Information on personal data processing
This page describes how this Website is managed in relation to the processing of personal data of the users who consult it. This statement complies with EU Regulation 2016/679 on personal data of users who interact with the services of this Website. The policy described herein applies solely to the Website of Advice Group and excludes all other websites that can be accessed via links that appear on the Advice Group Website.
Data related to identified or identifiable persons may be processed following consultation of this Website. The Data Controller is ADVICE GROUP S.p.A., with registered office in Via Riberi, 4 -10124 – TORINO.
Location of data processing
The data processing related to the web services is only handled by the technical staff of the Office in charge of processing or by persons in charge of occasional maintenance operations. No data deriving from the web service is communicated or made public.
Purpose of data processing and legal basis of the processing
The personal data provided by users who request or intend to use the services or products offered on the Website and want to receive additional specific content is used for the sole purpose of fulfilling the requests or providing the service requested and are communicated to third parties only in case it is necessary for that purpose. The legal basis of the data processing is the need to respond to the requests of the interested parties or to perform activities as stated in the agreements defined with the interested parties.
With the express consent of the user, the data may be used for commercial communication activities related to products or services provided by the Controller. The legal basis for this data processing is the freely expressed consent given by the interested party.
Outside of these hypotheses, users’ browsing data is stored for the time that is strictly necessary to manage processing activities, within the limits set by law.
Types of processed data
During their normal functioning, the computer systems and software procedures used to operate this Website acquire some personal data whose transmission is implied in the use of Internet communication protocols. This information is not collected to be matched with identified persons. However, because of its nature, it could enable the identification of users, through processing and association with other data held by third parties. This category of data includes the IP addresses or domain names of the computers used by users to navigate the Website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (success, error, etc.) and other parameters concerning the operating system and the user’s IT environment. This data is only used to obtain anonymous statistical information on the Website and to check its correct functioning and it is deleted after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the Website.
Freely provided data by users
The optional, explicit and voluntary sending of electronic mails to the addresses indicated on the Website entails the subsequent acquisition of the sender’s address – necessary to respond to requests – as well as any other personal data included in the message. Detailed summary reports will be provided over time or displayed on the Website pages that have been set up for specific services on request.
Cookies are small text files that are inserted into the hard disk of a computer only upon authorization. Cookies are used to streamline the analysis of web traffic, indicate when a specific site is visited and allow web applications to send information to single users. No personal user data is acquired by the Website in this regard. This Website doesn’t use either cookies to transmit personal information or c.d. persistent cookies of any kind to track users. The use of c.d. session cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) that are necessary to ensure a safe and efficient exploration of the Website. C.d. session cookies used on the Website avoid the use of other IT techniques that are potentially prejudicial to the privacy of users’ browsing and do not permit the acquisition of personal data that may identify the user.
Optional Submission of Data
Besides navigation data, users are free to provide personal data to request the services offered by the Controller. Failure to provide such data may prevent users from obtaining the service/s requested.
Processing methods and data storage time
Personal data is processed by automated tools over the time that is strictly necessary to achieve the purposes for which it was collected. Specific security measures are taken to prevent the loss of data, its illicit or incorrect use and unauthorized access.
Data is stored for the time that is strictly necessary to pursuit the purposes indicated in this statement and will be deleted at the end of this period of time unless it must be kept for legal obligations or to enforce a right in court.
Rights of data subjects
Within the limits and under the conditions established by law, the Controller is obliged to respond to the requests of the interested party concerning their personal data. Specifically, in compliance with the current legislation:
- The interested party has the right to obtain confirmation from the Data Controller on whether data processing concerning his/her person is undergoing. In case it is, the interested party has the right to obtain access to personal data and the following information:
- the purposes of the data processing;
- the categories of personal data;
- the recipients or categories of recipients to whom the personal data have been or will be communicated, especially if the recipients are third countries or international organizations;
- when possible, the storage time of personal data provided or, if not possible, the criteria used to determine this period of time;
- the right of the interested party to ask the Data Controller to rectify or delete his/her personal data, to limit the processing of his/her personal data or to oppose its processing;
- the right to lodge a complaint with a supervisory authority;
- if the data is not collected by the interested party, all available information on its origin;
- the existence of an automated decision-making process, including profiling procedures.
- The interested party has the right to obtain from the Data Controller the rectification of inaccurate personal data concerning him/her without undue delay. Considering the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, also by providing a supplementary declaration.
- The interested party has the right to obtain from the Data Controller the deletion of his/her personal data without undue delay and the Data Controller has the obligation to the delete personal data without undue delay within the limits and in the cases ruled by current legislation. The Data Controller informs each of the recipients to whom the personal data were sent, of any modification or deletions or limitations of the processing within the limits and in the forms stated in the current legislation.
- The interested party has the right to obtain the limitation of data processing from the Data Controller.
- The interested party has the right to receive the personal data provided to a Data Controller in a format that is structured, commonly used, and readable by automatic devices. Furthermore, the interested party has the right to transmit such data to any other data controller without any impediment from the Data Controller to whom the data was sent in the first place.
To exercise the rights listed above, the data subject must submit a request to the following address: ADVICE GROUP S.p.A. with registered office in Via Riberi, 4 -10124 – TORINO. The Data Protection Officer – if designated by the Data Controller – may be also contacted at the same address. The following email address can also be used: email@example.com