This Policy, issued pursuant to art. 13 of Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter “GDPR”), is aimed at illustrating the methods and purposes of personal data processing carried out by PANETTA Studio Legale, with registered office in Piazza Colonna, 355, Rome, as data controller (hereinafter the “Data Controller”), through the website www.panetta.net (the “Website”).
The processing of users’ personal data will be carried out in full compliance with current legislation on the protection of personal data.
The Data Controller reserves the right to update the Policy at any time and inform users through the use of appropriate tools.
- THE WEBSITE
The Website is configured in such a way as to minimize the collection and use of user identification data, excluding the processing in all cases where the intended purposes can be achieved by other means.
For the avoidance of doubt, it should be noted that this Policy shall be deemed to refer and apply only to the Website, without extending to pages or sites accessed via links and/or operated by third parties.
- PURPOSES OF PROCESSING
Personal data are processed by the Data Controller within the limits and for the sole purpose of providing the services accessible through the Website, in particular for:
- allow users to learn about and deepen, through the navigation on the Website, the activities and services offered by the Data Controller;
- respond to any requests sent by users through the email address of reference;
monitor the proper functioning of the Website;
- CATEGORIES OF DATA PROCESSED
Data automatically collected by the Website
The systems and computer procedures that allow the functioning of the Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected in order to be associated with individual interested parties, but by their very nature could, through processing and association with data held by third parties, allow them to be identified.
This category of data includes, by way of example, the IP addresses or domain names of the computers used by users who connect to the Website, the URI (Uniform Resource Identifier) addresses of the resources requested, the relevant time, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.
Data provided voluntarily by the user
The sending of any personal data by the user such as, for example, name, surname or e-mail address, involves the inevitable acquisition of the same by the Data Controller and their subsequent processing to respond to requests received and/or to provide the requested service.
Therefore, the user who prefers to avoid the collection of their data by the Data Controller is invited not to submit any request or, at least, to provide as little personal data as possible.
- HOW WE PROCESS DATA
All personal data are processed primarily through electronic means and methods, however, the processing by the paper is not excluded.
The processing will be carried out only by persons duly authorized in writing by the Data Controller, in accordance with the provisions of the applicable legislation.
The same data will be collected in a form that allows identification of the user only for the time strictly necessary to achieve the purposes for which such data were originally collected and, in any case, within the limits of the law.
- THIRD PARTIES
No data will be disclosed to third parties, except with the express and specific consent of the person concerned.
It is understood that users’ personal data may be disclosed to third parties, such as the police, whenever this is required by law or by a measure of a competent authority.
- SECURITY MEASURES
The Data Controller will take all necessary security measures to minimize the risk of destruction or loss, even accidental, of the data, unauthorized access or processing not allowed or not in accordance with the purposes specified in this policy.
- DATA SUBJECTS’ RIGHTS
Data Controller must provide confirmation of the existence or not of personal data concerning the user, even if not yet registered, giving communication in an intelligible form, if the latter requests it.
In addition, the interested party has the right to request, in accordance with current legislation:
- access, updating, rectification or, when interested, integration of data;
- the erasure, anonymization, blocking of processed data or limitation of processing;
- the opposition to the processing of one’s own personal data;
- lodge a complaint to the Italian Data Protection Authority (Garante per la Protezione dei Dati).