POLICY STATEMENT ON THE PROCESSING OF BROWSING DATA
(Article 13 of EU Regulation 2016/679)
CONOU, as Data Controller, is careful to guarantees the protection of the personal data of data subjects in any processing activity.
This policy statement describes the characteristics of the processing carried out by CONOU in relation to the browsing data of the www.conou.it website.
What personal data do we collect?
CONOU, as Data Controller, collects the following data:
- user identification data such as IP addresses and computer domain names;
- data relating to the use of the website by the user, through the use of technical and analytical cookies;
- data relating to the user’s preferences, expressed when browsing the website;
- data provided voluntarily by the user – identifying information – for access to some services offered through the website (such as for example the reserved area form), for which reference is made to specific notices in the relevant sections.
What do we use your personal data for?
CONOU processes personal data for the following purposes:
- to manage the proper use of the website;
- to statistically assess the use of the website by users;
- to collect information on the user’s choices while browsing the web;
- to ascertain any offences committed by users against third parties or against CONOU;
- to comply with European and national legislation and the provisions of the Data Protection Authority.
How is the processing we do legitimate?
The processing of personal data carried out by CONOU is legitimate because, with reference to the use of technical cookies (which are functional to use of the site), it is based on the fulfilment of a contractual obligation between the Parties and, with reference to analytical cookies, on subject’s free and explicit consent.
How does CONOU process your personal data and how long does it keep it for?
Your personal data is processed both in paper and electronic form (servers, cloud databases, application software, etc.).
CONOU stores the user’s personal information in accordance with some key criteria highlighted below. Those criteria concern, in particular, data collection purposes and the limitation periods set by law.
Who do we disclose personal data to?
Only employees and contractors of CONOU who need to have access to personal data in order to offer the requested services and limited only to information that is instrumental and pertinent to this need. In particular:
- IT personnel.
Our employees and contractors have been informed about the importance of maintaining the strictest confidentiality on personal data: CONOU takes all necessary actions to draw their attention to their responsibilities related to personal data protection.
CONOU shares personal information with some suppliers assisting in providing the services you request:
- third parties who provide support for management of the website.
In any case, if such third parties are allowed to access the data, they will do so in compliance with current legislation on the protection of personal data and the instructions provided by CONOU.
We do not share personal information with other third parties without authorisation, except where required by law or an Authority.
Is your data transferred outside the European Union?
Data Controller may transfer the data subject’s personal data outside the European Economic Area, in compliance with the conditions set out in Chapter V of EU Regulation 2016/679.
What are your rights as a data subject and how can you exercise them?
The European Regulation on the personal data protection (2016/679) guarantees specific rights to data subjects.
You can exercise the following rights for each processing operation:
- Right of access: you have the right to obtain a copy of your personal data in our possession wich is subject to processing;
- Right to rectification: you have the right to rectify your personal data stored by CONOU if those are not up-to-date or correct;
- Right to object to the processing of personal data for commercial purposes: you can ask CONOU to stop sending commercial communications at any time;
- Right to object to decisions based on exclusively automated processes: you may request not to be the recipient of decisions made on the basis of exclusively automated processes, including profiling;
- Right to withdraw consent: you have the right to withdraw consent for processing at any time;
- Right to contact the Italian Data Protection Authority: you have the right to contact the Data Protection Authority if you have concerns regarding the processing of personal data carried out by CONOU.
You may also exercise the following rights under certain circumstances:
- Right to erasure: you can request that CONOU erases your personal data if the purposes of the processing no longer exist and there are no legitimate interests or legal provisions that require it to continue;
- Right to object to processing: you can ask CONOU to stop the processing of your personal data;
- Right to restrict processing: you have the right to ask CONOU to limit your personal data processing operations;
- Right to data portability: you have the right to obtain a copy of your data in a structured and computerised format that can be transferred to another Data Controller.
If you wish to exercise your rights, please write to the following address specifying your request and providing us with the information necessary to identify you: CONOU, Via Ostiense 131 L, 00154 – Rome, e-mail email@example.com
CONOU will reply within one month. If for any reason we are unable to answer you, we will provide you with a detailed explanation as to why we cannot meet your request.