Directive 2002/58/EC – on “the processing of personal data and the protection of privacy in the electronic communications sector” Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).
THE DATA CONTROLLER Following consultation of this site, data relating to identified or identifiable persons may be processed. The “Owner” of their treatment is Antica Fonderia Artistica Giuseppe Di Giacomo with registered office in via Serbatoio alle Fontanelle, 10 80136 Naples Italy.
PLACE OF DATA PROCESSING AND STORAGE TIMES The processing operations connected to the web services of this website take place at the aforementioned registered office of the Data Controller and are carried out only by personnel expressly authorised by the latter, or by any third party suppliers appointed to carry out occasional maintenance operations, appointed as Data Processors pursuant to article 28 of the RGPD. The data collected will be stored – for each type of data processed – only for the time necessary to fulfil the specific purposes indicated in the specific summary information displayed on the pages of the site and prepared for particular services.
TYPES OF DATA PROCESSED Navigation data The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or the domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct operation and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes to the detriment of the site: except for this possibility, at present the data on web contacts do not persist for more than seven days.
Data provided voluntarily by the user The optional, explicit and voluntary sending of personal data by the user in the registration forms present on this site entails the subsequent acquisition of the data provided by the sender, necessary for the provision of the requested service. Specific summarised information will be progressively reported or displayed on the pages of the site set up for particular services on request.
LINKS TO OTHER WEBSITES This website may contain links or references to other websites, such as the social networks Facebook, Instagram, Google+, Twitter and Pinterest. By clicking on the appropriate links you can, for example, share our content. Please note that the Data Controller does not control the cookies or other tracking technologies of such websites to which this Policy does not apply.
OPTIONAL PROVISION OF DATA Apart from what is specified for navigation data, the user is free to provide his/her own personal data. However, failure to provide them may make it impossible to obtain what has been requested.
PROCESSING METHODS AND STORAGE TIMES Personal data are processed, also with the aid of automated tools, for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent the loss of data, unlawful or incorrect use and unauthorised access. The Data Controller has adopted all the minimum security measures provided for by law and, drawing inspiration from the main international standards, has also adopted additional security measures to minimise the risks relating to the confidentiality, availability and integrity of the personal data collected and processed.
DATA SHARING, COMMUNICATION AND DISSEMINATION The data collected may be transferred or communicated to other companies for activities strictly connected and instrumental to the operation of the service, such as the management of the computer system. The personal data provided by users who request dispatch of informative material (brochures, informative material, etc.) are used for the sole purpose of performing the service or provision requested and are communicated to third parties only if necessary for this purpose (companies that provide enveloping, labelling, shipping services). Outside of these cases, personal data will not be communicated unless provided for by contract or law, or unless specific consent is requested from the person concerned. In this sense, personal data may be transmitted to third parties, but only and exclusively in the event that: a) there is explicit consent to share the data with third parties; b) it is necessary to share the information with third parties in order to provide the requested service; c) it is necessary in order to comply with requests from Judicial Authorities or Public Safety. No data deriving from the web service is disseminated.
RIGHTS OF DATA SUBJECTS The legislation on the protection of personal data expressly provides for certain rights of the persons to whom the data refer (so-called data subjects). In particular, pursuant to Articles 15 et seq. of Regulation (EU) 2016/679, each data subject shall have the right to obtain confirmation as to whether or not personal data concerning him or her exist, to be informed of the source of the data and the purposes and methods of the processing, to obtain the updating, rectification or integration of the data and the erasure of the data if they are processed unlawfully or for any of the reasons specified in Article 17 of Regulation (EU) 2016/679. The data subject shall also have the right to lodge a complaint with a supervisory authority if he/she considers that the rights indicated herein have not been acknowledged.