Who are we and what do we do with your personal data?
The company STARTIT S.r.l. with registered office in Via Galcianese, 44/C9-10 59100, Prato (PO) P.IVA 01821470976 – e-mail privacy@startit.it hereinafter Data Controller, protects the confidentiality of your personal data and guarantees them the necessary protection from any event that could put them at risk of infringement.
What data and for what does the Data Controller collect them?
The Data Controller collects and/or receives information about you of various types:
- Navigation data;
- Data communicated by the user;
- Cookies and other tracking systems;
Navigation data, such as the IP address and the pages visited are automatically collected while browsing this site; the same are used by the Data Controller for the management of the site itself and for its security. The Data Controller processes, also through its suppliers, your personal, computer or traffic data collected or obtained in the case of services displayed on the website to a strictly necessary and proportionate extent to guarantee the security and capacity of a network or servers connected to it to resist, at a given level of security, unforeseen events or illicit or malicious acts that compromise the availability, authenticity, integrity and confidentiality of the personal data stored or transmitted.
For these purposes, the Data Controller provides procedures for managing the violation of personal data (data breach).
The data communicated by the user by filling in the forms on the site involve the acquisition of the sender’s contact details, necessary to reply, as well as all the personal data included in the communication. Specific information will be published on the pages of the Data Controller’s sites prepared for data collection (Forms).
The methods of use of Cookies are described in the Cookies Policy.
Social buttons
On the Data Controller’s sites there are particular “buttons” (called “social buttons/widgets”) which depict the icons of social networks (e.g. Facebook, Instagram, Linkedin). These buttons allow users who are browsing the sites to interact with a “click” directly with the social networks and other websites depicted therein. In this case, the social network and other websites acquire data relating to the user’s visit, while the Data Controller will not share any navigation information or user data acquired through its site with the social networks and other accessible websites thanks to the Social buttons/widgets.
What happens if you do not provide your data?
Navigation data is automatically acquired while accessing the site. Visiting the site without releasing navigation data is not possible. As far as cookies are concerned, we invite you to read the consequences deriving from the deselection of individual cookies, as indicated in the cookie policy. Finally, with regard to the data communicated directly by the user through the contact forms, please refer to the information released within the forms themselves.
How and Where
Your personal data will be processed within the European Union through IT/manual tools for which we have provided to apply adequate security measures and with the help of our collaborators duly authorized and trained for this purpose. In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU. In this case, the Data Controller ensures from now on that the transfer of non-EU data will take place in compliance with the applicable legal provisions, for example through the adoption of the standard contractual clauses envisaged by the European Commission which ensure an adequate level of personal data protection even outside the EU.
How much time
The Data Controller processes the data relating to the site access logs for a maximum of 7 days. As regards the data relating to cookies, please refer to the Cookies Policy. With regard to the data communicated directly by the user through the contact forms, it is possible to learn the retention times by consulting the information released within the forms themselves.
What are your rights?
Basically you, at any time and free of charge and without particular charges and formalities for your request, can:
- obtain confirmation of the processing carried out by the Data Controller;
- access your personal data and know its origin (when the data are not obtained from you directly), the purposes of the processing, the data of the subjects to whom they are communicated, the retention period of your data or the criteria useful for determining it;
- update or correct your personal data so that it is always accurate;
- delete your personal data from the Data Controller’s databases and/or archives, including backup archives, in the event, among others, that they are no longer necessary for the purposes of the processing or if this is assumed to be illegal, and always if the conditions established by law; and in any case if the processing is not justified by another equally legitimate reason;
- limit the processing of your personal data in certain circumstances, for example where you have contested its accuracy, for the period necessary for the Data Controller to verify its accuracy. You must be informed, in a reasonable time, also when the period of suspension has been completed or the cause of the limitation of the treatment has ceased, and therefore the limitation itself revoked;
- obtain your personal data, if received or processed by the Data Controller with your consent and/or if their processing takes place on the basis of a contract and with automated tools, in electronic format also for the purpose of transmitting them to another data controller.
- The Data Controller must do so without delay and, in any case, at the latest within one month of receiving your request. The deadline may be extended by two months, if necessary, taking into account the complexity and number of requests received from the Data Controller. In such cases, the Data Controller, within one month of receiving your request, will inform you and inform you of the reasons for the extension.
For any further information and to send your request, you must contact the Data Controller at privacy@startit.it.
How and when can you object to the processing of your personal data?
For reasons relating to your particular situation, you can object at any time to the processing of your personal data if it is based on legitimate interest, by sending your request to the Data Controller at the address privacy@startit.it
You have the right to have your personal data deleted if there is no legitimate reason that prevails over the one that gave rise to your request.
Who can you lodge a complaint with?
Without prejudice to any other administrative or judicial action, you can lodge a complaint with the supervisory authority for the protection of personal data, unless you reside or work in another Member State. In the latter case, or in the one in which the violation of the legislation on the protection of personal data occurs in another EU country, the competence to receive and know the complaint will be of the supervisory authorities established therein.
Each update of this information will be communicated to you promptly and by appropriate means and the same will be communicated to you if the Company will proceed with the processing of your data for purposes other than those referred to in this information.
INFORMATION REQUEST INFORMATIVE
ex art.13 EU Regulation 2016/679
Data collected from the interested party
The following information is provided pursuant to article 13 of the European Regulation on the protection of personal data EU 2016/679 and has the purpose of providing the following information necessary to guarantee correct and transparent treatment.
The Data Controller
The Data Controller of your personal data is STARTIT S.r.l. with registered office in Via Galcianese, 44/C9-10 59100, Prato (PO) VAT number 01821470976 – e-mail privacy@startit.it
Purpose of the Processing and legal basis
The processing of personal data provided during registration is aimed solely at:
Purpose of the Treatment
Take charge and correctly manage your request for information
Legal basis
Execution of the Contract and pre-contractual measures
Recipients or any categories of recipients of personal data
Your personal data may be communicated, only for the achievement of the purposes indicated above, to the following categories of recipients:
- Designated subjects;
Data retention period
The data provided in relation to the purposes indicated will be kept for:
Purpose of the Treatment
Take charge and correctly manage your request for information.
Conservation Policy
The time needed to handle your request.
Where we process your personal data and how
Your personal data will be processed within the European Union through IT/manual tools for which we have provided to apply adequate security measures and with the help of our collaborators duly authorized and trained for this purpose. In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU. In this case, the Data Controller ensures from now on that the transfer of non-EU data will take place in compliance with the applicable legal provisions, for example through the adoption of the standard contractual clauses envisaged by the European Commission which ensure an adequate level of personal data protection even outside the EU.
Rights of the interested party
You, as an interested party, have the right to ask the data controller to access your personal data and to correct or cancel them or limit or oppose the processing that concerns you; you can also request data portability should it become necessary for you. To facilitate the exercise of your rights, we have activated a special email address privacy@startit.it or alternatively you can use any other means of contact of our structure (telephone, fax, etc.). Before we can provide you, or change any information, we may need to verify your identity and answer some questions. An answer will be provided as soon as possible.
Right of complaint
If you believe that your rights have been infringed, you can lodge a complaint with the Guarantor authority using the appropriate form published on the website www.garanteprivacy.it.
Obligation or otherwise to provide data and consequences of failure to provide it
Purpose of the Treatment
Take charge and correctly manage your request for information.
Obligation
YES
Consequences of failure to provide
Inability to handle your request for information.
Prato (PO), 06.30.2021