WHY THIS NOTICE IS NECESSARY
According to Regulation (EU) 2016/679 (hereafter, the “Regulation”) and Legislative Decree 196/2003 (hereafter, the “Personal Data Protection Code”), as amended by the Legislative Decree 101/2018 for the adaptation of the national legislation to EU provisions, this page describes the processing of Personal Data of Users visiting the Website: www.faggeteunesco.it
Parco Nazionale delle Foreste Casentinesi, Monte Falterona e Campigna, with registered office in Pratovecchio (AR), Palazzo Vigiani, via Guido Brocchi, 7 – ZIP Code 52015 – Italy, VAT number 01488410513, e-mail: firstname.lastname@example.org
DATA PROTECTION OFFICER
METHODS OF PROCESSING
The Data Controller implements appropriate security measures to prevent unauthorized access, disclosure, alteration, or destruction of the Personal Data.
The Data Processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Data Controller, in some cases, the Personal Data may be accessible to other persons in charge, involved with the operation of this Website (administration employees, sales employees, system administrators) or to external parties (such as technical service providers) who may also have been appointed as Data Processors by the Data Controller, if necessary. The updated list of Data Processors may be requested from the Data Controller at any time.
LEGAL BASIS FOR PROCESSING
The Data Controller may process Personal Data relating to the User if one of the following applies:
- the User has given consent to the processing of his or her Personal Data for one or more specific purposes;
- processing is necessary for the performance of a contract with the User and/or in order to take steps prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which the Data Controller is subject;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
- processing is necessary for the purposes of the legitimate interest pursued by the Data Controller or by a third party.
In any case, it is always possible to request from the Data Controller further information to clarify the specific legal basis that applies to each processing and, in particular, to specify whether the Data Processing is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
DATA PROCESSED AND PURPOSES OF THE PROCESSING
Web browsing data
During their normal operation, the IT systems and the software procedures used to operate this Website collect some Personal Data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes the IP addresses or domain names of the computers and computer terminals utilized by Users, the addresses in URI/URL notation (Uniform Resource Identifier/Locator) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and IT environment of the User.
Such data, needed to access web services, are also processed to obtain statistical information on the use of the Services (most visited pages, number of visitors by hour or by day, by geographical area, etc.).
Web browsing data do not persist for more than seven days and are deleted immediately after their aggregation (except if needed by the Judicial Authority for crime investigations).
Data provided by the User
The optional, explicit, and voluntary sending of communications to the contact addresses of the Data Controller – due to the lack of contact form on the Website of the Data Controller – implies the acquisition of the contact details of the sender, which are necessary for a reply, as well as of all the Personal Data included in the communications.
Cookies and other tracking technologies
This Website uses session cookies (non-persistent) strictly limited to ensure safe and efficient navigation around the websites. The storage of session cookies in computer terminals or browsers is under the control of the User when, at the end of the HTTP sessions on servers, information related to cookies are recorded in the service log. However, the storage period will not exceed seven days, as for the other web browsing data.
THE PURPOSE OF THE PROCESSING
The Personal Data of the User are collected to allow the Data Controller to provide its Services, as well as for statistical purposes (anonymous data).
THE RECIPIENTS OF THE PERSONAL DATA
The Personal Data collected for the above-mentioned purposes will be neither disseminated on the Internet nor disclosed to third parties, except for legal obligations and technical needs related to the provision of the services required.
THE RIGHTS OF THE DATA SUBJECT
The Data Subject has the right to obtain from the Data Protection Authority, where that is the case, access to and rectification or erasure of Personal Data, or restriction of processing of Personal Data concerning the Data Subject or to object to such processing (articles 15 and following of the Regulation). The appropriate request to the Data Controller can be presented by sending a specific communication to the address: email@example.com.
RIGHT TO LODGE A COMPLAINT
If the Data Subject considers that the processing of Personal Data relating to him or to her infringes the Regulation, every Data Subject has the right to lodge a complaint with the Data Protection Authority, according to what established by art. 77 of the Regulation itself, or to an effective judicial remedy (art. 79 of the Regulation).