プライバシーポリシー

PERSONAL INFORMATION PRIVACY POLICY

as per article 13 eu regulation 2016/679

Dear Users,

Pursuant to article 13 of the EU Regulation 2016/679 (the "GDPR") and in accordance with the provisions set forth in the GDPR, we invite you before accessing our website (the "Website") to read this policy on how we process your personal data (the "Personal Data") and make you aware of the characteristics and methods of such processing. The Personal Data are obtained by us as a result of your access to the Website (the "User") and provided to us through the Website and relate to an identified or identifiable individual (the "Data Subject" or “you”). Pursuant to Article 4.1. of the GDPR, "an individual who can be identified, directly or indirectly, is considered identifiable with particular reference to an identifier such as the name, an identification number, location data, an online identifier or one or more elements of its physical identity, physiological, genetic, psychic, economic, cultural or social ".

 

  1. Data Controller.

The Data Controller is the sole partnership Emilio Biancalani, Individual Identification Number BNCMLE77B02G999U and VAT number 02083880977, headquartered in Prato (PO) Via Rinaldesca N. 23/25 – 59100, PEC emilio.biancalani@pec.it, e-mail atelier@francescoguida.it, web: www.francescoguida.it.

Any communication related to the processing of Personal Data even in compliance with the following provisions needs to be sent by you or the Data Subject by certified mail, PEC or email to the addresses indicated above (the “Addresses”).

  1. Purposes of the processing of Personal Data and legal basis.

Personal Data, whether or not collected from the Data Subject (article 13 and 14 of the GDPR respectively), will be used by us to the following purposes (the “Purposes”):

(i) allow the use of the Website;

(ii) respond to User requests (including, without limitation, requests for quotes and spontaneous applications);

(iii) perform pre-contractual and contractual obligations to you;

(iv) perform and demand performance of specific obligations arising out of applicable laws and regulations;

(v) send commercial proposals for the purpose of selling products and/or services similar to those already purchased (soft-spam);

The legal basis of the processing is:

- our need to execute a contract of which the Data Subject is party to or exercise certain pre-contractual measures adopted at Data Subject’s request;

- our legal obligations performance;

- legitimate interest of the Data Controller pursuant to Article 6 letter f) of the GDPR.

With reference to paragraph (v) above, the Data Controller specifies that in the context of the sale of a product or service, the Data Subject's email address may be used by the Data Controller without prior request for consent from the Data Subject for the offer and sale of services similar to those already sold (Article 130, 4 of Legislative Decree 196/2003). The Data Subject may object to such use at any time free of charge by submitting a simple written request to the Addresses.

  1. Mandatory or Discretionary provision of Personal Data.

Any communication by you - via emails, filling out appropriate forms and attaching required flags - of the Personal Data is optional, but necessary for us, as any refusal to release it or incorrect communication of it prevents the Data Controller from establishing any relationship with you or implementing any Purpose.

For the same reasons together with the purpose of a correct management of the existing relationship with you, we also ask you to notify us of any changes in the Personal Data already collected as soon as such changes have occurred.

  1. Personal Data Communication.

Personal Data are processed internally by authorized subjects (the "Authorized Subjects") under the responsibility of the Data Controller for the Purposes.

Personal Data may be disclosed to third parties who will process such Personal Data on our behalf for carrying out instrumental and/or accessory functions to the performance of our business activity. These parties will be appointed by us as external Data Processors (the "External Managers"), in accordance with the provisions of art. 28 of the GDPR. An updated list of External Managers is available at the registered office of the Data Controller that may be provided upon written request to the Addresses.

Other than the foregoing Personal Data may also be disclosed to further recipients and/or categories of recipients (the "Recipients" and the "Categories of Recipients") to perform activities related to the pre-contractual or contractual relationship established between us and you as well as perform legal obligations and/or orders of the Authorities. In any event, such disclosure will be in compliance with the provisions set forth in the GDPR and the guidelines of the Italian Data Protection Authority, as well as by the Commission established in compliance with the GDPR.

