The European Regulation 2016/679 of 27 April 2016 relating to the "Protection of individuals with regard to the processing of personal data, as well as to the free circulation of such data" (the so-called "General Data Protection Regulation" or "Regulation"), provides the protection of personal data whose processing must take place in compliance with fundamental rights and freedoms with particular reference to the right to privacy.
Pursuant to art. 12 of the Regulation Tenuta San Leonardo SRL (hereinafter TSL SAS), with headquarters in Loc. San Leonardo 1 - Avio - CAP 38063 . as Data Controller of the personal data managed through www.wsanleonardo.it (or also "Site") hereby wishes to inform you that the processing of your personal data will be based on the principles of correctness, lawfulness and transparency, protecting your privacy and your rights.
1) Identity and contact data of the Data Controller
The Data Controller of your personal data is TSL SAS, with headquarters in Loc. San Leonardo 1 - Avio - Zip Code 38063
2) Purpose of the processing
The processing of your personal data by TSL SAS will take place for purposes related to the management and administration of the website In particular, the processing of personal data may be carried out for
- allow navigation of the Site
- analyze statistically in aggregate form visits to the site
- newsletter subscription directly through the site
3) Legal basis of the processing
In fact, given the type of data, the prior and informed consent of the user is not required (opt-in) provided that users are offered simple ways to object (opt-out).
4) Processing methods
Personal data are processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorized access.
5) Personal Data Processed
Navigation data: the IT systems and software procedures used to operate this website acquire, during their normal operation, some personal data (cd log files) whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in the submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the IT environment of the 39; user. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site and may be presented to the judicial authority, if this explicitly requests it.
Data provided voluntarily by the ; user: the optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the site dedicated to particular services on request.
6) Categories of recipients of personal data
Data collected via the internet will not be disclosed or communicated to non-appointed third parties.
7) Storage of personal data
Personal data processed for the purposes listed in this statement will be kept for the time strictly necessary to achieve those same purposes
8) Processing methods
You can exercise the rights provided for in Article 13, letter b) and in Articles 15, 16,, 17, 18 at any time and 20 of the Regulation by contacting the contact details referred to in point 1 of this statement.
In particular, as an interested party, you can request:
1. l access to personal data concerning him, according to the provisions of Article 15 of the Regulation;
2. the correction of personal data concerning him, according to the provisions Article 16 of the Regulation;
3. the deletion of personal data concerning him ("right to be forgotten"), according to the provisions of Article 17 of the Regulation;
4. the limitation to the processing of personal data concerning him, according to the provisions of Article 18 of the Regulation.
infor finally, we would like to object to the processing of data at any time, pursuant to art. 21 of the Regulation, if one of the situations provided for in Article 6, paragraph 1, letters e) and f) of the same Regulation occurs.
9) Complaint to the Supervisory Authority
Finally, pursuant to Article 77 of the Regulation, we remind you that you have the right to lodge a complaint with the Control (Guarantor for the protection of personal data), if you believe that the processing that concerns you violates the provisions of the Regulation itself.
10) Nature of the processing and mandatory provision of data
Many of the data requested are necessary (also in execution of obligations deriving from legal rules) to the 39; establishment and continuation of the commercial relationship. In some cases, failure to provide them may result in the failure to continue this relationship.
11) Existence of automated decision-making processes in the processing
It is specified that for the processing of the above data there is NO type of automated decision-making process, pursuant to Article 22 of the Regulation.