Privacy Policy

INFORMATION REGARDING THE PROCESSING OF PERSONAL DATA

This information is provided, pursuant to art. 13 EU Regulation 2016/679 (GDPR) to users who interact with Fondazione San Nicolò website accessible electronically from the address: www.italiancookingcourse.dieffe.com corresponding to the site’s home page.

This information describes how to manage only the company’s official website but not other external websites that may be consulted by the user through links.

Additional information may be provided within the different access channels, divided on the basis of the topics covered. Other information may be provided on the Site in relation to specific services.

Holder of the treatment: Fondazione San Nicolò Risorgimento Street, 29 35027 Noventa Padovana (PD)
e-mail contact details for feedback from the interested person: privacy@dieffe.com

Purpose of the treatment

Legal basis of the treatment

Data retention period

Administrative-accounting activities in general and for the fulfillment of legal obligations, regulations and applicable national and supranational legislation Need to fulfill legal obligations Ordinary prescription period 10 years.
If necessary to prevent or ascertain illegal conduct, exercise or defend the rights of the owner in court; Legitimate interest to prevent or prosecute crimes or violations of intellectual / industrial property rights (including third parties) or computer crimes or committed via telematic networks Reasonably necessary time to assert the rights of the Data Controller from the moment in which it became known of the offense or of its potential commission
Possible contact request, by sending information requested by you; Execution of a contract of which the interested party is a party or to the execution of pre-contractual measures adopted at the request of the same (art. 6 (1) (b) of the Regulation) Contract duration and, after termination, for the ordinary limitation period of 10 years. In the event of a legal dispute, for the entire duration of the same, up to the exhaustion of the terms of availability of the appeal actions.
Direct Marketing

Sending - with automated contact methods (such as sms, mms and e-mail) and traditional (such as telephone calls with operator) - of promotional and commercial communications relating to services / products offered or reporting of corporate events or participation in webinars, as well as realization of market studies and statistical analysis.
Consent (optional and revocable at any time).

It should be noted that the Data Controller collects a single consent for the Marketing purposes described herein pursuant to the General provision of the Guarantor for the protection of personal data "Guidelines on promotional activities and to combat spam" of 4 July 2013. If, you would like to object to the processing of your data for the purposes of Marketing carried out with the means indicated herein, as well as revoke the consent given; you can do it at any time by contacting the owner at the addresses indicated in this statement, without prejudice to the lawfulness of the treatment based on the consent given before the revocation.
Until withdrawal of consent.

Once the aforementioned storage deadlines have elapsed, the Data will be destroyed, deleted or anonymized, compatibly with the technical cancellation and backup procedures.

Type of data processed and methods of collection

Navigation data – log files
It is possible to access the Site without requiring the user to provide any personal data. During their normal operation, the IT systems and applications dedicated to the operation of this website detect some data (the transmission of which is implicit in the use of Internet communication protocols) not associated with directly identifiable users. The data collected includes the IP addresses of the users who connect to the site, the addresses in URI (Uniform Resource Identifier) ​​notation of the requested resources, the time of the request and the numerical code indicating the status of the response given by the server (good end, error, etc.).

These data, necessary for the use of web services, are also processed for the purpose of:

  • obtain statistical information on the use of the services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.);
  • check the correct functioning of the services offered. Navigation data do not persist for more than 365 days and are deleted immediately after their aggregation (except for any need for the detection of crimes by the judicial authority).

Navigation data do not persist for more than 365 days and are deleted immediately after their aggregation (except for any need for the detection of crimes by the judicial authority).

Data provided voluntarily by the user

The voluntary and explicit sending of e-mails to the addresses indicated in the different access channels of this site entails the subsequent acquisition of the sender / user address and data, necessary to respond to the requests produced and / or provide the requested service. It ensures, however, that this treatment will be based on the principles of correctness, lawfulness and transparency and protection of confidentiality as indicated in the GDPR. In any case, before proceeding with the activation of a specific service, suitable information will be provided and, where necessary, the relative consent to the processing of personal data will be acquired. This consent may subsequently be revoked at any time, making the possibility of using the service in question invalid

Failure to provide consent or revoke it does not entail any consequence, except for the impossibility of using the Site and / or the provision of the requested service or obtaining more detailed information on the Company’s activities.

In any case, the processing of personal data may be carried out, if necessary, for the pursuit of a legitimate interest of the Owner or on the basis of a legal obligation. In particular, obtaining consent to the processing referred to in the previous point relating to navigation and log data is not necessary as the data are treated as responding to a legitimate interest (Recital 47 of the GDPR)

Providing Data

Apart from what is specified for navigation data, the provision of personal data by the interested party, for certain purposes described in the previous paragraph, is to be considered optional. Their absence can make it impossible to take advantage of certain services provided by the site.

Cookies and other tracking systems
Please refer to the detailed information available on the website.

Methods of data processing
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they are collected in compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 of the GDPR and in compliance with the mandatory times prescribed by law. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.

Communication and / or Dissemination of Data
Your data, object of the treatment, will not be disclosed but may be communicated to companies contractually linked to the company, in compliance and within the limits of the GDPR. Personal data are stored on servers located within the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU GDPR. In this case, the Data Controller ensures as of now that the transfer of non-EU data will take place in accordance with the applicable legal provisions, subject to stipulation of the standard contractual clauses provided by the European Commission and the user will be informed.

The data may be disclosed to third parties belonging to the following categories:

  • subjects that provide services for the management of the information system used by the company and telecommunications networks (including e-mail);
  • studies or companies in the context of assistance and consultancy relationships, for example accounting, administrative, legal, tax, financial and debt collection relating to the provision of services;
  • competent authorities for the fulfillment of legal obligations and / or provisions of public bodies, on request;
  • personnel expressly authorized by the Data Controller, necessary to carry out activities strictly related to the provision of services, who have committed themselves to confidentiality or have an adequate legal obligation of confidentiality and who have received adequate operating instructions;

The subjects belonging to the aforementioned categories perform the function of Data Processing Manager, or operate in complete autonomy as separate Data Controllers. The list of managers is constantly updated and available at the company headquarters. Any further communication or dissemination will take place only with your explicit consent.

Possible existence of an automated decision-making process
The owner informs the interested party that on this site there is no automated decision-making process, therefore in particular there is no profiling system.

Minors
This Site and the Owner Services are not intended for minors under 16 years of age and the Owner does not intentionally collect personal information relating to minors. In the event that information on minors were unintentionally registered, the Data Controller will delete them in a timely manner, at the request of the users.

Rights of the Interested people

Interested parties have the right to receive information from the Company on the processing of personal information by email to: privacy@dieffe.com

  • Right of access: we are transparent about the data we collect and the use we make of it. You can contact us at any time by sending an email to access the information we have.
  • Right of rectification: you have the right to obtain the rectification of any inaccurate or incomplete information and request its updating and / or modification.
  • Right to cancellation: send a request for cancellation of all data concerning you and within 30 days we will process your request.
  • Right of limitation: you have the right to request that the data owner limit the processing of your data.
  • Right to portability: if you request it, we will export your data so that it can be transferred to third parties in a structured and commonly used format that can be read by an automatic device.
  • Right to object: you can unsubscribe at any time from all the specific uses we make of your data (newsletters, automatic emails, etc.).
  • Right to lodge a complaint: if you believe that your rights have not been respected, you can lodge a complaint with the competent authority according to the indications published on the website garanteprivacy.it or by email at urp@gpdp.it
Top