1. Holder of the treatment
The Data Controller is Tartufi.it, e-mail address firstname.lastname@example.org
2. Purpose of processing
By accessing and consulting this site, and by using the services provided through, users’ personal data may be acquired, which, in compliance with current legislation on the protection of personal data, will only be processed for the following purposes:
- strictly connected and instrumental purposes to allow access and use of the site, its functionality and services requested;
- for operational and managerial needs within the Data Controller and related to the services offered through the site
- to fulfil any obligations provided for by law and European legislation;
If the collected data are also used for other purposes, for any further processing, users will be required to give their consent. Only if you freely and clearly consent to any further processing can the collected data be used.
3. Provision of personal data
1. – The provision of personal data is mandatory for the purposes of art. 2, paragraph a, since the legal basis of the processing is the execution of the services requested by the user, or the use of the site and any other service requested expressly made available through the site. Any refusal to refuse the relative treatment can therefore prevent the execution of the requested services; it will still be possible to consult the Site without providing any personal data, even if some functionalities may not be available and some services not provided.
2. – In particular, the consequences of any refusal to provide personal data will always be explicit and specifically linked to each service: for example, Any refusal to the relative treatment may prevent the consultation of the Site and its functionalities (in the case of cookies). Therefore, the user will be adequately informed in the manner provided for each specific case, but in any case he can consult the Website also denying consent to the processing of personal data, if requested; in this case, certain features or features of the site may be disabled.
4. What data are processed?
Depending on the service provided, personal data of different types may be processed, as specified in this article.
With regard to any reserved areas, accessible by the data subject after entering their authentication credentials, the acquired personal data are processed by the Data Controller exclusively for the purposes related to the execution of the relevant existing contracts.
4.1 Data of navigation
The computer systems and software procedures responsible for the operation of this site acquire, during their normal operation, some personal data whose transmission is implicit in the navigation of websites. This information is not collected to be associated with identified data subjects; however, by their very nature they could, through processing and association with data held by third parties, allow to identify users. These include the IP addresses or domain names of the computers used by users connecting to the site, the URL addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server and other parameters related to the operating system and the platform used by the user.
The above data are used only to obtain anonymous statistical information on the use of the site and to check its correct functioning; they are deleted immediately after processing. The data could be used to ascertain liability in case of hypothetical computer crimes against the site: save this eventuality, the data on web contacts do not persist for more than seven days. For cookies, see par. 4.3 below.
4.2.1 Data provided voluntarily by the user (communications)
The optional, explicit and voluntary sending of communications by means of contact forms on the site or by e-mail to the addresses indicated on this site, entails the subsequent acquisition of the data communicated by the user, including his address and-mail, and consent to receive any reply messages to your requests.
The personal data thus provided shall be used only for the purpose of satisfying or responding to requests submitted and shall only be communicated to third parties if this is necessary for this purpose.
4.2.2 Data provided voluntarily by the user (to receive communications for marketing and/or commercial promotion purposes)
In the only case in which the personal data (in particular, e-mail address and telephone number) are provided by the interested party in the context of a service requested by the same, the data thus provided may be used to send communications via and-emails relating to services similar to those previously requested by the user, pursuant to art. 130, paragraph 4, d.lgs. 196/2003, without the need for express and prior consent (c.d. soft spam). In any communication, however, the user is reminded that he can withdraw his consent at any time and without formalities. The data shall be deleted at the request of the data subject.
What are they? Cookies are information stored by your browser when you visit a website with any suitable device (such as a PC, tablet or smartphone). Each cookie contains different data (e.g., the name of the server from which it comes, a numeric identifier, etc.), can remain in the system for the duration of a session (until the browser is closed) or for long periods and may contain a unique identification code.
What are they for? Cookies are used for different purposes depending on their type: some are strictly necessary for the correct functionality of a website (technical cookies)while others optimize its performance to offer a better experience to the user or allow to acquire statistics on the use of the site, such as analytics cookies or allow to display personalized advertising, such as profiling cookies.
Consent: the possible provision of the user’s consent is stored by the Data Controller through a technical cookie, lasting 12 months. The user is informed both by means of the short information (banner displayed until consent is given or denied, as explained in paragraph 4.3.4. “How to disable cookies?”) and by this extended information; In addition, section 4.3.3 provides links to the privacy policies of third parties, also for the purpose of disabling them (where directly available through them).
How to disable them? You can disable cookies both through your browser settings and through the mechanisms made available by some third parties (par. 4.3.3 “Cookies used on the site”).
4.3.2 General types of cookies used on the site
Analytical cookies (second part): they are used for the purposes of aggregate analysis of site visits, through the use of a third-party service.
