Privacy Policy for the Processing of Personal Data of Users Consulting the Company’s Website

Privacy Policy for the Processing of Personal Data of Users Consulting the Company’s Website

pursuant to Article 13 of Regulation (EU) 2016/679

WHY THIS INFORMATION

In accordance with Regulation (EU) 2016/679 (hereinafter “Regulation”), this page describes the methods of processing:

of the personal data of users consulting the website (hereinafter “Site”) of Palliara Antonella (hereinafter “Owner”) accessible via telematics at the following address alabannaluxury.it of the personal data entered or collected through the social media pages owned. These pieces of information do not concern other sites, pages, or online services that can be accessed via hypertextual links possibly published on the site but referred to external resources outside the Owner’s domain.

WHO PROCESSES USER DATA

DATA CONTROLLER

The data controller is:

Roberto Vergallo

Tax code: VRGRRT83H13E506J born in Lecce on 13/06/1983

Residing at Via L. Settembrini 19 Lecce

roberto@software.green, +39 328 4073712

DATA PROTECTION OFFICER

The Owner has appointed a Data Protection Officer (DPO) to ensure compliance with Italian and European regulations.

The Data Protection Officer can be reached at the following address:

Via L. Settembrini 19, Lecce

email: roberto@software.green

LEGAL BASIS OF PROCESSING

The owner will process personal data only if there is a legal basis for doing so.

The regulations on the protection of personal data establish that the processing of personal data is lawful only if and to the extent that at least one of the following conditions applies (as per Art. 6 of the Regulation):

a) the data subject has given consent to the processing of their personal data for one or more specific purposes;

b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

c) processing is necessary for compliance with a legal obligation to which the data controller is subject;

d) processing is necessary in order to protect the vital interests of the data subject or of another natural person;

e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller;

f) processing is necessary for the purposes of the legitimate interests pursued by the data controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

The legal basis for processing, therefore, will depend on the reasons for which the Owner has collected and uses the data.

These reasons consist, in some cases (such as requests received through the contact section), in the need to provide the necessary response to the received requests (in this case, therefore, the legal basis is the performance of a contract and/or pre-contractual measures), in other cases, in the duty to comply with legal and/or regulatory obligations, or, in other cases yet, in the possibility of pursuing the legitimate interest of the Owner that will be identified from time to time. Where the consent of the data subject is necessary, such consent will be requested in accordance with the law.

TYPES OF DATA PROCESSED AND PURPOSES OF PROCESSING

Personal data means all information relating to the user by means of which they can be identified. Therefore, personal data includes, for example, the name, surname, contact details, telephone number, email address, IP address, and information concerning the user’s access to the Site.

Following the consultation of the Site, as well as the use of the services made available through it, the Owner may collect users’ personal data following telephone communications to the contacts listed on the Site, following the receipt of emails to the addresses listed on the Site, or through the completion of forms in the contact section, or again through the use of social network plug-ins used on the Site.

Specifically, the types of data processed can be classified as follows:

BROWSING DATA

The IT systems and software procedures used to operate the Site acquire, during their normal operation, some personal data, the transmission of which is implicit in the use of Internet communication protocols.

These are pieces of information that are not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters concerning the user’s operating system and computer environment.

This data, necessary for the use of web services, is also processed for the purpose of:

obtaining statistical information on the use of services (most visited pages, number of visitors per time or day, geographical areas of origin, etc.); checking the correct functioning of the offered services; identifying anomalies and/or abuses. Browsing data do not persist for more than seven days (unless there is a need to investigate crimes by the Judicial Authority).

PERSONAL DATA VOLUNTARILY PROVIDED BY USERS

The optional, explicit, and voluntary sending of messages to the Owner’s contact addresses, private messages sent by users to institutional profiles/pages on social media (where this possibility is provided), as well as the completion and submission of forms on the Owner’s website, involve the acquisition of the sender’s contact data, necessary to respond, as well as all personal data included in the communications.

Specific information will be published on the pages of the Site prepared for the provision of certain services.

COOKIES AND OTHER TRACKING SYSTEMS

No use is made of cookies for user profiling, nor are other tracking methods employed.

Instead, session cookies (non-persistent) are used strictly limited to what is necessary for secure and efficient browsing of the Site. The storage of session cookies in terminals or browsers is under the user’s control, while on servers, at the end of HTTP sessions, information about cookies remains recorded in service logs, with storage times not exceeding seven days, similar to other browsing data.

Specifically, the Site uses the following cookies:

Name Type Link Google Analytics Third-party cookies that allow aggregated analysis of user visits for statistical and informative purposes Link Ads Remarketing (Google Inc.) AdWords Remarketing is a remarketing and behavioral targeting service provided by Google Inc. Link CONSEQUENCES OF FAILURE TO PROVIDE DATA

The possible non-indication of data necessary to respond to requests could result in the Owner’s inability to provide a comprehensive response or the available services.

Where necessary, the Owner will inform the user, from time to time, about the mandatory or optional nature of providing personal data (e.g., to make a specific request).

In particular, the mandatory or optional nature of data communication will be highlighted through a notice or a specific format for mandatory information.

RECIPIENTS OF DATA

The staff