pursuant to art. 13 of EU Reg. 2016/679 (GDPR), Fire Gest s.r.l. intends to inform users on how it treats personal data collected while browsing its website.
Who is the data controller?
The data controller is Fire Gest s.r.l., with registered office in Rome, via Arno 40, e-mail:
firstname.lastname@example.org. The Company has appointed a Data Protection Officer or Responsabile della Protezione dei dati (DPO or RPD) who can be contacted for any doubt about policies and practices issued email@example.com.
What data do we collect?
- Common data: name, surname, date and place of birth, residential address, e-mail or other elements of personal identification, data relating to the job, personal and training path.
- Navigation data: information that, acquired by the computer systems and software procedures responsible for the operation of the website during their normal operation. This information is not collected to be associated with identified interested parties, but which could, through processing and association with data held by third parties, allow to identify users.
What are the purposes of the processing and how long the data are processed?
|Purpose||Legal basis||Data storage period|
|A) In order to offer services of assistance. More generally, the services chosen by the user on the platform in order to meet the requests advanced by the user through the form.||The processing and provision of personal data is based on the need to perform the contract and the need to fulfil the legal obligations arising from it.||Personal data are kept for the period necessary to pursue the illustrated purposes. In particular, personal data will be processed for a period of time equal to the minimum required for the fulfillment of legal obligations, unless it is necessary to keep them further in order to defend or assert a right or to fulfil any further legal obligations or orders from the Authorities.|
|B) In order to allow easy navigation on the site and receive a response to any possible user’s requests.||The processing of personal data is based on a legitimate interest (with regard to navigation data and cookies), on the need to comply with pre-contractual measures regarding user requests.|
|C) In order to fulfill legal obligations or any requests from public bodies or judicial authorities.||The processing of personal data is necessary in order to perform legal obligations to which the Data Controller is subject.|
The provision of personal data is necessary for the pursuit of the above-mentioned purposes. Any refusal to treatment would make it impossible to provide the requested services.
The processing of personal data is carried out using paper and / or computerized methods in compliance with the principles of lawfulness, correctness, transparency, adequacy, relevance and necessity. Adequate security measures are taken to prevent data loss, illicit or incorrect use and unauthorized access.
To which subjects will the data be communicated?
We might disclose some of your personal data to other subjects including:
- IT service providers that are necessary for the proper functioning of the platform and the website;
- Third parties service providers who also act as data processors as providers of services offered through the platform and selected by the user. The privacy policies of these third parties service providers can be found on their respective website;
- Third parties appointed and authorized, by the Data Controller, to possess your data in order to offer the services chosen;
- Public Bodies or Judicial Authorities.
The subjects who in the context of providing the services necessary for the pursuit of the aforementioned purposes should process the data subject’s personal data on behalf of Fire Gest s.r.l. will be appointed as Data Processor pursuant to art. 28 GDPR.
Where your data will be processed?
The personal data of users may be stored or transferred outside the European Economic Area for the purposes described in this statement, limited to the performance of specific processing activities.
When user’s personal data are stored or transferred outside the European Economic Area, the transfer will be regulated in compliance with the prevision of Title V of GDPR, in particular through suppliers who declare to respect the principles established by the GDPR and the so-called Privacy Shield (the regulatory framework defined by the United States and the European Commission). Fire Gest, however, for each transfer ensures the adoption of adequate guarantees (such as the signing of standard contractual clauses approved by the EU Commission) with the foreign company that receives the data. Therefore, in any case, a level of data protection corresponding to that established in European legislation, will be guaranteed. Therefore, in any case, a level of data protection corresponding to that established in European legislation, will be guaranteed.
What are your data protection’s rights?
At any time, the interested party can exercise the rights established in Articles 15 ss. of the GDPR which are:
- the right to confirm that your personal data is being processed by Fire Gest s.r.l. and, in this case, the right to access to your personal data and to the information indicated in art.15 GDPR;
- the right to rectification any information you believe is inaccurate. You also have the right to request Our Company to complete the information you believe is incomplete, as required by art. 16 GDPR;
- the right to request Fire Gest s.r.l. to erase your personal data in the cases defined by art. 17 GDPR (right to be forgotten);
- the right to request Fire Gest s.r.l to restrict the processing of your personal data in the cases defined by art. 18 GDPR;
- the right of portability that allows you to request to Fire Gest s.r.l to transfer the data that we have collected to another organization, or directly to you within the limits defined by art. 20 GDPR;
- the right to object to the treatment of your personal data within the limits defined by art. 21 GDPR.
If you would like to exercise any of these rights, please contact Us at our email: firstname.lastname@example.org. In this regard, the limitations to the rights of the interested party provided for in articles 2undecies and 2duodecies of the Privacy Code as amended by Legislative Decree 101/2018, must be considered. These limitations concern: anti-money laundering, support for victims of extortion, control of the financial and monetary markets, defensive investigations and exercise of rights in court and for reasons for justice, protection of the whistleblower.
This does not affect the right to lodge a complaint with the Italian Data Protection Authority for the protection of personal data pursuant to art. 77 of GDPR.