PRIVACY POLICY SACHì
Your personal data will be used by Sachì (di Bezzon Sara Via Romea 13, Legnaro PD – VAT No. 03486110285 and Tax code BZZSRA76S43G224M) which is the Data Controller for the processing and can be reached by phone at +39 3389982811 and by e-mail at info@sachi.it, in compliance with the data protection principles laid down in Regulation (EU) 2016/679 (GDPR) and in the applicable national legislation.
PERSONAL DATA SOURCE
Personal data are collected by Sachì directly from the data subject.
DATA CATEGORIES
Sachì will process the following personal data:
- • Automatically collected data. The computer systems and applications dedicated to the operation of this website detect, in the course of their normal operation, certain data (the transmission of which is implicit in the use of Internet communication protocols) potentially associated with identifiable users. The data collected include IP addresses and domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters concerning the operating system, the browser and the computer environment used by the user. These data are processed, for the time strictly necessary, for the sole purpose of obtaining statistical information on the use of the site and to check its proper functioning. The provision of such data is mandatory as it is directly related to the web browsing experience.
- Data provided voluntarily by the user. The voluntary and explicit sending of electronic mail to the addresses indicated in the different access channels of this site entails the request for consent and the possible filling in of specifically prepared forms entails the subsequent acquisition of the sender’s/user’s address and data, which are necessary to reply to the requests made and/or provide the service requested. The voluntary sending of e-mails to our e-mail addresses does not require any further information or request for consent. On the contrary, specific summary information will be given or displayed on the pages of the site set up for particular services on request (forms). The user is therefore required to explicitly consent to the use of the data in these forms in order to send the request.
-
Cookies. The site does not use third-party technical/profiling cookies that may collect users’ browsing data, the provision of which is optional and takes place through the expression of free and informed consent. Cookies operate in order to analyse the effectiveness of the site and make it easier and more intuitive over time. The data collected through cookies is used to make the browsing experience more pleasant and more efficient in the future by attempting to assess the users’ behaviour and to modify the content offerings according to their behaviour. A separate cookie policy is available for more information.
METHODS AND PURPOSES OF DATA PROCESSING
We inform you that the data will be processed with the support of both computerised and paper means, with the following purposes:
- Promotional activities.
- Communication of data to third parties to perform functions and technical activities necessary for the service.
- Multimedia Communication.
- Monitoring and improving the quality of services.
- Customer Care.
- Web Site Management.
- Information by electronic means.
- Sending courtesy communications and/or promotional/information material.
- Marketing (market analysis and surveys).
- Newsletter.
- Offering goods and services through mailing lists.
- Market research, statistical studies, and customer satisfaction checks on products.
LEGAL BASIS
According to Art. 6 of the GDPR, the legal basis for the processing of common data is the consent of the data subject.
The company processes the optional data of users on the basis of their consent, i.e., by explicitly approving this privacy policy and in connection with the methods and purposes described below.
CATEGORIES OF RECIPIENTS
Without prejudice to communications made in fulfilment of legal and contractual obligations, all data collected and processed may be communicated exclusively for the purposes specified above to the following categories of recipients:
- Supervisory and Control Authorities.
- Consultants and freelancers also in associated form.
- Providers of administrative and accounting services.
- IT service providers.
- E-mail managers.
- Processing platforms.
- External managers.
- Social Media.
- Marketing companies.
- Entities carrying out documentation archiving activities.
In addition, in the handling of your data, authorised individuals and/or external data processors who have been identified in writing and who have been given specific written instructions regarding the handling of the data may become aware of the data.
PROCESSING OF DATA ABROAD:
The data collected are not transferred abroad.
STORAGE PERIOD
The data collected shall be stored for no longer than is necessary for the purposes for which the personal data are processed (“principle of storage limitation”, Art.5, GDPR) or according to the deadlines stipulated by legal regulations. Checks on the obsolescence of stored data in relation to the purposes for which they were collected are carried out periodically.
RIGHTS OF THE DATA SUBJECT
Pursuant to European Regulation 679/2016 (GDPR) and the national legislation in force, the data subject may, in the manner and within the limits provided for by the legislation in force, exercise the following rights:
- • Request confirmation of the existence of personal data concerning him/her (right of access of the data subject – Art. 15 of Regulation 679/2016).
- Know their origin.
- Receive intelligible communication.
- Obtain information on the logic, methods, and purposes of the processing.
- Request the updating, rectification, integration, erasure, transformation into anonymous form, blocking of data processed in breach of the law, including data no longer necessary for the purposes for which they were collected (right to rectification and erasure – Articles 16 and 17 of Regulation 679/2016).
- Right to restrict and/or object to the processing of data concerning him/her (Art. 18 and Art. 21 of Regulation 679/2016).
- Right of revocation.
- Right to data portability (Art. 20 of Regulation 679/2016).
- in cases of consent-based processing, receive the data provided to the data controller in a structured, machine-readable form and in a format commonly used by an electronic device.
- the right to lodge a complaint with the Supervisory Authority (data subject’s right of access – Art. 15 of Regulation 679/2016).