Profiling cookies (third party): they are used to create user profiles and are used in order to send advertising messages in line with the preferences expressed by the same in the context of web browsing, by recourse to a third party service.
4.3.3 Cookies used on the site
Cookies are small text files that can be used by websites to make the user experience more efficient.
The law states that we may store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.
This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
You can change or revoke your consent from the Cookie Statement on our website at any time.
Your consent applies to the following websites: www.tartufo.it
When visitors leave comments on the site, we collect the data shown in the comment form in addition to the visitor’s IP address and the browser user agent string to facilitate spam detection.
If you upload images to the website, you should avoid uploading images that include embedded location data (EXIF GPS). Website visitors can download and extract any location data from the images on the website.
Your personal data subject to processing are collected PRIOR TO YOUR consent, expressed with the acceptance and subscription of this information made through the button “CLICK AND SEND”.
If you leave a comment on our site, you can choose to save your name, email address and website in cookies. They are used for your convenience so that you do not have to re-enter your data when you leave another comment. These cookies will last for a year.
If you have an account and access this site, a temporary cookie will be set to determine whether your browser accepts cookies. This cookie does not contain personal data and is deleted when you close your browser.
When you log in, different cookies will be set to save your login information and screen display options. Access cookies last two days while cookies for screen options last one year. If you select “Remember me”, your login will persist for two weeks. If you sign out of your account, the login cookies will be removed.
If you edit or post an article, an additional cookie will be saved in your browser. This cookie does not include personal data, but simply indicates the ID of the newly modified item. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (such as videos, images, articles, etc.). Content embedded by other websites behaves in exactly the same way as if the visitor had visited the other website.
5. Methods of data processing
Personal data are processed lawfully and correctly and used only for the purposes indicated in art. 2. Processing shall be carried out by means of appropriate means to ensure the security and confidentiality of personal data and by means of automated means capable of storing, managing and transmitting such data. Specific security measures are taken to prevent the loss of data and contain the risks of illegal or incorrect use and unauthorized access and personal data will be kept for the time prescribed by law and, in any case, for the time strictly necessary to follow up the activities for which they were collected and/ or until the withdrawal of consent given for the purposes referred to in art. 2.
6. To whom may the collected data be communicated?
1. – The processing related to the web services of this site takes place at the Data Controller’s headquarters and is handled only by technical personnel expressly authorized for the processing, internal and/or external to the same. In particular, where necessary only with prior consent, the data may be disclosed to third parties whose cooperation the Data Controller may and/ or must use for the performance of the services offered. The data acquired via web, or in any case deriving from web services, may be communicated to the technological and instrumental partners of which the Data Controller uses for the provision of the services requested by users always in compliance with the purposes indicated in art. 2. For this purpose, the subjects who will have access to personal data will be specifically authorized by the Data Controller and, if necessary, appointed as Data Processors, pursuant to art. 28 and 29 of the GDPR.
2. – The data collected for the purposes set out above may also be collected by subjects authorised for this purpose by European law and legislation.
3. – A list of the subjects to whom the Data Controller communicates the personal data collected for the aforementioned purposes is available and can be consulted at the headquarters of the Data Controller and may be requested at the addresses indicated.
7. How long is the data stored?
If you leave a comment, the comment and its metadata are stored indefinitely. This is how we can automatically recognize and approve any subsequent comments instead of keeping them in a moderation queue.
For users who register on our website (if any), we also store the personal information they provide in their user profile. All users can view, edit or delete their personal information at any time (except their username that they cannot change). Website administrators can also view and edit this information.
8. Where is the data processed?
The data will be processed only within the European Union.
9. What are the rights of data subjects?
You can exercise at any time the rights provided for by articles 15 and following of Regulation EU 679/2016:
- receive confirmation of the existence of their personal data, know the purposes of the processing or their scope of circulation and access to their content;
- ask you to update, modify and/or correct your personal data;
- ask for the cancellation, the transformation in anonymous form, the blocking of data processed in violation of the law or the limitation of the processing of your personal data;
- oppose processing on legitimate grounds, including any profiling;
- oppose the processing of data for the purpose of sending advertising material or direct sales or for the performance of market research or commercial communication;
- revoke consent, if given, without prejudice to the lawfulness of the processing based on the consent given before the withdrawal;
- receive a copy of the data provided and request that such data be transmitted to another data controller;
- lodge a complaint with the Italian Data Protection Authority (art. 77 EU Regulation n. 2016/679).
The exercise of the rights can be exercised by written communication or communication to be sent to the e-mail address email@example.com