Privacy Policy

This information  notice pursuant to Article 13 of the European Regulation 2016/679 (hereinafter “Regulation”) contains information relating to the processing of your personal data when visiting the website www.isolabisentina.org (hereinafter, ” Site “).

 

The Data Processing holder is Fidim S.r.l., with registered office in Monza, Via Valosa di sopra n. 9, registered at the Company Register of Milan-Monza Brianza Lodi REA: MB-1897686, C.F. 08432100157; email rpd-fidim@fidimholding.com

Data processing will be in compliance with the regulation and principles of minimization of data, accuracy, integrity, fairness, transparency. The data processing will be limited to the declared purposes. The data will be processed in order to guarantee adequate security, including protection, through adequate technical and organizational measures, by unauthorized or illegal treatments and by loss, destruction or accidental damage. The data will be kept for the time necessary to carry out these purposes and, later, will be only archived for legal purposes.

Purchase on our site
Where you express an interest in purchasing on our site, we may store and process the following information:

your name, surname, telephone number, e-mail address, physical address, tax code / VAT number;

Please refer to art. 6 paragraph 1 letter. a) of the Regulations for legal reference. The provision of data is mandatory: In case of refusal it will not be possible to provide the requested service.

Newsletter
With our newsletter, we will send the user information on activities and / or events. By registering for our newsletter, the user therefore consents to the processing of his e-mail address for the purpose of sending the newsletter.
Please refer to art. 6 paragraph 1 letter. a) of the Regulations for legal reference. The user can withdraw his consent at any time by unsubscribing from our newsletter

Instagram
Our Instagram page can be consulted at: https://www.instagram.com/isolabisentina/
Instagram is operated by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland (“Facebook Ireland”).
Instagram’s privacy policy is available at: https://help.instagram.com/519522125107875. Here the user will also find information on the configuration options for his account.
The user’s personal data may also be made available to other Facebook or Instagram companies. This could include the transfer of personal data to the US or other countries, for which there are no adequacy decisions by the EU Commission. In this case, Facebook will use the standard contractual clauses approved by the EU Commission. Further information is also available in the Instagram privacy policy.

Payments
Payment for the booking of the visit can be made through multiple channels such as: Stripe & PayPal. We will process the necessary data in each case, depending on the payment method selected. Within this context, the user’s personal data will be processed as described below, on the basis of art. 6 paragraph 1 letter. b) of the Regulations and it will be necessary to process them in order to execute the chosen payment method.

Payments by credit card
For the processing of credit card payments, we use the Stripe service provider based in Dublin, Ireland. The data provided during the user’s payment will be forwarded by Stripe to the respective banks or financial institutions for the purpose of processing the payment. In the case of payments by credit card, we will only receive information about the payment made or not. Therefore, we will not be aware of the user’s credit card number.

Payments with PayPal
If the user has a PayPal account, they can also make the payment using this method. In this case, we do not receive from PayPal only the information that the payment has been made but also the e-mail address and address registered with PayPal.

Navigation data
The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but which, by its very nature, could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users who connect to the Site, the addresses in URI () notation of the requested resources, the time of the request, the method used to submit the request to the server. , the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the Site.

 

 

Data collected  through this website will be processed manually and electronically, by personnel authorized by us to access and subject to confidentiality obligations, only for the purposes expressly indicated, will be processed in compliance with current legislation, treated for the period necessary to fulfill these purposes, except for further storage needs aimed at fulfilling administrative, fiscal and legal duties. Should you need any further  details on how we process your data or to know the security measures used and the retention periods in detail, please write to rpd-fidim@fidimholding.com

 

Your personal data could be disclosed to our partners or suppliers who have been, where necessary, instructed and designated “Data Processors” in compliance with the provisions of art. 28 of the Regulation. For more information on external managers, you can contact us at the address rpd-fidim@fidimholding.com

Users can exercise certain rights with reference to the Data processed by the Owner.

In particular, the User may

  1.  request access to  Personal Data (Article 15 of the Regulations). We will provide the data in compliance with the provisions of the Regulatio
  2. may request the rectification of your Personal Data (Article 16 of the Regulations). The update or correction will be carried out by us in compliance with the provisions of the Regulations.
  3. may request the cancellation of your Personal Data for legitimate reasons (Article 17 of Regulation 679/2016); we reserve the right to refuse the deletion of your data where necessary to comply with a legal obligation for the performance of a task in the public interest, for the imposition of an authority, for public health purposes in the context of the public interest, for archiving purposes in the public interest, scientific research, historical research, statistics, for the exercise or defense of our right in court. However, you will be informed of the reasons for our refusal in the event that this request is refused;
  4. may exercise the right to limit the processing (Article 18 of the Regulations);
  5.  May exercise the right to data portability (Article 20 of the Regulation), without obstacles on our part, where applicable;
  6. may object, where applicable, to an automated decision-making process including profiling [please note that in this case it is necessary to specify the logic of the profiling and request specific consent]

 

 

Users may exercise rights by sending an email to the address rpd-fidim@fidimholding.com. You can exercise a complaint before the Guarantor; in this case it is possible to find the information for sending the complaint to the authority on the institutional website of the same [granteprivacy.it]

 

The current version of the privacy information was updated on May 26, 2022

Users’ data will not be transferred to a recipient in a third country or to an international organization outside the European Union (EU) or the European Economic Area (EEA), but the Data Controller reserves the right to use services in cloud managed on servers located in a third country for data processing, in which case the service providers will be selected in order to provide adequate guarantees regarding data protection.