Website Privacy and Cookie Notice
GENERAL AND FOR INDIVIDUAL SERVICES
pursuant to Art. 13 of Regulation (EU) 2016/679 on the protection of personal data and to the Personal Data Protection Code, Italian Legislative Decree 196/2003, as amended by Italian Legislative Decree 101/2018
The purpose of this document is to clearly and comprehensively set out the methods and purposes for using your personal data in accordance with Regulation (EU) 2016/679 (hereinafter, the “GDPR”), in your capacity as:
- user of the lacisatech.com site;
- party requesting information regarding the services provided by La Cisa Technology S.r.l.;
La Cisa Technology S.r.l. (hereinafter also “LaCisa Tech”), owner of the website www.lacisatech.com (hereinafter “the Site”) is steadfastly committed to protecting the personal data of its Users, while making use of some of such data for specific website functions and its legitimate interests, as afforded by the GDPR. This document includes:
- a GENERAL PART concerning Privacy matters;
- a SPECIAL PART concerning the Privacy of the individual Services on the Site (Users undertake to read the document contents when accessing and browsing the Site, and when using a single Service);
1 – The Data Controller
The Data Controller of personal data provided by the Site Users is www.lacisatech.com, and specifically: La Cisa Technology S.r.l. (Tax ID/VAT no.: 02670920392), and the Data Processor is Mr. Teddy Bezzi who can be contacted, including for matters relating to the exercise of rights, as detailed below, at the registered office address, Via Manlio Monti no. 55, 48126 located in Ravenna (RA); Tel.: (+39) 0544 456363, or: email@example.com.
The Data Protection Officer is Mr. Michele Manaresi, B. Eng. – T&A Group S.r.l. U., who can be contacted for all questions relating to personal data processing and the exercise of the rights mentioned above, at the following telephone number: Tel. +39 0544.1674274.
2 – Personal Data Processing Method
Your personal data will be processed for the following purposes:
- Site browsing;
- fulfilment of any obligations established by applicable laws, regulations or EU legislation, or compliance with requests from the Authorities.
The legal basis for personal data processing for the purposes referred to in sections a) b) and c) is Art. 6(1)(b) of the Regulation (“[…] processing is necessary for the implementation of a contract to which the data subject is a party, or for the implementation of pre-contractual measures adopted at the latter’s request”), as processing is necessary for the provision of the services offered by the Data Controller. As regards section b), the legal basis of processing is the consent you have provided and/or the legitimate interest of the Data Controller. The provision of personal data for these purposes is optional, but failure to provide them would make it impossible to provide the requested services. The purpose referred to in section d) constitute legitimate personal data processing pursuant to Art. 6(1)(c) of the Regulation (“[…] processing is necessary to fulfill a legal obligation to which the Data Controller is subject”). In fact, once personal data have been provided, processing is necessary to fulfill legal obligations to which the Data Controller is subject.
3 – Processing Modalities – Storage
The Data Controller informs you that the IT systems and software procedures provided to operate this web site acquire, during their normal operation, certain personal data which are implicitly transmitted when using the Internet communication protocols. This category of data includes IP addresses or domain names of computers and terminals used by users, URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, time of the request, method used in submitting the request to the server, size of the file received in response, numerical code indicating the status of the response issued by the server (successful, error, etc.) and other parameters relating to the operating system and the User’s IT environment. These data, necessary for the use of web services, are also processed for the purpose of: obtaining statistical information on the use of the services (most visited pages, number of visitors per hour or day, geographical areas of origin, etc.), and to check the correct functioning of the services offered. Your personal data will be processed both automatically and manually and, in accordance with the provisions of Art. 5 of the GDPR, lawfully, fairly and transparently by persons specifically appointed, for the time strictly necessary to achieve the purposes for which data were collected. Specific security measures will be complied with in order to prevent loss of data, their illicit or incorrect use, and unauthorised access. Your data will not be used for market surveys. In compliance with Art. 4 of the GDPR, data processing performed by the Data Controller consists of any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, as well as of collection, registration, organisation, structuring, storage, adaptation, modification, extraction, consultation, use, communication, comparison, interconnection, restriction, cancellation and destruction. In the event that a User or a data subject forwards personal data to the Data Controller that are: – not necessary for the processing and delivery of the requested service or for the provision of a service strictly connected thereto; – inconsistent with the requested service, the Data Controller cannot be considered the Data Controller of these data and will delete them as soon as possible, notifying the data subject in this regard.
