This document describes how the Site www.lagor.com (“Site”) is managed, with reference to the processing of personal data belonging to the users (“User/Users”) consulting it.
It is an information notice issued in accordance with article 13 article of the EU Regulation no. 679/2016 (“GDPR”), for anyone who visits the Site and/or interacts with Lagor s.r.l. services available through the Site.
The data controller is Lagor S.r.l. with registered office in Via Pio La Torre 48, Cerro Tanaro (Asti) e-mail address firstname.lastname@example.org (“Data Controller”).
2.1 BROWSING DATA
During normal use, the electronic systems and software procedures enabling this Site to operate, acquire certain personal data; transmission of same is implicit in the use of internet communication protocols.
This information is not being collected in order to be associated to well-identified data subjects, but its nature, by means of processing and associations with data held by third parties, could make the users identification possible.
The category of data could be listed as follow: (i) IP addresses or domain names of computers used by users connecting to the Site, (ii) addresses in URI (uniform resource identifier) notation for resources requested, (iii) the time of request, (iv) the method used to submit the request to the server, (v) the dimension of the file obtained in response, (vi) the numerical code indicating the status of the response given by the server (success, error etc) and (vii) other parameters regarding the user's operating system and the IT environment.
This data is used only to glean anonymous statistical information on the use of the Site and to check that it operates correctly and this data is deleted immediately after processing.
2.3 DATA PROVIDED ON VOLOUNTARY BASIS
The data controller processes the following data supplied by the User: email, name, surname, telephone number . Users are responsible for any Personal Data of third parties obtained, published or shared through Lagor Site and confirm that they have the third party’s consent to provide the Data to Lagor. The Users declare to be the age thus freeing the data controller from any liability.
The personal data of the Users are processed by the Data Controller in order to:
Except as provided for the browsing data which are necessary to allow the Users to correctly use the Site and for the cookie, the users are free to provide their personal data in order to ask for a Data Controller reply. The refusal to allow their data to be processed would make impossible for Users to obtain any reply.
The personal data is processed through computerized, automated and manual systems for such period of time that is necessary to achieve the purposes for which the data is collected.
The personal data is collected electronically, recorded in digital format, processed only by those subjects appointed to carry out such fulfilments, as well as by adopting specific security measures aimed to ensure the protection of Your confidentiality and to avoid the loss of data, any unauthorized accesses to the data and any data processing which may be qualified as unlawful or not in compliance with the abovementioned purposes.
In any case, it remains understood that the Data Controller retains the right to communicate the Users personal data to the companies in charge for carrying out specific services within its activity and/or, in general, in its favor, that will operate as data processors, as well as the right to communicate and/or to distribute the User personal data that, in compliance with the applicable law, the police, the judicial authority, the information and security agencies or other public subjects might ask for purposes related to defense or State security or to preventing, detecting or suppressing crimes.
In particular, it is specified that the User's personal data are processed by:
Your data are not subject to dissemination.
The Data storage and processing take place in on servers within the European Union. It is understood that, the Data Controller, if necessary, will have the right to move the location of servers in Italy and / or European Union and / or non-EU countries. In such a case, the Data Controller shall ensure that the transfer of Data in non-EU countries will take place in accordance with applicable law by stipulating, where necessary, agreements ensuring an adequate level of protection and / or adopting the standard contractual clauses as provided by the European Commission.
Pursuant to articles 15 et seq. of GDPR, the User has the right to obtain:
The Users to whom the data refers have the right to obtain the confirmation as to whether their personal data exist or not and to know its content and the source, check that it is correct or ask for it to be integrated or updated, or rectified, erased or restricted, or to oppose against its processing, to lodge a complaint with a supervisory authority pursuant to article 15 of the Regulation.
Additionally, pursuant to Articles 7, 15, 16, 17,18, 19, 20, 21, 22 and 77 of the same Regulation, each user has the right to ask for information about the collection and use of their personal data, to access it, rectify it, erase it (right to be forgotten), restricted processing, the notification obligation regarding rectification or erasure of personal data or restriction of processing, data portability, the anonymous transformation or the block of data processed against the law, as well as the right, in the cases set out by the law, to oppose to its processing, to lodge complaints regarding the collection and processing of personal data with the competent Data Protection authority, to withdraw the consent to the processing of personal data at any times, without prejudice to the legitimate processing performed until then based on the consent withdrawn.
In order to exercise the aforementioned rights, it is necessary to write to the Data Controller e-mail address, as it is indicated at the previous paragraph 1, specifying “Privacy ” as object.
Finally, we inform You that if You believe that your rights have been infringed by the Data Controller and/or by a third party, you have the right of lodging a complaint with a Italian Data Protection authority (“Garante Privacy”) and/or with another competent authority provided by GDPR.
The processing will last only for such period of time that is necessary for achieving the purposes mentioned at the previous paragraph 3. The Data Controller will then store Your personal data only in compliance with the legal obligations provided by the applicable laws, for administrative purposes and/or to claim or to defend an own right in the case in which a litigation or a pre-litigation procedure arise.
The Data Controller will store Your personal data with the following deadlines: a) browsing data: maximum 7 days; b) personal data provided by the User in requests via contact form: no later than 24 months from the request of the User; c) profiling data no later than one year.
The User can always request that the Data controller suspend any use of the Data or remove the Data.
If the User considers that its rights have been infringed by the Data Controller, has the right to lodge a complaint with the Italian Supervisory Authority or any other supervisor authority in the European Union by following the procedure provided by this link: http://www.garanteprivacy.it/home/urp
*** *** ***