INFORMATION TO DATA SUBJECTS
Art. 13 and seq. General Data Protection Regulation no. 2016/679 (“GDPR”)
Dear User,when you access and navigate on this website (hereinafter ‘Website’) some of your personal data is acquired, stored, and managed (in technical terms ‘processed’) through the device you are using, also by analyzing and saving your IP address, browsing data, ‘cookies’ and other online identifiers such as ‘pixels’. In light of these processing activities, in compliance with the applicable legislation that requires the protection, confidentiality and security obligations on your data, Crafted S.r.l. clarifies below the purposes and means defined in its capacity as Data Controller.
Data processing operations will be performed as Data Controller by Crafted S.r.l., with legal seat in Venezia (VE), via della pila, n.13, VAT no.04634280277, that can be contacted at the following addresses:
• by writing an e-mail to firstname.lastname@example.org;
• by ordinary mail, at the address of the legal seat as provided above.
CATEGORIES OF DATA PROCESSED
The categories of data processed through the Website are:
• information related to the User’s browsing activities, including the so-called online identifiers and data related to the device in use * ;
• personal identification data and contact data (i.e. name, surname, e-mail address, physical address and telephone number) in case of use of the Website functionalities;
• other categories of data, in case of further implementation of purposes on the Website.
PURPOSES, LEGAL BASIS AND DATA RETENTION PERIODS
• User access to the pages of the Website and to its functionality
• Feedback to contact requests or information inquiries sent by the user
• Forwarding of content to the User (e.g. PDF documents)
• Forwarding to the User of content similar to that previously requested
• User subscription to the newsletter and subsequent management of related communications
• Performance of pre-contractual and contractual activities
• Exercise of legitimate interest, aimed at maintaining relations with Users of the Website
• Performance of pre-contractual and contractual activities
• Exercise of legitimate interest in advertising content similar to that already requested
• Consent of the User
Data retention period
• For the duration the user remains on the Website, and in any case for a maximum of 24 months after it.
• For a maximum of 1 years from the last interaction between the user and the Data Controller.
• For a maximum of 10 years from the last interaction between the user and the Data Controller.
• For a maximum of 24 months and unless the User objects to the processing
• Until cancellation requests are made or at the latest six months after termination of the newsletter service.
OTHER INFORMATION ON HOW WE PROCESS PERSONAL DATA
If the User wish to receive further information about the balance between the legitimate interests pursued by the Data Controller and the fundamental rights and freedoms of the natural person, he/she can contact the Data Controller at the addresses indicated, and in particular at the e-mail address provided, having the right to receive adequate feedback as soon as possible and in any case within the time required by law. In the event of litigation with the User or with third parties, or control of the competent Authorities, the conservation may be extended until the expiry of the last applicable prescription period. The User’s personal data will not be disseminated in any way, except for the acquisition of express and prior consent or within the limits of what is provided for or imposed by law.
CONSEQUENCES OF FAILURE TO PROVIDE DATA
The provision of personal data marked with an asterisk (*) is mandatory: not providing such data makes it impossible to proceed with the related processing. The provision of other personal data is optional: failure to provide such additional data may make it impossible to access all or part of the Website’s functions or characteristics.
AUTOMATED DECISION-MAKING PROCESSES
With the expression “automated decision-making processes” the legislation indicates (art. 22 GDPR) “any form of automated processing of personal data” that it uses to evaluate certain aspects of the person, and in particular “to analyze or predict (…) the professional performance, economic situation, health, personal preferences, interests, reliability, behavior, location or movements” of the user in their capacity as ” Data Subject”.
The Website does not process any personal data through automated decision-making processes as described above, except where expressly indicated and based on User’s express and informed consent.
CATEGORIES OF SUBJECTS THAT PROCESS DATA ON BEHALF OF THE DATA CONTROLLER
Within the limits of the obligations, tasks or purposes indicated above, personal data may be made available and / or communicated to:
– employees and / or collaborators of the Data Controller;
– other third parties who provide management, maintenance or intervention services on the Site and / or on other tools used by the Data Controller;
– judicial, administrative and / or public security authorities.
The complete list of Data Processors and other third parties to whom the data are made available and / or communicated can be requested from the Data Controller at any time, at the indicated references.
TRANSFER OF DATA OUTSIDE THE EUROPEAN ECONOMIC AREA
Personal data shall be transferred to countries outside the European Economic Area for technical purposes, in any case to subjects based in countries recognized as “adequate” by the European Commission or that have stipulated specific Standard Contractual Clauses based on the text approved by the European Commission. The Data Controller undertakes to implement additional safeguard if needed.
RIGHTS OF THE DATA SUBJECT
The User, as a “Data Subject” according to the GDPR, can at any time exercise the rights attributed to him by the European Regulation n.2016/679.
In particular, the User has the right to:
– access his/her personal data;
– obtain the correction or cancellation of the same or the limitation of the processing that concerns him/her;
– oppose the processing, in case the Data Controller exercises its legitimate interest;
– obtain his/her data portability, where provided by the law;
– withdraw consent, where provided: the withdrawal of consent does not affect the lawfulness of the processing based on the consent given before the revocation;
– lodge a complaint with the supervisory authority.
For Italy – as the Data Controller’s home state – the supervisory authority is the “Autorità Garante per la protezione dei dati personali” based in Rome (www.gpdp.it).
The exercise of the aforementioned rights can take place by sending a request to the Data Controller’s references and in particular to the e-mail address indicated above.
WHAT ARE COOKIES AND OTHER TOOLS USED BY THE WEBSITE
Cookies are small text files that are transmitted from the Website to the devices of Users who visit it, and which are then retransmitted to the Website on subsequent visits; they may have different characteristics and be used for different purposes, both by the Website’s Data Controller and by third parties who provide technical services to the Data Controller or directly to the User.
This Website uses different types of cookies, in compliance with the “Guidelines for cookies and other tracking tools” as issued by the Italian Data Protection Authority with general provision no. 231 of 10 June 2021. Cookies can be divided between “first-party” cookies, if installed directly from the Website, and “third-party” cookies, if they provide access to features and services offered by third parties with respect to the Owner.
Some of the cookies used by this Website are “technical” – being installed automatically following the opening of the Website – and therefore do not require the user’s consent. Technical cookies can be “session” cookies, if they are deleted from the device when the browser and / or the navigation tab is closed, or “persistent” cookies, if they remain in the device’s memory even after the Website is closed. This Website also uses “preference” cookies, in order to save User’s choices.
DETAILS OF THE TOOLS IMPLEMENTED BY THE WEBSITE
The specific and complete list of cookies used by the Website, both first and third party, can be requested to the Data Controller at the address mentioned above.
Herebelow the Data Controller provides a list of third-party tools implemented by the Website:
HOW TO MANAGE COOKIE SETTINGS
The provision of all cookies can always be deactivated by the user by adjusting the browser settings. It should be noted, however, that intervening on these settings could render the Website unusable if the browser blocks cookies that are technically indispensable for the provision of our services. In any case, each browser has different settings for deactivating cookies. The links to the instructions for the most common browsers are as follows:
– Apple Safari,
– Google Chrome,
– Microsoft Edge,
– Mozilla Firefox,
Last update on: 1st February 2023