Information document pursuant to and for the effects referred to in Article 13 Regulation (EU) 2016/679 (GDPR)
In compliance with the provisions of Reg. EU 2016/679 (European Regulation for the protection of personal data ) we provide you with the necessary information regarding the processing of personal data provided. The information is not valid for other websites that may be consulted through links on the websites in the domain of the owner, which is not to be considered in any way responsible for the websites of third parties. This is an information that is provided pursuant to art. 13 of Reg. EU 2016/679 (European Regulation for the protection of personal data) and is also inspired by the provisions of Directive 2002/58/EC, as updated by Directive 2009/136/EC on Cookies, as well as the provisions of the Provision of the Authority for the Protection of Personal Data of 08.05.2014 regarding Cookies and the EDPB Guidelines 05/2020 on consent under the GDPR, adopted on 04.05.2020.
PERSONAL DATA THAT CAN BE PROCESSED
«personal data» means any information concerning an identified or identifiable natural person («concerned»); the natural person who can be identified, directly or indirectly, with particular reference to an identifier such as name, identification number, location data, shall be considered identifiable, an online identifier or one or more characteristic elements of its physical, physiological, genetic, psychological, economic, cultural or social identity; (C26, C27, C30).
The computer systems and software procedures used to operate a website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes the IP addresses or domain names of computers and terminals used by users, the addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the operating system and computer environment of the user (for more information v. Cookies policy of this site).
DATA COMMUNICATED BY THE DATA SUBJECT
The optional, explicit and voluntary sending of messages to contact addresses, as well as the completion and forwarding of forms on the site of the Owner, involves the acquisition of the sender’s contact data, necessary to respond, and any personal data included in the communications.
Specific information will be present on the pages of the Site in relation to particular services or processing of the Data provided.
1. Who is the Data Controller? How to contact him?
Data controller, pursuant to art. 4 and 24 of Reg. EU 2016/679, is GOLD ART SRL with registered office in Via Giacomo Konz, 45 – Arezzo (AR) postal code 52100 Tuscany – Italy and Vat n. 00333280519 in the person of the legal representative. To contact the Data Controller send an email to:
2. Purpose of processing, legal basis, data retention period and nature of the provision
THE CATEGORIES OF DATA REQUESTED FOR THE FOLLOWING PURPOSES ARE STRICTLY NECESSARY FOR THE EXECUTION OF THE PROCESSING, FOR ANY FURTHER REQUESTS FOR PERSONAL DATA SPECIFIC CONSENT WILL BE REQUIRED.
Purpose A) Navigation on the website.
- LEGAL BASIS: legitimate interest (Art. 6, par. 1 lett. f) and recital 47 GDPR): processing is necessary for the pursuit of the legitimate interest of the controller or third parties, provided that the interests or fundamental rights and freedoms of the data subject which require the protection of personal data do not prevail, taking into account the reasonable expectations of the data subject based on his or her relationship with the controller. Activities strictly necessary for the operation of the site and the provision of the navigation service on the platform.
- NATURE OF THE CONFERRAL: necessary in order to allow navigation of the website.
Purpose B) Possible compilation form collect data for contacts.
- LEGAL BASIS: legitimate interest | request of the interested party (Art. 6, par. 1 lett. f) and recital 47 GDPR).
- DATA RETENTION PERIOD: for the time necessary to provide feedback to the request and in any case no later than 1 year.
- NATURE OF THE PROVISION: the provision of data is necessary to allow the owner to provide feedback to requests received through the form. Failure to provide data will make it impossible to obtain the requested information.
Purpose C) Activities of commercial and promotional newsletters
- LEGAL BASIS: consent to treatment (art. 6 par. 1 lett. a)
DATA RETENTION PERIOD: for the time necessary to respond to the request and in any case no longer than 24 months.
- NATURE OF THE PROVISION: The conferment of data is optional and in the absence of the same, your data will not be processed for the pursuit of this purpose, the denial of the conferment will not affect the usability of other services.
3. To whom will the personal data collected be communicated?
The personal data provided will be shared with subjects who will process the data as data processors (art. 28 of Reg. EU 2016/679) and/or as natural persons acting under the authority of the Data Controller and Data Processor (art. 29 of Reg. EU 2016/679), for the purposes listed above. Precisely, the data will be shared with:
- companies contractually linked to GOLD ART SRL;
- persons providing services for the management of the information system used by GOLD ART SRL and telecommunications networks;
- self-employed persons, firms or companies in the field of assistance and counselling;
- persons providing services for the management of the above-mentioned activities (subjects for communication, brochure printing, leaflets, websites, films);
- operators of platforms for the services listed above (hosting of sites, Youtube);
- commercial partners / sponsors, only with prior consent;
- competent authorities for the fulfilment of legal obligations and/or provisions of public bodies,
- to other members on request.
The list of Data Processors is constantly updated and available by writing to email@example.com or at the registered office of the Data Controller.
4. Does GOLD ART SRL transfer data outside the EU?
Some of the third parties listed in the previous paragraph “Who will process your data?” may be based in countries outside the European Union which nevertheless offer an adequate level of data protection, as established by specific decisions of the European Commission https://www.garanteprivacy.it/normativa-e-provvedimenti/gdpr-e-normativa-europea-e-internazionale ) So, in case it is necessary to transfer your data to non-EU countries, this will be in compliance with the limits and conditions set out in articles. 44 and s.s. del Reg. EU 2016/679
5. Is there an automated process?
We do not use decision-making processes based on automatic processing, including profiling.
6. What are your rights?
How can you practice them? You can assert your rights as expressed by art. 15, 16, 17, 18, 19, 20, 21, 22 of EU Regulation 2016/679, by contacting the owner at firstname.lastname@example.org. You have the right, at any time, to ask the Data Controller for access to your personal data, rectification, deletion of the same, restriction of processing and portability of your data. In addition, you have the right to object, at any time, to the processing of your data based on legitimate interest and, in the cases provided for, you have the right to revoke the consent given without affecting the lawfulness of the processing based on consent before revocation.
To no longer receive information and/or promotional/commercial communications, it will be sufficient to write at any time an e-mail to email@example.com or using our automatic cancellation systems for e-mail only.
You have the right to lodge a complaint with the Data Protection Authority (Supervisory Authority www.garanteprivacy.it). In the case of a request for data portability, the Data Controller will provide you with personal data concerning you, without prejudice to paragraphs 3 and 4 of art. 20 of Reg. (EU) 2016/679.
7. Further information
In order to facilitate such verification, the information will contain the update date.
Last update: 6/16/2021