With this document ("Information"), the Data Controller, as defined below, wishes to inform you about the purposes and methods of processing your personal data and the rights that are recognized by Regulation (EU) 2016/679 on the protection of natural persons, with regard to the processing of personal data and their free circulation ("GDPR"). This information may be supplemented by the Data Controller if any additional services requested by you may result in further processing.
1. Owner and Manager of the Treatment, DPO
The Data Controller is AIR FIRE S.P.A. C/ Mata 21, Local - 08004 Barcelona (SPAIN) p.i. /c.f. 04715110583 The Data Controller has appointed a Severino Di Stefano Via Pio Joris Managing Director, 19 / L 00155 p.i. /c.f. 11771701007 firstname.lastname@example.org The owner has appointed a Data Protection Officer (Data Protection Officer), whom you can contact for the exercise of your rights, as well as to receive any information relating to them and / or this information, writing Att.ne of the Data Protection Officer director Severino Di Stefano Via Pio Joris 19 / L 00155 pi /c.f. 11771701007 email@example.com contacting us also by telephone 0695944943 3927446324 The Holder and the DPO, also through the designated structures, will take care of your request and provide it, without undue delay and in any case, no later than one month after receipt of the itself, information relating to the action taken regarding your request. We inform you that if the Owner has doubts about the identity of the individual submitting the request, he / she may request further information necessary to confirm the identity of the person concerned. Categories of Interested: Natural persons, legal entities, public and private organizations.
2.1. Execution of the Contract - Use of the service
TREATMENT: Service The processing of your personal data is necessary for the acquisition of preliminary information to the conclusion of the contracts that it will stipulate with AIR FIRE S.P.A. Data Controller, for the completion and execution of the contract that provides for the provision of our services Purpose of the treatment
Condition Lawfulness Treatment Purpose Description Execution Contract Acquisition of preliminary information on the conclusion of contracts and / or provision of the service. Online application on cloud for the drafting and maintenance of a privacy system in accordance with the European Regulation 679/2016 as well as current privacy regulations. Contract Execution Execution and management of the contract for the execution of the online cloud application for the drafting and maintenance of a privacy system in accordance with the European Regulation 679/2016 as well as the current privacy regulations. Nature of the provision: Mandatory Consequences refusal to provide data: Failure to provide the data will make it impossible for the company to respond to your pre-contractual / contractual requests, provide the service and / or execute the contract. Minimum data protection measures: The server operating system, in which the web application and database are allocated, is installed on a cloud computing hardware infrastructure provided by the company HOSTINGPERTE ARMADA VAT Number 00873530943 able to guarantee high levels of integrity , availability and confidentiality of information. Personal data retention period: Your personal data will be processed actively for the time necessary for the management of the existing relationship and / or the execution of the contract. The information collected for the evaluation of the conclusion of the contract, in case of non-completion, will be canceled within 12 months. Treatment Reference Standards: European Regulation 679/2016 Recipients of the Treatment: AIR FIRE S.P.A. C/ Mata 21, Local - 08004 Barcelona (SPAIN) Types of data processed: Category Type common data personal data
2.2. Legal obligations
TREATMENT: Preservation for Obligations of Law The processing of your personal data by the Data Controller may also be connected to the fulfillment of obligations under laws, regulations and / or Community legislation, or by supervisory and control bodies or other legitimate authorities. Nature of the provision: Mandatory Consequences refusal to provide data: Failure to provide the data will prevent the Data Controller from carrying out the activity you requested and that implies the fulfillment of the legal obligation by the sdsoluzione srl itself. Minimum data protection measures: The server operating system, in which the web application and the database are allocated, is installed on a cloud computing hardware infrastructure provided by the company HOSTINGPERTE ARMADA VAT number 00873530943 able to guarantee high levels of integrity, availability and confidentiality of information. The paper data are kept inside rooms and armed with suitable safeguards. Personal data retention period: Your personal data will be processed for this purpose for the time necessary to fulfill the legal obligations required by current legislation. In this regard, your personal data will be stored for 10 years from the termination of the contract or, if subsequent, by a binding decision issued by a competent authority (for example, court ruling), without prejudice to any conservation related to particular categories of data, for longer periods of time, prescribed by the legal system. Recipients of the Treatment: AIR FIRE S.P.A. C/ Mata 21, Local - 08004 Barcelona (SPAIN). Types of data processed: Types of data processed: Category Type economic data income common data personal data
