With the entry into force of Regulation (EU) n.2016 / 679 concerning the protection of individuals with regard to the processing of personal data, Fondazione Casa Buonarroti as owner of the processing of personal data following the consultation of the pages of the website www.casabuonarroti.it is adopting technical and organizational measures to ensure that it is compliant with the rules and principles set forth in the Regulation.
According to the art. 13 of the EU Regulation n. 2016/679 (hereinafter “GDPR“), we inform you that the data provided by the user – following registration, visit and navigation on the site www.casabuonarroti.it – are recorded in electronic databases owned by the Casa Buonarroti Foundation, with headquarters in (50122) Florence (FI) Via Ghibellina n. 70, and that the processing of personal data will be carried out with methods and procedures aimed at ensuring that such processing is carried out in compliance with fundamental rights and freedoms, as well as the dignity of the data subject, with particular reference to confidentiality and security, to identity personal data and the right to protection of personal data.
Art. 1 – Subject of processing
Casa Buonarroti Foundation, to operate at its best, will process its personal and identification data (such as, for example: personal data, fiscal code, VAT number, name, registered office, residence and domicile and contact details)
Art. 2 – Legal basis of the processing
Art. 3 – Purpose of the processing
Personal data provided directly by the interested party is processed for the following purposes:
Administrative and accounting
Management of commercial marketing activities (market analysis and surveys, commercial communications and / or advertising material on products or services offered by the owner via email)
Profiling purposes: Casa Buonarroti Foundation will carry out profiling activities in order to be able to offer products and discounts in line with your preferences. This activity is carried out through IT and / or paper supports, in compliance with technical and organizational security measures, as required by the GDPR.
Art 4 – Processing methods
The processing will be carried out in compliance with the aforementioned purposes with or without the use of electronic tools by the owner and / or authorized parties and consists in particular of:
Collection of data from the person concerned, by filling in paper forms;
Registration and processing on computerized and paper support;
Organization of the archives in a mainly automated form, through company applications and computerized master data;
Automated profiling through business applications;
Destruction and / or deletion of data.
Art. 5 – Communication, dissemination and transfer
The data relating to the contract and the service activity can be communicated to commercial / technical consultants for administrative and accounting purposes and to lawyers for the eventual management of disputes.
Art. 6 – Period of conservation
The data is processed and stored for the time required for the purposes for which it was collected.
If in the course of the contractual relationship data not related to the administrative and accounting obligations connected to it are processed, these data will be kept for the time necessary to achieve the purpose for which they were collected and then deleted. The storage times for such data will be communicated to you when these data are collected with specific information.
Art. 7 – Different purpose of the treatment
If the data controller intends to further process personal data for a purpose other than that for which they were collected, prior to such further processing, the data controller will provide the data subject with information regarding such different purposes and any other relevant information.
Art. 8 – Rights of interested parties
Interested parties have the right to obtain, in the cases provided, access to personal data and the correction or cancellation of the same or the limitation of the processing that concerns them or to oppose the processing (articles 15 and following of the Regulations).
The address for the exercise of the rights specified above is www.casabuonarroti.it, also with reference to claims brought against the subjects whose data have been transmitted with the consent of the interested party. Requests will be processed within 30 days. This period may be extended for reasons relating to the specific right of the interested party or to the complexity of your request. The interested party is informed that he has the right to make a complaint to the Guarantor for the protection of personal data, following the procedures and indications published on the official website of the Authority on www.garanteprivacy.it and that the exercise of rights does not is subject to any form restrictions and is free.
Art. 9 – Data recipients
The personal data collected are processed by the staff of the Region, which acts on the basis of specific instructions provided for the purposes and methods of the processing.
Art. 10 – Complaint right
Interested parties who believe that the processing of personal data referring to them carried out through this site is in violation of the provisions of the Regulations have the right to lodge a complaint with the Guarantor, as provided for by art. 77 of the Regulation itself, or to take the appropriate judicial seats (Article 79 of the Regulation).
Art. 11 – Data storage and transfer procedures
The management and storage of personal data will take place on servers located within the European Union of the Data Controller and third-party companies appointed and duly appointed as Data Processors.
The data will not be transferred outside the European Union.
Art. 12 – Identification of the Owner, of the managers and of the communication channels
The Data Controller is: Casa Buonarroti Foundation, based in (50122) Florence (FI) Via Ghibellina n.70.
