This information, provided in accordance with Art. 13 of Reg. 2016/679 (GDPR), aims to clarify to the Users of the Website (www.piccin.it) how we collect personal data, why we collect them and how Users can update, manage, export and delete their information.
The aim is to provide you with all the information necessary to make your navigation of the Website transparent and secure. It is therefore important that you read the content below carefully, and if you do not agree with the content, we invite you to stop browsing the Website.
This information applies exclusively to the Website accessible at www.piccin.it, and which may be reached by the User via dynamic links.
In order to provide these services, however, we need to collect certain personal data, including through automated tools, as better indicated below.
The Data Controller of the personal data collected is PICCIN NUOVA LIBRARIA SPA, with registered office in Via Altinate, 107 - 35121 Padova (PD), VAT and tax code 01524160288, e-mail firstname.lastname@example.org, in the person of its pro tempore legal representative.
Through the Website we collect various personal data of Users that can identify them, such as personal data and/or accounting data. In particular, we collect the following personal data:
- Navigation Data:
The Website acquires some personal data whose transmission is implicit in the use of Internet communication protocols (so-called Cookies); this is information that is not collected to be associated with identified individuals but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes, by way of example: the IP addresses or domain names of the computers that connect to the Website, the URI (Uniform Resource Identifier) of the resources requested, the date and time of the request and other parameters relating to the operating system.
This includes the following data
- Data provided voluntarily and directly by the User:
The User is free to provide personal data to the Data Controller.
The optional, explicit and voluntary sending of personal data to the Data Controller, of the e-mail address and/or the filling in of electronic forms, present on the Website, in order to forward requests aimed at the possible use of our services or for initiatives aimed at receiving our promotions, advertising material, cost estimates and possible supply of goods and/or services, reports of complaints, etc., entail the acquisition, by us, of the sender's address, as well as any other personal data included in the message and/or in the electronic form.
This includes the following data:
- Third party data provided voluntarily by the User: The User may also voluntarily provide data of third parties, who have no relationship with the Data Controller, for example by entering a different shipping address.
This includes the following data
In the event that the User communicates third party content to the Controller, the latter declares that he has collected the necessary consent for the processing of personal data, and the communication of the same to the Controller.
The Owner will not process "special" and/or "sensitive" and/or "judicial" data pursuant to EU Reg. 2016/679;
Purpose of Processing
Personal data collected through the Website are processed by the Controller for the following purposes:
Moreover, with the Users' consent, we may also
Obligation to provide data
The provision of data by the User is optional.
However, failure to provide personal data may make it impossible for the Controller to provide the services requested and/or to fulfil its contractual obligations (e.g.: in the event that data for making payments is not provided).
In any case, the provision of data is always compulsory when it is necessary to fulfil a legal obligation (e.g. in the case of sending data in accordance with the Consolidated Law on Public Security; fulfilling accounting obligations; etc.).
Legal basis of processing
The Data Controller processes personal data in the manner indicated in Art. 6 of Reg. 679/2016, and in particular after collecting consent from the User.
The Controller may, in any case, process the personal data of the Users even without their consent in the following cases:
Methods of Processing
The information systems and computer programs are configured to minimize the use of personal data and identification data, so as to exclude their processing when the purposes pursued in individual cases can be achieved through, respectively, anonymous data or appropriate methods that allow identification of the person concerned only when necessary.
We also guarantee data security through appropriate backup and data recovery systems.
Duration of processing
Personal data will be retained for as long as necessary to provide the services requested by the User (e.g. until the Account is deleted from the Website) and/or until consent is revoked.
In case of withdrawal of consent and/or at the end of the provision of services, the data will be kept within the time limits established by law for the fulfilment of, for example, civil and fiscal obligations, and in any case for a period of not less than 10 years.
Transfer of personal data abroad
In order to improve the services we offer, we may transfer your personal data to other member countries of the European Union, for example when using cloud systems.
If for the provision of the requested services, or for matters of a technical and/or operational nature it is necessary to use entities located outside the European Union, or it is necessary to transfer some of the data collected to technical systems and services managed in the cloud and located outside the European Union area, the processing will be regulated in accordance with the provisions of Chapter V of Reg. 679/2016 and authorised on the basis of specific European Union decisions.
The user's personal data shall be communicated to third parties in the sole and exclusive case in which this is necessary for this purpose. Without prejudice to the communications made in execution of obligations provided for by laws, regulations or Community legislation, the data collected may be communicated to subjects or categories of subjects such as: Authorities and Public Institutions, IT and business consultancy companies, external professionals and/or companies providing services and consultancy (for example: in the field of accounting, tax, legal, etc.); other suppliers of goods and/or services necessary to meet the requirements of the applicant, companies operating in the transport sector; subjects whose right to access data is recognised on the basis of legal provisions and secondary regulations.
Sharing of personal data
The personal data of the Users, as well as employees and/or collaborators authorised for processing and/or external managers, who may become aware of the personal data within the scope of their respective functions and in accordance with the instructions received, may be communicated to:
Users' data will never be disseminated.
Rights of the interested parties
Each User and/or Data Subject may at any time exercise the rights provided for by Articles 15-22 of Reg. 679/2016, and in particular:
Each interested party may exercise these rights by notifying the Data Controller at the addresses indicated in the heading.
Furthermore, the Data Subject shall always have the right to lodge a complaint with the Data Protection Authority pursuant to Art. 77 of Reg. 679/2016.
We reserve the right to modify the content of this information on the processing of personal data at any time, giving notice in the forms of use and in any case by publication on the Website.
Changes will be effective, unless otherwise notified, from the time of publication of the update.
The official version of this policy on the processing of personal data is the version written in Italian.