Without prejudice to the foregoing, Personal Data will in no case be disseminated and/or communicated to third parties, except in the event that the Data Subject expressly consent to such activities or in any event to the extent necessary for the accomplishment of the Purposes.

  1. Processing of "particular categories of Personal Data" and "Personal Data relating to criminal convictions and offenses".

If, as part of the processing, the Data Controller becomes aware of Personal Data belonging:

(i) to "special categories" pursuant to art. 9 GDPR (e.g. those "that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as process genetic data, biometric data intended to uniquely identify an individual, related data to the health or sexual life or sexual orientation of an individual"), such Personal Data will be processed solely for Purposes upon the consent of the individual to which such data belong or, in any event, as the processing is necessary to perform certain obligations and exercise the specific rights of the Data Controller or the Data Subject in the field of labor law and social security and social protection, to the extent that it is authorized by the law of the European Union or of the Member States or by a collective agreement pursuant to the law of the States members together with any appropriate guaranty in connection with fundamental rights and interests of the individual(s);

(ii) to "criminal convictions and offenses or related security measures" pursuant to article 10 of the GDPR, the processing will take place under the control of the public authority or as long as the processing is authorized by the law of the European Union or of the Member States which provides appropriate guarantees for the rights and freedoms of the individual to which such information belong. Any complete register of criminal convictions should only be kept under the control of the public authority.

  1. Personal Data Processing.

The processing of Personal Data takes place with the aid of electronic and/or paper tools and, in any event, by adopting procedures and organizational and IT measures suitable to protect their security, confidentiality, relevance and non-excess.

  1. Geographic Scope.

Personal data will be processed within the territory of the European Union.

In the event that it is necessary to use parties located outside that EU territory for technical and/or operational reasons, such parties will be appointed as External Managers and the transfer of Personal Data to them will be limited to the performance of specific processing activities and regulated in accordance with the provisions of the GDPR together with the adoption of all necessary precautions in order to guarantee complete protection of Personal Data so as to such transfer is based on the evaluation of appropriate guarantees (including, without limitation, adequacy decisions of the third countries express by the European Commission, adequate guarantees expressed by the recipient third party pursuant to article 46 of the GDPR, etc.)

In any event, the Data Subject may request more details from the Data Controller if the Personal Data have been processed outside the European Union, including request of evidence of the specific guarantees adopted.

  1. Retention Period.

Personal Data will be kept by the Data Controller for the period strictly necessary for the Purposes, including until the termination of the pre-contractual and contractual relationships between you and us without prejudice to the additional retention period that may be provided by law.

With regard to CVs spontaneously transmitted by you, they will be kept for a period not exceeding 3 years after your sending or the different maximum period indicated by the Italian Data Protection Authority for the protection of Personal Data.

In order to manage any disputes or disputes, and in any event, for the assessment, exercise or defense of a right before a court, Personal Data may be kept for a further period equal to that of the expiration of the right itself.

  1. Release of the policy and following changes.

This information is provided exclusively with reference to the Website and not with regard to any other websites that may be accessed by the User via links or accessed via the social button on the Website, and we expressly disclaim and waive any responsibility in connection therewith.

Any changes or updates to this policy will be available to Users in the appropriate section of the Website and will apply from the date of its release. If the Data Subject or the Individual do not intend to accept any changes, he may stop to use of the Website. Therefore, Data Subjects are invited to periodically our policy.

