PRIVACY POLICY
GV Vecchi Group srl is highly committed to the confidentiality, protection and security of personal data relating to the individualswith whom it gets in contact.
The User of this site is therefore encouraged to first visit all the sections of this document, which describes the proceduresapplied by the website to handle the personal data of its users. This is an information note also pursuant to art. 13 of Legislative Decree no. 196 of June 30, 2003, “Law regarding the protection of personal data” and art. 13 of Regulation (EU) 2016/679 “GDPR”, to all individuals who interact with the web services of GV Vecchi Group srl , accessible electronically at:
www.penroseconcept.it
This information is provided and applies only to this site and not to other websites that may be accessedby the user through links on this site.
GV Vecchi Group srl has no control over these sitesor the proceduresthey apply for the respect of data privacy;we advise you to read the privacy policy of any companies you get in contact with before providing any personal data to them.
DATA CONTROLLER
Following this website navigation, data relating to identified or identifiable individuals may be processed.The “data controller” is GV Vecchi Group srl , with registered office in Via dei Lapidari, 18/G – 40129 BOLOGNA, VAT NO. 00659531206 –Tax Code 03541841205, email address info@penrose.it
DATA PROCESSOR
GV Vecchi Group srl is Responsible for the processing asthe Data Controller pursuant to Article 29 of the Law regarding the protection of personal data.
DATA PROCESSING LOCATION
Processing connected to the web services of this site takes place at the headquarters in Via dei Lapidari, 18/G – 40129 BOLOGNA and is only handled by technical staff of the Department in charge of processing. The data controller processes the personal data of the users by adopting the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of personal data. Processing is carried out using IT and / or telematic tools, following organizational procedures and modesstrictly related to the purposes indicated. In addition to the data controller, in some cases, staff involved in the organization may have access to personal data (administration, sales, marketing, legal, system administration) as well as external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) which could be appointed, if necessary, as data processors by the data controller. The updated list of the data processors can always be requested to the data controller.
TYPES OF DATA PROCESSED
Navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified data subjects, but it could, by its nature, through processing and association with data held by third parties,allow users to be identified.
This category of data includes IP addresses or domain names of the computers used by the users to connect to the site, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the user’s operating system and computer environment.
The a.m. data is used for the sole purpose of obtaining anonymous statistical information about the use of the site and to ensure that it works properly and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes againstthe site: if not needed for that purpose, the data about web contacts will not be kept for more than seven days.
Data provided voluntarily by the user
Optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.
OPTIONAL DATA CONFERMENT
Apart from what has been specified regarding navigation data, the user is free to provide personal data contained in the request forms submitted to GV Vecchi Group srl .
Failure to provide such data may make it impossible to fulfill the request.
For any type of processing, it is possible to ask for the deletion of personal data by sending a request to the email address info@penrose.it
METHOD OF PROCESSING
Personal data is processed usingcomputersand/or IT enabledtools.
Appropriate security measures have beenput in place to prevent data loss, unlawful use or misuse and unauthorized access.
RETENTION PERIOD
Personal data voluntarily provided by the data subject will be processed by the Data Controller and kept for a period of 5 years.
At the end of the fifth year, the system will send an e-mail to the data subject who, freely and according to his/her will, can express his/her consent to the continuation of processing according to the services for which he/she had previously consented.
Failure to renew the consent to the processing of data will make it impossible to continue to use the services.
RIGHTS OF THE DATA SUBJECT
The subjects to whom personal data refers have the right at any time to obtain confirmation about the existence or otherwise of such data and to be informed aboutits content and source, to verify its accuracy or request its integration or updating, or correction (article 7 of the Lawon protection of personal data).
In accordance with Regulation (EU) 2016/679, the data subject hasthe right to:
– art. 15 – obtain from the data controller confirmation as to whether or not personal data concerning him/her are being processed, and, where that is the case, access to the personal data and other specific information;
– art. 16 – obtain from the data controller without undue delay the rectification of inaccurate personal data concerning him/her;
– art. 17 – obtain from the data controller the deletion of personal data concerning him/her without undue delay;
– art. 18 – obtain the restriction ofprocessing in specific cases;
– art. 20 – receive the personal data concerning him/her in a structured, commonly used and machine-readable format;
– art. 21 – object at any time to the processing of personal data concerning him/her for marketing purposes (commercial communications sent by the data controller).
To exercise any of the rights set out above, the data subject can send an email to info@penrose.it. The data controller willacknowledgereceipt and will respond to his/her request within 30 (thirty) days. Pursuant to art. 19, the requests relating to the rights referred to in Articles 16, 17 and 18 will be transmitted by the data controller to the concerned subjects.
Right to lodge a complaint with a supervisory authority
The data subject has also the right to raise a complaint to the competent Supervisory Authority -Data Protection Supervisor – to the following Certified Electronic Mail: protocollo@pec.gpdp.it
According to the same article, you have the right to request deletion, transformation into anonymous form or blocking of data processed in violation of the law, as well as to object in any case, for legitimate reasons, to their processing.
Requests should be addressed:
– by e-mail, to the email address: info@penrose.it
– or by post, to GV Vecchi Group srl , with registered office in Via dei Lapidari, 18/G – 40129 BOLOGNA, VAT NO. 00659531206 –Tax Code 03541841205, email address info@penrose.it