PRIVACY INFORMATION MODEL FOR PERSONAL DATA PROCESSING
(Updated to the EU Reg 2016/679 – European Regulation on personal data protection)
The Company GENNARI s.r.l. seriously considers the user’s privacy and is committed to its respect.
GENNARI s.r.l. may process the personal data of the user when he visits the website and uses the services and functionalities present on it.
In the website sections where the user’s personal data are collected, a specific information is normally published pursuant to art. 13/15 of the EU Reg. 2016/679.
If required by the EU Reg. 2016/679 the user’s consent will be required before proceeding to the processing of his / her personal data.
In case the user provides personal data of third parties, he must ensure that the communication of data to GENNARI s.r.l. and the subsequent processing for the purposes specified in the applicable privacy information complies with EU Reg. 2016/679 and applicable legislation.
1) Identification details of data controller
The Data Controller of Personal Data is Gennari s.r.l. Gennari s.r.l. is responsible for the legitimate and correct processing of your data.
Legal office: Spoleto (PG) Via degli Ulivi n.6 CAP 06049 S.S. Flaminia 132 km, tel: 0743277342, PEC: firstname.lastname@example.org.
2) Type of processed data
The visit and consultation of the website do not generally involve the collection and processing of personal data of the user, except for navigation data and cookies as specified below.
In addition to the so-called “navigation data”, personal data, voluntarily provided by the user, may be object of personal data treatment when the latter interacts with the functionality of the Web Site or requests to use the services offered by it.
In compliance with the Privacy Code, GENNARI s.r.l. could also collect the personal data of the user from third parties in the performance of its activity.
3) Cookies and browsing data
Cookies are small files stored on the hard disk of the user’s computer.
There are two macro-categories of cookies: Technical Cookies and Profiling Cookies.
Technical Cookies are necessary for the proper website functionality and to allow user navigation; without them the user may not be able to view the pages correctly or use some services.
Profiling Cookies have the task of creating user profiles in order to send advertising messages in line with the preferences expressed by the user during navigation. Cookies can also be classified as:
– session Cookies, which are deleted immediately when the browser is closed;
– persistent Cookies, which remain in the browser for a certain period of time. They are used, for example, to recognize the device that connects to a website facilitating authentication operations for the user;
– own Cookies, generated and managed directly by the manager of the website on which the user is browsing;
– third-party Cookies, generated and managed by parties other than the operator of the Web Site on which the user is browsing.
4) Cookies used on the website
The Web Site uses the following types of cookies:
1) Own, session and persistent cookies, necessary to allow navigation on the website, for purposes of internal security and system administration;
2) Third-parties, session and persistent cookies, necessary to allow the user to use multimedia elements on the website, such as images and videos;
3) Persistent third-parties cookies used by the website to send statistical information to Google Analytics system, through which GENNARI s.r.l. can perform statistical analysis of accesses / visits to the website.
The cookies used exclusively pursue statistical purposes and collect information in aggregate form. Through a pair of cookies, one of which persistent and the other of session (with expiration at the end of the browser), Google Analytics also saves a register with the start and close times of the website visit.
You can prevent Google from tracking data through cookies and the subsequent processing of data by downloading and installing the browser plug-in from the following address: http://tools.google.com/dlpage/gaoptout?hl=it
4) Persistent third-parties cookies used by the website to include on its pages some social networks (Facebook, Twitter and Google+) buttons.
By selecting one of these buttons, the user can publish on his personal page of the relative social-network the contents of the website page he is currently visiting [We currently have the sharing buttons on social networks of each product on sale]
The following table shows a detail of the cookies on the website
Google search console
|Session cookies||Access to restricted area||Web Site function||Google Privacy|
|Permanent cookies||Third parties||Web Site function||Google Privacy|
The website could contain links to other websites (so-called third parties websites). GENNARI s.r.l. does not make any access or control over cookies, web beacons and other users tracking technologies that could be used by third parties websites that the user can access from website.
