Privacy Policy

Privacy Policy 

The purpose of this document is to inform the natural person (hereinafter referred to as "Interested") concerning the processing of your personal data (hereinafter referred to as "Personal Data") collected by the data controller, Elsa Ramunno, Via Bachelet, 16, 31030 Casier, Tax Code RMNLSE66D70Z404Q, VAT No. 05410420268, e-mail address info@elsaramunno.com, PEC address elsaramunno@pec.it, (hereinafter "Owner"), via the website www.elsaramunno.com (hereinafter referred to as "Internet Site"). 

Changes and updates will be binding as soon as they are published on the Application. If you do not accept the changes made to the Privacy Policy, you must cease using this Application and may request the Data Controller to delete your Personal Data.

Categories of Personal Data processed

The Data Controller processes the following types of Personal Data voluntarily provided by the Data Subject:

  1. Contact details: first name, surname, company name, company role, full address, e-mail, e-mail pec, mobile phone number, telephone number, pictures, authentication credentials, any further information sent by the data subject, etc. 
  2. Tax and payment datatax code, VAT number, credit card details, bank account details, etc. 
  3. Special (sensitive) data: Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as genetic data, biometric data intended to uniquely identify the natural person, data concerning health or sexual life or sexual orientation, collected with the consent of the Data Subject. The Data Subject may withdraw consent at any time 

The Controller processes the following types of Personal Data collected in an automated manner:

  1. Technical DataPersonal Data produced by the devices, applications, tools and protocols used, such as, for example, information about the device used, IP addresses, browser type, Internet Service Provider (ISP) type. Such Personal Data may leave traces that, in particular when combined with unique identifiers and other information received by servers, can be used to create profiles of individuals 
  2. Site navigation and usage datasuch as, for example, pages visited, number of clicks, actions taken, duration of sessions, etc. 
  3. Data on the exact location of the data subjectFor example, geolocation data that precisely identifies the location of the Data Subject, which may be collected by satellite network (e.g. GPS) and other means, collected with the consent of the Data Subject. The Data Subject may withdraw consent at any time. 

Failure on the part of the Data Subject to provide Personal Data for which there is a legal or contractual obligation, or if they are a necessary requirement for the conclusion of a contract with the Data Controller, will result in the Data Controller's inability to establish or continue the relationship with the Data Subject.

The Data Subject who communicates Personal Data of third parties to the Controller is directly and exclusively responsible for their origin, collection, processing, communication or dissemination.

Cookies and similar technologies

The Application uses cookies, web beacons, unique identifiers and other similar technologies to collect Personal Data of the Data Subject about the pages, links visited and other actions performed when the Data Subject uses the Application. They are stored and then transmitted the next time the User visits the Application. You can view the full Cookie Policy at the following address: https://www.elsaramunno.com

Legal basis and purpose of processing

The processing of Personal Data is necessary:

- for the performance of the contract with the Data Subject, namely:

  1. fulfilment of any obligation arising from the pre-contractual or contractual relationship with the data subject 
  2. registration and authentication of the data subject: to enable the Data Subject to register on the Application, access and be identified also via external platforms 
  3. support and contact with the data subject: to respond to requests from the data subject 
  4. payment management: to manage payments by credit card, bank transfer or other means 
    - by legal obligation, namely: 
  5. the fulfilment of any obligation under current regulationslaws and regulations, in particular on tax and fiscal matters 
    - on the basis of the legitimate interest of the Controller, for: 
  6. marketing purposes via email of products and/or services of the holder to directly sell the Controller's products or services using the e-mail provided by the Data Subject in the context of the sale of a similar product or service 
  7. management, optimisation and monitoring of technical infrastructureto identify and solve technical problems, to improve the performance of the Application, to manage and organise information in a computer system (e.g. server, database, etc.) 
  8. security and anti-fraudto ensure the security of the Owner's assets, infrastructure and networks 
  9. statistics with anonymous datato perform statistical analyses on aggregated and anonymous data to analyse the behaviour of the Data Subject, to improve the products and/or services provided by the Controller and better meet the Data Subject's expectations 
    - based on the consent of the data subject, for: 
  10. profiling of the data subject for marketing purposesto provide the Data Subject with information on the Controller's products and/or services by means of automated processing aimed at collecting personal information for the purpose of predicting or evaluating the Data Subject's preferences or behaviour 
  11. retargeting and remarketingto reach with a personalised advertisement the Data Subject who has already visited or shown interest in the products and/or services offered by the Application using his/her Personal Data. The Data Subject may opt-out by visiting the page of the Network Advertising Initiative 
  12. marketing purposes of the Controller's products and/or servicesto send commercial and/or promotional information or materials, to carry out direct sales of the Controller's products and/or services or to carry out market research using automated and traditional methods 

