Privacy Policy

Privacy Policy

Information regarding the processing of personal data drafted and provided by Giovanni Carrieri as Data Controller, pursuant to Article 13 of Legislative Decree 196/2003 "Code on the Protection of Personal Data" (hereinafter also the "Code") and pursuant to Articles 13 and 14 of the EU Regulation 2016/679 on the protection of personal data of natural persons (hereinafter also the "Regulation" or "GDPR"), to Users consulting the site (hereinafter also only the "Site").

The following information is provided for the only and not also for other websites that may be consulted by the User through links. The Data Controller will collect and process the types of data listed below in accordance with the provisions of the Code and the Regulations.

I. Data holder and contact information.

The Data Controller is Giovanni Carrieri having its registered office in Bari, via Camillo Rosalba n. 49 - tel. 340 40 20 556, VAT IT07669810728.

Data Protection Officer - The figure of the Data Protection Officer is identified in the person of the Data Controller himself. The interested party may contact the DPO (also known as DPO) for any need regarding the processing of his or her data, by sending the request to the e-mail:

II. Mode of Treatment

The Data Controller processes the personal data provided and/or collected by the users with computer and/or telematic tools, adopting the appropriate security measures aimed at preventing abusive access to the systems and, therefore, their unauthorized disclosure, modification or destruction.

Personal data are also processed in aggregate form, with organizational methods and logics strictly suitable for the purposes indicated in this information. On some occasions, the data may be viewed by categories of individuals authorized by the Data Controller, also called data processors and involved in the organization of the provision of services related to the website (such as, for example, administrative or sales staff, the marketing department, the legal department or system administrators) or even by external parties (third party technical service providers, couriers, hosting providers) who will be appointed, if the Data Controller deems it necessary, as Data Processors. The updated list of Data Processors and appointees can always be requested by the data subject and is available at the registered office of the Data Controller.

III. Types of Data Collected and Purposes

a) Contact data

This data is requested from the User when filling out the information request form on the Site and includes: First Name, Last Name, Nationality, Location, Mobile Phone Number, Date of Birth and e-mail and personal website and may be processed by the Data Controller for the following purposes:

1. to fulfill the User's specific requests;

2. to fulfill legal obligations;

3. subject to the User's consent, to detect his/her degree of satisfaction and consent, on the products and/or services offered, in relation to the analysis of purchasing habits and choices, as well as to carry out market survey choices made directly by the Controller.

The purposes referred to in points 2) and 3) above may also be carried out by the Data Controller through the use of cookies, as specified in point V of this information notice, prepared in accordance with the Provision of the Privacy Guarantor of 8.05.2014 "Identification of the simplified procedures for information and acquisition of consent for the use of cookies".

b) Browsing Data

The computer systems and software procedures used to operate the Site acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified persons, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes the IP addresses or domain names of the computers used by the users who connect to the Site, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the User's operating system and computer environment.

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes to the detriment of the site: except for this eventuality, the data themselves are retained for the time periods defined in point IV below of this policy.
c) Provision of data

The provision of Contact Data, referred to in sect. III a) of this policy, is mandatory in nature and failure to provide it, even partially, will result in the impossibility for the Controller to proceed with the provision of the services requested, as detailed in purposes III a.1 and III a.2.

The provision of Registration data for all the purposes set out in III a.3, III a.4 and III a.5 is optional and there are therefore no consequences in the event of refusal to provide such data, other than the impossibility of informing the User about promotional activities or checking his degree of satisfaction.

The User assumes responsibility for the Personal Data of third parties communicated or shared through the site and guarantees that he/she has the right to communicate or disseminate them, releasing the Owner from any liability towards third parties.

Personal Data may be entered voluntarily by the User, or collected automatically while browsing the website

IV. Place and duration of processing of collected Data

a) Location

The Data is processed at the operational headquarters of the Data Controller and at the service provider Hostinger International Ltd. located at 61 Lordou Vironos st. 6023 Larnaca, Cyprus.

If Personal Data is transferred to a third country or an international organization, the Data Subject will be informed of the existence of adequate safeguards under Article 46 of the "Regulation" relating to the transfer.

Further information can be obtained by contacting the Data Controller.

b) Duration of processing and storage

The Data are processed for the time necessary to perform the service requested by the User, or required by the purposes described in this document, and the User may always request the interruption of the Processing or the deletion, updating and modification of the Data.

The Data will not be retained beyond 24 months limited to personal data and for marketing purposes only, in compliance with the indications of the Data Protection Authority on the subject. For the exercise of the right of defense, on the other hand, the duration of processing will be equal to the lapse of the time limit for the exercise of ordinary judicial action.

V. Cookie Policy

This website does not make use of Cookies, other than technical ones and, therefore, the Owner is not required to give appropriate information about their use.

 (a) About Cookies

A cookie (from English, literally, "cookie") is a small, lightweight text file that is generated by web services in order to store users' preferences, activities and tastes. The cookie created by a service can be read and modified by it in order to better characterize its users and, most importantly, to recognize the user when he or she returns to the site.

