Cybermarket takes the issues of data protection and confidentiality very seriously. The following information describes the treatment of the personal details we receive and collect through webforms that we have designed on behalf of our client and that are located on the client's site. This privacy information is provided in accordance with Article 13 of Italian Legislative Decree No. 196/2003 (the Italian Data Protection Act) for the benefit of those who interact with our web services.
Important information on the processing of personal details in accordance with Article 13 of Italian Legislative Decree No. 196/2003 relating to the protection of individuals and others in respect of the treatment of their personal details.
We hereby inform you that our company may, currently or in future, acquire details relating to you that are classified as 'personal' in accordance with Article 13 of Italian Legislative Decree No. 196/2003 (the Italian Data Protection Act).
First of all, the Act states that those responsible for data processing activities are required to inform the individual concerned that his or her details are subject to such processing activities and to give the individual concerned (the 'data subject') certain indications of the ways in which the processing activities will be executed. The law requires that all personal details be treated fairly, lawfully and transparently, in ways that protect the rights (including the right to confidentiality) of the individual concerned.
- Controller: identifies the web agency to which the site owner has delegated the responsibility of designing and managing the site through which your details are received and/or collected. The ways in which your data is processed are defined directly by the controller (in this case, the web agency) within the limits laid down by the relevant legislation.
- Site owner: identifies the party to which the site refers. The information we receive, collect and process is sent to the site owner, and the site owner is the end-user of the processed information.
In respect of this legislation, we provide you with the following information:
1. SCOPE OF THE VALIDITY OF THE GUIDANCE NOTES
Once we pass the personal data we receive to the site owner, the site owner should be considered the only responsible party. We decline all responsibility for the eventual treatment by the site owner of the details we supply.
2. DESCRIPTION OF PROCESSED DETAILS
The only personal details we process are: your name, home address, contact nos., etc.; your e-mail address.
We do not hold any information that may be considered classified (under the terms of Article 4, Subsection 'd') of Italian Legislative Decree No. 196/2003 or judicial (under the terms of Article 4, Subsection 'e' of the same law).
3. METHODS OF DATA COLLECTION
The personal details are collected in the following ways:
- through databases that are for the most part electronically controlled;
- by other electronic means;
- supplied directly by the individual to which they relate.
4. PURPOSES OF DATA PROCESSING
By 'purposes' we intend the motive(s) for which the data is collected in the first place. In certain cases, depending on the precise motives, it may be necessary for you to give your prior consent before collection and processing operations may be initiated. Should your consent be necessary, the data in relation to which it is required will be clearly indicated on the consent form and you will have the opportunity to consent only to certain types of collection and processing, while barring the use of your details for other purposes by withholding your consent in those cases.
The site owner has delegated the responsibility of designing and managing his or her site to the controller (the same party responsible for writing these notes). For the purposes of this activity, we collect data on the sites owner's behalf in order to then pass those details on to him or her. In certain cases, it may be necessary for you to communicate with us in order for us to send you the information and services that you have requested of the site owner through us.
5. METHODS OF DATA PROCESSING
The details we receive and collect are processed (for the most part automatically, but with some manual input) using equipment and procedures that are sufficiently secure as to guarantee that the details remain private and confidential even when complex technologies such as the internet are used to process them.
These activities may include all or any of the following operations: collection, registration, (re)organization, conservation, consultation, adaptation, alteration, retrieval, extraction, comparison, use, linking, barring, cancellation and deletion/destruction of the details, in accordance with Article 4, Paragraph 1, Subsection 'a' of the Italian Data Protection Act. These operations, necessary for processing purposes, may also include the transmission and dissemination of those details as described in these notes.
In addition, we hereby inform you that the personal details relating to you will be:
a) treated lawfully and correctly;
b) collected and recorded for the explicitly stated lawful purposes, and utilized for other data processing operations only in ways that are consonant with those purposes;
c) accurate and, where necessary, kept up-to-date;
d) relevant, complete and not excessive in relation to the purposes for which they were collected and, subsequently, processed;
e) stored in such a way as to allow the individual concerned to be identified only for the duration required by the purposes for which his or her details were collected and, subsequently, processed.
All of the above is in accordance with Article 11 of Italian Legislative Decree No. 196/2003.
Specific security measures are taken to prevent loss, illegal or incorrect use, and unauthorized access.
6. ENTRUSTING OF PROCESSING ACTIVITIES TO THIRD PARTIES
The personal details to which these notes relate will not be entrusted by us to third parties. By 'entrusted' we mean outsourced in their entirety for data processing and management purposes (such as book-keeping, payrolls, marketing initiatives, etc.) on our behalf.
