailing a request to Via G. Giusti 65/a, 21019 Somma Lombardo (VA) – Italy.
In particular, according to Art. 15, of Regulation (EU) 679/2016:
- The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
- the right to lodge a complaint with a supervisory authority;
- where the personal data are not collected from the data subject, any available information as to their source;
- the existence of automated decision-making, including profiling
- The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. 2Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the grounds set out in Art 17, comma 1 GDPR applies. The controller shall communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with Article 16, Article 17(1) and Article 18, GDPR, to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort
- The data subject shall have the right to obtain from the controller restriction of processing where one of the grounds set out in Art 18, comma 1, GDPR applies.
- The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where one of the grounds detailed at art. 20 GDPR apply.
Your personal data can be processed manually, electronically or via computer, either directly by Promosfera or by third parties who, with suitable experience, technical skills, professionalism and diligence, carry out processing operations on behalf of our company, to offer a better service and to guarantee maximum satisfaction of your needs, respecting the security and confidentiality of the information. A complete and updated list of data processors can be requested by writing to: email@example.com or to the postal address stated in the previous paragraph.
THIRD PARTIES WITH WHOM YOUR DATA IS SHARED
Your data may be shared with third parties, data controllers in their own right, for purposes connected with providing the service required or to comply with rules and regulations that demand data be communicated, as well as to control bodies.
WHAT COOKIES ARE AND HOW ARE THEY USED BY PROMOSFERA
During normal operations, the information systems and software procedures used to run this website acquire some personal data which is transmitted implicitly when using Internet communication protocols. This information is not collected in order to identify data subjects but due to its specific nature, through processing and association with data held by third parties, it could allow users to be identified. This data category includes IP addresses or domain names of computers used to connect to the website, URI addresses (Uniform Resource Identifier) of resources requested, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating server response status (successful, error or similar) and other parameters regarding the user’s operating system and computer environment. This data is only used to collect anonymous statistical information on use of the website and to check it is working properly; the data is deleted straight after processing. Such data could be used to ascertain responsibility in the event of computer crimes against the website.
THE SECURITY OF YOUR PERSONAL DATA
Promosfera adopts adequate and preventive security measures aimed at safeguarding the confidentiality, integrity, completeness and availability of your personal data. As prescribed by the laws that govern the security of personal data, technical, logistic and organisational measures have been put into place to prevent damage, loss even accidental, alterations, improper and unauthorised use of data that concerns you. Similar preventive security measures are adopted by third parties (data processors) to whom we have assigned your data processing operations on our behalf. Nevertheless, Promosfera can accept no responsibility for false information sent directly by the user (e.g.: the correctness of the email address, postal address or other personal information), and neither can it accept any responsibility regarding the information that concerns him/her supplied by a third party, including fraudulently.
Last update 24 May 2018