Privacy Policy

Last update: November 2022

PRIVACY POLICY

1. PERSONAL DATA PROCESSED AND TREATMENT

“Personal data” means all information that could directly or indirectly enable the identification of users.

Such information, for example, may be: name, address, user name, e-mail address and phone number, or even the IP address of the device used, browsing preferences or information about the user’s lifestyle or hobbies and interests in addition to their online shopping preferences.

The personal data processed are those voluntarily provided by the user (e.g., common data such as identification data, one’s phone or email address) and those collected by tracking technologies (cookies).

“Processing of personal data” means any operation or set of operations carried out with or without the help of automated processes and applied to personal data or set of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction.

2. DATA CONTROLLER

The “data controller” is the natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of the processing of personal data. It also deals with security profiles.

With regard to this Website, the data controller is the company as better specified and identified above, and for any clarification or exercise of your rights you may contact it at the following email address: info@paspa.it

3. DATA PROCESSOR

The “data processor” is the natural or legal person, public authority, service or other body that processes personal data on behalf of the data controller.

More information is available at the following email address:  info@paspa.it.

4. METHODS OF PROCESSING

On this Website, data are collected electronically and processed by means of operations carried out mainly with the aid of electronic tools, ensuring the use of appropriate measures for the security of the processed data and guaranteeing their confidentiality. In particular, data processing is carried out by minimizing the use of sensitive personal data.

Your personal data will be processed by collaborators and/or employees of the Data Controller as data processors or handlers, within the scope of their respective functions and in accordance with the instructions given by the Data Controller.

5. LOCATION OF DATA PROCESSING AND SCOPE OF DATA CIRCULATION

The processing of personal data relating to the services of the Web Site takes place at the above-mentioned Data Controller and is handled only by personnel authorized to do so.

Your personal data may be communicated to Judicial Authorities and Police Forces in the only cases in which this is required by law and used by the Owner for the purpose of possible defense of its rights in court, where strictly necessary.

The data collected will not be disseminated. However, for the effective execution of the requested service, some data will be shared with external subjects, appointed as data processors ex art. 28 Reg. UE 2016/679, called to carry out specific tasks on behalf of the company (ex: Web agency, professionals, etc.). The Data Controller is committed to protecting the security of personal data by taking all necessary IT and physical measures to protect the personal data provided. No security system guarantees with absolute certainty such protection, therefore, except in cases of liability for negligence, the Owner is not liable for the act performed by third parties who abusively access the systems without due authorization.

6. PURPOSE OF THE PROCESSING and TYPE OF DATA PROCESSED

• To provide the Services through the Website, to allow you to contact the Data Controller to get information related to the Data Controller’s business, to request information regarding the products described online on the Website, through the contact form, to send you the newsletter (if active this service) if you have requested it as a Service by subscribing to it, and which contains only informative and non-commercial material, and to provide you with any other Service or information you request and is available to the Data Controller. The completion of the various request forms that may be present online does not constitute for the Controller any assumption of legal obligations, nor any formal initiation of a pre-negotiation negotiation. For the processing of common data of third parties released through the completion of the form, the Owner will process these data in compliance with applicable regulations, assuming that they refer to You or to third parties who have expressly authorized You to confer them on the basis of a suitable legal basis legitimizing the processing of the data in question. With respect to such hypotheses, You place Yourself as autonomous data controller, assuming all legal obligations and responsibilities. In this sense, you confer on the point the widest indemnity with respect to any dispute, claim, request for compensation for damages from processing, etc. that may be received by the Controller from third parties whose personal data have been processed through the completion of the form (“Provision of the Service” Purposes). The data processed are common data. The Owner invites the user not to enter special, so-called “sensitive” data (concerning one’s health condition whether physical or psychological, political, religious orientation, etc.) unless strictly necessary for the purpose of requesting information or purchasing products.

• send you marketing communications through newsletters, promotions and advertising, including through the email address entered in the fields of compilation (“Marketing” Purposes). The data processed are common data;

• Send you marketing communications in line with your preferences (“Profiling” Purposes).

• To monitor statistically in aggregate format the attendance to the site (“Analysis” Purposes);

• To fulfill legal obligations that require the Controller to collect and/or further process certain types of personal data (“Compliance” Purposes). The data processed are ordinary personal data;

• to prevent or detect any abuse in the use of the Web Site, or any fraudulent activity and thus enable the Holders to protect themselves in court (“Prevention of Abuse and Fraud” Purposes). The data processed are common personal data.

