In compliance with the obligations prescribed by national legislation (Italian Legislative Decree No. 196 of 30 June 2003, the Data Protection Code, as amended) and European legislation (European General Data Protection Regulation No. 679/2016, GDPR), this Website respects and protects the privacy of visitors and users, implementing every possible and proportionate effort not to infringe users’ rights.
Method and place of processing for the collected data
The data you provide while using the Website will be used in full compliance with the regulations in force, and the processing will be based on principles of correctness, legality, transparency, and protection of your privacy and your rights.
The following information relates only to this Website and does not in any way concern other Websites that may be consulted by the user through links on these pages.
Access to the Site and its navigation are free and do not require the insertion or automatic detection of one’s personal details .
The personal data that is collected includes all the information you directly and voluntarily provide by filling in contact forms to finalise requests for information or assistance (name, surname, phone number, e-mail).
Purposes of data processing
We collect, use, and store the data provided only in order to offer the service that is requested, and to make the experience on the Site as satisfying as possible.
This data may be processed for internal purposes of compiling personal data lists, bookkeeping, invoicing, creditor management, satisfaction of all obligations under current regulations, communications, and additional services explicitly requested by you.
In no way will this data be used for profiling or direct marketing purposes, except to carry out sales statistics and customer interest in our products and/or services anonymously.
Method of processing
The data entered will be processed with suitable tools and procedures to guarantee their security and confidentiality, adapted to current technological standards, and in compliance with the obligations established by Regulation (EU) 2016/679 on the protection of personal data (“GDPR”).
The processing will be carried out both manually and using electronic tools, incompliance with all the precautions necessary to guarantee the security and confidentiality of the information.
Obligation or right to provide data and consequences of possible refusal
The provision of data and consent to the processing of the same is mandatory when filling in contact forms in order to allow us to fulfill the requests.
Failure or incomplete communication of data and/or refusal to provide data and consent will make it impossible to conclude the contract, provide the requested services, and fulfil legal obligations.
Subjects to whom the data may be communicated
The data is managed by the Data Controller and the persons appointed for the correct fulfilment of the purposes.
The data may be disclosed to third parties: for the needs of technical and administrative management of the services, within the framework of legal obligations, to prevent fraud and limit credit risk, as well as to protect property rights.
They will never be shared with other companies, organisations or entities for commercial purposes or purposes only.
Personal Data collected for purposes related to the execution of a contract between the Controller and a User will be retained until the execution of the contract is complete.
Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until such time as such interest is satisfied. The User can obtain further information in this regard in the relevant sections of this document or by contacting the Controller.
Where the processing of personal data is based on User consent, the Controller may retain the data for longer, until consent is revoked. Furthermore, the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period, Personal Data will be erased. The right to access, annul and rectify Personal Data and the right to Data portability can, therefore, no longer be exercised after this period has ended.
Rights of the interested party
You may exercise your rights at any time with regard to the Data Controller, pursuant to Articles 15-22 of the GDPR. In particular, you have the right to:
- obtain the termination of the processing (so-called right of opposition)
- obtain information in relation to the purposes of the processing, the period, and the subjects to whom the data is communicated (so-called right of access)
- obtain the rectification or integration (so-called right to rectification)
- obtain cancellation (so-called right to erasure)
- obtain only conservation without any other use being made of them (so-called right to restrict processing)
- receive a copy of your stored personal data (so-called right to data portability)
Data Controller for processing of personal data
At any time, you can assert your rights by addressing your requests to:
OSTERIA DEI PONTEFICI
Via Gregorio VII 53 – 00165 Roma
sole Controller and manager of data processing.
How to exercise such rights
In order to exercise the User’s rights, Users may address a request to the Data Controller contact details indicated in this document. Requests shall be filed free of charge and processed by the Data Controller as soon as possible and, in any event, within one month.