In particular, it explains how to manage the personal data acquired during navigation (navigation log and cookies) and additional services connected to it, which involve interaction with the user, such as filling out a form for participation. to an event or email address on the site.
In this regard, in full compliance with the rules on the protection of personal data (Legislative Decree 196/2003 and EU Regulation, n. 2016/679, called GDPR), I invite you to read the following information, which has been designed and written in a simple and concise language to help you clearly understand how we process your personal data.
1.IDENTITY AND CONTACTS OF THE DATA CONTROLLER
The Data Controller is GUAVA SRL with legal and operational headquarters in Milan, Via Ippolito Nievo 35, Tax Code and VAT number 12381680011.
2. PURPOSE AND LEGAL BASIS OF THE PROCESSING
The computer systems and software procedures used to run this website record some personal data during their normal operation, the transmission of which is implicit in the use of Internet communication protocols. This information is not collected with the intent of associating it with identified users but, by its very nature, could lead to the identification of users through processing and association with data held by third parties. This data category includes IP addresses, or domain names, of the computers used by users to connect to the Website, URI (Uniform Resource Identifier) addresses of the requested resources, time of the request, the method used to submit the request to the server, size of the file obtained in response, numerical code indicating the server response status (successful, error, etc.), and other parameters pertaining to the user’s operating system, and IT environment.
Such data is solely used to compile anonymous statistics on the use of the Website and to verify its correct operation. The data could also be used to ascertain responsibility in the event of hypothetical computer crimes against the Website (legitimate interests of the Data Controller).
Cookies are small text files (letters and/or numbers) that allow our web server to store information on the client (the browser) to be reused over the course of the same visit to the site (session cookies) or subsequently, even some days after (persistent cookies). Cookies are stored, according to user preferences, from a single browser on the specific device being used (computer, tablet, smartphone).
Similar technologies, like, for example, web beacons, transparent GIFs and all forms of local storage introduced with HTML5, can be used to collect information on a user’s behaviour and on the use of services.
In this document, we refer to cookies and any other similar technologies simply as “cookies”.
Cookies can be split into the following categories based on their characteristics and use:
- Strictly necessary cookies. These cookies are essential for the website to run properly are used on www.guava.milano.it to manage the login and access to the website’s restricted functions. The duration of cookies is limited to the session in progress (in closing the browser they are erased).
- Technical cookies. Technical Cookies are those used for the sole purpose of “carrying out the transmission of messages over an electronic communications network, or as strictly necessary for the service provider of the IT company specifically requested by the subscriber or user to provide this service (see, Article 122, Paragraph 1 of the Code)”. They are not used for other purposes and are normally installed directly by the website’s owner or operator. To technical cookies belong: “navigation” (or “session” cookies), that enable the normal use of the website (e.g. they allow the user to complete a purchase or to authenticate and access reserved areas); “analytics” cookies, that belong to technical cookies in the case they are used directly by the website administrator to gather group data on the numbers of visitors the website has and on how such visitors move in the website.
When visiting a website, users may receive cookies used by the site they are browsing (proprietary cookies) as well as by websites managed by other organizations (third party cookies). A good example is the use of Facebook, Twitter, Google+ and LinkedIn social media plug-ins. These are part of the pages of the visited website, which are generated directly by the third party and integrated into the hosting web page. The most common reason for using these plug-ins is to allow users to share content on social media. These plugins require cookies to be sent to and from all websites operated by third parties. The handling of information collected by “third parties” is governed by the relevant information, which we kindly ask you to consult. For the purposes of greater transparency and convenience, below is a list of third-party websites with information about their policies for handling cookies.
Among the third-party cookies, we also include certain components from Google Analytics, a web traffic analysis service provided by Google. Google Analytics can collect and analyse information on usage behaviour anonymously. This information is collected by Google Analytics, which processes in order to prepare reports for the activities on the websites themselves. This site neither uses nor permits any third parties to use Google Analytics to monitor or collect any personal identification information. Google does not match IP addresses to any other data in Google’s possession, nor does it try to make a connection between an IP address and a user’s identity. Google may transfer this information to third parties when required by law or to third parties who process the information on Google’s behalf. See the following link for more information:
The majority of internet browsers are initially set to accept cookies automatically. You can find our cookies in your browser settings.
You can change these settings to block cookies or to warn you that cookies are being sent to the user’s device. There are several ways to manage cookies. You can refer to the instruction manual or the help screen of your browser to find out how to adjust or change the settings of your browser.
If you block the storage of cookies, we can no longer guarantee a correct functioning of the site: some functions of the site may not be available and it may no longer be possible to view certain contents. Furthermore, blocking cookies does not stop adverts from being displayed. These will simply no longer be personalised.