The deeds of nomination of the data processors, the internal authorized subjects, each request and any other information regarding your data may be provided by your request to be sent to the e-mail address firstname.lastname@example.org.
INFORMATION ON COOKIES
What are cookies
A “cookie” is information embedded in a text file that is transferred from the website visited by the user to his hard disk where it is saved for the purpose of allowing websites to store some data to make them reachable on a subsequent access user. It is, ultimately, a sort of reminder of the visited internet page, with which the web server sends information to the user’s browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) which, stored on the computer of the latter, they are then re-read and updated whenever the user returns to the site to improve his navigation. In this way, the website can automatically adapt to the user, allowing, moreover, to offer personalized services. Some cookies require consent, others do not: in the first case, the consent issued by the user is always revocable.
Based on their duration, they are divided into:
- session cookies (ie temporary cookies that are automatically deleted by the terminal at the end of the browsing session, closing the browser);
persistent cookies (ie those that remain stored on the terminal until their natural expiry, established by the site itself, or the cancellation by the user).
Based on the origin, cookies are divided into:
- proprietary cookies, which are created, deleted and modified directly from the site visited;
Depending on the function and purpose of use, cookies can be divided into technical cookies and profiling cookies:
- “technical cookies“, on the other hand, are used to perform computer authentication, session monitoring and storage of specific information on users who access a web page. These cookies are useful to allow you to browse a website and use all its features. Since they do not fall within the scope of the data processing governed by the GDPR – since they do not contain personal or identification data associated with personal data or other information that allows the identification of the user, and their use is strictly functional to the provision of site services – user consent is not required for their use. Even advertising companies can use technical cookies, for example to limit the number of times in which to display a specific announcement or establish the frequency of display of advertising messages (banner rotation). Analytics cookies also belong to this category. These are cookies that collect information about the use a user makes of a website and that allow it to improve its functioning. For example, they show which pages are most frequently visited, allow you to check which are the recurring patterns of using a website and help you understand every difficulty that the user encounters;
profiling cookies, on the other hand, can be used to monitor and profile users during browsing, to study their movements and web browsing or consumption habits (what they buy, what they read, etc.), also for the purpose of sending advertising of services targeted and personalized. Their use requires the prior acquisition of the user’s free informed consent pursuant to EU Regulation 2016/679.
We inform you that cookies can only be read or modified by the site that created them and cannot be used to access any other user data through the browser or transmit computer viruses as they are not software programs, but simple information of text that can absolutely not harm the computer.
Most browsers accept cookies automatically and yet the user can disable cookies directly from their browser.
Finally, based on the quality level of the services offered by the site, the deactivation of cookies may make it impossible for the user to use all or some of the online functions and in some cases access to the site itself.
Types of cookies used by our site
- To improve the website and understand which parts or elements are most appreciated by users, third-party Google Analytics cookies are used as an anonymous and aggregate analysis tool. These cookies are not proprietary tools, for more information, therefore, you can consult the information provided by Google.
Some web pages incorporate YouTube video content within them. Visiting a page containing a video, or clicking to view the video, cookies from YouTube could be called up. These cookies are not instruments of our ownership. To learn more, visit the Google information page http://www.google.com/intl/it/policies/privacy.
Management of cookies
Sometimes, deactivating temporary or permanent session cookies from the browser, for technical reasons, makes it impossible to connect to the site and enter the reserved area, and prevents the operation of some applications based entirely on sessions.
Browsers give the possibility to deactivate all cookies except for session cookies, but even in this case various functions of the site will not be available, including, for example, the “remember” function that allows you to enter without typing each time the user and password.
Disabling cookies also prevents you from showing yourself any service messages once, or knowing if you are a new user or a user who has already visited our site.
Duration of cookies
The data collected through cookies will be stored according to their nature: session cookies expire when the user closes the browser, persistent cookies have typical expiration dates which, with special exceptions, do not exceed 20 days; permanent ones, which are used to store information, such as the login name and password, so as to prevent the user having to enter them again each time they visit the site, they remain stored on the computer even after closing the browser.
Your data may also be communicated to public security bodies and other public and private subjects for the fulfillment of obligations provided for by law, including of a fiscal, administrative, financial and similar nature. Under no circumstances will the data be disclosed.
In accordance with the principles of proportionality and necessity, the data will not be stored for longer periods than those indispensable for achieving the purposes indicated in this statement.