TREATMENT: Profiling The processing of your personal data and consumption habits allows the Data Controller to propose the best offers that meet your personal needs. Purpose of the treatment Condition Lawfulness Treatment Purpose Description Legitimate Interest Profiling to propose offers online interests of customers Processing of your personal data as well as use of the service, with fully or partially automated methods, in order to identify and offer services or activities more appropriate to your person . Nature of the provision: Optional Consequences refusal to provide data: Failure to provide consent, although it will allow the Data Controller to perform the activity you requested, will prevent the SDSOLUZIONE SRL treatment to identify services that meet its personal qualities . Minimum data protection measures: The server operating system, in which the web application and the database are allocated, is installed on a cloud computing hardware infrastructure provided by the company HOSTINGPERTE ARMADA VAT Number 00873530943in able to guarantee high levels of integrity , availability and confidentiality of information. Personal data retention period: Your personal data will be processed for profiling purposes only for 12 months from collection. Furthermore, your personal data, treated as described, will in any case be deleted within 30 days from the termination of the last contractual agreement with the Data Controller. In any case, if you decide to withdraw your consent or oppose the processing, your data will be deleted within 30 days of the request. Recipients of the Treatment: AIR FIRE S.P.A. C/ Mata 21, Local - 08004 Barcelona (SPAIN). Types of data processed: Types of data processed: Category Type common data personal data
TREATMENT: Marketing AIR FIRE S.P.A. , as Data Controller, intends to process your personal data in order to send you commercial communications of products and services, including direct marketing conducted using the results of the analysis or profiling activity, as well as proceeding with the direct sale and completion of surveys or market research. Purpose of the treatment Condition Lawfulness Treatment Purpose Description Consent Markting based on Profiling Direct marketing, promotion and sale of products and services through the use of the results of the analysis and / or Profiling Consent Marketing Direct Promotion and sale of products and services through the use of tools such as e-mail, fax, SMS, MMS, etc. Nature of provision: Optional Consequences refusal to provide data: Failure to provide data will not affect the satisfaction of your requests and the execution of contracts but will make it impossible for the Owner to send marketing communications. Minimum data protection measures: The server operating system, in which the web application and the database are allocated, is installed on a cloud computing hardware infrastructure provided by the company HOSTINGPERTE ARMADA VAT Number 00873530943in srl able to guarantee high levels of integrity, availability and confidentiality of information. The paper data are kept inside rooms and armed with suitable safeguards. Personal data retention period: Your personal data, treated as described, will be deleted within 30 days from the termination of the last contractual agreement with the Data Controller. Data relating to the marketing purpose, based on Profiling, will be deleted within 24 months of collection. In any case, if you decide to withdraw your consent or oppose the processing, your personal data will be deleted within 30 days of the request. Recipients of the Treatment: AIR FIRE S.P.A. C/ Mata 21, Local - 08004 Barcelona (SPAIN). Types of data processed: Category Type common data personal data
3. Cookies Information:
3.1. Url Information: http://www.airfire.eu/policy-privacy
3.2. Extended Cookie Information:
In order to achieve the correct regulation of such devices, it is necessary to distinguish them, given that there are no technical characteristics that differentiate them from one another precisely on the basis of the objectives pursued by who uses them. • FIRST-PARTY cookies, technical (session) persistent Technical cookies are those used for the sole purpose of "transmitting a communication on an electronic communications network, or as strictly necessary for the provider of a WEB service explicitly requested by the user to provide this service ". They are not used for other purposes and are normally installed directly by the owner or operator of the website. They can be divided into navigation or session cookies, which guarantee the normal navigation and use of the website (allowing, for example, to make a purchase or authenticate to access restricted areas). This site makes use of technical cookies of persistent session of the first part. • FIRST-PARTY, analytical cookies Analytical cookies, also called "analytics", allow the creation of detailed statistics on visitors to a website such as, for example, the display of certain pages, the number of visitors, the time spent on the site by users and arrival methods. Cookies analytics are similar to technical cookies when used directly by the site operator to collect information in aggregate form on the number of users and how they visit the site. This site uses first-party analytical cookies. • FIRST-PARTY cookies, profiling Profiling cookies are designed to create user profiles and are used in order to send advertising messages in line with the preferences expressed by the same in the context of surfing the net. Because of the particular invasiveness that such devices can have in the private sphere of users. This site may share this information with other parties, such as, for example, advertisers. The European and Italian legislation provides that you can refuse consent regarding the use of these cookies. This site makes use of FIRST PART cookies, profiling. • Third-party cookies, analytical The analytical cookies, also called "analytics", allow you to create detailed statistics on visitors to a website such as, for example, the display of certain pages, the number of visitors, the time spent on the site by users and arrival methods. This site uses a web analytics service provided by Google. • THIRD PARTY cookies, profilers In order to provide you with additional functions and services within this site, we work with third parties who, independently and us not directly controllable, may use their cookies to collect information on the activities to be carried out while browsing the pages of this site. This information may be used to offer advertising in line with your interests, based on the content you visit, or to measure the effectiveness of advertising campaigns. These cookies may be contained in various elements present on the web page, such as banner ads, images, videos, etc. A sensitive example is the presence of so-called "social plugins" or "social sharing buttons" of the main social networks (Facebook, Twitter, Google+ and LinkedIn), aimed at sharing the contents of the web page on the social networks themselves. The use of data collected through third-party cookies, on which we do not exercise any type of control, is governed by the relevant information, which we ask you to refer to. This site makes use of THIRD PARTY cookies, profilers.
