Information sheet pursuant to article 13 of EU Reg. 2016/679.
On this page you can find the description of how the website is managed as far as its users’ personal data processing.
N.B.: if the user is a minor (under 18 years old), a parent or guardian must read these conditions and approve them before using the website and its services.
The report, in compliance with article 13 of GDPR, is referring only to the present website and not other websites linked to it and browsed by the user.
The data controller
The data controller is SIGNORIA S.R.L., which can be contacted through the contact information found in this report in order to request information on the Data Processors appointed by the Data Controller and Joint Controllers.
The Joint Controllers are companies connected to the Data Controller and partners that work together for the management of the services provided with the website and for the satisfaction of the requests of the data subjects.
Types of processed data
After browsing through this website, data related to identified or identifiable people may be processed.
(I) Browsing Data
The IT systems and the software procedures in charge of the functioning of this website process some personal data during its normal operation; this implicit processing is necessary for the use of the Internet communication protocols.
This information is not collected to be associated to identified subjects, but because of its nature it could identify the users thanks to elaborations and associations to data held by third parties.
Many types of data belong to this category, for example Internet Protocol addresses or domain names of computers used by users that connect to the website, URI (Uniform Resource Identifier) address notations of the requested resources, the time of the request, the method used to undergo the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server response (success, error, etc.) and other parameters related to the operating system and the IT environment of the user, such as the type and version of the browser, the types and versions of the browser’s plug-in, the mobile device identifier (IDFA or AndroidID) and other parameters related to your operating system and the IT environment of the user.
These data, without a specific consent to their processing for other purposes, are used only in order to acquire anonymous statistical information on the use of the website and monitor its proper functioning. Data might be used for detection only in case of responsibility for hypothetical computer criminal offences for damaging the website and, only in this case, specific procedures can be activated in order to identify the author.
The Legal basis for the processing of these data is based on the legitimate interest pursued by the Controller for the protection of data security, proper functioning of the website and improvement of the service standards.
(II) Personal Data
Personal data are all the personal information given by a visitor through the website, for example when writing to an email found in the contact area in order to request information and/or proceeding with a purchase of products sold on the website and/or registering to a reserved area, etc.
The Legal basis for the processing of these data derives from the necessity to process such data in order to satisfy the requests of the data subjects and/or fulfil the contractual obligations.
Provision of data
Apart from what is specified in relation to browsing data, the user is free to provide the personal data requested while browsing in order to submit requests to the Company, solicit the sending of informative material or other communications, proceed with the purchase of products sold on the website. In case of no provision, what requested might not be possible to obtain.
(I) User Data Given Intentionally
When entering the website for the first time, an informative banner with a link to this document appears; by interacting with the website, the choice to continue browsing is registered (through a specific cookie [see below]).
The optional transmission, explicit and voluntary, of emails to the address on this website implicates the subsequent processing of sender address, necessary to answer to user’s requests, as well as other potential personal data written in the message that, unless different needs are duly communicated, will be kept for the time necessary to fulfil the requests.
If, in the request of contact, the data subject communicates special categories of personal data (such as: personal data which reveal racial or ethnic origin, political opinions, religion or philosophical beliefs, or trade union membership, as well as genetic data, biometric data which allow the unique identification of a natural person, data concerning a person’s health or sex life or sexual orientation), a specific consent for their processing can be necessary, or otherwise such requests by the data subject might not be possible to be carried out.
Modalities of processing and processors
Personal data are processed with automated tools for strictly the time necessary to fulfil the purposes for which they were collected. The processing carried out for the web services of this website is handled by staff mandated by the Controller as well as external entities, called Processors, appointed for the technical management and maintenance of the website and its computer systems. Specific security measures are employed in order to prevent data loss, unlawful or incorrect use and unauthorised accesses.
Personal data provided by users that request informative materials (newsletter, answers to questions, etc.) are only used to carry out the requested service and are communicated to third parties only in case of necessity to fulfil the request.
(I) Processing Resulting from a Contact Request, Purchase, Registration or Subscription to the Newsletter Service
Personal data provided voluntarily by the data subject through the contact area or in the registration area, where the user can subscribe to the newsletter:
are processed mostly with automated tools in order to:
ensure a reliable and timely response and meet the demands of the user, who - in case of registration or subscription to the newsletter - has the power to suspend the processing at any time;
comply with obligations arising from European laws, rules and regulations; fulfil provisions issued by the Judicial Authority;
provide information to the system of acquisition of public knowledge with statistical analysis, made through anonymous and aggregated data, which is necessary for the verification, improvement and thus designing of a service that is increasingly capable of meeting the demand;
send courtesy communications and/or communications containing information/offers related to products offered and services performed by the Data Controller, of course, only with the consent of the data subject, as well as via SMS or other means of communication connected with the contact information, postal addresses and emails provided. It is understood that the data subject will nonetheless have the power to refuse the processing of his/her data at any time; in this regard, we specify that, even by giving consent, the subject has the power to express his/her own choices about the channels used to send those communications by entering even only one contact of those requested in the form;
may be processed by communication and marketing staff, computer system maintenance staff whose role is to ensure the proper functioning of the systems, the security of the data and backup operations, other staff within the limits of its job description and as provided by company procedures and other entities that provide services for auxiliary purposes in order to meet the demands of the subject, within the limits strictly necessary to carry out the tasks assigned to them;
can be communicated or made available to: individuals who may access the data by virtue of provisions of European laws, rules and regulations, within the limits set by these rules and/or other individuals who provide services in order to meet the demands of the subject, within the limits strictly necessary to carry out the tasks assigned to them.
