NOTICE CONCERNING THE PROCESSING OF USERS‘ PERSONAL DATA PURSUANT TO REGULATION (EU) 2016/679 (’GDPR')
Data controller
Pelliccia S.r.l.
Via Arceviese, 136/A Pianello di Ostra (AN)
E-mail address: [email protected]
(‘Pelliccia S.r.l.’).
Data collection and processing
Navigation data
The computer systems and software procedures used to operate this Website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning, and is deleted immediately after processing.
The data could be used to ascertain liability in the event of hypothetical computer crimes against the site.
This data is normally deleted immediately after processing.
Additional personal data processed
Pelliccia S.r.l. Pelliccia S.r.l., in addition to browsing data (see Cookie Policy), processes data provided directly by you through the creation of your personal account and any completion by you of additional sections of the website (by way of example but not limited to: personal details, contact details, information on habits). Pelliccia S.r.l. also processes data obtained through tracking (cookies) and data from content sharing via social networks. Please refer to these disclosures for details of the processing carried out.
Purpose of processing | Legal basis for processing | Data retention period |
|---|---|---|
Technical administration and management of website operation | Performance of the contract to which the data subject is party | For the duration of navigation |
Fulfilling obligations under applicable national and supranational regulations and legislation (tax, administrative, etc.) | Need to fulfil legal obligations | Statutory duration (10 years for administrative-accounting obligations) |
If necessary, to ascertain, exercise or defend the Controller’s rights in and/or out of court | Legitimate interest (judicial protection) | In the event of litigation, throughout the duration of the litigation, until the time limits for appeal have been exhausted. |
Providing feedback to requests for information made by interested parties (‘Contact’ section) | Performance of the contract to which the data subject is party | The data will be stored for a period of no longer than 24 months from the time they are provided. |
In any case, a periodic check is to be carried out on the data processed and whether it can be deleted if it is no longer needed for the intended purposes.
Obligation to provide data
Browsing data are necessary for computer and telematic protocols and, therefore, failure to provide them would not allow this website to function.
Data recipients
The Data may be communicated to external subjects acting as data controllers, by way of example, authorities and supervisory and control bodies and, in general, subjects, public or private, entitled to request the Data.
The Data may be processed, on behalf of the Data Controller, by external parties designated as data processors (pursuant to Article 28 of the GDPR), who perform specific activities on behalf of the Data Controller, for example, companies that perform the management and/or maintenance service of the Company’s website, but also parties that provide services for the management of the information system.
Persons authorised to process
The data may be processed by employees and/or collaborators of the Controller and/or the Manager entrusted with the pursuit of the aforementioned purposes, who have been expressly authorised to process them and who have received appropriate operating instructions.
Transfer of personal data to countries outside the European Union
Apart from the Cookie Policy, there is no transfer of personal data considered here outside the European Union.
Rights of the data subject – complaint to the supervisory authority
By contacting the Data Controller, by email at [email protected], data subjects may request from the Data Controller access to the data concerning them, their deletion, the rectification of inaccurate data, the integration of incomplete data, the restriction of processing in the cases provided for by Article 18 GDPR, as well as the objection to processing, for reasons related to their particular situation, in cases of legitimate interest of the Data Controller.
Data subjects also have the right, where the processing is based on consent or contract and is carried out by automated means, to receive the data in a structured, commonly used and machine-readable format and, if technically feasible, to transmit them to another data controller without hindrance (right to portability).
Data subjects have the right to withdraw their consent at any time and to object to the processing of their data for marketing purposes, including profiling in connection with direct marketing.
Withdrawal of consent does not affect the lawfulness of processing based on consent before withdrawal.
Data subjects have the right to lodge a complaint with the competent supervisory authority in the member state where they usually reside or work or the state where the alleged violation occurred.
Updates
This privacy policy is current as of October 3, 2024.
