Protection of Personal Data – EU Regulation 2016/679 (GDPR)
General Information of treatment of Personal Data According to art.13 of UE Regulation n°2016/679 on the protection of natural person with regard to the processing of personal data as well as the free circulation of such data, we inform visitors of our website www.paradisoetna.com, that personal data may be processed following your consultation or the use of services offered on line or at the company’s facilities. This information of a general nature must be understood as expressly supplemented by the information provided with reference to specific services ( for example the form for assistance request )provided through the Portal.
Who Processes my Data?
The processing of data provided directly and voluntarily through www.paradisoetna.com website, in order to use the Services offered, is carried out by Giovanna Rita Lombardo, Legal Representative /Data protection Manager, as owner for the purpose of archiving, historical research for statistical purposes. In addition personal data will be processed whenever necessary in order to ascertain, exercise or defend a right of the data controller. The processing of personal data will therefore be carried out with the use of automated procedures in the ways and to the extent necessary to pursue the aforementioned purposes ensuring the security and confidentiality of the data. The processing will be carried out by the natural persons responsible for the relevant procedure and duly authorised. The latter will be given special instructions on the modalities and purpose of the processing.
What is for personal Data, what are my data processed?
“Personal Data” means any information likely to identify directly or indirectly natural person, and in this case the service user. In any case through the website www.paradisoetna.com the Data controller does not acquire and process data of sensitive nature or belonging to the particular categories, referred to Art. 9 of GDPR or data relating to criminal convictions or offences.
Do I the obligation to provide Data?
The provision of data in the fields marked of the asterisk (*) or other distinctive element of the various services is mandatory and their failure to enter does not allow to use the service of interest. On the other hand the release of data in that fields not marked with an asterisk may be useful to facilitate the management of the procedure and the provision of the service, it is optional and their failure to indicate does not prejudice the completion of the procedure itself.
How long are my data processed ?
The data will be processed as long as necessary to the performance of the service and, after the conclusion of the service provided , the data will be kept in accordance with the rules on the retention of administrative documentation.
To Whom are my data sent?
The communication of personal data to third parties for commercial or profiling purpose is not envisaged.
What are my rights?
According to art.15 and following of UE Regulation, data subjects ( natural persons to whom data relate ) may exercise their rights at any time and in particular:
- To request more information in relation to the contents of this statement ;
- Access to personal data,
- To obtain the rectification or deletion of the same or the limitation of the processing that concerns it ( in the cases provided for by the legislation );
- To object to processing (in the cases provided for by the legislation );
- To obtain data portability ( where required by law );
- To revoke consent, where appropriate; withdrawal of consent is without prejudice to the lawfulness of processing based on consent granted before revocation;
- To lodge a complaint with the supervisory authority (Guarantor of Privacy);
- To give a mandate to a non-profit-making body, organisation or association to exercise its rights
- To claim compensation for damages resulting from the breach of the rules.
Who can I contact?
Data subjects who consider that the processing of personal data related to them, carried out through this site, is in violation of the provisions of the Regulation, have the right to complain to the Guarantor, as provided by art. Article 77 of the Regulation itself, or to bring an action before the appropriate courts (Art. 79 of the Regulation). The Data Controller makes it known that he has appointed the Data Protection Officer (DPO or DPO) in accordance with the provisions of art. 37, par. 1, lett. a) of the GDPR, identifying the Company’s Administrator as a suitable entity and that the latter can be reached at the following addresses: E-mail: firstname.lastname@example.org The Responsible is bound by the secrecy or confidentiality regarding the performance of his tasks, in accordance with the law of the Union or of the Member States; the reports received by the Responsible are therefore confidential.