below you will find all the information required by Article 13 of the European Regulation on the Protection of Personal Data (EU Reg. 2016/679 - henceforth, GDPR), in relation to the processing of personal data carried out by Marinedi S.r.l., through this website.
1. PERSONAL DATA.
The term "personal data" refers to any information that may relate to a natural person (his or her characteristics, habits, lifestyle, personal relationships, health status, economic situation, etc.) and that allows for identification, taken alone or through their combination (Art. 4(1)(1) GDPR).
Personal data that directly identify a natural person are, for example, biographical data (first and last name) and images. Personal data that identify a natural person indirectly are, for example, telephone number, social security number, IP address, e-mail, license plate number, credit card details, etc.
In detail, personal data are distinguished into so-called "common" personal data (i.e., those that we have indicated above and that are also referable to entities - public and private - associations and companies), and so-called "special" or also called "sensitive" personal data, i.e., those revealing racial or ethnic origin, religious or philosophical beliefs, political opinions, trade union membership, relating to health or sexual life. Regulation (EU) 2016/679 also included genetic data, biometric data, and data relating to sexual orientation in this category. Also considered personal data are so-called "judicial" data, i.e., data relating to criminal convictions, crimes or related security measures, which may reveal the existence of certain judicial measures subject to registration in the criminal record (e.g., final criminal convictions, conditional release, prohibition or obligation to stay, alternative measures to detention) or the quality of defendant or suspect. Finally, very significant personal data are considered to be those related to electronic communications (via the Internet or telephone) and those that enable geolocation, providing information on places frequented and movements.
2. DATA CONTROLLER.
The Data Controller of Personal Data is the Company "MARINEDI s.r.l." with registered office in Via Ajaccio 14 - 00198 Rome - R.E.A. n° 1389748 P.IVA and C.F. 12633221002, which can be contacted at the following dedicated e.mail address: email@example.com.
The GDPR defines Data Controller as "the natural or legal person, public authority, service or other body which alone or jointly with others determines the purposes and means of the processing of personal data."
Simply put, the controller is the one who processes data without receiving instructions from others. It is the one who decides "why" and "how" data should be processed.
3. PLACE OF DATA STORAGE.
Marinedi does not transmit personal data to third countries, extra - EU, or international organizations. For the storage of collected data, the Company uses servers insisting on the national territory.
4. TYPE OF DATA COLLECTED BY THE SITE.
Through the site of the same name, Marinedi processes the following personal data:
- data voluntarily provided by the User, through filling out the form on the site, found in the "Contact Us" section, i.e. name, e-mail and other possibly personal information that the User intends to enter in the "Message" area of the form.
(c) Data collected through cookies and related technologies
5. PURPOSES FOR WHICH PERSONAL DATA ARE COLLECTED.
(a) To make contact directly with Marinedi.
Through the "Contact Us" section of the site, the User may contact the Company through the telephone number, e-mail address or filling out the form therein. By doing so, one consents to the processing of the data provided, as well as any other data that one intends to provide in order to make direct contact with the Company and request further information about the services/promotions offered.
The legal basis for the processing of personal data for this purpose is established by Art. 6, par. 1, letter b of the GDPR (execution of a contract or pre-contractual measures) as the processing is necessary for the provision of services or for the response to the data subject's requests and does not require his/her consent.
b) To comply with obligations under applicable laws, regulations or EU legislation, or to comply with requests from the Authorities.
The legal basis for the processing of personal data for this purpose is established in Article 6 para. 1 lit. c) of the GDPR ("the processing is necessary for compliance with a legal obligation to which the Data Controller is subject").
(c) For legal defense.
The User's Personal Data may be used by Marinedi, in court or in the stages preparatory to its possible establishment for the defense against abuse by the same User, in the use of the website or related services.
d) For purposes of statistical research/analysis aimed at measuring the functioning of the Website, measuring traffic and assessing usability and interest. Such research/analysis involves aggregate or anonymous data, so it is not possible to identify the User. This type of processing can, therefore, be freely carried out by the Data Controller because it is not based on Personal Data.
Providing Personal Data for the purposes listed above is optional, but failure to do so may make it impossible for the Company to respond to a request or fulfill a legal obligation to which it may be subject.
