Privacy Policy
INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ARTICLES 13 AND 14 OF EU REGULATION 679/2016
We hereby inform you that, pursuant to art. 13 and 14 of EU Regulation 679/2016 (hereinafter 'GDPR'), your data provided to us through the use of the website www.addaservice.com (hereinafter, also simply "Site") will be processed as follows, in compliance with the principles of correctness, lawfulness, transparency and protection of your privacy and your rights. This information provides the user (interested in the processing) with any further information necessary to ensure correct and transparent processing, in relation to the specific context in which the personal data are collected and subsequently processed.
This information is provided only for the Site and the subdomains related to it and not for third-party websites accessible through any hyperlinks (links) contained in the Site, for which the Data Controller is in no way responsible. For such processing, the respective owners must provide an independent information.
Data Controller
The Data Controller is Mr. Marco Viganò, with registered office in Brivio (LC), Via Prada, 16/18. Email: amministrazione@addaservice.com – Tel: 039.5320861, VAT no. & Fiscal Code 03587370135
Purpose and legal basis of the Processing
Finalità del Trattamento | Base Giuridica | Periodo di Conservazione |
|---|---|---|
Respond to requests received through the contacts on the site | Execution of a contract to which the interested party is party or the execution of pre-contractual measures adopted at the request of the interested party (art.6, paragraph 1, letter b) of the GDPR).
The provision of data is mandatory in reference to this purpose; if this is denied, it will be impossible to respond to requests | Until the time necessary to respond to requests received at the user's initiative. |
Acquire data relating to navigation (cookies) that can be deactivated through the browser settings (number of visitors per time slot or day, most visited pages, etc.). | Legitimate interest of the data controller (art.6, paragraph 1, letter f) of the GDPR). | Until the session ends/the browser is closed. |
Monitor the technical functioning and performance of the site. | Legitimate interest of the data controller (art.6, paragraph 1, letter f) of the GDPR). | Until the session ends/the browser is closed. |
Data Categories
The data processed may include:
a) Browsing Data
Browsing data, collected automatically, solely for the purpose of obtaining aggregate and anonymized statistical information regarding the use of the Website (including, for example, IP addresses, browsing times, geographical data, and other parameters related to the user's operating system and computing environment); however, this information may, through processing and/or association with other data held by the provider or third parties, allow the identification of the user, and may be used to ascertain any liabilities in the case of hypothetical cybercrimes against the website or related to navigation on any links.
b) Cookies
This website uses cookies or markers, which are technically packets of information sent by a web server (in this case, from this website) to the user's browser and stored on their device (personal computer, tablet, mobile phone, etc.) and automatically sent back to the server on each subsequent access to the site. To learn about the types and purposes of the cookies used, you can consult the specific Cookie Policy available on the site. This website only uses technical cookies necessary to ensure its functionality and provide a pleasant user experience.
d) Data Provided Voluntarily by Users/Visitors
If you decide to send messages to the contact details provided on the website, the Data Controller will process this data only to respond to your requests.
The processing will be carried out through IT tools, also by persons authorized for this purpose, operating under the direct authority and according to the instructions given by the Data Controller, with logics strictly related to the indicated purposes, and in any case, in such a way as to ensure the security and confidentiality of the processed data.
The processing operations are carried out in such a way as to ensure the security of data and systems. Specific security measures are adopted to minimize the risks of destruction or accidental loss of the data, unauthorized access, unauthorized processing, or processing not compliant with the purposes indicated in this privacy notice. In particular, the Site uses the HTTPS protocol for server authentication and communication channel encryption. However, the adopted security measures do not guarantee the absolute absence of risks of interception or compromise of personal data transmitted via telematics. Therefore, it is recommended to ensure that the user's device is equipped with adequate software systems for protecting the telematic transmission of data, both incoming and outgoing (such as updated antivirus systems, firewalls, and antispam filters).
Recipients
In addition to the Data Controller, other persons involved in the organization (authorized personnel) or external entities (web agency, hosting providers, other third-party technical service providers) may have access to the Data, appointed, if necessary, as Data Processors by the Data Controller. The updated list of Data Processors can always be requested from the Data Controller. The communication of data may also occur upon request by the judicial or public security authorities, as required by law.
Disclosure
Under no circumstances will personal data be communicated, disclosed, transferred, or otherwise shared with third parties for illegal purposes and, in any case, without providing proper notice to the Data Subjects and obtaining their consent when required by law.
Data Transfer Abroad
The transfer of your data to countries outside the European Economic Area (EEA) occurs via third-party cloud service providers used by the company for managing its activities. In this case, personal data will not be transferred to countries or international organizations outside the European Union that do not guarantee an adequate level of protection, as recognized under Article 45 of the GDPR based on an adequacy decision by the EU Commission. If necessary for providing services on the Site, the transfer of personal data to countries or international organizations outside the EU, for which the Commission has not adopted an adequacy decision as per Article 45 of the GDPR, will only occur if adequate safeguards are provided by the recipient country or organization, in accordance with Article 46 of the GDPR, and on the condition that data subjects have enforceable rights and effective remedies. In the absence of an adequacy decision by the Commission, as per Article 45 of the GDPR, or adequate safeguards as per Article 46 of the GDPR, including binding corporate rules, cross-border data transfer will occur only if one of the conditions set out in Article 49 of the GDPR is met.
Rights of the Data Subject
The GDPR grants the data subject various rights, which can be exercised by contacting the Data Controller using the contact details provided in this privacy notice, provided that the conditions outlined in the applicable legislation are met:
Access to Data: You have the right to obtain information about the Data processed by the Data Controller, about certain aspects of the processing, and to receive a copy of the processed Data.
Verification and Rectification: You can verify the accuracy of your Data and request its update or correction.
Erasure or Removal of Personal Data: When certain conditions apply, you may request the deletion of your Data by the Data Controller.
Withdraw Consent at Any Time: You may withdraw your previously given consent to the processing of your Personal Data.
Object to Data Processing: You can object to the processing of your Data when it is based on a legal basis other than consent.
Request Limitation of Processing: When certain conditions apply, you may request the limitation of the processing of your Data.
Data Portability: You have the right to receive your Data in a structured, commonly used, and machine-readable format and, where technically feasible, to transfer it without hindrance to another controller. This provision applies when Data is processed by automated means and the processing is based on consent, a contract to which you are a party, or on contractual measures connected to it.
File a Complaint: You can file a complaint with the competent data protection authority or take legal action.
How to Exercise Your Rights
To exercise your rights, you can send a request to the contact details of the Data Controller provided in this document. Requests are free of charge and will be processed by the Data Controller as soon as possible, in any case within one month.
The data subject may also seek assistance from non-profit organizations, organizations, or associations whose statutory objectives are of public interest and active in the protection of rights and freedoms of data subjects regarding personal data protection, granting appropriate mandate for this purpose. The data subject may also seek assistance from a trusted person. To know your rights, file a complaint/report/appeal, and stay updated on data protection legislation, the data subject can contact the Data Protection Authority by visiting the website at http://www.garanteprivacy.it/.