We wish to inform you that the European Regulation 2016/679 (hereafter GDPR) establishes rules concerning the protection of individuals with regard to the processing of personal data, as well as rules concerning the free movement of such data aimed at protecting the fundamental rights and freedoms of individuals physical rights, in particular the right to the protection of personal data. The free movement of personal data in the Union can not be restricted or prohibited for reasons relating to the protection of individuals with regard to the processing of personal data.
We therefore point out that “personal data” means, according to the aforesaid GDPR, any information that directly or indirectly regards you as an interested party, with particular reference to an identifier such as the name, an identification number, data relating to location, an online identifier or one or more characteristic elements of its physical, physiological, genetic, psychological, economic, cultural or social identity. The site management methods are described in relation to the processing of personal data of users who consult it.
This is an information that is also provided pursuant to art. 13 of the GDPR to those who interact with the web services of the Galleria Del Fuoco, accessible electronically at:
https: // www.lagalleriadelfuoco.it
This information is provided only for the sites referred to LA GALLERIA DEL FUOCO and not for other websites that may be consulted by the User through links. Following consultation of this site, data relating to identified or identifiable persons may be processed. The purpose of the disclosure is to identify certain minimum requirements for the collection of personal data on-line, and, in particular, the methods, timing and nature of the information that the data controllers must provide to users when they connect to web pages, regardless of the purpose of the link.
1. Identity and contact details of the data controller
The identity of the Data Controller and its references, also reported in the header, are the following:
LA GALLERIA DEL FUOCO
address: Via Pisana, 244, 246, 246a – 50143 Florence (FI)
2. Contact details of the Data Protection Officer (DPO)
The person responsible for the protection of personal data can be reached at the following email address: firstname.lastname@example.org
3. Purpose of the processing
The processing connected to the web services of this site takes place at the aforementioned office of the Data Controller, at the location identified by the operator of the website and is only handled by authorized personnel, or by persons in charge of occasional maintenance operations. No data deriving from the web service is disseminated. The personal data provided by users who send requests for the sending of material regarding the requested service (or even information only) are used to follow up the User’s requests and can be communicated to third parties only if necessary and if involved and functional to satisfy the aforementioned requests.
The collection and processing of personal data of the User will be in compliance with the general principles of necessity, correctness, relevance and non-excess, regulated by the conditions of use of the site, and in particular the processing of data will take place for:
- answering questions and providing the information requested by the User (the optional, explicit and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other data personal data included in the message).
- the acquisition of curricula, both in paper and electronic format, spontaneously sent by candidates interested in collaborating with GALLERIA DEL FUOCO.
- registration for events organized or coordinated by GALLERIA DEL FUOCO, both training and non-formal, also through the compilation, by the User, of specific forms present in the pages of the site, or accessible from links to external sites (for which they are valid specific policies), and consequent issue of the relative attendance or other certificates;
- allow the User to access, through registration and creation of his own User profile, to the reserved area for the provision of services, products and any other kind of request and the subsequent and autonomous management of his User profile from the control panel including bids publications;
- the necessary and indispensable treatments of an operative, managerial, accounting and other nature, in particular some data will be used for the registrations and communications required by law;
- verification of the degree of customer satisfaction with regard to the services produced and any other kind of request, through personal interviews, telephone calls or sending e-mails or text messages;
- subject to “consent of the interested party”, through traditional contact methods (paper mail or calls via operator) and automated (e-mail, sms) for purposes:
– functional to commercial / promotional activities such as commercial communications, sale, sending of advertising material or for carrying out market research on the services offered (by way of example and not exhaustively: updates on initiatives, offers and promotions relating to services and products related to activities of LA GALLERIA DEL FUOCO and third parties with whom it collaborates, programs and promotions, including online, aimed at rewarding or retaining potential customers);
The legal basis of the processing is identifiable in the Civil Code and in the Consumer Code.
4. Lawfulness of the processing
The treatment is lawful because at least one of the foreseen conditions applies:
In accordance with Article 6, paragraph 1, point b), c) and d)
- the interested party has given his consent to the processing of his personal data for one or more specific purposes;
- the processing is necessary for the execution of a contract of which the interested party is a party or for the execution of pre-contractual measures adopted at the request of the same;
- the processing is necessary to fulfill a legal obligation to which the data controller is subject;
- the processing is necessary for the pursuit of the legitimate interest of the data controller (such as, for example, the prevention of fraud or abuse of our website: it may be considered legitimate interest to process personal data for direct marketing purposes (as highlighted in the recital n.47 of the GDPR) or by third parties, provided that the interests or the fundamental rights and freedoms of the data subject who request the protection of personal data do not prevail, in particular if the data subject is a minor.
5. Recipients of personal data
The communication to the identified recipients will occur only if they are involved and functional to achieve the purposes referred to in paragraph 3 above, so the personal data collected and processed may be:
- used anonymously for statistical purposes;
- made available to the Data Controller’s Collaborators, as Managers or persons authorized to process personal data;
- communicated to third parties, physical or legal, public administrations, professionals, law enforcement agencies, government agencies, regulatory bodies, courts or other public authorities authorized by law;
- communicated to commercial partners, only in case of estimate and express consent of the User.
- if necessary, transferred to another Data Controller in accordance with the provisions of the GDPR, including with regard to the right to data portability;
The list of persons in charge of processing personal data is available at the headquarters of the Data Controller.
6. Categories of personal data
No particular categories of personal data are dealt with (those revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or union membership, data concerning health or sexual life or sexual orientation of the person ), nor data referable to minors.
The personal data processed are exclusively those necessary and functional for the correct achievement of the purposes indicated above.
