top of page

PRIVACY POLICY 

articles 13-14 of EU Reg. 2016/679

We hereby inform users, pursuant to art. 13-14 of EU Reg. 2016/679, regarding the processing of personal data carried out through this website.

The processing of personal data takes place in compliance with current legislation on the protection of personal data and is based on principles of correctness, lawfulness, transparency and data protection.

We specify that this information refers exclusively to the data of those who interact with the services accessible from the home page of the website: https://contidolciaria.it/ (hereinafter also referred to as "the Site"), without extending to other websites eventually reached by the user through links starting from the domain of https://contidolciaria.it/

The Data Controller is:

  • CONTI snc 16161 Genoa (Italy) Via Lago Figoi, 101-105 tel. 010 749 0331 
    PI 02445930106

 

The information is a general obligation that must be fulfilled before or at the latest when starting the direct collection of personal data. In the case of personal data not collected directly from the interested party, the information must be provided within a reasonable time, or at the time of communication (not registration) of the data (to third parties or to the interested party). Pursuant to the General Regulation for the Protection of Personal Data of natural persons (GDPR – Reg. (EU) 2016/679), the undersigned organization, Data Controller, informs of the following:

Sources and categories of personal data

The personal data held by the undersigned organization are collected directly from the interested parties. This site does not collect data belonging to particular categories of data, by which we mean those suitable for revealing racial or ethnic origin, philosophical or other religious beliefs, political opinions, membership of trade unions, associations or organizations of a religious, philosophical, political or trade union, the state of health and sex life.

Navigation data

The computer systems and software procedures used to operate the website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are canceled immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site.

Profiling data

Profiling data regarding the data subject's consumption habits or choices are not directly acquired. However, it is possible that through links or by incorporating third-party elements, such information may be acquired by independent or distinct subjects. In this regard, see the section on third-party cookies.

Cookies

Like others, this website saves cookies on the browser used by the user concerned for the transmission of information of a personal nature and to enhance the experience. In fact, cookies are small text strings that the sites visited by the user send to his terminal (usually to the browser), where they are stored, sometimes even with characteristics of large temporal persistence, to then be re-transmitted to the same sites to the next visit.

As explained below, it is possible to choose whether and which cookies to accept, bearing in mind that refusing their use may affect the ability to carry out some transactions on the site or the accuracy and adequacy of some customizable contents offered or the ability to recognize the user from one visit to the next. If no choice is made in this regard, the default settings will be applied and all cookies, only the necessary ones, will be activated: however, at any time, you can communicate or change your decisions in this regard.

The "Site"  https://contidolciaria.it/  uses cookies to make its services simple and efficient for users who view the pages of the Site. Users viewing the Site will see minimal amounts of information entered on their devices, whether they are computers or mobile devices, in small text files called "cookies" saved in the directories used by the User's web browser. There are various types of cookies, some to make the use of the site more effective, others to enable certain functions.

 

By analyzing them in detail, our cookies allow you to:

  • memorize the preferences entered;

  • avoid re-entering the same information several times during the visit such as username and password;

  • analyze the use of the services and contents provided by  https://contidolciaria.it/ to optimize the browsing experience and the services offered.

 

Types of Cookies

Technical cookies

This type of cookie allows certain sections of the site to function correctly. They are of two categories: persistent and session:

  • persistent: once the browser is closed they are not destroyed but remain up to a preset expiration date

  • session: they are destroyed every time the browser is closed

​​

In particular, so-called session cookies are used, which are not stored permanently on the user's computer and disappear when the browser is closed and whose use is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the site and which avoid the use of other IT techniques potentially prejudicial to the privacy of users' browsing and do not allow the acquisition of personal identification data of the user.

These cookies, always sent from our domain, are necessary to view the site correctly and in relation to the technical services offered. They will therefore always be used and sent, unless the user changes the settings in their browser (thus affecting the display of site pages).

Analytical cookies

Then analytics cookies are used which help to understand how visitors interact with the contents of the site, collecting information (geographical and web origin, technology used, language, entry pages, visited, exit, permanence times, etc.) and generating website usage statistics without personally identifying individual visitors. All of these are to be considered technical cookies for which, since it is not necessary to give consent, the opt-out mechanism is in force. Technical cookies are not disclosed to third parties as they are necessary or useful for the site to function; therefore, they are processed only by qualified subjects such as persons in charge, data processors or system administrators.