5) How to disable cookies in browsers
• At the top right click on Other -> Settings
• Click Advanced at the Bottom
• In the “Privacy and Security” section, click on Content Settings
• Click on Cookies
• In the “All cookies and Web Site data” section, click Remove All
• Confirm by clicking on Clear All
• Click the Gear Icon located at the top right;
• Select the Internet Options item from the displayed menu;
• In the opened window, select the Privacy Tab
• Click Go on Button.
• Put the check mark next to the item Change Automatic Management of cookies
• Select the Block option, both under the heading “Cookies of Web Sites” and under the term “Cookies of third parties”;
• Then click on OK.
• Choose Safari> Preferences> Privacy;
• Click on “Manage Web Site data”;
• Select one or more Web Sites, then click Remove or “Remove All”.
When browsing the Web, all cookies received are cataloged and displayed in “Manage cookies …” from where it is possible specify management rules server by server.
By default, all servers receive the same treatment as specified in the general cookie setting.
However, it is possible to apply different rules to some servers by selecting an option in the cookie dialog or by manually editing their settings.
If you are visiting a website for which you want to specify a particular cookie management rule, click, with the right bottom, anywhere on the page, then select “Change preferences for this website …” and open the “Cookies” tab “. The available options are the same as described above for the general cookie setting.
If you are on the page of the Preferences for the advanced management of cookies:
• Click on “Manage cookies …”;
• Search for the server you are interested in by typing in the “Quick search” field or scrolling through the list;
• Click on “Change” and go to the “Cookies” tab to change the cookies management settings for that particular website.
6) Storage of personal data
Personal data are stored and processed through computer systems owned by GENNARI s.r.l. and managed by the Company or by third-parties suppliers of technical services; for more details, please refer to the “Scope of accessibility of personal data” section below. The data is processed exclusively by specifically authorized personnel, including personnel assigned to carry out extraordinary maintenance operations.
7) Purposes and methods of data treatment
GENNARI s.r.l. may process the user’s common and sensitive personal data for the following purposes: use by users of services and functionalities present on the Web Site, management of requests and reports from their users, sending newsletters, managing applications received through the website, etc.
In addition, with the further and specific optional consent of the user, GENNARI s.r.l. may process personal data for marketing purposes, that is to send to website user promotional material and / or commercial communications relating to the Company’s services, at the addresses indicated, either through traditional methods and / or means of contact (such as, paper mail, telephone calls with operator, etc.) or automated methods (such as, internet communications, fax, e-mail, text messages, applications for mobile devices such as smartphones and tablets -cd.APPS-, social network accounts – eg via Facebook or Twitter -, calls with automatic operator, etc.).
Personal data are processed both in paper and electronic form and entered into the company information system in full compliance with EU Reg. 2016/679, including security and confidentiality profiles and based on principles of correctness and lawfulness of processing.
In accordance with the EU Reg. 2016/679 data are kept and stored for a period of time not exceeding that necessary to obtain treatment.
8) Security and quality of personal data
GENNARI s.r.l. undertakes to protect the security of the user’s personal data and complies with the security provisions required by applicable law in order to avoid data loss, illegitimate or illegal use of data and unauthorized access to the same, with particular reference to the Technical Discipline concerning minimum security measures. Furthermore, the information systems and computer programs used by GENNARI s.r.l. are configured in such a way as to minimize the use of personal and identifying data; these data are processed only for the achievement of the specific purposes pursued from time to time.
GENNARI s.r.l. uses multiple advanced security technologies and procedures to promote the protection of users personal data; for example, personal data is stored on secure servers located in places with secure and controlled access.
The user can help GENNARI s.r.l. to update and keep correct their personal data communicating any changes related to their address, their qualification, contact information, etc.
9) Scope of accessibilty of personal data
The personal data of the user may be communicated to:
- all subjects to whom access to such data is recognized by regulatory measures;
- our collaborators, employees, as part of their duties;
- all those individuals and / or legal persons, public and / or private, when the communication is necessary or functional for carrying out our activity and in the manner and for the purposes illustrated above.
