Personal Data gathered from the Application
The owner gathers the following typologies of Personal Data:
Data and content acquired automatically during the use of the Application:Technical data: computer systems and software procedures responsible for the operation of this Application can acquire, during their normal operation, some Personal Data whose transmission is implicit in the use of internet communication protocols. This information is not collected to be associated with identified Users, but by the same nature, could, through processing and association with Data held by third parties, allow to identify Users, This category includes IP addresses, or domain names used by Users who connect to the Application, URI (Uniform Resource Identifier) addresses of the requested resources, , the time of the request, the method used to submit the request to the server, the size of the file obtained, etc.
B, Personal data collected through cookies or similar technologies:
Cookies are not used for the transmission of personal information, nor are persistent cookies of any kind used, or systems for the tracking of Users. Therefore, Personal Data of Users is not acquired by the application with these technologies.
The use of session cookies (which are not stored permanently on the User’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the Application.
The session cookies used in this Application avoid the use of other computer techniques potentially prejudicial to the confidentiality of the navigation of Users and do not allow the acquisition of Personal Data identifying the User.
The Personal Data collected may be used for the performance of contractual and pre-contractual obligations and for legal obligations.
The processing of Personal Data is carried out using computer and/ or telematic tools, with organizational methods and logic strictly related to the purposes indicated.
In some cases, the Personal Data may also be accessible to persons involved in the Data Controller’s organization (such as personnel managers, commercial area staff, system administrators, etc.) or external parties (such as IT companies, service providers, postal couriers, hosting providers, etc.). These subjects, if necessary, may be appointed Data Processors by the Data Controller, as well as access to the Personal Data of Users whenever necessary and will be contractually obliged to keep confidential the Personal Data.
The updated list of Managers can be requested by email at email@example.com.
4. Legal bases of handling
The treatment of Personal Data reative to the user id founded on the following legal basis:
- the consent given by the User for one or more specific purposes;
- Processing is necessary for the execution of a contract with the User and/or for the execution of pre-contractual measures
- The processing is necessary to fulfill a legal obligation to which the Data Controller is subject
- Processing is necessary for the performance of a task in the public interest or for the exercise of official authority vested in the Data Controller
- the processing is necessary for the pursuit of the legitimate interest of the Owner or third parties
- The processing is necessary for the pursuit of a vital interest of the Owner or third parties.
However, it is always possible to ask the Data Controller to clarify the legal basis of each processing at firstname.lastname@example.org.
The Personal Data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For further information, please contact the owner at the following email address email@example.com or at the following postal address Rua das Rodas 8,1 – Santiago de Compostela (Spain) -1 5704.
The processing is carried out in a manner and with appropriate tools to ensure the security and confidentiality of Personal Data, having the Owner taken appropriate technical and organizational measures that guarantee, and allow you to demonstrate, that the processing is carried out in accordance with the relevant legislation.
Data retention period
Personal Data will be kept for the period of time necessary to fulfil the purposes for which they were collected.
In particular, the Personal Data will be kept for the entire duration of the contractual relationship, for the execution of the related and consequent obligations to the same, for compliance with the applicable legal and regulatory obligations, as well as for defensive purposes of their own or third parties.
If the processing of Personal Data is based on the consent of the User, the Owner may retain the Personal Data until the withdrawal of consent.
The Personal Data may be kept for a longer period of time if necessary to fulfill an obligation of Iegge or by order of a high authority.
All Personal Data will be deleted or stored in a form that does not allow the identification of the User within 30 days from the end of the retention period. Upon expiry of this period, the right of access, cancellation, rectification and the right to portability of Personal Data can no longer be exercised.
8. Decisional automated processes
All Personal Data collected will not be subject to any automated decision-making process, including profiling, that may produce legal effects for the person or that may significantly affect it.
Rights of the User
Users may exercise certain rights with reference to the Personal Data processed by the Data Controller. In particular, the User has the right to:
- withdraw consent at any time;
- object to the processing of their Personal Data;
a obtaining the deletion of their Personal Data;
to receive their Personal Data or have it transferred to another owner;
a Lodging a complaint with the Data Protection Supervisory Authority and/or to take legal action.
To exercise their rights, Users can direct a request to the contact details of the Data Controller indicated in this document. Requests are made free of charge and processed by the Owner as soon as possible, in any case within 30 days.
1 0. Owner of the Data Processing
The Owner of the Data Processing is Elvio Esposito, Rua Rodas 8, 1 – Santiago de Compostela (Spain), Fiscal Code SPSLVE86L07B7 15M, VAT No Y3662225H, e-mail address firstname.lastname@example.org.
Last update: 06/03/2021