Articles 13 and 14 of the European Regulation No. 679/2016
Legislative Decree No. 196/2003 as amended by Legislative Decree No. 101/2018
Dear User,
This privacy policy outlines the management procedures of this website concerning the processing of personal data of users who consult it, as well as the data processing practices via this site. In compliance with Articles 13 (for data collected from the data subject) and 14 (for data not collected from the data subject) of Regulation (EU) 2016/679 (hereinafter “GDPR”), we provide the following information to the users of this website. These details pertain exclusively to the processing carried out through this website and not through other websites that may be accessed via links from this site, for which we recommend viewing the respective privacy policies provided by their respective data controllers. This website and the services potentially offered through it are reserved for individuals who have reached the age of eighteen. The data controller does not process personal data relating to individuals under 18. Upon request by such users, the data controller will promptly delete all personal data inadvertently collected.
1. Data Controller
The data controller is Ravaservice srl, located at Viale della Repubblica, 4– 35010 Limena (PD), C.F. and P.I.V.A. 04961130285 (hereinafter “Controller”). The Controller may appoint a web agency or consultant as the data processor responsible for managing technical assistance, maintenance, and similar services for this website, whose contact details will be provided upon request to the addresses indicated above. The Controller and the Processor also process users’ data through their appointed internal representatives, who are appropriately instructed and authorized to process the data.
2. Categories of Data Processed and Sources of Origin
– Browsing data (The computer systems and software procedures used to operate this site acquire some personal data during their normal operation, whose transmission is implicit in the use of Internet communication protocols. This category includes IP addresses, browser type, operating system, domain name and website addresses from which access or exit was made, information about pages visited by users within the site, access time, duration on each page, internal path analysis, and other parameters related to the user’s operating system and IT environment. These technical/informatic data are collected and used exclusively in an aggregated and anonymous manner. Such data are processed to allow and check the correct use of this website and to obtain anonymous statistical information on its use, and are deleted immediately after processing.)
– Cookies (For which we invite you to read our Cookie Policy)
– Data voluntarily provided by the user, including:
– Common data (identification, demographic, billing, and similar data)
– Exceptionally, special data (Art. 9 GDPR)
– Exceptionally, criminal data (Art. 10 GDPR)
Sources: browsing, other sites, cookies, and similar; user; public sources.
We may primarily process browsing data and cookies. We may also process data voluntarily provided by the user, such as through the contact form or email communication, including common personal data (identification, demographic, billing, and similar data), and exceptionally special data under Art. 9 GDPR or criminal data under Art. 10 GDPR, strictly within the limits necessary by the information request received and with the user’s consent. Data may originate from automatic or voluntary sources, as well as from public sources. For example, they may originate from the user’s browsing, which may include information related to previous consultations of other sites, including in particular cookies and other similar technologies. Data may also be voluntarily provided by the user or related parties. Other data may come from public sources, such as those processed within the scope of research and originating from surveys, public databases, and similar.
3. Purposes of Processing
The personal data of website users, as described above, will be processed in the manners and forms prescribed by the GDPR, to perform the specific functions of the website, particularly, but not exclusively, regarding the navigation of pages and the data collection procedures described therein, contact forms, possible registration/access procedures to restricted areas, newsletter subscriptions, and similar activities. Specifically, the personal data provided to the Controller will be processed to pursue the following purposes:
– To respond to specific requests made to the Controller by the User through the website and its communication tools (contact forms, information request forms, and similar);
– For informational communications related to the Controller’s services, following information requests via email or the completion of the contact form and other communication tools;
– For possible registration for events organized by the Controller and related activities (e.g., verifying participation, notifications regarding any updates or changes to the event, etc.);
– For other ancillary or related purposes to those mentioned above and within the scope of the website’s activities;
The processing of data provided generally will be carried out, also following automatic collection during navigation, solely for the purposes of verification and control of website access. This also applies to technical cookies, understood as session, functionality, or analytics cookies that meet the specific requirements specified by the Data Protection Authority. In particular, regarding these cookies, it is clarified that they can be assimilated to technical cookies where they are created and used directly by the website. In any case, for these analytics cookies, the website, in compliance with the Data Protection Authority’s clarifications, has provided for the anonymization of IP addresses and the amendment to data processing; the collection and use of said browsing data (while ensuring the anonymization of IP addresses) allow the monitoring of website performance and improve the service offered, providing the user with a better browsing experience. Further information can be found in the Cookie Policy.
4. Legal Basis for Processing
The processing of personal data is based on fulfilling contractual or pre-contractual obligations related to the user’s request (e.g., requests for information about the services provided by the Controller, quote requests, etc.), and, where necessary, on the user’s consent through the free and informed completion of the appropriate fields in the data collection form and the ticking of the appropriate checkbox where provided. It is specified that filling out specific fields in the information request forms is inherent to the request itself and therefore constitutes the fulfillment of a pre-contractual or contractual obligation, depending on the context. Consent may subsequently be requested for the processing of additional data. A specific privacy policy will be provided wherever necessary (different from this one). In any case, the processing is also based on legitimate interest, including the right to information, for which reference is made to the following paragraph.
5. Legitimate Interest of the Controller
The processing of personal data is also based on the legitimate interest of the Controller, such as the exercise of its rights within the context of information society services, the performance of the contractual service, and the execution of direct marketing operations (in the ways, means, and times provided by the regulations).