Based on the legitimate interest of the Data Controller, the Application allows interactions with external platforms or social networks whose processing of Personal Data is governed by their respective privacy policies to which please refer. The interactions and information acquired by this Application are in any case subject to the privacy settings that the Data Subject has chosen on such platforms or social networks. This information - in the absence of specific consent to processing for further purposes - is used solely for the purpose of enabling the use of the Application and providing the information and services requested.

The Data Subject's Personal Data may also be used by the Data Controller to protect itself before the competent courts.

Processing methods and recipients of Personal Data

The processing of Personal Data is carried out by means of paper, computer and telematic tools, with organisational methods and logic strictly related to the purposes indicated and by adopting appropriate security measures.

Personal Data are processed exclusively by: 

  • persons authorised by the Data Controller to process Personal Data who have committed themselves to confidentiality or have an appropriate legal obligation of confidentiality;
  • subjects operating autonomously as separate data controllers or by subjects designated as data processors by the Data Controller in order to carry out all the processing activities necessary to pursue the purposes set out in this policy (e.g. business partners, consultants, IT companies, service providers, hosting providers);
  • parties or entities to whom Personal Data must be disclosed by law or by order of the authorities.

The persons listed above are required to use appropriate safeguards to protect Personal Data and may only have access to Personal Data necessary to perform the tasks assigned to them.

Personal Data will not be disseminated indiscriminately in any way.

Place

Personal Data will not be transferred outside the territory of the European Economic Area (EEA).

Period of retention of Personal Data

Personal Data will be kept for the period of time necessary to fulfil the purposes for which they were collected, in particular: 

  1. for purposes relating to the performance of the contract between the Data Controller and the Data Subject, shall be retained for the entire duration of the contractual relationship and, after termination, for the ordinary limitation period of 10 years. In the event of legal disputes, for the entire duration of the same, until the time limit for appeals is exhausted
  2. for purposes relating to the legitimate interest of the Controller, will be retained until that interest is fulfilled
  3. for the fulfilment of a legal obligation, by order of an authority and for legal protection, shall be retained in accordance with the time limits provided for by such obligations, regulations and in any case until the expiry of the prescriptive period provided for by the applicable rules
  4. for purposes based on the consent of the data subject, will be retained until the consent is revoked 

At the end of the retention period, all Personal Data will be deleted or stored in a form that does not allow the identification of the Data Subject.

Rights of the Data Subject

Data Subjects may exercise certain rights with regard to Personal Data processed by the Controller. In particular, the Data Subject has the right to:

  1. be informed about the processing of their Personal Data
  2. withdraw consent at any time
  3. limit the processing of one's Personal Data
  4. object to the processing of your Personal Data
  5. access their Personal Data
  6. verify and request rectification of their Personal Data
  7. obtain the restriction of the processing of their Personal Data
  8. obtain the deletion of your Personal Data
  9. transfer their Personal Data to another controller
  10. lodge a complaint with the data protection supervisory authority and/or take legal action.

In order to exercise their rights, Data Subjects may address a request with the subject line 'PRIVACY REF." to the following e-mail address info@elsaramunno.com.

Requests will be taken over by the Holder immediately and processed as quickly as possible, in any case within 30 days. 

Last updated: 15/09/2023