7. LEGAL BASIS FOR DATA PROCESSING

The legal basis for the processing of personal data provided by You through browsing is:

• Provision of the Service: the fulfillment of obligations of a contractual or pre-contractual nature ex art. 6 co 1 lett. b) GDPR. Processing for this purpose is necessary to be able to provide you with the requested service (e.g., release more information regarding the Owner’s products), answer your questions or provide you with a quotation, or carry out pre-contractual activities if you request it. It is not obligatory to provide the requested personal data, however, failure to do so will not allow us to provide the requested service and thus respond to requests/initiate pre-negotiations/conclude agreements. Regarding the email address entered in the contact form (with noncommercial content), it is not mandatory to provide your data (email address), however, failure to indicate the email address does not allow subscription to the newsletter. You can always – and at any time – revoke your subscription by unsubscribing from the newsletter using the appropriate link at the bottom of the newsletter or by writing to info@paspa.it.
• Marketing: the consent of the data subject ex art. 6 co 1 lett. a) GDPR. The activity is also carried out through the newsletter (if the service is active) with promotional content. It is not mandatory to give your consent for the purpose of Marketing, and you can always revoke it at any time without any consequence (other than not receiving any more marketing communication) by writing to info@paspa.it.
• Profiling: the consent of the data subject ex art. 6 co 1 lett. a) GDPR. The activity is carried out through the installation of profiling cookies. The granting of your consent is done by passing the cookie banner present when accessing the Site. The data processed are common data. It is not obligatory to give your consent. If you do not give it, you will not be able to receive promotional communications calibrated to your interests. You can object to such processing at any time by writing to info@paspa.it without any consequences.
• Analysis: the legitimate interest ex art. 6 co. 1 lett. f) GDPR of the Controller.
• Compliance: the fulfillment of a legal obligation ex art. 6 co 1 lett. c) GDPR. Processing for this purpose is necessary for the Data Controller in order to comply with legal obligations under legislation, including industry regulations, including tax, fiscal or other obligations. The release of your data in this case is compulsory, otherwise it will not be possible to provide you with the service/start pre-negotiations/conclude the contract.
• Abuse and Fraud Prevention: the legitimate interest under Art. 6 co 1 lett. f) GDPR. Processing for this purpose is aimed solely at enabling the Data Controller to prevent and/or detect any fraudulent activities committed through the Website and thus protect itself in court.

We remind you that as of 07/27/2022 the Public Register of Oppositions is operational. Please note that pursuant to Presidential Decree No. 26 of January 27, 2022, you may object to or revoke your consent to marketing activities by registering with the Register of Oppositions.

If you have given your consent to marketing activities in the context of existing contractual relationships with the Holder, or the same have ceased no more than thirty days ago and therefore the Register of Oppositions does not apply, where you are no longer interested in receiving such promotional communications you may revoke your consent at any time by writing to the e-mail address info@paspa.it.

8. DATA RETENTION PERIOD

Data processed to fulfill legal obligations will be retained until the fulfillment itself, and in any case for the period of time necessary to prove the fulfillment; data processed to respond to your requests (Service Provision) will be deleted once the purpose has been fulfilled and then the request processed, unless there are other legitimate reasons to keep them in its systems/archives. If necessary to retain them to fulfill contractual purposes until they are fulfilled and, if a contract is concluded or there have been pre-contractual negotiations, for ten years from the conclusion of the contract in order to allow any judicial or extrajudicial protection as well as the demonstration of the correct fulfillment of the obligations contractually undertaken. The data processed for marketing and profiling purposes until the data subject withdraws consent.

With regard to the activity of analytical cookie management and the purpose of Analysis, the data will be retained until any opposition by the data subject, to be exercised in the manner indicated below, or for processing based on consent, until the consent is revoked. The data processed for Compliance purposes for the period of time indicated by the specific legislation.

Data processed for the purposes of Abuse and Fraud Prevention for the time strictly necessary to enable the Data Controller to defend itself in court.

9. RECIPIENTS OF PERSONAL DATA

The personal data You provide may come to the attention of the Data Controller and/or any data processors appointed.

