With this document we are to provide you with the necessary information regarding the processing of personal data supplied by you, in particular regarding the purposes and methods of processing your personal data, as well as the scope of communication and dissemination thereof, to the nature of the data in our possession, their contribution and the retention period.
This document intends to accurately describe the methods of management of the processing of your personal data collected during the navigation of the Site or during the use of the services offered by the latter. The information is not valid for other websites that may be consulted via links on the website of the owner, which is not in any way responsible for the websites of third parties.
The Data Controller collected through this Site is Karisma Communication Srl, P. IVA 03390270969, with registered office at 24/A Amatore Sciesa street, 20135 Milano (hereinafter referred to as “responsible”): the Owner decides autonomously on the purposes and methods of treatment, as well as on security procedures to be applied to ensure the confidentiality, integrity and availability of data.
The Data Controller processes personal, identifying and non-sensitive data (in particular, name, surname, email – later, “personal data” or even “data”) that you have communicated when requesting information and / or to be able to use the newsletter service offered by the Owner.
The processing of your personal data is carried out by means of the operations indicated in art. 4 n. 2) GDPR and in compliance with the principles of lawfulness, fairness and transparency and of the other principles indicated in art. 5 GDPR.
The Data Controller will process your data for service or pre-contractual purposes for the time necessary to fulfill the purposes of the processing. The data for the marketing / newsletter purposes, where your specific consent has been issued, will be kept for the time necessary to pursue the purposes of the processing or in the lower term if the withdrawal of specific consent by the user intervenes.
In general, personal data voluntarily provided will be processed for the following purposes:
- A) – for browsing this Website;
– for the use of the services offered by the manager and to receive answers to your requests;
– for the eventual compilation of data collection fields in dedicated areas;
– fulfill the obligations established by the Law, by a Regulation, by community regulations or by an order of the Authority;
– prevent or discover fraudulent activities or malicious activities harmful to the website;
– exercise the rights of the owner, for example the right to defense in court.
For the purposes referred to in point A), the processing of data is necessary to allow correct navigation on the Website and for the execution of pre-contractual measures taken at the request of the interested party (for exampleresponding to your requests by filling in appropriate forms), to fulfill a legal obligation to which the Owner is subject and, finally, for the pursuit of the legitimate interest of the Data Controller (for exampleto exercise the right to defense in court or prevent fraudulent activity).
- B) with your consent for any registration to the newsletter service of the manager to receive promotional and commercial communication emails from the manager and / or for other direct marketing activities in order to receive by automated means (e-mail, traditional mail) or other means of communication) promotional information material, commercial and / or advertising related services, as well as commercial initiatives, which will be organized by the manager.
For the purposes referred to in point B) the processing of data is lawful only the interested party has given his consent.
Optional or mandatory nature of the provision of data; need for consent and consequences of non-consent.
Apart from that specified for navigation data, you are free to provide your personal data.
The provision of personal data for the purposes referred to in point A) is optional but necessary to use the services requested from time to time to the Data Controller and to refine the specific features. Failure to provide such data may make it impossible to obtain what has been requested or to use the services of the Data Controller.
The consent to the processing of data for the purposes B) – that is for promotional purposes, commercial communication and / or marketing in general by the manager – is always optional. Failing this, the Data Controller will still be able to provide the services referred to in point A) and you will still be able to improve the other functions and use the services provided by the Data Controller – point A) (for examplesend contact request, use the other services, etc.). It may therefore decide not to give any data or to revoke subsequently and at any time the possibility to process data already provided but the revocation will not affect the lawfulness of the treatment based on consent before revocation.
Your data will be communicated to third parties only with your express consent, except in cases where communication is mandatory by law or is required for purposes established by law for the pursuit of which the consent of the interested party is not required; in such cases, the data may be made available to third parties who will treat them autonomously and solely for the aforementioned purposes (for example, in the event of a request made by the police or by the judiciary or other competent bodies or to fulfill obligations arising from the contract with you concluded). Your data will not be disseminated in any way.
The manager can use third parties to process your personal data for certain activities. The third parties who perform these operations have been adequately selected and have experience, capacity and reliability and offer a suitable guarantee of full compliance with the current provisions on treatment, including the profile of data security.
These third parties will be named “Data Processors” for this purpose and will carry out their activities according to the instructions given by the manager and under his control. We periodically verify that the Managers have punctually fulfilled the tasks entrusted to them and that they continue to provide suitable guarantees of full compliance with the provisions on the protection of personal data. The updated list of Managers can always be requested from the Data Controller. Your data are then processed by our Distributors in charge of the individual services.
However, the manager can not guarantee its users that the measures taken for the security of the Site and the transmission of data and information on the Site limit or exclude any risk of unauthorized access or loss of data by devices pertaining to the site. user: We advise you to ensure that your computer is equipped with appropriate software to protect the transmission of data in the network, both incoming and outgoing (as updated antivirus systems) and that your Internet service provider has taken appropriate measures to the security of data transmission over the network (such as firewalls and antispam filters).
In your capacity as an interested party, you can exercise the rights referred to in Articles from 15 to 22 GDPR, in particular the right to access data, to correct or delete data, to request the limitation or to oppose the processing, in addition to the right to data portability. It also has the right to lodge a complaint with the Guarantor.
In case of violation of the personal data of the interested party, taking into account the provisions of art. 34 GDPR, the Controller will notify the interested party of the violation.
You can exercise your rights at any time by sending a registered letter to the responsible person to the addresses listed on the site
This Website and the Services of the Data Controller are not intended for persons under the age of 16 and the Data Controller does not intentionally collect personal information about minors. In the event that information on minors were unintentionally registered, the Data Controller will delete them in a timely manner, at the request of users.
Our web pages may contain social network plug-ins (for exampleFacebook, Twitter, Instagram, etc.). If you access one of our web pages equipped with a similar plug-in, the internet browser connects directly to the servers of the social network and the plug-in is displayed on the screen thanks to the connection with the browser. If an interested user of a social network visits our web pages, while he is connected to his social account, his personal data may be associated with the social account. Even if you use the plug-in functions, the information will be associated with the social account. Further information on the collection and use of data by social networks in general, as well as on the rights and methods available to protect the privacy of the data subject in this context, are present on the social network pages of the account, on the protection of data. If the person concerned does not wish to associate the visit to our web pages with his social account, he must log-off from the social network before visiting them.
Personal data are collected for the following purposes and using the following services: Interaction with social networks and external platforms. These services allow interaction with social networks or other external platforms. The interactions and information acquired are in any case subject to the user’s privacy settings relating to each social network. In the event that an interaction service with social networks is installed, it is possible that, even if users do not use the service, the same collect traffic data relating to the pages in which it is installed.
Update date 6th July 2018