Third-party analytical cookies

Finally, the site incorporates cookies and other elements (tags, pixels, etc.) from third parties (independent and for which the Owner has no responsibility) who also perform profiling activities and for which reference is made to the respective sites:

  • EX. Google

This type of cookie integrates features developed by third parties within the pages of the site such as icons and preferences expressed on social networks in order to share site content or for the use of third-party software services (such as software for generate the maps and other software that offer additional services). These cookies are sent from third-party domains and partner sites that offer their functionality on the pages of the site.

Profiling cookies

These are cookies necessary to create user profiles in order to send advertising messages in line with the preferences expressed by the user within the pages of the Site.

METHODS OF MANAGING CONSENT AND REFUSAL TO COOKIES

When the user accesses the Site, and has the browser set to accept cookies, he can express his preferences regarding the various types of cookies through the pop-up banner displayed on the pages of the Site. These preferences will be recorded in a special cookie consent management platform, developed in accordance with the principles of the legislation on the processing of personal data applicable to allow the user to exercise his choices in a granular way. The consent management platform allows you to give or deny consent to various types of cookies, both issued directly by the Data Controller and by its potential partners and suppliers; this means that it is not necessary to express a preference for each single cookie or for each third party. The different types of cookies are identified and classified on the basis of the purposes for which the cookies are released and used, making their recognition simpler and more immediate.

In particular, when the user accesses the site, through the popup banner you can choose to:

  • accept the installation of all the categories of cookies listed above by clicking on the "Accept" button;

  • refuse the installation of all the categories of cookies listed above, by clicking on the "Reject All" button;

  • access the "Learn more and customize" link and choose which categories of cookies to accept or reject based on the purpose, or based on the third party;

  • close the banner using the appropriate command marked by the "X" symbol positioned at the top right:

  • click here to access the consent management platform and manage your consent relating to cookies on the Site.

 

HOW TO CHANGE YOUR COOKIE CHOICES THROUGH THE SITE?

In the event that the user has already expressed your preferences and therefore does not see the popup banner by accessing the Site, he can access the consent management platform at any time and change his choices in relation to cookies. In this regard, it is important for the user to know that the preferences expressed on the Site will be valid for the entire second-level domain to which it belongs.

Disabling cookies

Almost all browsers offer the option of managing and not enabling cookies, in order to respect user preferences. In some browsers it is possible to set rules to manage cookies site by site, an option which offers more precise control over user privacy; another function available on some browsers is the incognito mode, so that all cookies created in this mode are deleted after closing.

Consult the following instructions for managing cookies in the relevant browsers:

  • Chrome

  • firefox

  • Internet Explorer / Edge

  • Safari​

 

Data provided voluntarily by the user

The optional, explicit and voluntary sending of e-mails to the addresses indicated on the site involves the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the e-mail. Even the explicit and voluntary sending of the forms that can be filled in on the site containing data of the interested party involves the treatment to follow up on the pre-contractual obligations or the execution of the services foreseen with the sending of the forms. This information in the forms may concern personal data, contact details, contact details, telephone numbers, email addresses of the interested parties and of identified and identifiable third parties having cause with the user of the site. However, specific summary information will be progressively reported or displayed on the pages of the site set up for particular services on request.

Purposes and legal bases of the treatment

Personal data are used (ref. articles 6 co.1 letter b) of the GDPR): to allow navigation on the site and possibly to perform the service or provision requested as part of the normal activity carried out by the undersigned organization (cod 90.11 X-ray laboratories).

​​

Furthermore, all personal data may be processed:

  1. for purposes related to obligations established by law, as well as by provisions issued by authorities legitimated by the law (ref. articles 6 co. 1 letter c) and 9 co. 2 lett. b), g), h) of the GDPR);

  2. for the assessment, exercise or defense of a right in court and out of court (legitimate interest) of the undersigned organization (ref. articles 6 co. 1 letter f) and 9 co. 2 lett. f) of the GDPR);

  3. for functional purposes, according to the legitimate interest of the Data Controller in particular; for cookies, the advertising ids used to show advertisements and announcements; for navigation and usage logs to protect the site and the service from cyber-attacks, identify any malicious or fraudulent activity (ref. articles 6 paragraph 1 letter f) of the GDPR);

 