10) Nature of provision of personal data
The provision of some personal data by the user is mandatory to allow the GENNARI s.r.l. to manage communications, requests received by the user or to contact the user himself to respond to his request.
This type of data is marked with an asterisk symbol [*] and in this case, the conferment is mandatory to allow GENNARI s.r.l. to process the request which, in default, can not be processed.
On the contrary, the collection of other data not marked with an asterisk is optional: failure to provide data will not entail any consequences for the user.
The provision of personal data by the user for marketing purposes, as specified in the section “Purposes and methods of data treatment” is optional and the refusal to provide them will have no consequence.
The consent granted for marketing purposes is intended to be extended to the sending of communications carried out through automated and traditional methods and / or contact means, as above exemplified.
11) Rights of the interested party
11.1 Art. 15 (Right of access), 16 (Right of rectification) of the EU Reg. 2016 / 679
The interested party has the right to obtain from the data controller confirmation that it is or is not undergoing treatment of personal data concerning him and in this case, to obtain access to personal data and to the following information:
a) the purposes of the processing;
b) the categories of personal data in question;
c) the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if recipients of third countries or international organizations;
d) the retention period of the personal data provided or, if not possible, the criteria used to determine this period;
e) the existence of the right of the interested party to request the data controller to rectify or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;
f) the right to lodge a complaint with a supervisory authority;
g) the existence of an automated decision-making process, including profiling and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the data subject.
11.2 Right pursuant to art. 17 of EU Reg. 2016/679 – Right to cancellation (“Right to be forgotten”)
The interested party has the right to obtain from the data controller the deletion of personal data concerning him / her without undue delay and the data controller has the obligation to cancel without undue delay personal data, if one of the following reasons exists:
a) personal data are no longer necessary with respect to the purposes for which they were collected or otherwise processed;
b) the data subject revokes the consent on which the processing is based in accordance with article 6 (1) (a) or article 9 (2) (a) and whether there is no other legal basis for the processing ;
c) the data subject opposes the processing pursuant to article 21 (1) and there is no legitimate overriding reason to proceed with the processing, or opposes the processing pursuant to article 21 (2);
d) personal data have been processed unlawfully;
e) personal data must be deleted to fulfill a legal obligation under Union or Member State law to which the controller is subject;
f) personal data have been collected with regard to the information society service offer referred to in article 8, paragraph 1 of EU Reg. 2016/679.
11.3 Right referred to in art. 18. Right of treatment limitation
The interested party has the right to obtain from the data controller the limitation of treatment when one of the following hypotheses occurs:
a) the interested party disputes the accuracy of personal data for the period necessary for the data controller to verify the accuracy of such personal data;
b) the processing is illegal and the interested party opposes the cancellation of personal data and asks instead that its use is limited;
c) although the data controller no longer needs it for processing purposes, personal data are necessary for the data subject to ascertain, exercise or defend a right in court;
d) the interested party has opposed the treatment pursuant to article 21, paragraph 1of EU Reg. 2016/679 pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party.
11.4 Right as per Article 20. Right to data portability
The interested party has the right to receive, in a structured, commonly used and automatically readable form, the personal data concerning him / her provided to a data controller and has the right to transmit such data to another data controller without impediments from part of the data controller.
12. Revocation of consent to treatment
The interested party may revoke the consent to the processing of his personal data by sending a registered letter to the following address: Via Degli Ulivi Spoleto (PG) n.6 cap 06049 SS Flaminia km.132 or PEC certified mail gennarisrl @ pec.it accompanied by a photocopy of his identity document, with the following text: << withdrawal of consent to the processing of all my personal data >>.
At the end of this operation your personal data will be removed from the archives as soon as possible.
If you would like more information on the processing of your personal data, or exercise the rights referred to in paragraph 11 above, you can send a registered letter to the following address: Via Degli Ulivi Spoleto (PG) n.6 cap 06049 SS Flaminia km .132 or
before we can provide you, or change any information, you may need to verify your identity and answer some questions. An answer will be provided as soon as possible.