Personal data are handled according to the principles of relevance, legality and fairness as provided by the Privacy Code, through the use of appropriate security measures and following the consent of users where applicable.
Such data shall be kept in a form allowing the party concerned to be identified for a period of time not exceeding that required for the purposes for which they were collected or subsequently processed.
2. Data Controller and place of data processing
According to Section 28 of the Privacy Code, the owner of the Application and the controller of the processing of personal data is CogniMade S.r.l., with registered office in Via Carlo Alberto Radaelli 32, 20090, Segrate (MI), Italy, VAT No. 09277650967, 2080304, share capital 10.000€, e-mail firstname.lastname@example.org, and PEC email@example.com, (hereinafter the “Data Controller”).
The data are processed at the Data Controller‘s headquarters and in any other place where the parties involved in the processing of personal data are located and are processed only by personnel responsible for the processing, or by persons responsible for occasional maintenance operations. For more information, please contact the Data Controller.
Unless the disclosure of personal data is required by law or is strictly relevant and necessary for the fulfilment of the requirements or contractual obligations for the execution of the service, personal data are voluntarily and optionally provided by users at the time of the activation of the service for the following purposes:
- handling of external payment tools through credit card, bank transfer or other tools The data used for payment are acquired directly by the payment service provider requested without being processed in any way by this Application. Payment are provided
- user registration and authentication
- Communications for our own promotional and commercial purposes
4. Types of personal data processed
A. Browsing Data
Computer systems and software procedures for the operation of this Application acquire, during their normal operation, certain personal data whose transmission is implied in the use of internet communication protocols.
These are information that are not collected to be associated with identified individuals, however due to their very nature could, through elaborations and associations with data held by third parties, allow to identify users. This category includes IP addresses, domain names used by the users that connect to the site, the Uniform Resource Identifier (URI), the time of the request, the method used to submit the request to the server, the size of the file obtained, etc.
These data are used in order to obtain anonymous and aggregated statistical information about the use of the Application and to check its correct functioning, and are permanently located on third-party servers. These data could be used to ascertain the criminal liability in case of hypothetical computer crimes against the Application.
No personal user data is acquired by the Application in this regard. No cookies are used for the transmission of personal information, nor so called persistent cookies of any kind are used, nor systems for tracking users.
The use of the so called session cookies (which are not permanently stored on the user‘s computer and vanish when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) needed to allow safe and efficient browsing of the site. The session cookies used by this Application avoid the use of other computer techniques potentially detrimental to the privacy of users’ browsing and do not allow the acquisition of personal identification data of the user.
5. Link to third-party sites
The Data Controller may submit or offer on its Application any third party products or services. As far as privacy is concerned, the relative sites adopt different and independent policies from ours. Therefore, the Data Controller declines any responsibility with regard to the content or activities of those linked sites.
6. Personal data processing methods
Data processing may consist, in addition to the collection of data, in their registration, retention, modification, communication, deletion, circulation, etc. and will be carried out both with the use of paper support and with the aid of electronic and computer tools, or innovative tools, in any manner and with appropriate means to guarantee the security and confidentiality of the data in accordance with the provisions of Section 31 et seq.
of the Privacy Code, relating to the “minimum security measures for the processing of personal data” vdesigned to ensure a minimum level of protection of personal data.
In particular, all technical, informatical, organisational, logistical and procedural security measures, as provided by the Privacy Code, by “Annex B” of the same decree (so called Technical Specification) and by the various provisions issued after integration, will be adopted, so that at least the minimum level of data protection provided by law is guaranteed.
In addition, the methods applied ensure that access to data is allowed only to persons appointed by us as responsible for processing.
7. Rights of the users
Users have the right to contact us for any information about their personal data, to obtain confirmation of whether or not the same data exist and to know their content and origin, to verify their accuracy or to request their integration or updating , or rectification, cancellation, transformation into an anonymous form or block in violation of law, and to oppose, in any case, for legitimate reasons, to their treatment.
Requests can be transmitted in the following ways:
- E-mail to firstname.lastname@example.org;
- Registered mail to CogniMade S.r.l. at the address Via Carlo Alberto Radaelli 32, 20090, Segrate (MI).
Application: site, app, hardware tool or software by which the personal data of users are collected.
Personal Data: any information relating to a natural person, identified or identifiable, also indirectly, by reference to any other information, including a personal identification number.
User: the person using this Application, who must coincide with or be allowed by the person in question and whose personal data are the subject to processing.
Data Controller: natural or legal persons, public administration and any other body, association or body that takes the decisions, sometimes together with other controllers, on the purposes, the manner of the processing of personal data and the instruments used, including the security aspect, in relation to the operation and use of this Application. Unless otherwise specified, the Data Controller is the owner of this Application.
Personal Data Processing: according to Italian law, any operation or group of operations, carried out without the aid of electronic means, relating to the collection, registration, organisation, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, circulation, deletion and destruction of data, even if not recorded in a database.