INFORMATION REGARDING THE PROCESSING OF PERSONAL DATA ON THIS WEBSITE
This page describes the management of this website in terms of the processing of personal data of users who access it.
Data relating to identified or identifiable persons may be processed as a result of accessing this website.
This policy is also based on Recommendation No. 2/2001, which the European Data Protection Authorities - meeting in the Group established by Article 29 of Directive No. 95/46/EC - adopted on May 17, 2001. This meeting was intended to identify certain minimum requirements for the collection of personal data online, and, specifically, the manner, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection.
This information document:
- analyses the way the site is managed in terms of processing the personal data of users who access it;
- is aimed at those who interact with the services provided online by the Data Controller, also in compliance with the legislation on the protection of individuals with regard to the processing of personal data pursuant to Article 13 of EU Regulation 679/2016 (hereinafter referred to as the “Regulation”).
The policy applies to this website only and not to other websites that may be accessed through links.
1. DATA CONTROLLER
The Data Controller is Avio S.p.A. (“Avio”).
2. PROCESSING METHODS AND SECURITY MEASURES
Personal Data is processed by automated means and only for the duration strictly required to achieve the purposes for which it was collected.
Specific security measures are in place to prevent data loss, illicit or improper use and unauthorised access. Within Avio, your personal data may come to the attention of employees or external collaborators assigned to services and departments - both internal and external - who perform consulting and support tasks on Avio’s behalf.
Data are processed by personnel directly employed by the Data Controller and/or by natural or legal persons specifically identified by the Data Controller as responsible persons.
3. COMMUNICATION OF DATA
Under no circumstances will the data provided be disclosed or communicated to third parties, except for disclosure:
- to subjects whose right to access the data is recognised by legal provisions or orders of the authorities;
- to subjects (including external and/or foreign) engaged by the Data Controller to carry out activities that are fundamental and/or ancillary to the management of the data collected and the provision of the related services and benefits. This includes providers of software solutions, web applications and storage services, including those provided through Cloud Computing systems and used for this purpose.
4. LOCATION OF DATA PROCESSING
Data processing relating to this site’s web services is carried out at the Administrative Offices of Avio, or of the entity the Data Controller engages to carry out activities that are fundamental and/or ancillary to the management of the data collected, and are handled only by personnel authorised to process them, or by third parties authorised by Avio.
No personal data from the web service is disseminated.
5. TYPES OF DATA PROCESSED
The computer systems and software procedures used to operate this website acquire, during normal operation, some personal data whose transmission is essential to the use of internet communication protocols.
This is information which is not collected for purposes of association with identifiable data subjects, but which, by its very nature, might allow site users to be identified via processing and association with data held by third parties.
This category of data includes IP addresses or the domain names of computers utilised by users connecting to this website, the URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the response of the web server (execution, error etc.) and other indicators concerning the operating system and the IT environment of the user.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mail to the addresses provided in the appropriate sections of this website entails the subsequent acquisition of certain personal data and special categories of personal data of the applicant, included in the forms required to respond to requests.
6. PURPOSES OF PROCESSING
Personal data provided by users will be used to enable navigation.
7. RIGHTS OF THE DATA SUBJECT
In addition to the right to obtain confirmation from the Data Controller that their data are being processed, Data Subjects may at any time obtain confirmation of the existence or non-existence of the same data and to be informed of their content and origin, verify the accuracy of said data or request that they are supplemented, updated or corrected.
The Data Subjects have the right to request that data are deleted, that processing of them is limited, that they are transformed into an anonymous form or that data processed in violation of the law are blocked, and to object to processing of data, in any case, for legitimate reasons.
8. DATA RETENTION PERIOD
AVIO will process data only for as long as is strictly necessary to achieve the purposes for which they were collected.
9. MEANS OF EXERCISING RIGHTS
To exercise your rights under Section 7, you may contact the Data Controller or the DPO.
- by sending a registered letter with return receipt to Avio at Via Latina snc (SP 600 Ariana Km 5.2) 00034 Colleferro;
- by sending an e-mail to firstname.lastname@example.org.
The deadline for a response to the user is thirty days, which may be extended up to three months in particularly complex cases; in such cases, the Data Controller shall provide at least one communication to the interested party within the thirty-day period.
The exercise of rights is, in principle, free of charge; the Data Controller reserves the right to ask for a contribution in the event that requests are manifestly unfounded or excessive (including repetitive ones), also in light of any indications that may be provided by the Data Protection Authority.
10. COMPLAINT TO THE DATA PROTECTION AUTHORITY
The Data Subject may file a complaint with the Data Protection Authority, which can be contacted at https://www.garanteprivacy.it.