Privacy policy
We thank you for visiting our website. In the following sections we are going to describe how we protect the personal data of our website users in compliance with section 13 of the legislative decree 196/03.
Why this information
This information is in compliance with section 13 of the legislative decree 196/03 (data protection code) for the users who access the web services of our website through a computer. We underline that the website is owned by Rivareno SPA, who is an independent data processor (whose contacts are included in the “Contacts” section of this website). This information refers to this website and not to other websites visited by the users after clicking other links. This information is inspired to the recommendation 2/2001 adopted on 17 May 2001 by the EU advisory board on data protection, gathered in the Working Party established by art. 29 of the directive 95/46/CE to identify the minimum set of concrete measures to be put in place to collect personal data on-line and especially the methods, time and nature of the information to be provided to the data subjects when they access a website, regardless of the purposes of their visit. We therefore invite you to read our Privacy Policy hereinafter described. The Policy and the Privacy standards applied by Rivareno SPA for the personal data protection are founded on the following principles:
DATA PROCESSOR
The data processors, as hereinafter specified, are Rivareno SPA, with legal headquarters in Via dell’Unione, 3 20123 Milano, whose contacts are included in the Contacts section and visible in the website footer.
RESPONSIBILITY PRINCIPLE
The personal data are processed by the person in charge, who is part of the company.
TRANSPARENCY PRINCIPLE
The personal data are collected and subsequently processed in compliance with the principles expressed in the Privacy Policy adopted by Rivareno SPA, as stated in the current Privacy Policy. When the data are provided, the data subject is provided with complete and concise information in compliance with section 13 of the legislative decree 196/03.
RELEVANT INFORMATION COLLECTION PRINCIPLE
The personal data are processed in a legal and correct way, they are recorded for specific, explicit and legitimate purposes, they are relevant and do not exceed the purposes of the processing; they are kept for the time needed to the purposes of the collection.
PURPOSE PRINCIPLE
The purposes of the personal data processing are to be provided to the data subject when the data are collected. A new data processing, if different from the declared purposes, implies the supply of new information to the data subject and a new consent request, if required by the legislative decree 196/03. The personal data must not be communicated to third parties or disseminated without a preliminary consent of the subject, except for the cases in which it is not necessary as stated in section 24 of the legislative decree 196/03.
CHECKING PRINCIPLE
The personal data are rectified and updated over the time. They are organized and stored, but the subject has the right to know, if he/she wants, which data have been collected and recorded, to check their quality and ask to rectify, integrate, erase them if they were unlawfully processed. The subject might object to the data processing and exercise other rights, in compliance with section 7 of the legislative decree 196/03, by writing to the addresses stated in the ex section 13 of the legislative decree 196/03 available on the website.
SAFETY PRINCIPLE
The personal data are protected by technical, IT, organization, logistic and procedural safety measures against the risks of being erased or lost, also accidentally, or accessed and processed by non-authorized people. Such measures are periodically updated with regards to the technical progress, the nature of the data and the specific characteristics of the processing. They are constantly checked and verified over the time. The third parties that support G.G.&G. s.r.l. providing the services and for this reason process some personal data, become data processors and are bound to comply to the data protection and privacy policy by contract. The identity of such third parties is revealed to the users. In some cases the data processors might be the employees of third party companies which collaborate with Rivareno SPA, if the data are processed under the direct authority of Rivareno SPA. With the consent of the data subject, if required by the law, and with specific information regarding the purposes, the personal data might be communicated to public or private third parties, non related with Rivareno SPA or with the User of the website, which will process them as independent data processors, according to the definition stated in the legislative decree 196/03. Rivareno SPA is not responsible for the data processed by third party processors, they are furthermore not responsible for the rules and methods to process the personal data applied by other websites, which might be accessed through links or other tools, such as email contents, web spaces, chats, forums. The data referred to the web services of this website are processed in the offices of Rivareno SPA Via dell’Unione, 3 20123 Milano or in the offices of the data processors. The data processors are responsible for the management of the requested services, for the marketing activities –if requested by the users- for the data collection and the occasional maintenance operations.
