The GDPR (General Data Protection Regulation or "General Data Protection Regulation") is a regulation of the European Commission (EU Regulation 2016/679) with which action was taken regarding personal data to ensure greater protection of citizens' rights and of residents within the borders of the European Union.
This is a legislative intervention concerning the Internet and regulating the activity of European citizens inside and outside the European Union both on-line and off-line. Failure to comply with the obligations imposed by the GDPR can result in very heavy penalties, with fines of up to 20 million euros or up to 4% of the previous year's turnover.
THE MOST IMPORTANT ASPECTS FOR WEBSITES IN THE LIGHT OF THE GDPR
Personal data are all information relating to a natural person: name, photo, e-mail address, bank details, residential address or IP address. By "data processing" we mean, on the other hand, any operation carried out on the data: the storage of the IP (eg through cookies) constitutes a form of processing of users' personal data.
The GDPR covers both personal data and data combined in such a way as to identify individual users. Therefore, when personal (identifiable) data is processed through cookies, they are subject to the new EU GDPR Regulation.
1. This section contains information on the management methods of ASD Sienarunners with reference to the processing of user data of www.tuscanycrossing.com.
2. This information is also valid for the purposes of art. 13 of Legislative Decree. n. 196/2003, Code regarding the protection of personal data, and for the purposes of art. 13 of the EU Regulation n. 2016/679, concerning the protection of individuals with regard to the processing of personal data and the free circulation of such data, for those who interact with ASD Sienarunners and can be reached at the address corresponding to the initial page: https: // www. tuscanycrossing.com/
3. The information is real only for Tuscanycrossing and not for other websites that may be consulted by the user through links contained therein.
4. The purpose of this document is to provide information on the methods, timing and nature of the information that the data controllers must provide to users when connecting to the web pages of www.tuscanycrossing.com, regardless of the purpose of the connection itself, according to Italian and European legislation.
5. The information may undergo changes due to the introduction of new rules in this regard, therefore, the user is invited to periodically check this page.
6. If the user is under the age of sixteen, pursuant to art. 8, c. 1 EU regulation 2016/679, will have to legitimize your consent through the authorization of the parents or guardian.
II- DATA PROCESSING
1. Data owner
1. The data controller is the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of the processing of personal data. It also deals with security profiles.
2. With regard to this website, the data controller is ASD Sienarunners and for any clarification or exercise of the user's rights, he can contact him at the following email address: firstname.lastname@example.org
2. Responsible for data processing
1. The data controller is the natural or legal person, public authority, service or other body that processes personal data on behalf of the data controller.
2. Pursuant to Article 28 of EU Regulation no. 2016/679, upon the appointment of the data owner, the data processing manager of the website www.tuscanycrossing.com is: ASD Sienarunners
3. Place of data processing
1. The processing of data generated by the use of www.tuscanycrossing.com takes place at ASD Sienarunners in via Martiri Caserma Lamarmora, 28 Siena
2. In case of need, the data connected to the newsletter service can be processed by the data controller or data subjects appointed for this purpose at the relevant office.
III - COOKIES
1. Type of cookies
2. A cookie consists of a reduced set of data transferred to the user's browser from a web server and can only be read by the server that made the transfer. It is not executable code and does not transmit viruses.
3. Cookies do not record any personal information and any identifiable data will not be stored. If you wish, you can prevent the saving of some or all cookies. However, in this case, the use of the site and the services offered could be compromised. To proceed without changing the options relating to cookies, simply continue browsing.
The following are the types of cookies that the site uses:
2. Technical cookies
1. There are numerous technologies used to store information on the user's computer, which are then collected by other sites. Among these the best known and used is HTML. They are used for navigation and to facilitate the access and use of the site by the user. They are necessary for the transmission of communications on the electronic network or for the supplier to provide the service requested by the customer.
2. The settings to manage or disable COOKIES may vary depending on the internet browser used. In any case, the user can manage or request the general deactivation or deletion of cookies by changing the settings of his internet browser. This deactivation may slow down or prevent access to some parts of the site.