Possible additional categories of recipients who may become aware of Your personal data during or after the execution of the contract are:

1. parties who process the data in performance of specific legal obligations;
2. external consultants and professionals who provide services functional to, arising from or related to the above purposes (e.g. marketing activities), identified in writing and to whom specific written instructions have been given with reference to the processing of personal data;
3. subjects with whom it is necessary to interact in order to execute the requested services (e.g. hosting providers, maintenance or repair companies of computer systems);
4. persons authorized by the Data Controller to process personal data necessary to carry out activities strictly related to the provision of the Services, who have committed to confidentiality or have an appropriate legal obligation of confidentiality (e.g., employees of the Data Controller);
5. in general, to all those public and private entities (e.g. postal service or other mail delivery companies, banks, credit or insurance institutions,) for which the communication is necessary for the correct and complete fulfillment of the indicated purposes;
6. subjects or entities to which it is mandatory to communicate the data for the purposes of Compliance, abuse and fraud prevention, or by order of the authority.

10. DISSEMINATION OF DATA

Unless specifically requested by You in writing, or specifically ordered by the A.G./regulatory obligation, the personal data provided by You are not subject to dissemination.

11. TRANSFER OF DATA

In order to provide certain services, personal data may be transferred to third party organizations or countries, where the servers of the hosting or providers are located.

Where this occurs, the Data Controller ensures that Your Personal Data is processed by these recipients in accordance with applicable data protection legislation, including European and Italian legislation to which we are subject. Where required by European data protection legislation, the transfer of Your Data outside the European Union will take place on the basis of appropriate safeguards (such as EU standard contractual clauses for the transfer of data between countries within the EU and countries outside the EU) and/or other legal bases in accordance with EU legislation.

More information is available from info@paspa.it.

The Website also processes YOUR personal data through cookies. For more information on this topic, please read our Cookie Policy which is an integral part of this Privacy Policy.

USER’S RIGHTS ACCORDING TO EU REG. 2016/679

Chapter III of EU REG. 2016/679 lists the user’s rights.

The Data Controller therefore wishes to inform you of the existence of specific rights, including the right to obtain from the Data Controller confirmation, or not, of the existence of your personal data (i.e. access), their provision in an intelligible form, as well as their rectification, or deletion or to restrict its processing in whole or in part or to object for legitimate reasons to it and/or to withdraw consent to its processing at any time (without prejudice to the consequences referred to in point 5 above), or to request the portability of your data with regard to the data subject to specific consent, or even to update it. As a “data subject”, you also have the right to request the transformation into anonymous form, the limitation or blocking of data processed in violation of the law; you can also lodge a complaint regarding the unauthorized processing of Your data with the Guarantor for the Protection of Personal Data in the manner published on the site of that authority (see http://www.garanteprivacy.it/). You have the right to have knowledge of the origin of the data, the purposes and methods of processing, the logic applied to the processing, the identification details of the Data Controller and the persons to whom the data may be communicated.

Requests relating to the exercise of the aforementioned rights may be addressed to the Data Controller, at the contact details indicated above, without formalities or, alternatively, using the form provided by the Garante per la Protezione dei Dati Personali (Data Protection Authority) that can be found at the Site: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1089924.

Likewise, in the event of a violation of the regulations, you have the right to file a complaint with the Garante per la Protezione dei Dati Personali, as the authority in charge of controlling the processing in the Italian state. The template for filing a complaint with the Privacy Guarantor can be found at: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524.

To exercise one or more of the above rights, you may contact us at the following email address: info@paspa.it.

COOKIE POLICY

The Privacy Policy is an integral part of the following Cookie Policy, including the rights that, as a user, you can assert by contacting the addresses already indicated therein.

Pursuant to Articles 13 and 14 GDPR as well as in accordance with what was established by the “Guarantor for the Protection of Personal Data” with the resolution of 8.05.2014 for the identification of simplified procedures for the information and acquisition of consent to the use of cookies – published in the Official Gazette No. 126 of 3.06.2014 – and in compliance with all subsequent clarifications, with this information, the Owner provides its Cookie Policy.

The Cookie Policy is intended to provide You with all the information as well as specifically and analytically describe the characteristics and purposes of the cookies installed on the Website, with the possibility for You to select/deselect which cookies to accept or not.