So, different information can be stored in the cookie for disparate purposes, but only if the user has enabled the installation of cookies from their browser preferences.

It should be pointed out that cookies are not and cannot be dangerous in the common sense of the term: in fact, they cannot convey viruses or other malware in any way. They can, however, be used to track user behavior on websites that adopt certain services.

In general, cookies can be turned off completely from your browser settings at any time. For more information, we recommend reading the help and support pages related to it provided by their developers.

VI. Rights of Interested Parties

The subjects to whom the Personal Data refer as Data Subjects may exercise their rights under Articles 13, 14, 16, 17, 18, 19, 20 and 21 of the "Regulation" and, therefore, they may in summary:

- request from the Data Controller access to their personal data and the rectification or erasure thereof or the restriction of processing concerning them or to object to their processing, as well as the right to data portability;
- obtain from the individual Data Controller confirmation as to whether or not personal data concerning him or her are being processed, and if so, to obtain access to the personal data and the following information: (a) the purposes of the processing; (b) the categories of personal data in question; (c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if recipients in third countries or international organizations; (d) when possible, the period for which the personal data are to be retained or, if this is not possible, the criteria used to determine this period; (e) the existence of the data subject's right to request from the Data Controller the rectification or erasure of personal data or the restriction of the processing of personal data concerning him or her or to object to their processing (f) the right to lodge a complaint with a supervisory authority; (g) where the data are not collected from the data subject, all available information about their origin; (h) the existence of automated decision-making, including profiling as referred to in Article 22(1) and (4) of the Regulation and, at least in such cases, meaningful information about the logic used, as well as the importance and the expected consequences of such processing for the data subject;
- Obtain from the Data Controller the rectification of inaccurate personal data concerning him/her without undue delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, including by providing a supplementary declaration;
- Obtain from the Data Controller the erasure of personal data concerning him/her without undue delay. The Data Controller is obliged to erase personal data without undue delay, if any of the following grounds exist: a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; 4.5. 2016 L 119/43 Official Journal of the European Union EN, b) the data subject withdraws the consent on which the processing is based in accordance with Article 6(1)(a) or Article 9(2)(a) of the Regulation and if there is no other legal ground for the processing; c) the data subject objects to the processing pursuant to Article 21(1) of the Regulation and there is no overriding legitimate ground for the processing, or objects to the processing pursuant to Article 21(2) of the Regulation (d) personal data have been unlawfully processed; (e) personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the Data Controller is subject; (f) personal data have been collected in connection with the provision of information society services referred to in Article 8(1) of the Regulation;
- To obtain from the Data Controller the limitation of processing when one of the cases of Article 18 of the "Regulations" applies;
- To receive in a structured, commonly used and machine-readable format the personal data concerning him or her provided to the Data Controller in order to be able to transmit such data to another Data Controller without hindrance where: a) the processing is based on consent pursuant to Article 6(1)(a) or Article 9(2)(a) of the "Regulations" or on a contract pursuant to Article 6(1)(b) of the "Regulations"; and b) the processing is carried out by automated means;
- object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her in accordance with Article 6(1)(e) or (f) of the "Regulations," including profiling on the basis of these provisions. The Data Controller will refrain from further processing personal data unless he/she demonstrates the existence of compelling legitimate grounds for processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims;
- request the complete deletion of the data concerning him/her, exercising his/her right to be forgotten, without prejudice to the possibility of the Data Controller to keep only the necessary data in another database, separate from the one with which it carries out the processing, in order to be able to exercise his/her right of defense.

VII. Right of opposition

- Where personal data are processed for direct marketing purposes, the data subject has the right to object at any time to the processing of personal data concerning him or her carried out for such purposes, including profiling insofar as it is related to such direct marketing.

- If the data subject objects to processing for direct marketing purposes, the personal data may no longer be processed for such purposes.

VIII. Amendments to this privacy policy

The Data Controller reserves the right to make any changes to this Extended Information Notice by publicizing them on this page.
The date of last modification will be posted at the bottom of this notice to allow tracking of such changes. A copy of each version of this policy is available to Data Subjects at the registered office of the Data Controller.
In the event that you do not accept the changes made, you may ask the Data Controller to remove your personal data. Unless otherwise specified, the previous privacy and cookie policy will continue to apply to personal data collected up to that point.
In the event of non-acceptance of the changes made to this privacy policy, and without prejudice to the data subject's rights set forth in the preceding articles, he or she may request the Data Controller to remove his or her Personal Data. Unless otherwise specified, the previous privacy policy will continue to apply to the Personal Data collected up to that point.

IX. About this privacy policy

The Data Controller is responsible for this privacy policy and cookies stored by their services.

X. Regulatory references

Directive No. 95/46/EC, Directive 2002/58/EC, as amended by Directive 2009/136/EC, Order of the Privacy Guarantor No. 229 dll May 8, 2014, Legislative Decree 196/2003, EU Regulation 2019/679.