INFORMATION ON THE PROCESSING OF
PERSONAL NAVIGATION DATA AND COOKIES
Who is the Data Controller?The Data Controller is Gruppo Toscano S.p.A., Via Nomentana 90/92 00161 Roma. The information describes the features of processing carried out by the Data Controller in relation to the website's browsing data http:// guidobaldi.it/
What personal data do we collect?The Data Controller collects the following data:
- user identification data, such as, for example, IP addresses and computer domain names;
- data related to the use of the website by the user;
- data voluntarily provided by the user – identifying information - access to certain services offered through the website, which is referred to specific information in the relevant reference sections (for example, the section "Contact the agency for this property").
For what purposes are personal data used?The Data Controller processes personal data for the following purposes:
- to manage the correct use of the website;
- to evaluate the use of the website by users in statistical format;
- to ascertain any wrongdoing committed by users to the detriment of third parties or to the detriment of the Data Controller;
- to comply with the European and national legislation, as well as with the provisions of the Privacy Authority;
- to profile the user based on his/her browsing within the website.
Why is the process that we do legitimate?The processing of personal data carried out by the Data Controller is legitimate because it is based on the consent of the interested party expressed during the act of browsing.
How will the Data Controller process your personal data and how long are they stored?Your personal data are processed both in paper and electronic format. The Data Controller stores the user's personal information by following certain fundamental criteria highlighted below: in particular, referring to the purposes of collection and the statute of limitations prescribed by law.
To whom do we disclose your personal data?
Within the Data Controller's organisationPersonal data may be accessed by the Data Controller's collaborators who need it to offer the services requested, limited only to information that is instrumental and related to this, with particular reference to employees and non-employees.
Service providersThe Data Controller shares personal information with some suppliers who support Gruppo Toscano in the website's management. If third parties access the data, they will do so in compliance with the current legislation for the protection of personal data and instructions given by the Data Controller.
Legislative requirementsWe do not disclose personal information to other third parties without permission, except when required by the law or by an Authority.
Are the data transferred abroad?User data are not transferred abroad.
What are your rights as a data subject and how can you exercise them?The European General Data Protection Regulation (2016/679) guarantees you, as a data subject in processing, specific rights.
For each process, you may exercise the following rights:
- Right of access: you have the right to obtain a copy of the personal data we hold and which are subject to processing;
- Right to rectify: you have the right to rectify your personal data stored by the Data Controller if they are not updated or correct;
- Right to object the processing of personal data for commercial purposes: you may request the Data Controller cease sending commercial communications any time;
- Right to oppose decisions based on solely automated processes: you may request to not be the recipient of decisions on the basis of exclusively automated processes, including profiling activity;
- Right to revoke consent already granted: you have the right to revoke consent already granted for a given process at any time;
- Right to contact the Privacy Authority for the protection of personal data: you have the right to contact the Privacy Authority for the protection of personal data in the case of doubts regarding the processing of personal data made by the Data Controller.
- Right to cancel: you may request the Data Controller delete your personal data if the purposes of processing have ceased and there are no legitimate interests or legal provisions required for the continuation of data;
- Right to object to processing: you may request the Data Controller cease performing a specific process on your personal data;
- Right to restrict processing: you have the right to request the Data Controller limit the processing operations on your personal data;
- Right to data transferability: you have the right to obtain a copy of your data in a structured and computerised format transferable to another Data Controller.