3.3. Website Cookies:
To view all the cookies used on this site click on http://www.airfire.eu/policy-privacy
3.4. Types of cookies active on the site:
Technical - session - persistent first part Third party analytics WITHOUT anonymisation of the IP address with cookies in order to cross user data.
3.5. List of Web Services:
Service Type Description PayPal Payment Gateway Registration and Authentication Facebook Authentication (Connect) Registration and Authentication Registration with Remarketing Form, Behavioral Marketing (AdWords) Remarketing Remarketing, Behavioral Advertising (Behavioral) Marketing) Facebook Remarketing UpTime Services Pingdom Statistics, Performance Google Analytics Statistics, Performance Google Tag Manager Statistics, Performance Tracking Facebook Ads Conversions Statistics, Performance Tracking Google AdWords Conversions
4. What rights do you have as an interested party?
In relation to the treatments described in this Notice, as an interested party you can, under the conditions provided by the GDPR, exercise the rights set out in articles 15 to 21 of the GDPR and, in particular, the following rights: • right of access - Article 15 GDPR: the right to obtain confirmation that personal data concerning you is being processed and, in this case, obtain access to your personal data, including a copy of the same. • right of rectification - article 16 GDPR: right to obtain, without undue delay, the correction of inaccurate personal data concerning you and / or the integration of incomplete personal data; • right to cancellation (right to be forgotten) - Article 17 GDPR: right to obtain, without undue delay, the cancellation of personal data concerning you. • right of limitation of treatment - Article 18 GDPR: right to obtain the limitation of treatment, when: 1. the interested party disputes the accuracy of personal data, for the period necessary to the holder to verify the accuracy of such data; 2. the processing is illegal and the interested party opposes the cancellation of personal data and asks instead that its use is limited; 3. personal data are necessary for the interested party to ascertain, exercise or defend a right in court; 4. the interested party opposed the treatment pursuant to art. 21 GDPR, in the period of waiting for the verification on the possible prevalence of legitimate reasons of the holder of the treatment with respect to those of the interested party. • right to data portability - article 20 GDPR: right to receive, in a structured format, commonly used and readable by an automatic device, the personal data concerning you provided to the Owner and the right to transmit them to another holder without impediments , if the treatment is based on consent and is carried out by automated means. Furthermore, the right to obtain that your personal data is transmitted directly from the Bank to another holder if this is technically feasible; • right of opposition - Article 21 GDPR: right to object, at any time for reasons related to its particular situation, to the processing of personal data concerning you based on the lawfulness of legitimate interest or the execution of a task in the public interest o the exercise of public powers, including profiling, unless there are legitimate reasons for the Data Controller to continue processing that prevail over the interests, rights and freedoms of the data subject or for the assessment, exercise or defense of a right in court. Furthermore, the right to oppose the processing at any time if personal data are processed for direct marketing purposes, including profiling, to the extent that it is related to such direct marketing. The above rights may be exercised against the Owner, by contacting the references described above. The exercise of your rights as an interested party is free under Article 12 of the GDPR. However, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Holder may charge a reasonable fee, in light of the administrative costs incurred to manage your request, or deny the satisfaction of your request. • REVOCATION RIGHT: The interested party has the right to withdraw his consent at any time. The withdrawal of consent does not affect the lawfulness of the treatment based on consent before revocation. • RIGHT OF CLAIM: The interested party has the right to propose a complaint to the Authority for the protection of personal data, Piazza di Montecitorio n. 121, 00186, Rome (RM)
5. Conditions of Use:
SDSOLUZIONE Srl provides online services on Cloud for the creation and maintenance of a system for the compliance of your organization with the GDPR, European Regulation 679/2016 Privacy. SDSOLUZIONE Srl provides online services on the cloud that allows companies and organizations, supported by the certified professional staff, to create and maintain an appropriate management system for the security of the information in compliance with the applicable privacy regulations. The approach with which a Privacy System is implemented is borrowed from the quality management system based on the ISO 9000 family standards with an orientation oriented towards improvement and integration with other management systems such as UNI EN ISO 27001: 2014 on information security management systems. The System adopted by SDSOLUZIONE envisages the adoption of the Enterprise Risk Management rules, ie the set of activities aimed at identifying, assessing, managing and controlling all types of events (risks) to which the organization's assets are subject: tangible assets , intangible assets, documents.