4 – Scope of disclosure and dissemination of data
Your personal data will not be disseminated, but, where necessary for the provision of a service, may be disclosed to third parties (such as third party technical service providers, postal couriers, hosting providers and IT companies) appointed by the Data Controller as external data processors, for tasks of a technical or organisational nature that are instrumental to the provision of services. Furthermore, access to data is also allowed to the categories of La Cisa Technology S.r.l. employees who are involved in the organisation of data processing (administrative staff, collaborators and system administrators). The updated list of Data Processors can always be requested from the Data Controller, by writing to the email address: The list and methods of processing by external Processors, on behalf of the Data Controller, are constantly updated and available at the latter’s headquarters. Any further communication will take place only with your explicit consent.
5 – Place of Data Processing
- stored on paper, computer and electronic media located at the headquarters of La Cisa Technology S.r.l., and at the headquarters of Centro Universitario Internazionale and on the Register servers, on Via Bellafino in Bergamo (BG) 24126;
- hosted by Register on Via Bellafino in Bergamo (BG) 24126, according to the methods and location agreed with the latter, acting as External Processor.
6 – Data retention period
Unless the data subject explicitly manifests his/her will to remove them, personal data will be kept as long as they are necessary with respect to the purposes for which they were collected, and namely to:
- a) allow browsing the www.lacisatech.com Site;
- b) allow the delivery of information relating to the services offered by the Chief Executive Officer, Mr. Teddy Bezzi;
- c) allow conducting the Fidelity Detector online test;
- d) fulfill any obligations provided for by the laws in force, by regulations or EU legislation, or to meet any requests from the Authorities (as required by the law).
In the event of necessary or potential protection of the rights of the Data Controller (also for the purpose of demonstrating compliance with the contract or the services requested), only the personal data of a User that are deemed strictly necessary to such end will be kept unless the data subject or any entitled third party has otherwise provided a release. Personal data not necessary for the fulfilment of the requested service or for the provision of a service strictly connected thereto, will be deleted as soon as possible.
7 – Rights of the Data Subject
The Data Controller guarantees that you can exercise the rights provided for by the GDPR at any time. In particular, you are afforded the following rights: – to know if the Data Controller holds and/or processes personal data relating to you and to access them in full, also by obtaining a copy thereof (Article 15 of the GDPR), – the rectification of inaccurate personal data or the integration of incomplete personal data (Article 16 of the GDPR); – the erasure of personal data held by the Data Controller, if one of the reasons provided for by the GDPR applies (Article 17 of the GDPR); the User, even if not registered, who accesses the Site may, at any time, object to data processing by asking MPL to delete data collected and or data that may potentially be attributable to his/her IP address, giving proof that he/she is the relevant data subject; – to ask the Data Controller to limit the processing to only some personal data, if one of the reasons provided for by the Regulation applies (Article 18 of the GDPR); – to request and receive all your personal data processed by the Data Controller, in a structured format that is commonly used and readable by an automatic device, or to request the transmission of data to another data controller without impediments (Article 20 of the GDPR); – to object, in whole or in part, to the processing of data for the purpose of sending advertising material and market research (Article 21 of the GDPR); – to object, in whole or in part, to the processing of data in automatic or semi-automatic mode for purposes that include profiling (Article 22 of the GDPR). These rights can be exercised by communicating to the Data Controller at the following addresses: – telephone: +39 0544 456363; – email address: firstname.lastname@example.org. It is always possible to lodge a complaint with the Personal Data Protection Supervisor, which can be contacted at: – Piazza di Montecitorio, no. 121, 00186 ROMA, tel. 06.696771, in case of complaint submitted on paper; – email@example.com or to http://www.gpdp.it, for complaints submitted electronically.
8 – Withdrawal of Consent
You can withdraw your consent at any time, without this affecting any data processed prior to the revocation. The withdrawal will necessarily result in the cancellation (erasure) of the subscription to the information services provided to Customers. If your rights are violated as it pertains to any personal data processed by the Data Controller, you have the right to lodge a complaint with the Personal Data Protection Supervisor at the following addresses: Piazza di Montecitorio, no. 121, 00186 ROMA, tel. +39 06.696771, or email: firstname.lastname@example.org.
For additional clarifications, or if you wish to exercise your rights: email@example.com.
