This page describes how to manage the site in relation to the processing of personal data of users who consult it.
The information according to Reg. (EU) 2016/679 and of the Recommendation n. 2/2001 of WP29, provides indications for the collection of personal data online, and, in particular, the methods, timing and nature of the information that the data controller must provide to users when they connect to web pages of your site, regardless of the purpose of the link.
Following consultation of this site, data relating to identified or distinguishable persons may be processed.
The “owner” of their processing is Genevris srl., which is based in Sauze d’Oulx (TO) (Italy), Piazza Assietta 7, 10050.
Place of data processing
The treatments connected to the web services of this site take place at the Genevris Srl. site of the site hosting service provider and are only handled by personnel in charge of processing, also for occasional maintenance operations. No data deriving from the web service is disseminated. The personal data provided by users are used only to perform the service or provision requested and are communicated to third parties only if this is necessary for this purpose.
Types of data processed
– Navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of the computers used by users who connect to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters related to the operating system and the user’s computer environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
– Data provided voluntarily by the user
The optional, explicit and voluntary sending of data by means of forms and forms on the site or by e-mail to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data entered in the missive.
Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services on request.
The information (including images) that the user uploads to the reserved area are protected by encryption and authentication systems and are accessible only to authorized users, ie those directly involved and / or the intermediaries involved. This information is not the subject of dissemination operations. The processing of personal data present and downloadable from the private area complies with the provisions of the law and may require explicit authorization from the data subject to process data after verification of adequate information.
No personal data of users is acquired by the site in this regard.
The use of cd session cookies (which are not stored permanently on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe browsing and efficient site. I cd session cookies used on this site avoid the use of other technologies that could compromise the privacy of users’ browsing and do not allow the acquisition of personal identification data. A 12-month technical cookie is also used to store the choice on the cookie banner. Finally, the site incorporates cookies and other elements (tags, pixels, and cc.) Of third parties (autonomous and on which the owner has no responsibility) that also perform profiling activities and for which you refer to the respective sites:
google: Analytics, Maps, Fonts, Adwords, Remarketing – https://policies.google.com/technologies/cookies
facebook: Pixel, “Like” and Social Widgets – https://www.facebook.com/policies/cookies
WPML – https://wpml.org/documentation/privacy-policy-and-gdpr-compliance/
HotJar – https://www.hotjar.com/legal/policies/cookie-information
The e-mail contacts used to send the periodic newsletter come from voluntary registration by the recipient who is always subject to a confirmation request, as well as information acquired in a context of sale of products or services of the owner or otherwise similar for which exists the legitimate interest of the data controller in sending communications and information about their events, products, services and training courses. It is emphasized that the contacts were not recovered from public subscriber directories. In the event that communications are not of interest to the recipient, it is possible to avoid any further contact by clicking the appropriate link contained in each message, or by writing to the addresses below, exercising their right to cancel the newsletter. The newsletter is prepared through the Mailchimp and Notice by Luxor services which could include the transfer of personal data in the USA under the protection of the Privacy-Shield.
Booking Engine and Payments
Data can be processed for the management of reservations and ancillary services, trolleys, orders and any registered user profile and include personal data, addresses, purchase list, reports, preferences and notes.
The personal data provided also processed through third parties (company for home delivery, for mailing and for data entry) for the administrative management of orders and purchases; the management of any participations in loyalty programs; the processing of anonymous statistics linked to the detection of purchase behavior; sending advertising material related to products and offers through the use of email or telephone messages.
The payment system provides for the communication of some data to Banca Intesa San Paolo SPA.
Optional provision of data
Apart from that specified for navigation data, the user is free to provide personal data for specific requests on products and / or services.
Failure to provide such data may make it impossible to obtain what has been requested.
For completeness it should be noted that in some cases (not subject to the ordinary management of this site) the Authority can request news and information pursuant to Article 157 of Legislative Decree no. 196/2003, for the purpose of monitoring the processing of personal data. In these cases the answer is mandatory under penalty of administrative sanction.
Legal basis. Possible management of consent to treatment
When necessary, outside the cases in which the pre-contractual, contractual or legitimate interest of the owner, as well as third parties, and in any case upon reading the information, the interested party is asked to give his consent to the processing and to the communication of personal data for the purposes and within the described limits, under penalty of impossibility for the Data Controller to process the data in order to carry out and implement the services requested by the interested party or proposed to him.
Method of treatment
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected and will be kept, in general, as long as the purposes of the processing continue to function according to the category of data processed.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
Rights of the interested parties
At any time the interested party may: exercise his / her rights (access, rectification, cancellation, limitation, portability, opposition, absence of automated decision-making processes) when foreseen and where the conditions are met for the data controller, in accordance with Articles. from 15 to 22 of the GDPR; propose a claim to the Guarantor (www.garanteprivacy.it); and if the treatment is based on consent, revoke the consent given, taking into account that the withdrawal of consent does not affect the lawfulness of the treatment based on consent before revocation.
Requests should be addressed to the Data Controller Genevris srl through the address: email@example.com