PRIVACY POLICY

INFORMATION RELATED TO TREATMENT OF PERSONAL DATA

 

Pursuant to the General Data Protection Regulation (EU) 2016/679 (hereinafter GDPR) this page describes how to treat the personal data of users who consult the website cristinachiomenti.com (or cristinachiomenti.it), hereinafter “the Site”.

 

OWNER AND DATA CONTROLLER

Cristina Chiomenti – VAT 10213640963 – Via Gaudenzio Ferrari, 5 – 20123 Milano (MI) Italy
E-mail address: info@cristinachiomenti.it

 

LEGAL BASIS OF THE TREATMENT

Owner treats User’s Personal Data for one or more specific purposes if he has given consent or if the treatment is necessary to the execution of a contract with the User or to fulfill a law obligation or to pursue the legitimate interest of the Owner or third parties.

 

TYPES OF DATA COLLECTED AND TREATMENT PURPOSE

User data are collected on the Site, either independently or through third parties, to allow the Owner to provide his services, to contact the User and interact with social networks and external platforms.
 
Data provided by the user
All contact details (name, surname, email) freely provided by the User to request information, subscribe to the newsletter and enjoy the services, as well as other personal data voluntarily included in the communications by the User.

User agrees to their usage for the purposes indicated by completing the appropriate forms with his/her data.
 
Usage and navigation data
This information is automatically collected with the use of the Site and may include the IP addresses or domain names of the involved computers, the addresses in the Uniform Resource Identifier/Locator notation (URI/URL) of the visited pages, time of the request, method used to forward the request to the server, size of the file obtained in response, a numerical code indicating the response from the server (valid, error status, etc.), the country of origin, characteristics of the browser and other parameters related to the operating system and the User’s computer environment.

This data may be necessary for the use of the web features, to check the correct functioning of the services offered and possibly to obtain statistical information on the use of the Site.
 
Cookies
Use of cookies by the Site or the owners of third-party services, is intended to make navigation safe and efficient and to provide the service required by the User.

For detailed information about using cookies by the Site, you are invited to consult the Cookies Policy.
 
Interaction data with social networks and external platforms

From the Site pages it’s possible to interact directly with social networks or with other external platforms.
The interactions and information acquired by our Site are in any case subject to the User’s privacy settings relating to each social network.

For further information the User is invited to consult the respective privacy policies:
Facebook: privacy policy
Twitter: privacy policy
Instagram: privacy policy

 

METHODS OF TREATMENT AND DATA RECIPIENTS

The Owner shall take the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The treatment is carried out by means of IT and/or telematic tools, with organizational modalities and processes closely related to the indicated purposes.

In some cases, in addition to the Owner, external subjects such as third-party technical service providers, postal couriers, hosting providers, IT companies or communication agencies may have access to Data.

For the management of Site and related data, the Owner uses the hosting services of SiteGround (it.siteground.com), registered office SiteGround Italia SRL. Via Agnello 8, Milano 20121, appointed Responsible for the Treatment and contactable at e-mail address privacy@siteground.com .
All Siteground’s obligations regarding the management of customer Data as required by GDPR are described in detail in the Data Processing Agreement and in the host Privacy Policy.

 

PLACE

Data are processed at the operating premises of the Owner and in any other place where the parties involved in the treatment are localized. For more information, contact the Owner.

 

RETENTION PERIOD

Data are processed and stored for the time required by the purposes for which they were collected.
Therefore, Personal Data collected for the execution of a contract between the Owner and the User will be withheld until the execution of such contract, those aimed at the legitimate interest of the Owner will be withheld until the satisfaction of that interest.

When the treatment is based on the User’s consent, the Owner may keep the personal data longer, until such consent is revoked. In addition, the Owner may be obliged to keep Personal Data for a longer period in accordance with a statutory obligation or by order of an authority.

At the end of the retention period Personal Data will be deleted. Therefore, the right of access, cancellation, rectification and the right to portability of Data may no longer be exercised in the expiry of that period.

 

USER RIGHTS

With reference to Personal Data processed by the Owner, the User, in the cases provided for by GDPR, has the right to revoke at any time the consent previously expressed to the processing of his Data, to obtain access, rectification, deletion of Data (right to oblivion), limitation of the treatment and portability of Data; User also has the right to oppose the processing of his/her Data and to send a complaint to the Supervisory Authority.

The User may exercise at any time the above rights by sending a notice to the contact details of the Owner indicated in this document.

 

CHANGES TO THIS PRIVACY POLICY

The Data Controller (Owner) reserves the right to make changes to this privacy policy at any time by giving information to Users on this page and, if technically and legally feasible, by sending them a notification through one of the contact details of which the Owner is in possession.