The rules on the protection of personal data state that we can store cookies on your device if they are strictly necessary for the operation of this Site. For all other types of cookies we need your consent.
Contact form or email
The optional, express, and voluntary emails sent to the addresses given on this website necessarily entail the acquisition of the sender’s address, which is required to reply to requests, and any other personal data included in the messages.
3. LEGAL OBLIGATIONS RELATING TO THE PROVISION OF PERSONAL DATA
The navigation data and some cookies are necessary for the functioning of the Site, the profiling cookies and the provision of personal data in the contact forms are optional and there is therefore no legal constraint.
4. SCOPE OF DATA CIRCULATION
Where appropriate and in compliance with the laws and requirements in force, we can transmit your personal data, in various ways and for various reasons, to the following categories of subjects:
- External service providers, acting on our behalf (including external consultants, business partners and professionals, IT consultants and technical support agents who perform testing and development activities on our IT systems);
- External providers of outsourced IT and document archiving services, where there is a suitable data processing agreement (or similar protections).
GUAVA SRL does not sell, transfer or distribute your data to third parties.
If GUAVA SRL merges with another company in the future, or is acquired by it (or if the possibilities for this scenario are very concrete), we can share your personal data with the (potential) new owners of the company or of the GUAVA SRL.
5. METHODS OF DATA PROCESSING
We undertake to take all reasonable and appropriate measures to protect personal information held by us from misuse, loss or unauthorised access. To this end, we have put in place a series of appropriate technical and organisational measures. Measures are included to address any suspected data breaches.
6. DECISION-MAKING PROCESS BASED ON AUTOMATED TREATMENT
In the processing that GUAVA SRL carries out on your personal data, there is no automated decision-making process that could produce legal effects concerning you or that significantly affects your person likewise.
7. PERIOD OF DATA RETENTION
The navigation data will be kept for a period not exceeding 12 months, with the exception of any extensions connected to investigation activities. Cookies will be stored according to what is indicated in the “Declaration of cookies”.Likewise, the data collected by the contact forms will be kept for the entire duration of our professional relationship. Whenever you receive an email from GUAVA SRL, you will have the possibility – if you no longer wish to receive communications and invitations from us – to cancel your subscription by clicking on the appropriate button in each email.
8. TRANSFER OF DATA ABROAD
The management and storage of your personal data will take place on servers located within the European Union owned by GUAVA SRL and/or by GUAVA SRL third parties and duly appointed as Data Processors.
In any case, it is understood that GUAVA SRL, where necessary, will have the right to move the management and/or storage of personal data to Italy and/or the European Union and/or non-EU countries. In this case, GUAVA SRL hereby guarantees that the transfer of the data outside the European Union shall take place in accordance with the applicable legal provisions by stipulating, if necessary, agreements which guarantee an adequate level of protection and/or by adopting the standard contractual clauses provided by the European Commission.
9. RIGHTS OF THE DATA SUBJECT
In your role as a data subject, you are guaranteed the rights set out in Article 7 of the Privacy Code and Article 15 of the GDPR. In particular, you have the right to:
- obtain confirmation of the existence or not of personal data concerning you, even if not yet registered and their communication in an intelligible form;
- the origin of personal data; a) the purpose and the modality of processing; b) the logic applied whenever the processing involves electronic tools; c) the identification details of the owner, of the person responsible and of the designated representative pursuant to Article 5, Paragraph 2; and) the parties and categories of parties to whom the personal data may be communicated, or person who may become aware of the data as designated representatives of the State, processing officers, or processors.
- obtain: a) update, rectify, and, when deemed of interest, integrate the data; b) erase, convert to an anonymous format or block data that has been processed in violation of the law, including data that does not need to be retained for the purposes for which it was collected and processed; c) confirmation that the operations described in sections a) and b) were made known, including their content, to the parties to whom the data was communicated or transmitted, except in cases when it may not be possible to do so or when it necessitates a disproportionate effort compared to the protected right;
- object, in whole or in part, for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of the collection and to oppose the automated decision-making process.
Where applicable, you also have the rights referred to in Articles 16-21 of the GDPR (right of rectification, right to be forgotten, right to restrict processing, right to data portability, right to object), as well as the right to lodge a complaint with the Supervisory Authority.
Furthermore, we inform you that you have the right to lodge a complaint with the Supervisory Authority, which in Italy is the Guarantor for the Protection of Personal Data (http://www.garanteprivacy.it).
You may exercise your rights at any time by sending:
- a registered letter with return receipt to the Data Controller at the GUAVA SRL in Milan, Via Via Ippolito Nievo 35;