DATA COMMUNICATION
The personal data might be communicated to third parties in compliance with an obligation imposed by the law, to fulfil orders given by legitimate public authorities to exercise or defend a right in a judicial court. If needed, the data for some specific services or products might be communicated to third parties, which, as independent data processors, have some functions or are instrumental to the services or products provided. Without such information, those services and products might not be provided. The personal data are not to be disseminated, except for the case in which the service provided requires them.
TYPES OF COLLECTED DATA AND PROCESSING METHODS
It is important that you know that, through the navigation on this website, your professional and personal interests might be identified: such information, however, is collected only with the purpose of providing the services you require and to check the quality of the services provided.
DATA VOLUNTARILY PROVIDED BY THE USER
The types of collected and processed data on the website are crucial to provide you with the services you require. The collected data are processed by paper, automatized and telematics methods and with logics related to the processing purposes. Your telefax and phone or mobile number and your email address might be used to provide you with the services you require. It is quite clear that if you do not provide those data, the services that need the use of these tools might not be provided. If you do not consent to the use of your email, phone, mobile phone or telefax for advertising or direct sale or interactive advertising communication purposes, such tools will not be used for this purpose. Specific information will be included in the pages dedicated to the personal data provision. If you voluntarily send an email to the address of the website, then the website will obtain your email address and the information included in the message, those personal data will be used only to provide you with the service or product required.
NAVIGATION DATA
It is useful to know how the software gets some personal data while normally working, especially if the data are transferred in an implicit way by means of the Internet communication protocols. Even if such information is not associated to specific users; by its nature, if it is combined with other data collected by third parties (for example your Internet service provider), it might be used to identify the users. This category includes the IP addresses or the domain names of the computers used by the users to access the website, the URL (Uniform Resource Locator) of the requested resources, the time of the request, the method used to send the request to the server, the size of the answer file, the numeric code which shows the answer given by the server (error, success, etc.) and other parameters referred to the operative system and to the IT environment of the user. These data are used for anonymous statistical purposes about the use of the website and to check its functioning. The data processor and, according to the services required, the persons in charge store, for a limited period of time in compliance with the law, the LOG of the navigations/accesses with the purpose of fulfilling the orders of the judiciary authorities or other legitimate public bodies which request the log to investigate IT crimes. Except for what is specified for the navigation data, the user is free to provide or not the personal data required in the service registration forms. In these forms some data are mandatory, which means such data are necessary to provide the requested service. If those data are not provided, the service might not be provided and the user might not benefit from its opportunities. When providing the data, in compliance with section 13 of the legislative decree 196/03, the data subject receives complete and concise information about the purposes and methods to process his/her data, the subjects or categories of subjects whose personal data might be communicated and the situations in which they might be communicated, the rights stated in section 7 of the legislative decree 196/03 (access, integration, update, rectification, erasure for law violation, opposition to the data process etc.), the identity and the headquarters of the data processor and of the person(s) in charge of processing the data. The subject is asked to give his free, informed consent in a specific and documented way in compliance with the law, if it is necessary by law. If the data are provided in subsequent moments, it is possible to integrate the previous information and ask for a new consent to the data processing in compliance with the Code.
SAFETY MEASURES ADOPTED TO PROTECT THE COLLECTED DATA
Rivareno SPA use “safe” technologies and software to protect the personal data against their dissemination, alteration or improper use. The data protection measures aim to reduce the destruction or loss, even if accidental, of the data, the non-authorized access or the non-authorized data processing, which is not in compliance with the purposes of the collection. Such safety measures are the minimum safety measures stated by the law (minimum safety measures stated by sections 33 to 36 of the legislative decree 196/03). At any time the data subject has the right to receive a confirmation of the existence of his/her data, their content, origin, to check if they are correct or ask to update, integrate or rectify them (section 7 of the legislative decree 196/03). In compliance with the same section, the data subject has the right to ask for the erasure, anonymization, blocking of data that have been processed unlawfully or object, on legitimate grounds, to their processing. The requests must be sent to the email address info@rivareno.com or to Via dell’Unione, 3 20123 Milano, Italy.
To have more information about the cookies, their types and functions, we invite you to read the Cookie Policy at the following link.