This policy is also based on Recommendation no. 2/2001 that the European personal data protection authorities, joined in the Working Party established by Article 29 of Directive no. 95/46/EC, adopted on 17 May 2001 to identify certain minimum requirements for collecting personal data online, and, in particular, the manner, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection.
1. Who is the Data Controller?
The Data Controller is Milanosesto S.p.A. with registered office in Piazza Armando Diaz,1 Milan, Tax Code 20123, VAT number and registration with the Register of Companies of Monza Brianza Lodi no. 07099900966 (hereinafter the "Data Controller").
2. What personal data do we collect?
Through the website we collect and process personal data in different ways:
- • personal data you voluntarily provide to us: we collect personal information about you when you actively provide it;
- • personal data collected through the use of the website: we automatically collect certain personal information when you use our site.
Categories of personal data:
- Contacts: Personal data, such as your name, and e-mail address to subscribe to our mailing list.
- • Purpose of the treatment: PTo communicate with you and answer questions from each user.
- • Legal basis for the treatment: Processing is necessary in pursuit of our legitimate interests, specifically for proper and timely handling of customer requests, complaints and suggestions regarding the site.
- Location information: . We may also approximate your location based on your IP address, the domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request.
- • Purpose of the treatment: We use information about your location to personalize the site, to improve your browsing experience, to perform analysis such as traffic measurement and to improve site effectiveness.
- • Legal basis for the treatment: Processing is necessary in pursuit of our legitimate interest, i.e. to adapt our site to your needs and improve our site in general.
- All the personal information above.
- • Purpose of the treatment: We will use any personal information we collect to manage, maintain and provide you with site functionality, to communicate with you, to monitor and improve our site and our business.
- • Legal basis for the treatment: Processing is necessary in pursuit of our legitimate interests to protect our organization.
3. What personal data do we not collect?
We do not collect or process the following personal data about you:
- • racial or ethnic origin;
- • political opinions;
- • religion or philosophical beliefs;
- • health or medical condition;
- • criminal background;
- • trade union membership;
- • genetic or biometric data;
- • sexual life or orientation.
Please do not send us, and disclose, any of the personal data mentioned above through the site or directly to our contacts.
4. Why do we process your personal data?
Personal data are processed to:
a. Answer your questions and fulfill your requests:
PTo respond to any requests, complaints and suggestions you send us regarding our website.
Legal basis for processing: our legitimate interests to manage, in an appropriate and timely manner, customer requests, complaints and suggestions regarding the site.
b. Ensure the technical functioning of the site
We collect and use your personal data to technically administer the site and ensure that it functions properly.
Legal basis for processing: i: our legitimate interests to ensure the proper functioning of the site from a technical/IT point of view.
c. Data analysis to derive trends and improve the site
We collect your personal data for analysis of consumption trends and patterns. This helps us to get to know the users of the site better and to adapt our site to the preferences identified by the users themselves and, more generally, to the products.
Legal basis for processing: : your prior explicit consent.
d. Legal protection of our interests
To enforce our contractual terms and conditions, protect our business operations (including against fraud), protect our rights, privacy, security or property, and/or that of our affiliates, and enable us to pursue available remedies or limit any damages against us.
Legal basis for processing: our legitimate interests to protect our organization under the law.
Who do we share your personal data with?
The personal data provided may be shared with suppliers for the maintenance of this website.
5. What are your rights in relation to the processing of Personal Data, how can you exercise them and how can you contact us?
The subjects whose personal data is processed have the right at any time to obtain confirmation of the existence or otherwise of such data and to know its content and origin, verify its accuracy or have it completed, updated, and rectified. The subjects whose personal data is processed have the right to request erasure, restriction of the processing, anonymisation or the blocking of data processed in violation of the law, and to object in any case, for legitimate reasons, to their processing.
The rights can be exercised by contacting the Data Controller or the data processor at the following addresses:
- e-mail: firstname.lastname@example.org
- by fax to +39 02 45472940
- by mail, at Milanosesto S.p.A., 20099 Sesto San Giovanni (Milano), Italia
RIGHT TO DATA PORTABILITY
The data subject may ask the Controller to receive the personal data provided, in a structured, commonly used and machine-readable format and has the right to transmit the data to another Controller.
6. How long do we keep your personal data?
We intend to keep your personal data until such time as you request data erasure.
7. How do we protect your information?
The security of your information is very important to us, and we have put safeguards in place to preserve the integrity and security of the information we collect and share with our site suppliers.
However, no security system is impenetrable and we cannot guarantee total security of our systems. In the event that any information under our control is compromised due to a security breach, we will take reasonable steps to investigate the situation and, where appropriate, notify those whose information may have been compromised and take other measures in accordance with applicable laws and regulations.
8. What are your rights?
The data subject, with reference to the Data concerning him/her, may exercise the following rights:
- • right of access, i.e. the right to obtain from Prelios the confirmation whether or not the Data is being processed and, if so, to obtain access to it;
- • right of rectification and erasure, i.e. the right to obtain the rectification of inaccurate Data concerning him/her and/or to have incomplete personal data completed or erased for legitimate reasons;
- • right to the restriction of processing, i.e. the right to request the suspension of processing where legitimate reasons exist;
- • right to Data portability, i.e. the right to receive the Data in a structured, commonly used and readable format, as well as the right to transmit the Data to another data controller;
- • right to object, i.e. the right to object to the processing of Data if there are legitimate reasons;
- • right to contact the competent data protection authority in case of unlawful processing of Data.
9. Applicable law
10. Complaint to the guarantor
The data subject/user has the opportunity to lodge a complaint to the Privacy Authority, which can be contacted at the following website http://www.garanteprivacy.it/.