3. The use of technical cookies allows the safe and efficient use of the site.
4. The COOKIES that are inserted in the browser and retransmitted through Google Analytics or through the blogger statistics service or similar are technical only if used for the purpose of optimizing the site directly by the owner of the site, who can collect information in aggregate form soul number of users and how they visit the site. Under these conditions, the same rules apply to Analytics COOKIES, in terms of information and consent, provided for technical cookies.
5. From the point of view of duration, temporary session cookies can be distinguished which are automatically deleted at the end of the browsing session and are used to identify the user and therefore avoid logging in to each page visited and the permanent ones that remain active on the PC until upon expiry or cancellation by the user.
6. Session cookies may be installed in order to allow access and stay in the reserved area of the portal as an authenticated user.
7. They are not stored permanently but only for the duration of the navigation until the browser is closed and disappear when the browser is closed. Their use is strictly limited to the transmission of session identifiers consisting of random numbers generated by the server necessary to allow safe and efficient exploration of the site.
3. Third party cookies
1. In relation to the origin, we distinguish the cookies sent to the browser directly from the site you are visiting and those of third parties sent to the computer given other sites and not from the one you are visiting.
2. Permanent cookies are often third party cookies.
3. Most third party cookies consist of tracking cookies used to identify online behavior, understand interests and then customize advertising proposals for users.
4. Third-party analytical cookies may be installed. They are sent from the domains of the aforementioned third parties external to the site.
5. Third-party analytical cookies are used to detect information about the behavior of users www.tuscanycrossing.com The detection takes place anonymously, in order to monitor performance and improve the usability of the site. Third-party profiling cookies are used to create profiles relating to users on www.tuscanycrossing.com, in order to propose advertising messages in line with the choices made by the users themselves.
6. The use of these cookies is governed by the rules established by the third parties themselves. Therefore, users are invited to read the privacy policies and indications for managing or disabling the cookies published on the relevant web pages.
4. Profiling cookies
1. Profiling cookies create user profiles and are used in order to send advertising messages in line with the preferences expressed by the user while surfing the net.
2. When these types of COOKIES are used, the user must give explicit consent.
3. Article 22 of EU Regulation 2016/679 and Article 122 of the Data Protection Code will apply.
IV- DATA PROCESSED
1.Data processing method
1. Like all websites, this site also makes use of log files in which information collected in an automated manner is stored during user visits. The information collected could be the following:
Internet protocol (IP) address;
- Type of browser and parameters of the device used to connect to the site;
- Name of the internet service provider (ISP);
- Date and time of visit;
- Web page of origin of the visitor (referal) and exit;
- Possibly the number of clicks.
2. The aforementioned information is tested in an automated form and collected in an exclusively aggregated form in order to verify the correct functioning of the site and for security reasons. This information will be test rate based on the legitimate interests of the owner.
3. For security purposes (spam filters, firewalls, virus detection), the automatically recorded data may possibly also include personal data such as the IP address, which could be used, in accordance with the laws in force on the subject, in order to block attempts of damage to the site itself or of causing damage to other users or activities that are harmful or constituting a crime. These data are never used for the identification or profiling of the user, but only for the purpose of protecting the site and its users, such information will be used based on the legitimate interests of the owner.
5. The information that users of the site will deem to make public through the services and tools made available to them, are provided by the user knowingly and voluntarily, exempting this site from any responsibility for any violations of the laws. It is up to the user to verify that they have permission to enter personal data of third parties or content protected by national and international regulations.
2. Purpose of data processing
1. The data collected by the site during its operation are used exclusively for the purposes indicated above and kept for the time strictly necessary to carry out the specified activities and, in any case, no later than 2 years.
2. The data used for security purposes (blocking attempts to damage the site) are kept for the time strictly necessary to achieve the purpose previously indicated.
3.Data provided by the user
1. As indicated above, the optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.
2. Specific summary information will be progressively reported or displayed on the pages of the site set up for particular services on request.