6. Mandatory Nature of Data Provision
The provision of navigation data by users, for the purposes mentioned above, depends on the degree of privacy enabled or disabled through their browser. In some cases, disabling it may affect navigation on this website. For certain modules of this website, the provision of navigation data and/or the use of technical cookies is mandatory for the proper functioning of the website. The provision of some personal data is in any case necessary for the structure of the website and its procedures. The possible request for other optional data will be preceded by an appropriate approval checkbox. The provision of all other data is optional, according to the type of information the user wishes to provide to the website. For example, providing an email account is necessary to respond to the request made via the contact form, as well as other mandatory data indicated there with an asterisk. The other data are optional. Failure to provide the necessary data for the requested action (e.g., the email account via the information request form) makes it impossible for the Controller to process the request.
PROVISIONS APPLICABLE TO ALL PROCESSING
In any case, even where the data subject has given consent to authorize the Controller to pursue all the purposes mentioned above, they remain free to revoke it at any time. It is specifically and separately informed, as required by Article 21 of the Regulation, that the data subject has the right to object at any time to the processing of personal data concerning them for the purposes mentioned above, and that, if the data subject objects to the processing, the personal data can no longer be processed for these purposes.
7. Possible Recipients of Personal Data
The data may be communicated to connected, affiliated, or controlled companies by the Controller, as well as to consultants, or even to third parties operating, also in the name and on behalf of the Controller, for the fulfillment of the services related to the purposes indicated in this information notice, both within the EU and outside the EU (in the latter case, it will only involve subjects adhering to the current regulations). Navigation data and similar (for which reference is made to the above), as well as profiling cookies, including those from third parties (for which reference is made to the Cookie Policy of this website), will be communicated to the respective third parties, where these do not manage them directly as data controllers. In any case, the data may be communicated to data processors, as well as persons authorized to process, duly instructed, always within the scope of the purposes of the processing. For brevity, the detailed list of such figures is available at our registered office.
8. Data Retention Period
The data provided voluntarily by the data subject will be retained until the expressed revocation by the data subject, including actions on their browser, cookie deletion, express request, or otherwise manifested. Browsing data will be retained, in compliance with the principle of proportionality, in a form that allows the identification of the data subject for a period not exceeding what is necessary for the purposes for which they were collected or subsequently processed. Excluded from the terms above are cases where it is necessary to retain the data for an additional period to defend or assert a right or to fulfill any legal obligations or orders from authorities.
9. Rights of the Data Subject
Each data subject has the right to access, rectify, erase (right to be forgotten), restrict, receive notification in case of rectification, erasure or restriction, data portability, object, and not be subject to automated individual decision-making, including profiling, pursuant to Articles 15 to 22 of the GDPR. These rights can be exercised in the forms and within the terms referred to in Article 12 GDPR, by written communication sent to the Controller (see point 10). The Controller will provide an adequate response as soon as possible and in any case within one month from receipt of the request.
10. Right to Withdraw Consent (Methods of Exercising Rights)
Consent can be withdrawn, where provided, at any time and/or exercise your rights by sending:
– A registered letter with return receipt to the address indicated in the letterhead;
– An email to amministrazione@ravaservice.com.
11. Complaints
Each data subject has the right to lodge a complaint pursuant to Articles 77 et seq. of the GDPR with a supervisory authority, which for Italy is the Italian Data Protection Authority. The forms, methods, and terms for lodging complaints are provided for and governed by the national legislation in force. The complaint is without prejudice to administrative and judicial actions, which can be proposed alternatively to the same Italian Data Protection Authority or the competent court.
12. Profiling
The personal data provided through navigation on this website and the possible completion of the forms published there may be subject to profiling by third-party providers through third-party cookies. Profiling allows these third-party providers, independent data controllers of their respective data processing for profiling purposes, different from the Controller of this website, to evaluate certain personal aspects of the data subject related in particular to their preferences, interests, and tastes concerning the pages consulted and the activities carried out, in order to allow these independent and different Controllers to offer the data subject a more specific and targeted service tailored to their needs. For more information, we invite the user to read the Cookie Policy.
13. Controller, Authorized, and Processors
We provide the following information which is necessary to bring to your knowledge, not only to comply with legal obligations but also because transparency and fairness towards interested parties is a fundamental part of our activity.
Controller. The Controller of your personal data is Ravaservice srl, responsible to you for the legitimate and correct use of your personal data, which you can contact for any information or request at the following contacts: telephone +39 (0)49 711167, email: amministrazione@ravaservice.com.
Authorized. The updated list of authorized persons for processing is kept at the Controller’s headquarters.
Processors. For brevity, the detailed list of such figures is available at our headquarters.
14. Social Media Plug-ins
This site may contain plug-ins from certain social media (e.g., Facebook). Social plug-ins are special tools that allow the incorporation of social network functionalities directly into the site (e.g., the “like” function of Facebook) and are marked by the logo of the respective social platform. When you visit a page on this site and interact with the plug-in (e.g., by clicking the “like” button) or leave a comment, the corresponding information is transmitted from your browser directly to the social network platform (in this case, Facebook) and stored by it. For information on the purposes, type, and methods of collection, processing, use, and storage of personal data by the social network platform, as well as on the ways to exercise your rights, please consult the privacy policy of the social network.
15. Links to Third-Party Sites
From this site, it is possible to connect via specific links to other third-party websites. The Controller disclaims any responsibility regarding the possible management of personal data by third-party sites and concerning the management of authentication credentials provided by third parties.
16. Cookies
Cookies are information packages sent by a web server (e.g., the site) to the user’s internet browser, automatically stored by the latter on the computer, and automatically sent back to the server at each subsequent access to the site. For any information on the characteristics, types, methods of use, and possibilities to remove, delete, or disable cookies on the website, please refer to the Cookie Policy.
The Data Controller
Ravaservice srl
Contact us
Ravaservice srl is pleased to receive comments regarding this privacy policy. We invite you to contact us at the following address: amministrazione@ravaservice.com.
Last update: 05/2024
