PERSONAL DATA PROCESSING
INFORMATION ABOUT PERSONAL DATA PROCESSING
Pursuant to article 13(1) of EU Regulation 2016/679
According to art. 13(1) of EU Regulation 2016/679 (GDPR) this Disclosure regulates the methods by which Nuova Lofra srl, with registered office in Torreglia via Montegrotto 125, collects, stores, uses, communicates, or processes in any other way, the personal data collected from the users of this website.
DATA COLLECTION
The Users’ Personal Data processed by Lofra (“Data Processing”) stored on their own servers or by their partners, as better specified below, can be collected in various ways, namely:
Data provided directly by the User:
The processing to which the personal data provided by you on the form on the site www.lofra.it, and which you may update, has the sole purpose of allowing Lofra to provide the services on the site and requested by you (in particular the ecommerce service), as well as to fulfil specific obligations provided for by EU legislation, laws or regulations. Filling in the form DOES NOT imply registration for any newsletter or sending promotional material. Any refusal to provide such data would make it impossible to manage the relationship between us, with the consequent impossibility to provide the services requested and proceed with the purchase of the Lofra material.
Data collected automatically:
The Personal Data automatically collected through, but not limited to, the so-called “Cookies” (as better specified in the following section), are – as a rule – data about the User’s browsing.
The computer systems and software procedures used to operate the Site acquire, during their normal operation, some Personal Data whose transmission is implicit in the use of internet communication protocols. This information is generally not collected to be associated with identified users, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of Personal Data includes IP addresses, or domain names, of the computers used by Users who connect to the Site, the URI addresses (uniform resource identifier) of the requested resources, the time of the request, the method used in submitting the request, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the User’s IT environment.
These data are mainly used to obtain statistical information on the use of the site and to check its correct functioning.
The Data could also be used to ascertain responsibility in case of hypothetical computer crimes against the Site.
HYPERTEXT LINKS
The Site may contain links to other third-party sites (“Links”), deemed of interest to the User. By linking to these sites, you exit this Site freely and access a third-party site. The information contained in these sites is independent and beyond the control of Lofra, which assumes no responsibility in this regard, not even in relation to any processing of Personal Data that may occur in such circumstances. Consequently: (i) Lofra assumes no responsibility, nor does it provide any guarantee regarding the nature and contents of any third party website connected to this Site via Links; (ii) this Disclosure is not applicable or related to data processing by other websites, even if consulted by the User via Link; (iii) the connection to third party sites is the sole responsibility of the Users.
DATA PROCESSING CONTROLLER AND MANAGER
The data controller is Nuova Lofra srl, with head office in via Montegrotto 125, Torreglia (PD) VAT n. 04433800283, certified email nuovalofra@legalmail.it.
The full contact details of those responsible for the personal data processing appointed by Nuova Lofra srl are available upon written request sent to the email address info@lofra.it.
DATA PROCESSING LOCATION AND METHOD AND SUBJECTS TO WHOM THE DATA MAY BE COMMUNICATED
The Data Processing is normally carried out at the head office of the site owner.
The data may be disclosed to data controllers, if appointed to manage specific data provided by the user:
- Collaborators, employees and suppliers of Nuova Lofra srl, as part of their duties and/or any contractual obligations with them.
- Suppliers and/or subcontractors engaged in activities related to the execution of services and products offered by Nuova Lofra srl.
- Legal, administrative and tax consultants within the limits necessary and/or functional to the performance of the business of Nuova Lofra srl.
- Public authorities for the obligations dictated by EU legislation, laws or regulations.
At the request of the user, Nuova Lofra srl undertakes to provide all the information and policies used by third parties in relation to the processing of the data provided.
In no case will the data supplied be sold to third parties.
PROCESSING METHOD
The data may be processed using both hard copy and computer archives (including portable devices and Cloud systems located within the European Community) and in the manner strictly necessary to meet the aforementioned purposes. In the case of storage in systems located in non-EU countries, the users will be notified. In all events, processing will be carried out with methods and tools in compliance with the security measures referred to in art. 32 of EU Regulation 2016/679, and by specially appointed parties in compliance with the provisions of art. 29 of EU Regulation 2016/679. In particular Lofra, having thoroughly assessed the risk for the rights and freedoms of the individuals involved both in terms of probability and gravity, implements technical and organisational measures to guarantee an adequate level of safety to the risk. Lofra undertakes to ensure that anyone acting under their authority and having access to personal data does not process such data unless instructed to do so, unless EU or Member State law requires it.
DATA STORAGE
It should be noted that, in compliance with the principles of lawfulness, limitation of purposes and minimization of data, pursuant to art. 5 of EU Regulation 2016/679, all data that must not be expressly stored based on explicit provisions of EU legislation, laws, regulations or that may protect a legitimate interest of the Doctor will be deleted in full at the user’s request and in any case after 2 years after no access is made to the reserved area.
PROCESSING PURPOSE AND NATURE OF CONSENT
Lofra processes Personal Data exclusively for the following purposes:
- Purposes related to the use of the Lofra services offered and to fulfil any contractual obligations established with the User.
- Statistical purposes and market research, in this case the data collected will be anonymous.
USER RIGHTS
At any time the user of the site may exercise, subject to the conditions and by contacting the data controller at the address indicated in point 5, the following rights, pursuant to articles from 15 to 22 of EU Regulation 2016/679:
- Request confirmation of the existence or not of their personal data and obtain information about the processing purposes, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, where possible, the storage period.
- Obtain the correction and deletion of data.
- Obtain the limitation of the processing when one of the hypotheses envisaged by art. 18 of EU Regulation 2016/679 occurs.
- Obtain data portability, i.e. receive them from a data controller in a structured format that is commonly used and readable by an automatic device, and also transmit them to another data controller without hindrance.
- If processing is based on consent, revoke it at any time without jeopardising the lawfulness of the processing based on the consent given before the revocation.
- Make a complaint to the Guarantor for Personal Data Protection.
- Oppose an automated decision-making process relating to natural persons, including any profiling.
As for the cookies and navigation data collected on the website www.lofra.us, please refer to the relative page click here.
CLARIFICATIONS
For any clarification or doubt in relation to the Lofra data processing policy and this Disclosure, please contact the data controller at info@lofra.it.
Finally, it should be noted that Lofra may periodically modify, supplement or update this Disclosure, in consideration of any changes to the applicable legislation or provisions of the Guarantor for Personal Data Protection (“Guarantor”) or the services offered on the Site.
Changes and updates to the Disclosure are applied and brought to the attention of users as soon as they are adopted, by publication on the Site. Consequently, each User is invited to periodically access the Site to verify this updated Information.