Information On The Processing Of Personal Data
This information is provided in accordance with EU Regulation 2016/679 (hereinafter “Regulation” or “GDPR”) and describes the methods of processing personal data of users who consults and use this website, accessible at www.dream-italia.it (hereinafter also “Site”) or use the services offered through the Site.
According to the current European Regulation 679/2016 (“GDPR”), for the protection of personal data, the collection and processing will always follow principles of lawfulness, fairness and transparency.
Following consultation of the Site, data may be processed relating to the user who accesses the site (defined as “interested” as an identified or identifiable natural person).
A. DATA CONTROLLER
The Data Controller is D.R.E.Am. ITALIA Società Cooperativa, Via Garibaldi n. 3, 52015 Pratovecchio Stia (AR), e-mail email@example.com (hereinafter “DC”).
B. DATA PROTECTION OFFICER (DPO)
The Data Protection Officer (DPO) is Mr. Massimo Di Menna.
For any need regarding the protection of personal data, including the exercise of the rights granted to the data subject by current legislation, you can refer to the following contacts to the Data Protection Officer:
C. TYPE OF DATA COLLECTED, PURPOSE, LEGAL BASIS AND RETENTION TIMES
Personal Data may be collected independently by the DC or through third parties.
In this case, the computer systems and software procedures responsible for the operation of this Site acquire some Personal Data of the Users, of a technical-computer nature (e.g. the IP address, the type of browser used, the operating system, the domain name and the addresses of websites accessed or closed, etc.), the transmission of which is inherent to the normal functioning of the Internet.
Purpose: such Data may be processed for the sole purpose of obtaining anonymous statistical information on the use of the site and/or to check its correct functioning.
Retention: Such Data will be deleted immediately after processing.
Legal Basis: the processing is carried out on the basis of the legitimate interest of the Data Controller to make the Site usable and safe navigation on the same time (art. 6, par. 1 let.f). Exclusively for the specific profiling activity the express consent of the interested party (art. 6, par. 1 let.a).
2. User contacts by e-mail, telephone contact
The optional, explicit and voluntary transmission of telephone or email contacts to the contact details and addresses indicated in this website, entails the subsequent acquisition of the data communicated by the user, including his address and-mail, and consent to receive any reply messages to your requests.
In this case, providing the e-mail address and any other data indicated is optional, but essential to be able to use the service and receive a response to your request and, in their absence, we cannot proceed with the processing.
Purpose: The personal data thus provided are used for the sole purpose of satisfying or responding to requests transmitted and are communicated to third parties only if this is necessary for this purpose.
Storage: The data are preserved for the period necessary for the fulfillment of the request and in accordance with current legislation.
Legal basis: The processing is carried out for the fulfilment of a contractual and pre-contractual obligation assumed by the Data Controller with the service (art. 6, par. 1 let.b).
D. RECIPIENTS OF DATA
The personal data collected are processed by the staff of the Data Controller, who acts with specific authorization, provided by the specific instructions for the purposes and methods of processing.
Moreover, the designated subjects or sub-processor responsible for processing pursuant to art. 28 of the GDPR, which Data Controller uses for the provision of services and for the performance of activities within its competence, may be recipients of the data collected following consultation of the web site or use of the services within the limits of their respective assignment.
The relevant list can be requested from the Data Controller using the contact data in section A.
If, through the services offered by the web site, a data controller is appointed in accordance with the art. 28 of the GDPR or sub-processor, the data will be communicated to own Data Controller and/or own Data Processor.
E. DATA TRANSFER
There is no transfer abroad of the personal data provided externally.
F.RIGHTS OF DATA SUBJECTS
Data subjects – the identified or identifiable natural persons to whom the data relate – may exercise specific data protection rights listed below:
a) right of access: right to obtain from the Data Controller the confirmation that personal data is being processed or not and in this case, to obtain access to personal data and detailed information regarding the origin, purposes, categories of data processed, recipients of communication and/or data transfer and more;
b) right of rectification: right to obtain from the Data Controller the rectification of inaccurate personal data without undue delay, as well as the integration of incomplete personal data, also by providing a supplementary statement;
c) right to erasure (“oblivion”): right to obtain from the Data Controller the deletion of personal data without undue delay in case of: i. the necessary data are no longer necessary for the purposes of processing; ii. the consent on which the processing is based is revoked and there is no other legal basis for the processing; iii. personal data have been processed unlawfully; iv. personal data must be deleted in order to fulfil a legal obligation;
d) right to object to processing: right to object at any time to the processing of personal data that have as legal basis a legitimate interest of the Data Controller;
e) right to limitation: right to obtain from the Data Controller the restriction of processing, in the event that the accuracy of personal data is disputed (for the period necessary for the Data Controller to verify the accuracy of such personal data)if the processing is unlawful and/or the data subject has opposed the processing;
f) right to data portability: right to receive personal data in a structured, commonly used and machine-readable format and to transmit such data to another Data Controller, if technically feasible, only for cases where the processing is based on consent or contract and only for data processed by electronic means;
g) the right to propose a complaint to the supervisory authority: without prejudice to any other administrative or judicial recourse, the data subject who considers that the processing concerning him or her infringes the Regulation has the right to propose a complaint to the supervisory authority of the Member State where he or she habitually resides or works, or of the State where the alleged infringement occurred.
The rights can be exercised by contacting the Data Controller through the contact details indicated in section A and B, as follows:
– Data Controller: firstname.lastname@example.org
– DPO: email@example.com
This information is updated on 15/07/2022.