PRIVACY POLICY

INFORMATION DOCUMENT PURSUANT TO AND FOR THE EFFECTS OF ARTICLE 13 OF REGULATION (EU) 2016/679 (GDPR)

WHY THIS INFORMATION

In accordance with Regulation (EU) 2016/679 (hereinafter „GDPR“), this page describes the methods of processing personal data. This is an information notice provided pursuant to Article 13 of the GDPR. The information should not be considered valid for other third-party websites that may be accessed via links on this website, for which no responsibility is assumed.

Personal data processed

Personal data: any information relating to an identified or identifiable natural person („data subject„); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person (C26, C27, C30 GDPR).

Data of contractors/users.

Navigation data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes IP addresses or domain names of the computers and terminals used by users, URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the user’s operating system and computer environment.

Voluntarily communicated data

The optional, explicit, and voluntary sending of messages to the contact addresses indicated on this site and/or the completion of data collection forms entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data entered.

Specific information

Specific information may be present on the pages of the Site concerning particular services or data processing provided.

COOKIES AND OTHER TRACKING SYSTEMS. WHAT ARE THEY? WHAT ARE THEY USED FOR?

For cookies and other tracking systems, please refer to the cookie policy provided in the footer of the website and at the following link.

1. WHO IS THE DATA CONTROLLER? HOW CAN THEY BE CONTACTED?

The data controller is Ipae-Progarden Spa with registered office at Via delle Gallerane, 2 – 22046 Merone (CO), represented by its temporary Legal Representative, who can be contacted for any information via telephone: +39 031 3336611, email: privacy@ipae-progarden.com

2. PURPOSE OF PROCESSING, LEGAL BASIS, DATA RETENTION PERIOD, AND NATURE OF PROVISION

In addition to browsing, personal data will be processed for:

3. TO WHOM WILL PERSONAL DATA BE COMMUNICATED? RECIPIENTS OF THE DATA

Personal data will be communicated, also based on the purposes provided in specific areas, to entities that will process the data as independent data controllers or data processors (art. 28 GDPR) and processed by individuals (art. 29 GDPR) acting under the authority of the Controller and Processors based on specific instructions provided regarding the purposes and methods of processing, for specific purposes based on the relevant area. Data will be communicated to recipients belonging to the following categories:
  • Entities based in Italy, providing services for the website and communication networks, including email, hosting, and website management;
  • Entities based in Italy, with whom the Controller has entered into agreements and given consent, where required
  • Competent authorities for compliance with legal obligations and/or requests from public authorities.
The list of Data Processors is available by writing to privacy@ipae-progarden.com or at the other contacts indicated above.

4. WILL DATA BE TRANSFERRED TO NON-EU COUNTRIES?

Personal data will not be transferred to non-EU countries.

5. IS THERE AN AUTOMATED PROCESS?

Personal data will be subject to traditional manual, electronic, and automated processing. It is clarified that there are no completely automated decision-making processes.

6. WHAT ARE YOUR RIGHTS? HOW CAN YOU EXERCISE THEM?

You can exercise your rights as expressed in Articles 15 and following of the GDPR by contacting the Data Controller at the email address privacy@ipae-progarden.com, or at the contacts indicated above. You have the right, at any time, to request access to your personal data (Article 15), rectification (Article 16), erasure of the same (Article 17), and restriction of processing (Article 18). The data controller communicates (Article 19) to each recipient to whom the personal data have been transmitted any rectifications or erasures or restrictions of processing carried out. The data controller communicates to the data subject such recipients if the data subject requests it. In cases provided for, you have the right to data portability (Article 20) and in this case, they will be provided to you in a structured, commonly used, and machine-readable format. You have the right to object (Article 21), at any time, to processing of personal data based on legitimate interest.

If you believe that the processing of personal data carried out by the Data Controller is in violation of the provisions of Regulation (EU) 2016/679, you have the right to lodge a complaint with the Supervisory Authority, in particular in the Member State where you habitually reside or work or where the alleged violation of the regulation occurred (Italian Data Protection Authority – Garante Privacy https://www.garanteprivacy.it/), or to seek appropriate judicial remedies.

7. CHANGES TO THE INFORMATION

The Data Controller reserves the right to modify, update, add, or remove parts of this information. In order to facilitate verification and modification of the text, the information will contain the update date.

Update date: 20/01/2023