7. Data retention
The data provided for the purposes referred to in point 3 will be kept:
- For administrative / accounting purposes: for the period prescribed by tax laws, civil law;
- For marketing purposes and sending newsletters: up to the revocation of the consent given, up to the exercise of the right of opposition and in any case not more than fifteen years from the date of collection.
- Personal data will not be disseminated and will be destroyed when we no longer need or obligation to keep them.
8. Methods of processing
The computer systems and software procedures used to operate the platform of this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes IP addresses (for verification of the user’s reliability and for security purposes) or domain names of computers used by users connecting to the site, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (good order, error, etc.) and other parameters related to the operating system and the user’s computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this eventuality, at present the data on web contacts do not persist for more than seven days.
The personal data object of the treatment will be treated:
- manually and / or electronically and will be stored in appropriate paper and / or electronic archives. The paper and electronic documentation will be correctly maintained and protected for as long as necessary for treatment, using appropriate security measures, so as to minimize the risk of destruction or loss, unauthorized access or treatment not in accordance with the purposes of collection;
- There is no automated decision making process and no profiling is carried out
The cds are used cookies that are small files stored on your computer’s hard drive and are used to provide services and / or information. Most cookies are “session cookies” and are then deleted from the hard disk at the end of the session (when you log off or close the browser). They can be present in some pages of the site in order to analyze access to web pages, customize their services, contents and advertising messages, measure the effectiveness of promotions and ensure trust and security.
I c.d. session cookies used on this site avoid the use of other technologies that could compromise the privacy of users’ browsing and do not allow the acquisition of personal data identifying the User.
10. Provision of data
Apart from what is specified for navigation data, the user is free to provide the personal data requested through appropriate templates relating to services, products and any other kind of request that the site manager, or his business partners, are able to to offer.
Failure to provide such data may make it impossible to obtain any response to any requests or use the services or products that the site operator, or its commercial partners, are able to provide.
11. Rights of the interested party
We inform you that, as an interested party, you have all the rights foreseen by the articles 15-16-17-18-20-21-22 of the GDPR, among which:
- The interested party has the right to obtain from the data controller confirmation that it is or is not undergoing treatment of personal data concerning him and in this case, to obtain access to personal data and the following information: the purposes of the processing ; b) the categories of personal data in question; c) the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if recipients of third countries or international organizations; (d) where possible, the retention period of the personal data provided or, if not possible, the criteria used to determine this period; e) the existence of the right of the interested party to request the data controller to rectify or delete personal data or limit the processing of personal data concerning him or to oppose their treatment; f) the right to lodge a complaint with a supervisory authority; g) if the data are not collected from the data subject, all information available on their origin; (h) the existence of an automated decision-making process, including the profiling referred to in Article 22 (1) and (4) and, at least in such cases, significant information on the logic used, and the importance and expected consequences of such processing for the interested party.
- the existence of the right of the data subject to request the data controller to access personal data and to correct or delete them or limit their processing or to oppose their treatment, in addition to the right to data portability , including all available information on their origin; to obtain, moreover, the cancellation of personal data concerning him without unjustified delay pursuant to art. 17 (“right to be forgotten”).
- where the processing is based on Article 6 (1) (a) or Article 9 (2) (a), the existence of the right to withdraw consent at any time without prejudice to the lawfulness of the treatment based on the consent given before the revocation;
- the right to lodge a complaint with a supervisory authority;
- to have from the data controller a copy of the personal data being processed, as long as it does not damage the rights and freedoms of others; in case of further copies requested by the interested party, the data controller may charge a reasonable fee contribution based on administrative costs. If the request is received by electronic means, unless otherwise indicated, the information is provided in a commonly used electronic format;
The above information will be provided:
- within a reasonable time after obtaining personal data, but at the latest within one month, in consideration of the specific circumstances in which personal data are processed;
- in the event that the personal data are intended for communication with the interested party, at the latest at the time of the first communication to the interested party; or if communication to another recipient is envisaged, not beyond the first communication of personal data.
All rights of the data subject provided for by the GDPR are exercised by request without formalities to the Data Controller, also through a person in charge, who is provided with appropriate feedback without delay.
What are cookies?
A cookie, also known as HTTP cookies, web cookies or browser cookies, is usually a small piece of data sent by a website and stored in a user’s web browser while browsing the website. When the user navigates on the same website at a later time, the data stored in the cookie can be retrieved from the website to inform the website of the user’s previous activity. In any case cookies can not transmit viruses and can not install malware on the host computer. The cookies used by girasoleimmobiliare.com are fairly standard and harmless. They are mainly used to collect data that helps improve our website, discovering which parts of the site are used, how users reach each page and what elements on each page they prefer to click on.
By accessing the Website, the user accepts the application of this policy on cookies every time he accesses the Website from any device. The user will be notified by the Website in case of changes to this policy. Continuation of use of the Website constitutes acceptance by the user of all such changes.
What are cookies?
These cookies are essential to be able to browse the Website and use its features.
These cookies will ensure the correct functioning of our Website.
These cookies do not:
- They will collect information that can be used for marketing purposes
- They will redirect the advertising intended for you on other websites
Third-party services cookies
The social sharing, video and other services we offer are managed by other companies. These companies can store cookies on your computer when their services are used on our site or if you are already connected to them.
Manage cookie settings via the browser
Most web browsers automatically accept cookies but you can change your browser settings to prevent automatic acceptance or manually delete your cookie history when you want it. These links explain how you can control cookies through the browser. Remember that by deactivating cookies in your browser, these settings apply to all websites, not just this one.