ART. 13 REGULATION 679/2016 (hereinafter “GDPR”)
WEBSITE USERS https://www.hystore-project.eu/
This page describes how to manage the information contained in the site https://www.hystore-project.eu/ with reference to the processing of personal data of Users who consult it.
The DATA CONTROLLER is R2M SOLUTION SRL
Address: registered office PAVIA – Via Fratelli Cuzio 42
Certified e-mail: email@example.com
Subjects: Natural persons who access the website and / or contact the data controller
- WEBSITE NAVIGATION
- RESPONSE TO REQUESTS
Provision of data: Cookies are regulated as separate information. The provision of data in relation to requests for information is optional. The only consequence of failure to provide will be the inability to give the information requested.
DATA BEING PROCESSED
- NAVIGATION DATA AND COOKIES: computer systems acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is used in order to obtain anonymous statistical indications regarding the use of the site and its correct functioning and that, although anonymous, by their very nature could, through processing and association with data held by third parties, allow Users to be identified. These data could be used to ascertain responsibility in case of hypothetical computer crimes against the Data Controller and / or against third parties. See cookies policy
- DATA PROVIDED VOLUNTARILY BY THE USER OR COLLECTED WITH THE USER’S CONSENT: data such as name, surname, e-mail address and any contact details (postal and / or telephone) provided by the User (also through any form) will be used to respond to requests or to send informative communications.
LEGAL BASIS OF THE PROCESSING
- The legal basis of the processing for browsing the website is to allow the use of the service and functionality of the site: for these purposes the data are kept for the time specified in the extended information cookies
- the legal basis for the processing of data for the purpose of responding to any requests from Users is identified in art. 6.1 b) GDPR (contract and contractual measures).
RECIPIENTS OF PERSONAL DATA
The data will not be disclosed for a purpose other than that for which they were collected, but may be communicated to:
- Third parties, autonomous Data Controllers or appointed Data Processors or sub-processors such as: external subjects or companies providing professional services for the company, consultants, freelancers who collaborate with the Data Controller;
- Public authorities, control and / or supervisory bodies and public bodies in the cases provided for and permitted by law
- Persons authorized or specifically designated and instructed to process data who are committed to confidentiality or who have an appropriate legal obligation of confidentiality (e.g. employees and collaborators who deal with the specific activities in which the data processing is carried out).
The complete and updated list of Data Processors, as well as other subjects to whom personal data may be communicated is available at the headquarters of the Data Controller and can be freely consulted on request.
PLACE OF DATA PROCESSING
Personal data are processed within the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to transfer personal data also to non-EU countries. In this case, the transfer of non-EU data will take place in accordance with the applicable legal provisions. In the absence of an adequacy decision of the European Commission, any processing of personal data in non-EU countries will be possible only in the presence of adequate guarantees of a contractual or contractual nature, including binding corporate rules and standard contractual clauses of data protection, by the Data Controllers and Data Processors involved.
The data for the purposes related to the request for information by the User will be kept for the time necessary to process the request and for a subsequent period of 12 months, without prejudice to the right of an advance check on the obsolescence of the data.
RIGHTS OF THE INTERESTED PARTIES
In relation to the processing of the aforementioned data, the data subject can exercise the rights referred to in Articles 15-16-17-18-20-21 and 22 GDPR and precisely the right to:
- Access (art. 15 GDPR): you can contact us to find out if your personal data are being processed and the legal information on the processing;
- Rectification (art. 16 GDPR): the correction of inaccurate data or the integration of incomplete data;
- Cancellation/oblivion (art. 17 GDPR): obtain the cancellation of personal data, in cases of law;
- Limitation (art. 18 GDPR): obtain the submission of data to storage only, with the exclusion of other activities, in cases of law;
- Portability (art. 20 GDPR): obtain the data in a structured format, commonly used and readable by automatic device and also obtain direct transmission to another data controller, in cases of law;
- Objection (Art. 21 GDPR): right to stop further processing of personal data for reasons related to your particular situation, subject to our compelling legitimate reasons, in cases of law.
- Withdrawal of consent (art. 7.3 GDPR): right to revoke consent at any time, where previously given.
The data subject may exercise his rights by sending an informal request to the address: firstname.lastname@example.org
COMPLAINT: the interested party has the right to lodge a complaint with the competent Supervisory Authority or with the Guarantor Authority for the Protection of Personal Data www.gpdp.it.
The Data Controller does not carry out processing with automated decision-making processes or profiling.
Last updated: July_2023