7. SECURITY OF PERSONAL DETAILS
The personal details we hold on our systems are protected against unauthorized access, use or distribution. The data will be accessed exclusively by those members of our staff in possession of the correct authentication information. All appropriate security measures have been taken to prevent unauthorized access from local and web-based sources. All the details we hold are stored in a secure, continuously monitored environment and, moreover, numerous physical, electronic and organizational procedures have been put in place to further safeguard and protect the information itself.
8. GRANTING OF ACCESS TO PERSONAL DETAILS
It is not compulsory for you to disclose your details to us.
9. SHARING OF INFORMATION
The personal details stored in our archives are not resold, marketed or loaned to third parties. Should any of the above activities become necessary, you prior consent will be sought. Your personal details may, however, be disclosed and/or disseminated in the ways described below (under the next heading, 'Disclosure and Dissemination').
10. DISCLOSURE AND DISSEMINATION
We undertake not to disseminate your details, by which we mean that we will not allow them to be accessed in any way by unspecified parties. This includes making the data available for consultation on- or off-line.
We will only pass your details on to the site owner for the purpose described earlier.
Additionally, however, they may also be disclosed to:
- those requesting access for legal reasons, within the limits set forth by the relevant legislation;
- those responsible for the repair of our IT systems, only if those systems develop a fault, and only for the time required to resolve it (the engineers may during that time have access to databases that contain your personal information);
- those responsible for data processing and data security within our organization. The names of these individuals are given in the section 'Controllers and Responsible Individuals' later in these guidance notes;
- those responsible for technical support, nominated by the controller of the information being processed.
11. YOUR RIGHTS
You, as the 'data subject' to which the personal details relate, have the right to be informed at any time whether or not any details are still being held, and if so, which details are being held and where they were acquired. The 'data subject' also has the right to correct inaccuracies and to request that the data be updated or rendered complete. These rights are granted in accordance with Article 7 of Italian Legislative Decree No. 196/03.
Under the terms of the above article, you also have the right to request that your details be deleted/destroyed, rendered anonymous or blocked should the processing activities violate the terms of the law. You can also bar, on legitimate grounds, the use of your data, even if the data is relevant to the purpose(s) for which it was collected. You can also object to it being used for marketing, direct sales, market research or other commercial purposes.
To exercise your rights, please contact Mr. Giacomo Galgani, the person we have nominated in accordance with the terms of Article 13, Subsection 'f' of Italian Legislative Decree No. 196/03 as the individual legally responsible. Mr. Galgani may be contacted by post at our registered business address or by e-mail at the following address: firstname.lastname@example.org.
We provide the following extract from Article 7 of Italian Legislative Decree No. 196/03 to remind you of the rights you can exercise in relation to our treatment of your personal details.
Article 7 (Rights of access to personal details and other rights)
1. The individual concerned has the right to request confirmation of the existence or otherwise of the personal details relating to him or her, even if the details have not been recorded, and to receive those details in intelligible form.
2. The individual concerned has the right to request information on:
a) the origin of the personal details;
b) the purpose(s) of processing and the methods used;
c) the technology applied where the processing activities are performed using electronic equipment;
d) the controller and all other parties with access to the details of the individual concerned, in accordance with Article 5, Paragraph 2;
e) the parties (or categories) to which the personal details may be disclosed, or the parties which may have access to the details for legal reasons.
3. The individual concerned has the right to request:
a) the updating, correction or, when in their interests, completion of the details held;
b) the cancellation, rendering anonymous or blocking of access to the personal details should they be processed in violation of the relevant legislation. The personal details referred to here also include any details that do not require to be stored in relation to the purposes for which they were initially collected and, subsequently, processed;
c) proof that those to whom the details were disclosed or disseminated have been notified of the operations described in Subsections 'a' and 'b', unless the fulfillment of this task proves impossible or would require the use of means that are clearly disproportionate to the rights being protected.
4. The individual concerned has the right to oppose, fully or in part:
a) the processing of his or her personal details, even if such processing is relevant to the purposes for which the data was collected;
b) the processing of his or her personal details for purposes of marketing, direct sales, market research or other commercial purposes.
12. DATA CONTROLLER AND OTHERS RESPONSIBLE FOR DATA PROCESSING
Cybermarket Srl, Via Montegrappa, 24/a, 53036 Poggibonsi (Si)
Party responsible for access to your personal data (as prescribed in Article 13):
Cybermarket Srl, Via Montegrappa, 24/a, 53036 Poggibonsi (Si)
A complete list of those charged by us with the responsibility of processing your personal data may be easily obtained by contacting the party responsible for access as indicated at Point 11 of this document.
Return to form