This page describes how to manage the site in relation to the processing of personal data of users who consult it and leave data recorded in the db of the site, such as email phones and descriptions. Including sensitive data that are managed with appropriate security for non-disclosure to third parties. . This is an information that is also provided pursuant to art. 13 of the legislative decree n. 196/2003 - Code regarding the protection of personal data to those who interact with the web services provided and accessible electronically from the address: www.airfire.it corresponding to the homepage of the official website. The information is provided only for the www.airfire.it website and not for other websites that may be consulted by the user via links posted on the web www.airfire.it.
The information is also based on the Recommendation n. 2/2001 that the European authorities for the protection of personal data, gathered in the Group established by art. 29 of the directive n. 95/46 / EC, adopted on 17 May 2001 to identify certain minimum requirements for the collection of personal data online, and, in particular, the methods, timing and nature of the information that the data controllers must provide to the users when they connect to web pages, regardless of the purpose of the link. The Recommendation and a summary description of its purposes are reported in other pages of this site.
THE "HOLDER" OF THE TREATMENT Following consultation of this site, data relating to identified or identifiable persons may be processed, including for instruments in place from international third parties such as search engines or social networks that independently of the creator and manager of the site can record data of users navigators such as ip, email, or telephones or pictures of interest for various purposes. The producer sel site despite put all security services to avoid incurring these censuses, can not absolutely respond from activities done by third parties. . The "owner" of their processing is Airfire S.p.A. Via della Tenuta Misitca 33-37, 00155 - Rome (RM). The staff and the company SDSOLUZIONE S.R.L. has been designated responsible for the treatment in accordance with Article 29 of the Code regarding the protection of personal data, as responsible for the maintenance of the technological part of the site until it is renewed standing. And by inserting all the control mechanisms, it can not guarantee for the part of the third parties as host hosting, which have a guarantee obligation on the protection.
Treatments related to the web services of this site take place at the hosting host while the contents and their update are the responsibility of Airfire S.p.A. with offices in Via della Tenuta Misitca 33-37, 00155 - Rome (RM) and are only handled by technical staff of the Office. In case of need, the data related to the newsletter service can be processed by the staff of the company that takes care of the maintenance of the technological part of the site, SDSOLUZONE S.r.l. (responsible for the processing in accordance with Article 29 of the Code regarding the protection of personal data), at the headquarters of the company itself.
TYPES OF DATA PROCESSED Navigation data The computer systems and software procedures used to operate this website acquire, during their normal operation , some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the file size obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters related to the operating system and the user's computer environment. /> These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this eventuality, at present the data on web contacts do not persist for more than seven days. Data provided voluntarily by the user The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services on request.
OPTIONAL DATA SUPPLY Apart from that specified for navigation data, the user is free to provide personal data contained in the forms of request from the forms or from the site or indicated in contacts with the Office to request the sending of the newsletter, informative material or other communications. Failure to provide such data may make it impossible to obtain what has been requested. For the sake of completeness, it should be noted that in some cases (not subject to the ordinary management of this site) the Authority may request news and information pursuant to Article 157 of the Code regarding the protection of personal data, for the purposes of monitoring the processing of personal data. In these cases the answer is mandatory under penalty of administrative sanction. However at any time the user asking for the complete cancellation of the data provided and registered on the site can be made by registered mail, certified email.
TREATMENT METHODS Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. Furthermore Sd solution undertakes not to collect and disclose sensitive data of the user without the user's explicit consent.
RIGHTS OF THE INTERESTED PARTIES The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or otherwise of the same data and to know its content and origin, verify its accuracy or request its integration or updating, or rectification (article 7 of the Code regarding the protection of personal data). According to the same article, you have the right to request cancellation, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, to their treatment. Requests should be addressed: -
Some of these cookies are essential to make our site work and others help us to improve by giving us some insight into how the site is being used.
These cookies are set when you submit a form, login or interact with the site by doing something that goes beyond clicking some simple links.
We also use some non-essential cookies to anonymously track visitors or enhance your experience of this site. If you're not happy with this, we won't set these cookies but some nice features on the site may be unavailable.
To control third party cookies, you can also adjust your browser settings.