We remind the users that filling the fields marked with an asterisk (*) is mandatory, without those data it will not be possible to fulfill the requests or answer to the inquiries of the data subject.
Data storage - Dissemination - Transfer abroad
Any data provided, unless governed by duly-communicated instructions from the data subject stating otherwise, will be stored for as long as it is necessary to satisfy the requests of the subject and comply with legal requirements.
In case of registration to some sections of the website or subscription to some services, data will be stored until the cancellation of the service, after which the data will continue to be stored only if provided for by law and in accordance with the rules on the storage of administrative documentation.
Where the subject has a contractual relationship with the Data Controller, the data will be stored - if relevant thereto - for the duration of the contract, upon the expiry of which it will continue to be stored only if provided for by law and in accordance with the rules on the storage of administrative documentation.
The contact information, for which the consent to send commercial communications has been provided, will be stored for up to 12 months from when the last communication is sent, or until the subject withdraws his/her consent.
No data gathered by the web service is disseminated. Personal data will be transferred to other entities outside of the European Union, to the Country in which the subject resides or is, exclusively if necessary to meet the demands and as provided for by current regulations.
Some third parties, services providers, could have headquarters and/or their servers abroad (server provider etc.), whether within or outside of the EU. In this case, the data processing will be carried out exclusively in accordance with the purposes and modalities described in this information sheet and according to the relevant provisions and with the proper guarantees of adequacy and security requested by the current regulations.
A “cookie” is a small quantity of data, often contained in a unique and anonymous identification code that is sent to users’ browsers by a web server and which are subsequently memorised on the users’ hard disk. The cookie can be read and recognised only by the website that sent it whenever another visit happens.
We remind you that the browser is the software that allows users to browse the Net by viewing and transferring information on the users’ hard disk. If the browser preferences are set to accept cookies, any website may send its cookies to the browser, but - in order to protect the user’s privacy - it can only and exclusively detect those sent from the website, and not those sent to the browser by other websites.
In any case, cookies cannot cause any damage to the user’s computer.
Users’ privacy is essentially guaranteed by the fact that they may at any time:
set the browser so as to accept all cookies, refuse all cookies or receive a notice when one is sent;
delete one, some or all cookies.
Each browser has its own specific settings, so please consult the “Help” section of the used browser for more information on how to change preferences.
Most browsers are initially set to accept cookies automatically. In case of different devices (for example, computer, Smartphone, tablet, etc.), the User must make sure that the settings of the browser of each device are reflecting the cookie preferences of the user.
How Cookies are used on this website
The potential use of the so-called session cookies (which are not permanently stored on the user’s computer and disappear as soon as the browser is closed) is strictly limited to the transmission of session identification data needed to allow safe and efficient browsing of the website.
Third-Party Service Cookies / Social Plugins
There are links to third-party websites that allow the user to access and use some services present on the website. Moreover, this website uses “Social Plugins” (hereunder called “buttons”) of social networks such as Facebook or Instagram. These buttons are disabled by default, so they do not send data to their respective social network without your consent.
Upon activation of the service or button, these third-party websites may also store cookies on the user’s computer through the browser and may use information about the user’s visits to provide focused advertisements on their websites.
While browsing the website, the User could also receive on his/her terminal cookies of websites or web servers of third parties that are not known to the Data Controller (so-called “third-party” cookies). This happens because on the website there could be elements - for example images, maps, sounds, specific links to web pages of other domains, which are hosted on servers different from the one on which the requested page is located. In other words, such cookies are set directly by managers of websites or servers different from the Website. Theoretically, these third parties could set cookies while you are visiting the Website and thus obtain information concerning the fact that you visited the Website.
Rights of data subjects
The data subject has the right to:
request access to personal data from the data controller and to rectify or erase them or limit personal data processing that concerns the subject and to object to the processing of his/her data.
receive the personal data concerning the subject in a structured, commonly used and machine-readable format, if the processing is carried out by (computer) automated means and with the subject approval, and/or transmit them directly to another data controller, where technically feasible.
withdraw his/her own consent at any time (without affecting the lawfulness of processing based on consent before its withdrawal), obviously related to the processing carried out based on this condition.
lodge a complaint with a supervisory authority: the Italian Personal Data Protection Supervisor - https://www.garanteprivacy.it/
The requests must be addressed to the Controller:
by email to firstname.lastname@example.org;
via registered mail to SIGNORIA S.r.l., Via de Gondi 4/6r, 50122 Firenze (FI) - Italy;
calling +39 055 283669 and specifying the nature of the request to the operator, bearing in mind that it is not possible to answer requests over the phone if there is no certainty of the applicant’s identity.
For a proper interpretation, discrepancies and for legal purposes, the Italian version shall prevail over any other language.
Last Update: 9 February 2020.