What are cookies?

Cookies are strings of small codes that the sites you visit send to Your terminal (usually to the browser: Google Chrome, Internet Explorer, Mozilla Firefox, etc.), where they are stored in order to be retransmitted each occurrence or subsequent access to the same sites by the same user.

Why are they useful?

Through the use of cookies, the Website recognizes Your terminal equipment, which results in an improved browsing experience. Among the various purposes of cookies are to enable You to effectively navigate between pages of the Web Site, remember Your favorite sites, remember Your language, etc.

How do I select or disable cookies?

By changing Your browser settings, cookies can be restricted or blocked. To manage cookies, you should refer to the directions provided by your browser by following the paths below (related to the most common browsers):

Explorer:

https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies

Safari:

https://support.apple.com/kb/PH21411?locale=it_IT

Chrome:

https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=it

Firefox:

https://support.mozilla.org/it/kb/Eliminare%20i%20cookie

If you use multiple browsers, the procedure for deleting cookies will need to be done for each one. If you use different devices (such as smartphones or tablets), you will need to refer to your device settings to uninstall cookies.

It should be noted that if you choose to block the receipt of cookies this may affect or prevent the proper functioning of the Website as some cookies are strictly necessary for browsing.

How many types of cookies are there?

Cookies are classified into different types:

in relation to DURATION, the cookie can be “session” (automatically deleted when the browser is closed) or “persistent” (active until its expiration date or when deleted by the user);

in relation to PROVENANCE, the cookie may be “first-party” (sent to the browser directly from the Site you are visiting) or “third-party” (sent to the browser from other sites and not from the Site you are visiting);

in relation to PURPOSES, the cookie can be either “technical” or “profiling”. The “technical” cookie is the navigational, indispensable, performance, process or security cookie; the functionality, language preference, session state cookie is also “technical”; finally, the first-party or third-party statistical-analytical cookie with IP masking, without data crossover, is a “technical” cookie. Installation of “technical” cookies does not require Your prior consent. On the other hand, a “profiling” cookie is a third-party statistical-analytical cookie that uses the entire IP address; also, an advertising, advertising, tracking or conversions cookie is a “profiling” cookie. Your prior consent is required for the installation of “non-technical” cookies.

What cookies does this Site use?

Technical cookies:

The Website uses “technical” cookies, without the use of which some operations would be very complex or impossible to perform. Technical cookies do not require Your prior consent for the purpose of their installation or reading information.

These are so-called strictly necessary technical cookies that allow you to effectively navigate the Website and take advantage of its essential features, such as allowing the storage of previous actions. Blocking the use of these cookies may affect Your browsing experience and some essential services may not be provided.

The Web Site also uses technical so-called functionality cookies that help improve your browsing experience.

The Web Site may also have installed technical cookies for storing consent. We recommend that you do not block these cookies that allow the Controller to know whether or not you have given consent to the use of cookies.

There are Social Networks buttons and widgets on the pages of this Website to facilitate interaction with social platforms and sharing of content directly from the pages of this Website.

In particular, there is a Linkedin sharing button on the pages of this Website in order to enhance the user’s browsing experience by sharing content on Social Networks.

The management of information collected by third parties is governed by the relevant disclosures to which you should refer for any clarification. The data controller is not responsible for the operation on its site of third-party cookies/plugins.

Analytical cookies

The technical “analytical” cookies used in this Website do not result in the processing of personal data (such as the user’s first and last name, or IP address) since the data is collected in aggregate form for purely statistical purposes, and the owner of the site has adopted appropriate means to reduce the identifying power of the analytical cookies used (for example, by masking significant portions of the IP address).

Third-party cookies:

The Website also uses third-party cookies that you can accept by clicking “Accept” in the banner present when you first open the site.

Third-party cookies used on the Web Site are not directly controlled by the Owner and consequently, to disable them or for more information, you should observe the procedures below at the following links:

Alternatively, you may also express your preferences by visiting: http://www.youronlinechoices.com/it/le-tue-scelte.

The cookies installed on this Site are all identified by the cookie banner you find when you first access the Site. The banner shows their classification (e.g. technical, analytical, etc.), type and the necessary information required by law.

You can consent to cookies or reject them or decide not to make any choice directly through the cookie banner on the Site.