Fiona Giusto – Castello 2512 – 30122 Venezia (Italy)
INFORMATION ON THE PROCESSING
OF PERSONAL DATA
of the users visiting the websites of the Italian data protection authority
Pursuant to Article 13 of the EU Regulation 2016/679
WHAT IS THIS INFORMATION?
The information provided below describes, as required by the EU Regulation 2016/679, the processing operations performed on the personal data of the users visiting the Data Controller’s website: www.venicetours.it.
The information provided does not concern other online websites, pages or services that can be accessed via hyperlinks on the above websites but relate to resources outside the Data Controller’s domain.
Visiting the websites listed above may result into processing data relating to identified or identified natural persons.
The data controller is Fiona Giusto, located in Castello 2512 – 30122, Venezia (IT), (Email: firstname.lastname@example.org).
PURPOSES AND LEGAL BASIS FOR THE PROCESSING
Data communicated by users
Sending messages, on the basis of the user’s free, voluntary, explicit choice, to the Data Controller contact addresses available on the website entail the acquisition of the sender’s contact information as necessary to provide a reply as well as of any and all the personal data communicated in that manner.
The data transferred are processed for the following purposes:
1) to provide a reply to the specific requests as well as for carrying out the services offered by the Data Controller and therefore fulfilling the contracts eventually concluded. In this case the processing of your data occurred without your consent because necessary to the fulfilment of Data Controller’s contractual obligations. Any further use is not permitted.
2) to fulfil legal obligations, regulations, EU legislations.
NATURE OF THE TRANSMISSION AND CONSEQUENCES OF FAILURE TO PROVIDE DATA
The transmission of the data is necessary for the purposes of the above par. PURPOSES AND LEGAL BASIS FOR THE PROCESSING, number 1 and 2.
If you provide us with personal data of third parties you have to do what is necessary to make the communication of data to the Data Controller and our subsequent use for the purposes indicated, from time to time, compliance with the Privacy Code, or the GDPR, as applicable, as well as, in general, to the applicable reference legislation (example before providing us with the data of third parties you have to inform them and obtain their consent, if required by the Privacy Code, or by the GDPR, as applicable).
The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols.
This data category includes the IP addresses and/or the domain names of the computers and terminal equipment used by any user, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user’s operating system and computer environment.
These data are necessary to use web-based services and are also processed in order to
– extract statistical information on service usage (most visited pages, visitors by time/date, geographical areas of origin, etc.);
– check functioning of the services.
Browsing data are kept for no longer than seven days and are erased immediately after being aggregated (except where judicial authorities need such data for establishing the commission of criminal offences).
PROCESSING AND USE OF PERSONAL DATA
We process data using electronic and manual means.
ACCESS TO DATA, SHARING AND RECIPIENTS
We communicate data to authorities, public entities, professionals, independent collaborators, even in partnership, our business partners or other companies we use for services of a commercial, professional and technical nature for the pursuit of the purposes specified above, third parties in case of mergers, acquisitions, sale of company or business unit or other extraordinary operations. These third parties are provided with only the information necessary to perform the related functions; they undertake to use the information received only for the purposes of the processing indicated above, to keep it confidential and safe and to act in compliance with the applicable legislation. We also communicate personal data to legitimate recipients according to law or regulation.
TRANSFER OUTSIDE EU
Your data will not be transferred outside EU countries.
With regard to the purposes of par. PURPOSES AND LEGAL BASIS FOR THE PROCESSING, number 1 and 2, the dati will be retain as long as it is required for the purpose for which we use it and no longer than 10 years.
DATA SUBJECTS RIGHTS
We respect the fundamental rights and freedoms of data subjects. GDPR increases the privacy rights of the data subject. Under this regulation you have the rights of obtain confirmation of the existence or not of data concerning you, verify its content, origin, accuracy, request integration, updating, rectification, cancellation (including the so-called “right to be forgotten”), transformation into anonymous form, limitation, blocking of data for violation of the law, opposition to the processing for legitimate reasons, right to data portability, right to lodge a complaint with the Italian data protection authority. To exercise your privacy rights, you can contact the Data Controller at the addresses indicated at the top of this information.