In compliance with current legislation, in compliance with the provisions contained in EU Regulation 2016/679 (“GDPR”) Seristur s.r.l.s, as data controller, communicates the following:
1. Holder of the treatment
The Data Controller is Seristur s.r.l.s with registered office in Cagliari, via Piccioni n. 12 (“Seristur” or “Owner”).
2. Purpose of data processing and nature of their provision
The personal data provided by the interested party will be processed by Seristur for the following purposes:
– execute the data subject’s request to be contacted or to have more information on the Controller’s products and services. The legal basis of this processing is the need to respond to the requests of the interested party;
– receipt of commercial communications relating to the services and / or products offered by the Data Controller. The legal basis of this treatment is the consent freely expressed by the interested party
– Fulfill the obligations established by law, regulations and EU legislation.
The provision of personal data is necessary to pursue the purposes referred to in points 1) and 3) any refusal to provide such data will make it impossible to respond to your request and use the requested service.
3. Type of data collected
– