PERSONAL DATA PROCESSING POLICY FOR THOSE WHO BROWSE THE WEBSITE WWW.GUIDI.IT pursuant to Art. 13 of the GDPR EU Reg. 2016/679

WHAT IS THE PURPOSE OF THIS INFORMATION? 

Pursuant to Regulation (EU) 2016/679, this page describes the methods of personal data processing of the user who consult the website of the company "GUIDI 1896 S.R.L." available at https://guidi.it/. This information does not concern other sites, pages or online services that can be reached via hypertext links published on the company’s website, but it refers to resources outside of the aforementioned domain.

 

WHO ARE WE?

The data controller (owner/holder) is "GUIDI 1896 s.r.l." (VAT number 01235040472), based in Ponte Buggianese (PT), in Via Stignanese n.76, with its current legal representative, Guidi Ruggero, domiciled (resident) at the same, tel 0572.930211 Fax 0572.635966 e-mail info@guidi.it pec postcertificata@pec.guidi.it .

The aforementioned company has appointed as Data Protection Officer (RPD / DPO) Dr. Flavio Tanteri who can be contacted at the email address dpo@guidi.it

 

TYPES OF COLLECTED DATA, LEGAL BASIS AND PURPOSE OF THE TREATMENT

1.1) Navigation data

The computer systems and the software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. The legal basis of the processing is therefore the user's consent, expressed through the use of the IT tool to access the website.

This data category includes IP addresses or domain names of computers and terminals used by users, addresses in URI / URL (Uniform Resource Identifier / Locator) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and the computer environment.

This data, necessary for the use of the web services, are also processed for the purpose of:

obtaining statistical information on the use of services (most visited pages, number of visitors by time slot or by day, geographical areas of origin, etc.); checking the correct functioning of the services offered.

The navigation data does not persist for more than seven days and are deleted immediately after their aggregation (except for any need of investigation of crimes by the judicial authorities).

 

1.2) Data communicated directly by the user

The optional, explicit and voluntary sending of messages to the contact addresses of the Data Controller, as well as the compilation and forwarding of the forms on the site, entail the acquisition of the sender's contact data, necessary to reply, as well as all personal data included in the communications. By way of example and not limited to, the user may voluntarily communicate the following data via website: contact information (e.g. name, address and country of residence, telephone, e-mail), other common data (e.g. date of birth, tax code, VAT number, zip code, etc.).

Also in this case, the legal basis of the processing is the user's consent, expressed by sending the contact form.

The data communicated by the user will be used to respond to requests regarding customer service, as well as those of a generic nature or to provide detailed information on the activities carried out by the Data Controller and on its stores.

This processing could be carried out even in the absence of consent in the event that it is necessary for the onset of a legal obligation on the part of the Owner, or for the manifestation of a legitimate interest of the Owner, of third parties or of the user himself (opt-out).

 

1.3) Data processed for marketing purposes

Only in case of specific approval (through active selection of flags), the data received through the website forms can be used for marketing purposes. These activities may include, by way of example but not limited to, market surveys, commercial offers targeted to the user or even profiling activities, subscription to newsletters, or sending communications via email / sms / social media or similar tools. However, please note that the user has the full right not to provide any data or to subsequently deny the possibility of processing data already provided.

 

1.4) Cookies and other tracking systems

The Site uses:

• "technical" cookies, such as navigation or session cookies, strictly necessary for the use of the website and not persistent;

• analytics cookies used to collect information of a statistical nature, in aggregate form, on the number of users and how they visit the site;

• functionality cookies, in order to improve the browsing experience and the service provided by the site to the user.

Profiling cookies are also used. They can be directly referable to the site manager or come from third parties. However, we invite you to read the comprehensive cookie policy available HERE-LINK

 

2) PROCESSING METHOD

The data are processed by us manually and stored in our paper archives, and are processed through our computer system, on which they are stored. The data will be processed mainly with electronic and IT tools and stored both on computer media and on paper and any other type of suitable support. They can only be accessed by the staff in charge, in compliance with the security measures pursuant to Article 32 of the GDPR.

 

3) CONSEQUENCES OF THE REFUSAL OF DATA

In case of failure to communicate the data essential to fulfill the aforementioned purposes, the consequences will consist of the impossibility of correctly complying with the fiscal / administrative legislation in force, with the consequent fines, administrative sanctions, any criminal sanctions, suspension measures or revocation of authorizations and / or licenses, issued by the competent Offices, meaning the writer is therefore exempted from any and all liability.

 

4) SUBJECTS TO WHOM THE PERSONAL DATA COLLECTED DURING THE NAVIGATION MAY BE COMMUNICATED.

The data may be disclosed to:

• employees of the Data Controller, as managers and / or persons in charge of processing for the management of the requested service practices; however, these personnel were duly instructed on the security of personal data and the right to privacy. It is specified that the data may also be disclosed to our marketing consultants in order to allow statistical analysis or for the development of marketing campaigns. For data communicated directly by the user and used for marketing purposes, the rules set out above apply (see paragraph 1.2)

• any third parties such as: consultants and IT technicians, accounting or legal consultants, where the need arises for the correct functioning of the site or for arising needs of a fiscal or legal nature.

• Public bodies where the communication of the data is required by an imperative regulation of the Italian legal system or for reasons of public security or for the reporting of one or more crimes or offenses committed by computer medium.

In any case, the prohibition to communicate or disseminate personal data to unnecessary and not indicated subjects remains unaffected.

 

5) TRANSFER OF DATA ABROAD

The data collected will be processed mostly in the EU area. Only exceptionally - in order to use particular services such as Google Analytics or others provided by Google LLC and Alphabet Inc - some information may be transferred outside the European Union, however, in compliance with the provisions of Articles 46.47 and 49 of the GDPR.

 

6) STORAGE

The data collected by the site during its operation are kept for the time strictly necessary to carry out the specified activities. Upon expiry, the data will be deleted or anonymised, unless there are other purposes for their conservation.

The data used for site security purposes (user's IP address for possible blocking of intrusion attempts) are kept for 30 days.

Data for analytics (statistics) purposes are kept for 24 months.

Data for marketing and / or profiling purposes are stored in aggregate form for 12 months.

 

7) RIGHTS OF THE INTERESTED PARTY

In relation to the processing of personal data, the interested party has the right:

a) to ask the Data Controller for access to personal data and the rectification or cancellation of the same or the limitation of the processing concerning him or to oppose their treatment, in addition to the right to data portability.

b). If the processing is based on the express consent of the data subject, the latter has the right to withdraw the consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation.

c) The interested party has the right to lodge a complaint with a supervisory authority. To exercise the above rights, the interested party must send a written request to the RPD / DPO at the e-mail address dpo@guidi.it

 

8) WORDING FOR THE NEWSLETTER SUBSCRIPTION

Among the various services accessible from the new site, there is also the possibility of subscribing to a newsletter. This is a service through which communication of an informative and commercial nature, will be sent to the e-mail address given during registration.

This service can be activated at the exclusive request of the User who, by filling in a specific form, may consent to the processing of some personal data (such as e.g. name, surname, email address and telephone number). All this information will be strictly stored for the necessary time needed to provide the service. It is always possible to cancel the service by clicking on the link at the bottom of the emails or by writing to the email address dpo@guidi.it.