Consequences of refusing to provide data

The provision of data collected from the interested party is optional but essential for the purpose of processing them for the purposes in letters a) and b). In the event that the interested parties do not communicate their indispensable data and do not allow the treatment, it will not be possible to proceed with the completion and implementation of the services offered and to follow up on the contractual obligations undertaken, with consequent prejudice to the correct fulfillment of regulatory obligations , such as e.g. accounting, tax and administrative ones, etc …

Apart from what is specified for navigation data, the user is free to provide personal data for cookies and specific requests through forms e.g. on products and/or services. Failure to provide such data may make it impossible to obtain what has been requested. For all non-essential data, including those belonging to particular categories, the provision is optional. In the absence of consent or incomplete or incorrect provision of certain data, including those belonging to particular categories, the required fulfilments could be so incomplete as to cause damage or in terms of penalties or loss of benefits, both due to the impossibility of guaranteeing the adequacy of the treatment itself to the obligations for which it is performed, and for the possible mismatch of the results of the treatment itself to the obligations imposed by the laws to which it is addressed, intending to exempt the undersigned organization from any and all responsibility for any sanctions or measures afflictives.

 

Methods of data processing

The treatments connected to the web services of the site are treated with automated tools for the time strictly necessary to achieve the purposes for which they were collected; they take place at the server in Italy or the EU and are only handled by technical personnel in charge of processing, or by persons in charge of maintenance and administration operations. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access and loss of confidentiality. The structure is equipped with anti-intrusion devices, firewalls, logs and disaster recovery. Specific data encryption and segregation mechanisms and user authentication and authorization mechanisms are used.

By data processing we mean their collection, registration, organization, conservation, processing, modification, cancellation and destruction or the combination of two or more of these operations. In relation to the aforementioned purposes, the processing of personal data takes place using manual, IT and telematic tools, with logic strictly related to the purposes themselves and, in any case, in order to guarantee the security and confidentiality of personal data will therefore be processed in compliance with the methods indicated in the art. 5 EU Reg. 2016/679, which provides, among other things, that the data are processed lawfully and correctly, collected and recorded for specific, explicit and legitimate, exact, and if necessary updated, pertinent, complete and not excessive with respect to the purposes of the processing, in compliance with fundamental rights and freedoms, as well as the dignity of the interested party with particular reference to confidentiality and personal identity, through protection and security measures. The undersigned organization has prepared and will further improve the access security and data retention system.

An automated decision-making process (e.g. profiling) is not carried out.

 

Non-EU transfers

​​

The treatment will take place mainly in Italy and the EU, but it could also take place in non-EU and non-EEA countries if deemed functional to the efficient fulfillment of the purposes pursued in compliance with the guarantees in favor of the interested parties. Finally, the treatment that takes place in non-EU and non-EEA countries when, at the request of the interested party, the connections to the site come from these countries, is outside the responsibility of the Data Controller.

Storage period

Personal data will be kept, in general, as long as the purposes of the processing persist according to the category of data processed.

Categories of recipients

​​

The data (only the indispensable ones) are communicated:

  • to data processors and data processors, both internal to the organization of the writer and external, who perform specific tasks and operations (site administration, analysis of navigation, traffic, profiling data, management of e-mails and forms sent voluntarily by the user, fulfillment of e-commerce requests and orders, etc.);

  • in the cases and to the subjects foreseen by the law

The data will not be disclosed unless otherwise provided by law or subject to anonymisation. Without prejudice to what is specified for cookies and third-party elements, without the prior general consent of the interested party to communications to third parties, it will be possible to start only services that do not provide for such communications. If necessary, specific and punctual consent will be requested and the subjects who will receive the data will use them as independent data controllers.

In some cases (not subject to the ordinary management of this site) the Authority may request news and information, for the purpose of controlling the processing of personal data. In these cases, the answer is mandatory under penalty of an administrative fine.

Rights of the interested party

At any time you can: exercise your rights (access, rectification, cancellation, limitation, portability, opposition, absence of automated decision-making processes) when required in relation to the data controller, pursuant to articles from 15 to 22 of the GDPR (standard); propose a complaint to the Guarantor (www.garanteprivacy.it); if the treatment is based on consent, revoke this consent given, taking into account that the revocation of the consent does not affect the lawfulness of the treatment based on the consent before the revocation.

Addresses and contacts

The Data Controller and the Data Protection Officer can be reached by writing to  https://contidolciaria.it/ 

The complete list of data processors is available upon request.

This document constitutes the Web Policy of the site info@contidolciaria.it and will be subject to updates. It is the user's responsibility to consult the document and its updates.

bottom of page