Given the plurality of data processed by the Data Controller for the provision of its services, we invite you to read the specific information that the Company provides to its users or potential customers, in order to make them aware of the specific purposes and methods of data processing, for the provision of information relating to the services offered by the Data Controller. Specific information is provided below for the various categories of data subjects whose data are processed by www.lacisatech.com Given the application of the contents of this General Notice, we invite you to pay attention to the specificities of processing provided below.
INFORMATION REQUEST SERVICE
The Data Controller informs you about the processing it intends to perform in relation to the personal data that are necessary in order to comply with requests for information on the services offered.
Purpose of Processing
Processing concerns exclusively personal data, and specifically: name, surname, email address, telephone number, city and company, entered in the contact form available at the following link: https://www.lacisatech.com/contatti/
Purposes of Processing and Consent
Personal data are collected solely to allow the use of the service and the Data Controller to respond to your requests.
Automated Processing (Profiling)
We remind you that any personal data collected through the request form submitted to the Data Controller are not processed for the purpose of profiling or to make automated decisions, as happens for personal data not related to this service, including browsing only.
After being received, your data will be kept for the entire duration of the service, and namely at the end of the contractual relationship with MPL. Furthermore, they will be kept for as long as necessary to ensure MPL’s rights to defense from any disputes, as warranted.
FIDELITY DETECTOR TEST
The Data Controller notifies you of your personal data processing necessary to conduct the online Fidelity Detector test.
Purpose of Processing
Processing concerns exclusively personal data, and specifically: name, surname, email address, telephone number, bank and payment details entered to complete the test accessible at the following link: https://integrityview.webratio.com/page1d.do?nav=0&fld5d_slot=%01&link=oln19d.redirect&fld6d_slot=%01&so=pcu5p&scu7i.attr=172.
Purposes of Processing and Consent
Personal data are collected only to allow the use of the service.
Automated Processing (Profiling)
We remind you that personal data collected are not processed for the purpose of profiling or to make automated decisions, as happens for personal data not related to this service and including browsing only.
After being received, your data will be kept for the entire duration of the service, and namely at the end of the contractual relationship with the Data Controller. Furthermore, they will be kept for as long as necessary to ensure the Data Controller’s rights to defense from any disputes, as warranted.
1 – Browsing Data
During Site consultation, computer systems and applications used to operate the Site may detect, during their normal operation, some Personal Data that have been implicitly transmitted in the use of Internet communication protocols, which are not immediately associated with identified users, but which, through processing or association with public data or data held by third parties authorised for the transfer, could allow the identification of Site visitors (e.g., IP address of the system used for the connection). This identification is not carried out by MPL, as the aforementioned Data are processed for simple navigation for the time strictly necessary for the sole purpose of receiving information relating to electronic traffic and the type of user, and used to ensure proper Site functioning. The Data are removed from the system and stored off-line for the sole purpose of consultation by the judicial authorities, upon their request.
2 – Cookies Used by this Site (Technical cookies that do not require consent for installation)
This site uses only technical cookies, and more specifically:
- cookies relating to activities strictly necessary for the functioning of the site and the provision of the service;
- third-party statistics cookies (Facebook, Twitter, Google and LinkedIn), and access statistics services (however anonymous) such as Shynistat and Google Analytics, used directly by the site operator to collect information in aggregate form for the management of statistics in anonymous form, without user IP tracking (data not profiled at the IP level) and without data sharing with any third parties.
The management of the information collected by “third parties” is governed by relevant information available on the respective sites which, for convenience, are reported below:
- Facebook information: https://www.facebook.com/help/cookies/;
- Facebook (configuration): log into your account. Privacy section;
- Google (in general): Privacy control tools;
- Linkedin: Privacy section
- Youtube – video: http://www.google.it/intl/it/policies/privacy/;
- Analytics – service for analysing the progress of the site;
All technical cookies do not require consent; therefore, they are installed automatically following access to the Site. We do not use monitoring and/or profiling cookies whose installation requires the User’s prior consent.
3 – How to manage cookies on your PC
By accessing the Site and accepting the initial banner containing summary information, the User has given his/her explicit consent to the use of the cookies indicated above. It is possible to block or delete (in whole or in part) cookies also through the specific functions of your navigation program (access your Internet browser and select the settings menu, click on the Internet options, open the Privacy tab and select the desired cookie blocking level).
Updated on: 20/01/2022