- Official WEB -

Privacy

– Privacy notice regarding the processing of personal data pursuant to Articles 13–14 of the GDPR (General Data Protection Regulation) 2016/679. –

The Data Subject (User or visitor of the website) is hereby informed that Legislative Decree no. 196/2003 (the so-called “Personal Data Protection Code”, hereinafter also referred to as the “Code”) provides for the protection of individuals with regard to the processing of personal data. In accordance with the provisions of the aforementioned Code and the applicable regulations, the processing will be carried out in accordance with the principles of fairness, lawfulness and transparency, respecting fundamental rights and freedoms, as well as the dignity of the data subject, with particular reference to confidentiality, personal identity and the right to personal data protection. This notice is provided pursuant to Article 13 of the Code and is subject to updates, which will be published on the website. The processing of Users’ personal data takes place in accordance with the applicable legislation as amended by Regulation (EU) no. 679 of 27 April 2016 – applicable from 25 May 2018 (hereinafter collectively referred to as the “Applicable Privacy Legislation”).

Processing methods
Personal data are processed using automated and non-automated tools, for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are adopted to prevent data loss, unlawful or improper use, and unauthorized access.

Rights of the data subject
The data subject has the rights set out in Article 7 of Legislative Decree no. 196/2003 (Right of access to personal data and other rights), reported below:
1. The data subject has the right to obtain confirmation of the existence or absence of personal data concerning them, even if not yet recorded, and their communication in an intelligible form.
2. The data subject has the right to obtain information regarding: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in the event of processing carried out with the aid of electronic tools; d) the identification details of the data controller, the data processors and the designated representative pursuant to Article 5, paragraph 2; e) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as designated representatives within the State territory, data processors or persons in charge of processing.
3. The data subject has the right to obtain: a) the updating, rectification or, when interested, the integration of the data; b) the deletion, anonymization or blocking of data processed in violation of the law, including those for which storage is not necessary in relation to the purposes for which the data were collected or subsequently processed; c) certification that the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of those to whom the data were communicated or disclosed, except in cases where this proves impossible or involves the use of means clearly disproportionate to the protected right.
4. The data subject has the right to object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning them, even if relevant to the purpose of the collection; b) to the processing of personal data concerning them for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication.”

Pursuant to the Applicable Privacy Legislation, starting from May 2018 Users will also have the right to exercise the following rights:

  • the right to data portability, i.e. the right to receive their personal data in a structured, commonly used and machine-readable format, and the possibility to transmit them to another data controller freely and without hindrance;
  • the right to request restriction of the processing of their personal data.

Requests for updating, rectification, deletion or otherwise relating to the processing and storage of data must be sent by email to rictesi@gmail.com indicating in the subject line: “Deletion of personal data”. The request must contain:

  • Name and surname of the applicant
  • Written request for deletion/update/rectification
  • Email address used for registration (e-mail)
  • Password used to access the personal area (if available)
  • Copy of identity card or passport
  • Contact address and telephone number

Transfer of Data abroad
Users’ personal data will not be transferred to countries outside the European Union that do not ensure levels of data protection in line with the Applicable Privacy Legislation.

Optional nature of data provision
Users are informed that, with the exception of navigation data, the provision of data is optional.

Information security
All information collected on the website is stored and maintained in secure facilities that restrict access exclusively to authorized personnel. The website is regularly monitored to check for possible security breaches and to ensure that all collected information is safe from anyone attempting to view it without authorization. The site complies with all security measures described by applicable laws and regulations and with all appropriate measures according to the most advanced current criteria, in order to ensure and guarantee the confidentiality of users’ personal data and minimize, as far as possible, the risks of unauthorized access, removal, loss or damage to users’ personal data.

Types of data processed and purposes of processing

Data voluntarily provided by users
The voluntary, optional and explicit sending of data to the website by the user (for example, through the entry of personal data by filling in specific “forms”, as well as sending emails to the addresses indicated on this website) entails the subsequent acquisition of the sender’s address and the data provided by the user, for which the user also gives explicit consent to their processing. If users enter or otherwise process third-party data, they guarantee from now on, assuming all related responsibility, that they have previously provided such third parties with the information referred to in Article 13 of Legislative Decree no. 196/2003 and have obtained their consent to processing.

Navigation data
The IT systems and software procedures used to operate this website acquire, during their normal operation, certain navigation data that are implicitly transmitted through the use of Internet communication protocols. These are data relating to telematic traffic which, by their nature, are not immediately associated with identified individuals, but which, through processing or association with data held by third parties, could allow the identification of website users/visitors (such as, for example, IP addresses, browser type and operating system used by the user, and the time of access requests to web pages). These data are used solely for anonymous statistical information regarding visits to the website or to verify its correct functioning. Such data are stored for the period strictly necessary and in any case in accordance with the applicable legal provisions.

Web Hosting Service
In IT, “hosting” (from the English verb to host) is a network service consisting of allocating the web pages of a website or a web application on a web server, thus making it accessible via the Internet and to its users.
The data and information on this website (i.e. the hosting of https://www.riccardotesi.com) are maintained and stored by Aruba S.p.A.

Aruba S.p.A. is an Italian company that provides web hosting services, email services and domain name registration. In addition to domain registration, Aruba offers email services, connectivity, housing, dedicated servers, virtual private servers, certified email services (PEC) and digital signatures. These are complemented by Cloud Computing, Private Cloud and Cloud Object Storage solutions.
Aruba S.p.A., with regard to the data for which it collects processing consent and those hosted on its applications, does not access nor use customer data for purposes such as ‘data mining’, ‘data profiling’ or transfer to third parties. Furthermore, Aruba S.p.A. has obtained a number of certifications attesting to the high security standards within which it operates, such as ISO 27001, ISAE 3402, ANSI/TIA 942 and the GO Certification (Guarantee of Origin) for energy from 100% renewable sources.
For more information, users are invited to consult the following page: https://www.aruba.it/gdpr-regolamento-europeo-privacy.aspx