  1. Data Subject Rights.

The Data Subject may at any time exercise the rights provided by the GDPR (i “DS Rights”):

 

  • 15 – Access Right: the Data Subject has the right to access its data and related processing. This right represents the possibility of obtaining confirmation as to whether or not the processing of Personal Data is in progress, or in the possibility of requesting and receiving a copy of such Personal Data being processed;
  • 16 – Correction Right: the Data Subject has the right to obtain from the Data Controller the correction of inaccurate personal data concerning the Data Subject without unjustified delay. Taking into account the Purposes, the Data Subject has the right to obtain the integration of the uncomplete Personal Data, also by providing an additional statement in connection therewith;
  • 17 – Cancellation Right: the Data Subject has the right to request to the Data Controller that the Personal Data concerning the Data Subject be deleted and no longer subjected to processing and in some cases, to the extent applicable, to obtain the deletion without unjustified delay when it is once the purpose of the processing has been completed, consent has been withdrawn, opposition to the processing has been made or when the processing of your Personal Data is not otherwise compliant with the GDPR;
  • 18 – Limitations to the processing of Personal Data: the Data Subject has the right to limit the processing of Personal Data in the event of inaccuracies, complaints or as an alternative measure to the deletion;
  • 20 – Data Portability Right: other than in the event in which the Personal Data are stored through non-automated processing (eg in paper format), the Data Subject has the right to receive the Personal Data in a structured format, commonly used and readable by an automatic device as long as such Personal Data are provided directly by the Data Subject with express consent of the same or on the basis of a contract, and to request that such Personal Data be transmitted to another data controller, provided that such transfer is technically doable.
  • 21 – Right to Object: the Data Subject has the right to object at any time to the processing of its Personal Data for in connection with its peculiar situation.

 

If the Data Subject wishes to exercise any of the aforesaid rights a written request shall be submitted to the Data Controller to the Addresses, except the right to submit a claim to the Italian Data Protection Authority or to appeal to the competent judicial authority.

The term for a reply to any request made by the Data Subject hereunder, including any denial reply, shall be one month which may be extended in the event of certain complexities.

In any event, article 12 of the GDPR shall apply.

  1. Minors.

The Data Controller does not process Personal Data relating to minors. By accessing the Website and using its services, the User represents to have reached age of majority.

  1. Consent Withdrawal.

If the processing of Personal Data takes place only following the consent of the Data Subject provided by the Data Subject, the Data Subject reserves the right to withdraw at any time the consent provided by the Data Subject by sending a written request to the Data Controller to the Addresses. The withdrawal of consent does not affect the lawfulness of the processing based on the consent provided before the withdrawal.

  1. Right to Object.

The Data Subject may object at any time to the processing of the Personal Data for reasons related to its peculiar situation pursuant to article 6, paragraph 1 letters e) or f), including the profiling according to such provisions by written request to the Addresses. The Data Subject also reserves the right to object at any time to the processing of the Data Personal  for purposes of direct marketing, including the profiling as long as it is linked to direct marketing by written request to the Addresses.

  1. Cookies 

I cookies sono stringhe di testo di piccole dimensioni inserite nel computer dai siti web per memorizzare informazioni sull'utente e sulle sue preferenze.

I cookies possono contribuire a migliorare l'esperienza di navigazione consentendo ai siti Web di raccogliere informazioni utili sulle preferenze dell'utente.

La loro eventuale disattivazione potrebbe limitare i servizi e le funzionalità disponibili nei siti.

In questo sito si potrebbe far uso di svariati servizi di terze parti come: Google Analytics, Google Adsense, Google Fonts, Google Plus, Facebook, Twitter e/o YouTube. Ognuno di questi potrebbe impostare dei cookies per il proprio corretto funzionamento.

La disattivazione dei cookies potrebbe eliminare il collegamento a questi servizi!

Attivazione, disattivazione e cancellazione dei cookies.

Se non si desidera ricevere i cookies, si può indicare al browser di cancellarli, bloccarli o ricevere degli avvisi prima della loro memorizzazione.

E' una semplice operazione che può essere eseguita in ogni browser.

Si possono trovare informazioni su come attivare, disattivare e/o cancellare i cookies sui siti dei rispettivi browser, ad esempio:

Mozilla Firefox / Google Chrome / Internet Explorer / Opera / Safari.