4.Support in configuring your browser
1. The user can manage cookies also through the settings of his browser. However, deleting the cookies from the browser could remove the preferences set for the site. For further information and support, you can also visit the specific help page of the web browser you are using:
- Internet explorer
5.Plugin Social Network
2. The collection and use of information obtained through the plugin are governed by the respective privacy policies of the social networks, to which please refer:
V- USER RIGHTS
1. Art. 13 co. 2 of the 2016/679 EU Regulation lists the user's rights.
2. This website www.tuscanycrossing.com therefore intends to inform the user about the existence:
- the right of the interested party to ask the holder for access to personal data (Article 15 of the EU Regulation), their updating (Article 7, paragraph 3, letter a of Legislative Decree 196/2003), the correction (Article 16 of the EU Regulation), the integration (Article 7, paragraph 3 letter a Legislative Decree 196/2003), the limitation of the processing that concerns them (Article 18 of the EU Regulation) or to oppose, for reasons legitimate, to their treatment (Article 21 EU Regulation), in addition to the right to data portability (Article 20 EU Regulation);
- the right to request cancellation (Article 17 of the EU Regulation), transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data are been collected or subsequently processed (Article 7 co. 3, letter b of Legislative Decree 196/2003);
- the right to obtain the attestation that the updating, rectification, integration of data, cancellation, data blocking, transformation operations have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment proves impossible or involves the use of means manifestly disproportionate to the protected right (Article 7 par. 3, letter c of Legislative Decree 196/2003).
3. Requests can be addressed to the data controller at his aforementioned email address (without formalities) or using the model provided by the Guarantor for the protection of personal data.
4. If the treatment is based on art. 6 paragraph 1 letter a - express consent to use - or on art. 9 paragraph 2 letter a - express consent to the use of genetic, biometric, health-related data, revealing religious, philosophical or trade union beliefs, revealing racial or ethnic origin, political opinions - the user has the right to withdraw the consent at any time without prejudice to the lawfulness of the processing based on the consent given prior to the revocation.
5. Likewise, in case of violation of the law, the user has the right to lodge a complaint with the Guarantor for the Protection of Personal Data, as the authority responsible for monitoring the processing in the Italian State.
6. For a more in-depth examination of the rights that belong to you, see articles 15 and ss. Of the 2016/679 EU Regulation and art. 7 of Legislative Decree. 196/2003.
VI - FULFILLMENTS
1. The owner notifies the Guarantor of the processing of personal data which he intends to proceed, only if the processing concerns:
- genetic, biometric or data indicating the geographical location of persons or objects via an electronic communications network;
- data suitable for revealing the state of health and sexual life, processed for the purpose of assisted procreation, provision of health services electronically relating to databases or the supply of goods, epidemiological investigations, detection of mental, infectious and diffusive diseases , seropositivity, organ and tissue transplantation and monitoring of health expenditure;
- data suitable for revealing sexual life or the psychic sphere, processed by associations, bodies and non-profit organizations, even if not recognized, of a political, philosophical, religious or trade union nature;
- data processed with the aid of electronic tools aimed at defining the profile or personality of the interested party or to analyze consumption habits and choices or to monitor the use of electronic communication services with the exclusion of technically indispensable treatments to provide the services the same to users;
- sensitive data recorded in databases for personnel selection purposes on behalf of third parties as well as sensitive data used for opinion polls, market research and other sample research;
- data recorded in specific databases managed with electronic tools and relating to the risk on economic solvency, the financial situation, the correct fulfillment of obligations, illegal or fraudulent behavior.
VI - SECURITY OF THE DATA PROVIDED
1. This site processes user data in a lawful and correct manner, adopting appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data. The processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated.
2. In addition to the owner, in some cases, categories of employees involved in the organization of the site (administrative, marketing, commercial, legal, system administrators) or external subjects such as (as suppliers of third party technical services, postal couriers, hosting providers, IT companies, communication agencies).
VIII - CHANGES TO THIS DOCUMENT
1. This document, published at: www.tuscanycrossing.com
2. It may be subject to changes or updates. In the case of significant changes and updates, these will be reported with specific notifications to users.
3. The previous versions of the document will be available, however, on this page.
4. The document was updated on 28/10/2020 to comply with the relevant regulatory provisions and in particular with EU Regulation 2016/679.