Pursuant to Art. 13 of EU Regulation 2016/679 (hereafter “GDPR”), please be informed that the data you provided will be processed using methods and procedures designed to guarantee that personal data are processed in respect of the data subject’s rights, fundamental liberties, and dignity, with particular reference to confidentiality and security, personal identity and the right to protection of personal data.
Please note that processing means any operations or set of operations which are performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction (Art. 4 GDPR).
Subject-matter of the processing
The data processed by STUDIO INTERPRETI di SILVIA HASSAN S.r.l. refer to:
Data collected automatically. During their normal operation, the IT systems and applications used for this website report certain data (the transmission of which is implicit in the use of Internet communication protocols) potentially associated with identifiable users. The data collected include IP addresses and domain names of the computers utilized by users connecting to the site, URIs (Uniform Resource Identifiers) for the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response received from the server (successful, error, etc.) and other metrics regarding the user’s operating system, browser and IT environment. Such data are processed for the time strictly necessary, solely to obtain statistical information on the use of the site and to control its regular operation. The provision of this data is mandatory, as it is directly connected to the web browsing experience.
Data provided by the user. Processing of the data you provide by completing collection forms requires your unequivocal express consent.
On the contrary, emails you send to our email addresses require no additional disclosures or requests for consent.
Legal basis for processing
The legal basis for this processing is (i) your unequivocal express consent (Art. 6.1, lett. a) of the GDPR) and (ii) the legitimate interest of the Data Controller (Art. 6.1, lett. f) of the GDPR).
Purpose of processing
Personal data are processed for the sole purpose of improving your browsing experience and to respond to any of your requests for information.
Methods of processing
The personal data you provide will be processed in accordance with the aforementioned law and the obligations of confidentiality on which the Controller’s activity is based. The data will be processed electronically and in hard copy as well as through any other suitable medium, in accordance with adequate security measures pursuant to Art. 5 par. 1 lett. f) of the GDPR.
Processing is limited to the following operations using the following methods:
collection of data from the data subject;
electronic registration and processing;
primarily automated archiving.
The data in question will not be disseminated, while it will be or might be communicated to public or private parties operating within the sphere of the aforementioned purposes.
The data collected will be stored for no longer than is necessary for the purposes for which the personal data are processed; (“Principle of storage limitation,” Art. 5 GDPR).
Access to processing
The data will be made available, for the purposes set out in point 3:
– to employees/collaborators who have been appropriately appointed and authorized to process data;
Communication of data
The data will not be communicated or disseminated to unauthorized third parties in any way. To this end, processing is performed using security measures sufficient to prevent unauthorized access to data by third parties and to ensure data confidentiality.
The Controller may, with no need for express consent, communicate your data to the following parties for the purposes set out in point 3:
the company’s external data processors and persons in charge of the processing.
Transfer of data
Personal data will be managed and stored on servers based in the European Union owned by the Controller and/or third-party companies duly appointed as Data Processors.
The data will not be transferred outside the European Union.
Data provision and refusal to comply
Data provision is mandatory for the purposes set out in point 3. Failing to provide such data will make it impossible for you to browse this site.
Rights of the data subject
According to the provisions of the GDPR, the data subject has the following rights towards the Data Controller:
to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data (Right of acccess Art. 15);
to obtain the rectification of inaccurate personal data concerning him or her without undue delay. (Right of rectification Art. 16);
to obtain the erasure of personal data concerning him or her without undue delay, and the Controller shall have the obligation to erase personal data without undue delay under certain conditions (Right to be forgotten Art. 17);
to obtain restriction of processing in certain situations (Right to restriction of processing Art. 18)
to receive the personal data concerning him or her, which he or she has provided, in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from the Controller to which the personal data have been provided, in certain cases (Right to data portability Art. 20);
to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her (Right to object Art. 21);
to receive notice of a personal data breach incurred by the Data Controller, without undue delay. (Art. 34);
to revoke consent at any time (Conditions for consent Art. 7).
Where applicable, in addition to the rights pursuant to Articles 16-21 GDPR (Right to rectification, right to be forgotten, right to restriction of processing, right to data portability, right to object), the data subject has the right to file a complaint with the Italian Data Protection Authority.
Procedure for exercising such rights
Registered letter with return receipt to STUDIO INTERPRETI di SILVIA HASSAN S.r.l. – Via G. Boccaccio, 35 – 20123 Milan – Tel. 0248018252 – email: firstname.lastname@example.org
The Data Controller is STUDIO INTERPRETI di SILVIA HASSAN S.r.l. – Via G. Boccaccio, 35 – 20123 Milan – Tel. 0248018252 – email: email@example.com
The list of data processors and persons in charge of the processing is available at the controller’s office indicated above.
Update of this policy
This Policy may be updated. Any substantive changes will be transmitted to the data subjects through a notice or publication on the company website.