This document describes the personal data confidentiality policies adopted by the company AltoGarda Servizi S.p.a., based in Riva del Garda (TN), via Ardaro 27, as the person responsible for the management of this site.
This document also provides the information pursuant to art. 13 of the Legislative Decree 30 June 2003 n. 196 and art. 13 of EU Regulation 2016/679 (hereinafter GDPR) to users of the services of our site, which are provided via the Internet. The indications provided below are also inspired by Recommendation no. 2/2001 of the Group of European Guarantors for the protection of personal data adopted on 17 May 2001 pursuant to art. 29 of Directive no. 95/46 / EC, concern in particular the collection of personal data on the Internet and aim to ensure the lawfulness, correctness and transparency of such practices (in application of Article 5 of the GDPR).
Following consultation of this site, data relating to identified or identifiable persons may be processed, the Data Controller is the company AGS SpA. Within the site, due to specific treatments, further summary information may be prepared.
Data Processor for Alto Garda Servizi S.p.a. is Eng. Aldo Bronzini.
Alto Garda Servizi S.p.a. has designated, by means of a service contract, the Data Protection Officer, pursuant to art. 37 GDPR, in the person of Eng. Carlo Tenca whose contact details are reported:
Ing. Carlo Tenca, Via Pascoli, 4 – 37010 Affi (VR), email: [email protected]
A. NAVIGATION DATA
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data in question could be used to ascertain responsibility in the event of any computer crimes against this site: except for this possibility, generally the data on web contacts are not stored for more than seven days.
B. DATA PROVIDED VOLUNTARILY BY THE USER
On this site, the user may voluntarily and optionally provide their personal data, including the e-mail address for the following purposes:
– receive information about the services offered;
– send a request for information;
– send your curriculum vitae or job applications.
In the voluntary provision of personal data by the user, there may be a provision of data falling within the category of special categories of personal data referred to in art. 9 of the GDPR, verbatim the “… data suitable for revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as treating genetic data, biometric data intended to uniquely identify a person physical, data relating to the health or sexual life or sexual orientation of the person “. We invite you to communicate such data only where strictly necessary. Indeed, we remind you that in the face of the transmission of special categories of personal data, but in the absence of specific consent to process such data (which allows the user to send a curriculum vitae), Alto Garda Servizi S.p.a. cannot be held responsible in any way, nor will it be able to receive any disputes, since in this case the processing will be permitted as it relates to data manifestly made public by the interested party, in accordance with art. 9.1.e) of the GDPR. However, we specify the importance, as already indicated above, of expressing explicit consent to the treatment of the special categories
of personal data, if the user decides to share such information.
C. DATA OF THIRD PARTIES PROVIDED VOLUNTARILY BY THE INTERESTED PARTY
In the use of some services of the site, the processing of personal data of third parties spontaneously sent to Alto Garda Servizi S.p.a. may occur – With respect to these hypotheses, the user acts as an independent data controller, assuming all the obligations and responsibilities of law. In this sense, he confers on this point the widest indemnity with respect to any dispute, claim, request for compensation for damage from treatment, etc. that should reach Alto Garda Servizi S.p.a. by third parties whose personal data have been processed through the use of the site’s functions in violation of the applicable rules on the protection of personal data. In any case, if the user provides or otherwise processes personal data of third parties in the use of the site, he guarantees from now – assuming all related responsibility – that this particular hypothesis of treatment is based on an appropriate legal basis pursuant to of the art. 6 of the GDPR which legitimizes the processing of the information in question.
D. OTHER TYPES OF DATA AND PURPOSE OF THE TREATMENT
Specific purposes, relating to individual treatments, can be identified in detail in the appropriate sections of the site. In correspondence to individual offers, the user will find specific information on the processing of personal data, pursuant to Article 13 of Legislative Decree 196/2003 and art. 13 GDPR.
The legal basis for the processing of personal data is art. 6.1.b) of the GDPR as the processing is necessary for the provision of services or for the response of requests from the interested party. The provision of personal data for these purposes is optional but failure to provide it would make it impossible to activate the services provided by the site.
The treatments connected to the web services offered by this site are carried out at the headquarters of the Data Controller company.
The data will be processed mainly with electronic and IT tools in compliance with the minimum security measures pursuant to the Technical Regulations, Annex B to Legislative Decree 196/2003 and in compliance with the additional technical and organizational measures deemed adequate pursuant to the GDPR.
The data are not transferred to third countries with respect to the European Union. No data deriving from web services is disseminated, nor is it subject to fully automated decision-making processes, including profiling.
Personal data provided voluntarily and optionally by users are not disclosed to third parties, unless the disclosure is required by law or is strictly necessary for the fulfillment of user requests. The data itself will be processed exclusively by internal managers and persons in charge of processing duly instructed on the security of personal data and the right to privacy, or by any persons in charge of occasional maintenance operations.
The Personal Data provided will be kept for the time necessary to manage and respond to user requests or for the time necessary to manage the communication, depending on the specific object of the same.
Where the management of the request or communication involves the onset of a relationship between the parties, specific specific information will be provided.
In relation to the processing of personal data, the interested party has the right, pursuant to art. 7 Legislative Decree 196/2003 (Right of access to personal data and other rights) and in accordance with the GDPR:
1. to obtain confirmation of the existence or not of personal data concerning him, even if not yet registered, and their communication in an intelligible form;
2. to obtain the indication: a) of the origin of personal data; b) the purposes and methods of the processing; c) the logic applied in case of processing carried out with the aid of electronic tools; d) the identity of the owner and managers; e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them;
3. to obtain: a) updating, rectification, limitation or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, even as regards look at their content, of those to whom the data have been communicated, except in the case in which this fulfillment proves impossible or involves the use of means manifestly disproportionate to the protected right;
4. to be guaranteed the right to data portability;
5. to lodge a complaint with the Guarantor Authority for the protection of personal data;
6. to object, in whole or in part, for legitimate reasons, to the processing of personal data concerning him;
7. to revoke any consent requested as the legal basis of the processing, without prejudice to the legitimacy of the processing carried out before the revocation.
The exercise of these rights may take place through written communication to the company Alto Garda Servizi S.p.a., to the C.A. of the Data Processor, in the following ways:
Fax: 0464 553565
Ordinary post: Via Ardaro, 27 – 38066 – Riva del Garda (TN) – Italy