INFORMATION FOR THE PROCESSING OF PERSONAL DATA
Adventure Riding Srl, with registered office in Milan 20122, via Larga 7, CF and P.Iva 10527650963 as data controller, informs you pursuant to art. 13 of Legislative Decree no. 196 of 30.6.2003 (hereinafter, "Privacy Code") and art. 13 of EU Regulation no. 2016/679 (hereinafter, "GDPR") that your data will be processed in the manner and for the following purposes:
1. Object of the treatmentThe Data Controller processes personal, identifying and non-sensitive data (in particular, name, surname, tax code, VAT number, company name, company role, email address, telephone number - hereinafter, "personal data" or even "data") communicated by you when registering on the Data Controller's website and/or when subscribing to the newsletter service offered by the Data Controller.
2. Purpose of the treatment
Your personal data is processed: A) without your express consent (art. 24 letter a, b, c Privacy Code and art. 6 letter b, and GDPR), for the following service purposes: - allow you to request information or quotes through the contact forms on the website; - allow you to subscribe to the newsletter service provided by the Owner and any other services you may have requested; - to fulfil the pre-contractual, contractual and fiscal obligations deriving from the relationship with you; - fulfill the obligations provided for by law, regulation, Community legislation or an order of the authority; - prevent or detect fraudulent activities or abuses harmful to the website;- exercise the rights of the Owner, for example the right of defence in court.
B) Only with your specific and distinct consent (Articles 23 and 130 of the Privacy Code and Article 7 of the GDPR), for the following marketing purposes: - send you via email newsletters, commercial communications and/or advertising material on products or services offered by the Owner; Please note that, if you are already our customer, we may send you commercial communications relating to services and products of the Holder similar to those of which you have already used, unless you disagree (art. 130 c. 4 Privacy Code).
3. Methods of treatmentThe processing of your personal data is carried out by means of the operations indicated in art. 4 of the Privacy Code and art. 4 no. 2) GDPR, namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data is subject to both paper and electronic and/or automated processing. The Owner will process personal data for the time necessary to fulfill the above purposes and in any case for no more than 10 years from the termination of the relationship for the purposes of the Service and for no more than 5 years from the collection of data for marketing purposes.
4. Access to dataYour data may be made accessible for the purposes referred to in Article. 2: - to employees and collaborators of the Data Controller in their capacity as persons in charge and/or internal data processors and/or system administrators; - to third parties (for example, providers for the management and maintenance of the website, suppliers, credit institutions, professional firms, etc.) who carry out activities in outsourcing on behalf of the Owner, in their capacity as external data processors.
5. Communication of dataWithout your express consent (ex art. 24 lett. a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Owner may communicate your data for the purposes referred to in art. 2.A) to supervisory bodies, judicial authorities and all other persons to whom communication is required by law for the performance of these purposes. Your data will not be disclosed.
6. Data transferThe management and storage of personal data will take place on servers located within the European Union of the Owner and / or third companies appointed and duly appointed as data processors. Currently the servers are located in Italy. The data will not be transferred outside the European Union. In any case, it is understood that the Owner, if necessary, will have the right to move the location of the servers. In this case, the Data Controller hereby guarantees that the transfer of non-EU data will take place in accordance with the applicable legal provisions, stipulating, if necessary, agreements guaranteeing an adequate level of protection and/or adopting the standard contractual clauses provided for by the European Commission.
7. Nature of data provision and consequences of refusal to respondThe provision of data for the purposes referred to in Article. 2.A) is mandatory. In their absence, we can not guarantee neither the registration to the site nor the Services of art. 2.A) The provision of data for the purposes referred to in Article. 2.A) is optional. You may therefore decide not to provide any data or subsequently deny the possibility of processing data already provided: in this case, you may not receive newsletters, commercial communications and advertising material relating to the Services offered by the Owner. In any case, you will continue to be entitled to the Services referred to in Article. 2.A).
8. Rights of the interested partyAs an interested party, you have the rights under Art. 7 of the Privacy Code and Art. 15 of the GDPR, namely the rights to: obtain confirmation of the existence or otherwise of personal data concerning you, even if not yet recorded, and their communication in intelligible form; obtain the indication: a) of the origin of the personal data; b) of the purposes and methods of processing; c) of the logic applied in the case of processing carried out with the aid of electronic means; d) of the identification data concerning the data controller, data processors and the representative designated pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, of the GDPR; e) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representative in the territory of the State, data processors or persons in charge of the processing; iii. obtain: a) the updating, rectification or, when you are interested, the integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected; object, in whole or in part: a) on legitimate grounds, to the processing of personal data concerning you, even if pertinent to the purpose of collection; b) to the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by email and / or through traditional marketing methods by phone and / or mail. Please note that the right of opposition of the person concerned, as set out in point b) above, for direct marketing purposes by means of automated methods extends to the traditional ones and that, in any case, the possibility for the person concerned to exercise the right of opposition even only in part remains unaffected. Therefore, the interested party may decide to receive only communications by traditional means or only automated communications or neither of the two types of communication. Where applicable, you also have the rights under Articles. 16-21 GDPR (Right of rectification, right to be forgotten, right to limitation of processing, right to data portability, right of opposition), as well as the right of complaint to the Guarantor Authority.
9. Modalities of exercise of rightsYou can at any time exercise your rights by sending: - a registered letter with advice of receipt to Adventure Riding Srl, Via Larga, 7 - 20122 Milan - an e-mail to: firstname.lastname@example.org
10. MinorsThis Site and the Holder's Services are not intended for children under the age of 18 and the Holder does not intentionally collect personal information relating to children. In the event that information on minors is unintentionally recorded, the Holder will delete it in a timely manner, at the request of the users.
11. Owner, manager and persons in chargeThe owner of the treatment is Adventure Riding Srl The updated list of data processors and persons in charge of data processing is kept at the registered office of the data controller.
12. Changes to this PolicyThis Policy is subject to change. We therefore recommend that you check this information regularly and refer to the latest version.
DefinitionsCookies are small text files that sites visited by users send to their terminals, where they are stored and then sent back to the same sites the next time they visit. Cookies from so-called "third parties" are, on the other hand, set by a website other than the one the user is visiting. This is because each site may contain elements (images, maps, sounds, specific links to web pages of other domains, etc..) that reside on servers other than that of the site visited.
Third Party CookiesBy visiting this website you may receive cookies from sites operated by other organizations ("third parties"). An example is the presence of "social plugins" for Facebook, Twitter, Google+ or LinkedIn, or embedded multimedia content display systems (integrated) such as Youtube. These are parts generated directly from these sites and integrated into the website of the host site visited. The presence of these plugins leads to the transmission of cookies from and to all sites operated by third parties. The management of information collected by "third parties" is governed by the relevant information which please refer to.
Duration of cookiesSome cookies (session cookies) remain active only until the browser is closed or any logout command is executed. Other cookies "survive" the closing of the browser and are also available on subsequent visits by the user. These cookies are called persistent and their duration is fixed by the server at the time of their creation. In some cases a deadline is set, in other cases the duration is unlimited.