In compliance with the obligations deriving from national (Legislative Decree 30 June 2003 n. 196, Code on the protection of personal data) and Community legislation,(European Regulation for the protection of personal data n. 679/2016, GDPR) and subsequent amendments, we inform you that this site respects and protects the confidentiality of visitors and users, putting in place every possible and proportionate effort not to harm their rights.
In fact, we believe that the user must know the purpose and type of data collected, so that he can exercise adequate control over both areas.
This site is committed to the application of the current legislation with a view to protection “by default”, with holding only personal data to the necessary and sufficient extent for the intended purposes and for the period strictly necessary for these purposes, and “by design”, designing the privacy function and preventing any problems in the design field.
1 – Legal basis for processing
The provision of data, and therefore consent to collection and processing, is for the data subject: unequivocal; free; specific; informed; verifiable; revocable.
To comply with the above parameters we inform you that:
consent to the collection and processing of personal data requested and related to the purchase and use of our services is indispensable for this purpose, it can be revoked in the manner indicated by sending an email to firstname.lastname@example.org, however withdrawing consent means that it is impossible to provide the services and the termination of the services themselves.
on the other hand, the provision of data, and therefore consent to the collection and processing of the same for additional ancillary purposes (see point 2), with respect to the purpose referred to in the above point, is optional, the user may refuse consent or may revoke it in the manner indicated by sending an email to email@example.com however denying or withdrawing consent may result in the impossibility of receiving the services to which the processing of the requested personal data is linked.
some of the data will also be processed on the basis of the legitimate interests of the data controller in respect of the interests, rights and fundamental freedoms of the data subject, taking into account the reasonable expectations of the data subject according to the relationship with the data controller (Recital 47 of the European General Regulation).
2 – Data collected and purpose
The processing of personal data is understood as stating and not limited to: registration, storage, organization, communication, consultation, selection, extraction, comparison, processing, use, blocking, cancellation/destruction, disposal/dissemination, archiving, interconnection or combination of two or more of the described operations, as well as any necessary and/or useful activity, connected and instrumental to the provision of the services offered.
In the main, therefore, the data will be processed to activate and manage the services as well as for any technical, administrative and commercial communications, through the sending of newsletters, sms, whatsapp.
In addition, the processing of the data collected by the site is aimed at the following further purposes:
–Provision of services
The collection of data and the processing of the same is valid to manage orders, provide services, process payments, communicate with users about promotional services and offers, update the registers and, in general, manage the user account, activate the requested services, provide maintenance and assistance alerts, send messages for commercial purposes.
– Ancillary activities
Communicate the data to third parties who perform functions necessary or instrumental to the operation of the service, and to allow to carry out technical, logistical and other activities on our behalf.
This site uses suppliers to carry out certain activities, such as fulfilling orders, providing marketing assistance, making payments with credit cards and providing services to customers. Suppliers only have access to personal data that is necessary to carry out their tasks, and undertake not to use the data for other purposes, and are required to process personal data in accordance with current regulations. This category of data is retained only for the period of time it takes to provide the service.
3 – Data collected
This site collects and processes user data in an automated and voluntary way as follows.
– Data collected in an automated way
While browsing users, you can collect the following information that is stored in the site log files:
Internet protocol (IP) address;
Parameters of the device used to connect to the site;
Name of internet service provider (ISP);
Date and time of visit;
Web page of origin of the visitor (referral) and exit;
If necessary, the number of clicks.
This data is used to collect data in aggregate form, administer and ensure the security of the site, and are in no way attributable to the user’s identity.
– Voluntarily provided data
The site may collect other personal data to take advantage of the various services offered such as comment, communication, purchase services.
The site is committed to ensuring the proportionality and strict necessity of the data processing request by the data controller to the user.
The data are:
first and last name;
date of birth;
address of physical residence;
VAT number and/or tax code;
credit card and/or bank account number and/or IBAN;
company and headquarters;
copies of identity documents (for registering domains in countries that request it).
This data is voluntarily provided by the User at the time of the request for services, or the insertion of the comment in the chat, and will be used exclusively for the provision of the requested service and processed for the only time necessary for the provision of the service.
Tax and banking data are necessary in order to take advantage of the services provided for a fee, and for billing purposes.
The data collected by the site, outside the purposes and regulations of this information, are not provided to third parties, unless they are information obligations according to law, legitimate request by the Judicial Authority and obligations of cooperation with the supervisory authorities. However, the aforementioned data may be provided to third parties if necessary for the provision of a specific requested service of the User or for tax purposes or for the execution of security checks or optimization of the site.
4 – Data retention period
The data collected are processed for the period necessary for the purposes for which they were collected, and in any case no later than 12 months from the cessation of service to allow disposal and cancellation.
The data necessary for tax purposes are kept until the assessments relating to the corresponding tax period are defined, therefore for at least 10 years and more if the relative annuality is not yet prescribed for tax purposes.
Upon expiry, the data will be deleted or anonymized, unless there are additional purposes for the storage of the same, in particular the onset of judicial and extrajudicial litigation.
5 – Transfer of collected data to third parties and non-EU countries
The personal data of users/customers is an essential component of our work and the transfer to third parties is not part of our activities. However, this site, in carrying out its activities, and in the execution of the services requested by users may have to transfer some data to third parties that perform specific instrumental tasks and linked to those of the site, including: order fulfillment (e.g. domain purchase and registration, data analysis, credit card payments, etc.).
The data controller guarantees that third parties (partners, suppliers, etc.) have access to only the data necessary to carry out their specific task and that they are transferred to them in accordance with the law.
“Necessary data”, for the purposes of the transfer, means: personal identification data, address, business name, tax code/VAT number, address, in special cases attaching identity document for the registration of domains in particular countries.
If the data controller needs to transfer the aforementioned data to third parties belonging to Union law or belonging to non-EU countries against which an adequacy decision has been issued by the European Commission ex art. 44 and ss of the GDPR in force since 25/5/18 (Andorra, Argentina, Canada, Faer Oer, Guernsey, Isle of Man, Israel, Jersey, New Zealand, Switzerland, Uruguay, USA – Privacy Shield, unless updated and modified) those parties are obliged to process data in accordance with the law, without liability for the owner/transferee.
The data controller, in order to execute the contract and guarantee the services, may need to transfer the aforementioned data to third parties belonging to non-EU countries for whom the level of data protection is not guaranteed in accordance with the legislation for which there may be a risk of processing that does not comply with european regulation and the law of the personal data provided; of this risk, the User assumes responsibility without responsibility for the owner/originator.
In the case of the transfer of a company or production units or of company connection and control, the personal data of the Customers are part of the company assets that are transferred, but remain subject to the commitments provided for in this Policy, unless requests for new consent.
We disclaim all responsibility for the collection, use, disclosure of information or other privacy-related procedures operated by third parties (affiliates, partners, third-party service providers, trustees, etc.). The user has direct protection against those third parties.