Privacy Policy

We take your privacy very seriously and are committed to protecting it.

The text below is intended to clarify the purposes and methods of processing the personal data that we collect when you access our website.

REGULATORY CONTEXT

This privacy policy protects those who interact with the services of this website in terms of the protection of personal data electronically accessible. It is regulated in accordance with the following provisions and recommendations:

  • Article 13 of Legislative Decree 196/2003;
  • Article 13 of the GDPR 679/2016 “EU General Data Protection Regulation”;
  • Provision no. 229 of 8 May 2014 concerning the use of cookies;
  • Recommendation no. 2/2001 adopted by the Working Group, established by Article 29 of the Directive number 95/46/CE.

If you are required to provide your personal data to access certain site services, you will be provided with the appropriate and detailed information on the processing pertaining to your data, pursuant to Article 13 of Legislative Decree 196/03 and of Article 13 of GDPR 679/2016. This information will specify the limits, purposes and methods of the processing itself.

Data Controller

The Data Controller is Spindox S.p.A., which is based in Milan, Italy on via Bisceglie 76.

Within the Company, data belonging to visitors of the site will be processed by employees who act as Appointees under the direct authority of the respective Manager.

In addition to Spindox employees, the processing of personal data may also be performed by third parties to whom the company entrusts certain activities (or parts of them) connected with or instrumental to the performance or provision of the services offered. In such circumstances, the same subjects will operate as autonomous owners, co-owners, or will be appointed as Data Processor Managers or Data Processors.

DPO

The Data Controller has appointed a Data Protection Officer (DPO) who can be contacted at the following e-mail address: dpo@spindox.it.

PLACE OF DATA PROCESSING

The processing operations related to the web services of our sites take place at the aforementioned offices of the Data Controller.

However, Spindox reserves the right to use cloud services. In this case, the service providers are selected from those who provide appropriate guarantees as required by Article 46 of GDPR 679/16.

NATURE OF DATA USED FOR PROCESSING

NAVIGATION DATA

During normal operation and for the sole duration of the connection, the computer systems and software procedures used to operate this site acquire data that are implicitly transmitted in the use of internet communication protocols.

This information is not collected for the purpose of associating it with users. However, by their very nature, they could allow the identification of them through processing and associations with data held by third parties. These data, deleted a few hours after processing, are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its proper functioning. Furthermore, in the event of hypothetical computer crimes against the site, they could be used to ascertain any liability.

These data include the following categories:

  • IP addresses;
  • Names related to the computer domain used by users connecting to the site;
  • Notation addresses URI (Uniform Resource Identifier): requested resources, time of the request, method used to submit the request to the server, size of the file obtained in response, numeric code indicating the status of the response given by the server (good results, errors, etc.), and other parameters pertaining to the operating system and the user’s IT environment.

DATA PROVIDED VOLUNTARILY BY USERS / VISITORS

If users / visitors send their personal data to access certain services on this site or to make requests via e-mail, Spindox will acquire these data. These data will be processed exclusively to respond to the request or for the provision of the service in accordance with this Policy and the specific Privacy information provided during the request of the individual services. The data will be kept only for the time strictly necessary to provide the requested service and to manage any disputes.

The personal data explicitly provided by the users will be communicated to third parties only if the communication is necessary to comply with the requests of the users themselves, without prejudice to the provisions of the specific information for the individual services.

COOKIES

Spindox sites use cookies or markers. Cookies are small text files sent by the site to the person’s computer or smartphone (usually to the browser) where they are stored before being re-transmitted to the site on the next visit by the same user. A cookie cannot recall any other data from the hard disk of the user or transmit computer viruses or acquire e-mail addresses. Each cookie is unique to the user’s web browser. Some of the cookie functions can be delegated to other technologies. In this document, the term “cookies” refers to cookies and all similar technologies.

Cookies can be technical (necessary to transmit communication) or profiling (aimed at creating user profiles and sending personalized advertising messages). We do not use profiling cookies on our sites. Below is the list of technical cookies on the Spindox website.

System cookies

The Spindox site uses cookies to guarantee a better browsing experience for the user. These cookies are essential for the correct use of the site. You can disable these cookies from the browser, but you will compromise your experience on the site and we will not be able to answer for any malfunctions.

Facebook

Facebook uses cookies to offer users features such as sharing and “like” on their wall. For more information, please consult the privacy policy for Facebook.

Twitter

Twitter uses cookies to offer users sharing features on their wall. For more information, please see Twitter’s privacy policy.

Google+

Google uses cookies to offer users sharing features on their wall. For more information, consult Google’s information Google’s cookie policy.

Google Analytics

The Italian Guarantor considers cookie analytics to be instrumental in the functioning of a website and therefore includes them in the category of technical cookie. Google Analytics is the analysis tool we use to understand how visitors interact with the contents of our sites. The service uses a set of cookies to collect information and generate statistics on the use of websites without providing personal information about individual visitors to Google. For more information, please consult the Google Analytics disclosure.

DURATION OF COOKIES

Cookies have a duration dictated by an expiration time (or by a specific action such as closing the browser) set at the time of installation.

Cookies can be:

–  temporary or per session (session cookies): used to store temporary information to link the actions performed during a specific session. These cookies are removed from the computer when the browser is closed;

–  permanent (persistent cookies): used to store information, for example the login name and password, so as to avoid the user having to enter this information again each time he visits a specific site. These remain stored in the computer even after closing the browser.

METHOD OF PROCESSING

The processing is performed through automated tools (for example, using procedures and electronic media) and / or manually (for example, on paper) for the time strictly necessary to achieve the purposes for which the data were collected and, in any case, in accordance with the regulations in force on the subject.

RIGHT TO PROVIDE DATA

Except as specified for navigation data, users are free to provide their personal data. Failure to provide such data may result only in the failure of obtaining the requested information from the site.

RIGHTS OF THE INTERESTED PARTY

According to

– Article 7 of Legislative Decree 196/2003;

– Article 15 – Right of access, 16 – Right of rectification, 17 – Right of cancellation, 18 – Right of limitation of treatment, 20 – Right of portability, 21 – Right of opposition, and 22 – Right to object to automated decision-making of GDPR 679 / 16,

you can exercise your rights by writing to the Data Controller, specifying the subject of your request, the right that you intend to exercise and attaching a photocopy of an identification document that certifies the legitimacy of the request.

REVOCATION OF CONSENT

With reference to Articles 7 and 23 of Legislative Decree 196/2003 and to Article 6 of GDPR 679/16, you can revoke any consent given at any time.

You can exercise this right by writing to the Data Controller, specifying the subject of your request and attaching a photocopy of an identification document that certifies the legitimacy of your request.

When the data processing is not based on consent, this rule is intended as an expression of the willingness of the interested party not to receive further communications from the Data Controller.

AUTOMATED DECISION PROCESSES

Under no circumstances shall the Data Controller process personal data on automated decision-making processes.