Subjects of treatment
The data controller under applicable laws is the site administrator, who can be contacted through the CONTACT section.
Legal basis for processing
We process data primarily on the basis of users' consent. The provision of consent is done through the banner placed at the bottom of the page, or through the specially prepared communication or service request forms, by which consents related to the specific purpose of the service are collected. The provision of data and therefore consent to the collection and processing of data is optional, the User can deny consent, and can revoke at any time a consent already provided (via the banner placed at the bottom of the page or the browser settings for cookies, or the Contact link). However, denying consent may result in the inability to provide certain services and the site browsing experience may be reduced.
Data for site security and prevention from abuse and SPAM, as well as data for site traffic analysis (statistics) in aggregate form, are processed based on the legitimate interest of the Data Controller in protecting the site and the users themselves. In such cases, the user always has the right to object to the processing of data (see par. User Rights).
Data provided for consulting or professional assignments are processed based on the fulfillment of a contract and the fulfillment of a legal obligation. In such cases, appropriate information is provided.
Purpose of processing
The processing of data collected from the site, in addition to the purposes related, instrumental and necessary for the provision of the service, is aimed at the following purposes:
- Statistics (analysis)
Collection of data and information in aggregate and anonymous form only in order to verify the proper functioning of the site. None of this information is related to the physical person-User of the site, and does not allow in any way its identification. Consent is not required.
- Security
Collection of data and information in order to protect the security of the site (spam filters, firewalls, virus detection) and Users and to prevent or expose fraud or abuse against the website. The data are automatically recorded and may possibly include personal data (Ip address) that could be used, in accordance with relevant laws, in order to block attempts to damage the website itself or to harm other users, or otherwise harmful or criminal activities. Such data are never used for User identification or profiling and are deleted periodically. No consent is required.
- Ancillary activities
Disclose data to third parties who perform functions necessary or instrumental to the operation of the service, and to enable third parties to perform technical, logistical and other activities on our behalf. Providers have access only to personal data that are necessary to perform their tasks, and agree not to use the data for other purposes, and are required to process personal data in accordance with applicable regulations.
- Consulting and professional assignments
In the case of spontaneous submission of data for the purpose of requesting professional advice or for a professional assignment, the data will be used only for the purpose of evaluating the assignment and for its eventual fulfillment. In such cases, appropriate information will be provided.
Data collected
We collect user data in two ways.
- Data collected in an automated manner
During Users' browsing, the following information may be collected and stored in the log files of the server (hosting) of the site:
- internet protocol (IP) address;
- type of browser;
- parameters of the device used to connect to the site;
- name of the internet service provider (ISP);
- date and time of visit;
- web page of the visitor's origin (referral) and exit;
- possibly the number of clicks.
This data is used for statistical and analytical purposes, in aggregate form only. The IP address is used for security purposes only and is not cross-referenced with any other data.
- Data provided voluntarily
The site may collect other data in the event of voluntary use of services by users, such as comment services, communication (contact forms, for consultation requests), and will be used exclusively for the provision of the requested service:
- name;
- email address;
- any additional data sent spontaneously by the user.
Place of processing
The data are processed at the headquarters of the Data Controller, and at the datacenter of the web OVH, is responsible for the processing by processing the data on behalf of the controller, is located in the European Economic Area and acts in accordance with European standards.
Period of data retention
Data collected during the operation of the site are kept for the time strictly necessary to carry out the specified activities. Upon expiration, the data will be deleted or anonymized, unless there is no further purpose for retaining the data.
Data (IP address) used for site security purposes (blocking attempts to damage the site) are kept for 30 days.
Data for analytics (statistics) purposes are kept only in aggregate form.
Data collected for requests for consultancy or professional assignments are kept for the time necessary to carry out the assignment and for ancillary purposes (judicial protection, etc...).
Transfer of data to third parties
Data collected by the site are generally not provided to third parties, except in specific cases:
- legitimate request by the judicial authority and only in cases provided for by law;
- if it is necessary for the provision of a specific service requested by the User;
- for the execution of security checks or optimization of the site.
Transfer of data to countries outside the European Union
We may have to share some of the data collected with services located outside the European Union area. In particular with Google, Facebook and Microsoft (LinkedIn) via social plugins and the Google Analytics service. The transfer is authorized according to specific decisions of the European Commission, or according to the Standard Contractual Clauses of the individual services (see pars. on third-party services).
Security Measures.
We process visitor/user data lawfully and fairly, taking appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of data. We are committed to protecting the security of your personal data during its submission, using Secure Sockets Layer (SSL) software, which encrypts information in transit. The processing is carried out by means of computer and/or telematic tools, with organizational methods and logics strictly related to the stated purposes. In addition to the Data Controller, in some cases, categories of appointees involved in the organization of the site or external parties (such as third-party technical service providers, hosting providers) may have access to the data.