6. PARTIES WHO MAY PROCESS DATA.
For the purposes mentioned in No. 5 of this policy, personal data may be shared with:
- persons authorized (ex art. 29 of the GDPR) by the Data Controller to process personal data necessary to carry out activities strictly related to the provision of services, who have committed to confidentiality or otherwise have an appropriate legal obligation of confidentiality;
- the so-called. Data Processors (ex art. 28 GDPR), i.e., subjects who cooperate with the Data Controller for the pursuit of the aforementioned purposes, including subjects delegated to carry out technical maintenance activities;
- subjects, entities or authorities to whom it is mandatory to communicate personal data by virtue of legal provisions or orders of the Authorities.
The Person in charge of personal data processing, as well as the Authorized Persons, are appointed by formal deed and indicated in a special list that can be consulted by the User, upon the latter's request to be forwarded to the following email address: info@marinedi,com, indicating in the subject line the words "List request". This list is subject to changes and updates by the Data Controller.
7. RETENTION TIME OF PERSONAL DATA.
Personal data provided for the provision of services offered by Marinedi will be retained for the period of time necessary for the provision of the same, within the time provided for and allowed by the Italian legislation to protect its interests (and in any case not beyond the terms referred to in Articles. 2946 c.c. et seq. - prescription).
In any case, the User is informed that the data provided will be kept only the purposes for which they were provided, in compliance with the principle of necessity of the storage time of the processing.
8. MODE OF PROCESSING AND PROTECTION OF PERSONAL DATA.
The data are collected in accordance with the principle of minimization of the data processed (only the data strictly necessary to provide the services requested or achieve the other purposes specified here in point 5 are acquired). The processing of personal data by the Company is carried out using manual, computerized and telematic tools with logics strictly related to the aforementioned purposes. Processing operations are carried out in such a way as to guarantee the security of data and systems. Adequate security measures are adopted in order to minimize the risks of destruction or loss, even accidental, of the data themselves, of unauthorized access, of unauthorized processing or processing that does not comply with the purposes indicated in this information sheet. The security measures adopted, however, do not allow to exclude, absolutely, the risks of interception or compromise of personal data transmitted by telematic means. It is therefore recommended that the User verify that his/her device (Pc, smartphone, tablet etc.) is equipped with software systems adequate to protect the telematic transmission of data, both incoming and outgoing (such as, for example, updated antivirus systems, firewalls and spam filters).
9. USER'S RIGHTS.
According to Articles 15 et seq. of the GDPR, the User has the right to:
-access their personal data, to ask for their rectification, updating and deletion or restriction, if incomplete, erroneous or collected in violation of the law;
- to object to the processing for legitimate reasons or to obtain the portability of the data;
- obtain confirmation of the existence or otherwise of personal data concerning him/her, even if not yet registered, and their communication in intelligible form.
The User has, in addition, the right to obtain
a) the indication:
- Of the origin of the personal data;
- Of the purposes and methods of processing;
- of the logic applied in case of processing carried out with the aid of electronic instruments;
- of the identification details of the Owner, the Manager(s) (internal/external) and the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as Authorized Persons;
b) the updating, rectification or integration of their data within the limits of relevance to the activity carried out by the Company;
c) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is not necessary in relation to the purposes of processing;
d) certification that the operations referred to in letters b) and c) have been brought to the attention of those to whom the data have been communicated, except where this proves impossible or involves the use of means manifestly disproportionate to the protected right.
The User also has the right to object, in whole or in part:
e) for legitimate reasons to the processing of personal data concerning him/her, even if pertinent to the purpose of collection;
f) to the processing of personal data conferred at the time he/she made contact with the Company through the dedicated form or the email address indicated in the "Contact" section of the site.
10. EXERCISE OF RIGHTS.
The rights listed in the previous point 9 of this policy are exercised with a request made freely and without formality to the Data Controller, either directly or through one of its appointees, by sending an e-mail message to the e-mail address: firstname.lastname@example.org with the subject heading "Rights".
The Interested Party has the right to receive appropriate feedback to the transmitted request, without undue delay and, in any case, no later than one month from the receipt of the request itself (deadline extendable by two months, due to complexity and number of instances), which may be renewed for justified reasons.
In any case, if the User believes that the Company is processing his/her personal data in violation of the provisions of the GDPR, he/she has the right to file a complaint with the Guarantor (art. 77 GDPR, art. 141 Privacy Code) or to take appropriate legal action (art. 79 GDPR, art. 152 Privacy Code). The complaint form and information on how to fill it out and submit it are available here. For the exercise of the rights in question, the data subject may rely on individuals, entities, associations or bodies, giving, for this purpose, a written proxy and be assisted by a trusted person.
This policy is current as of July 25, 2022.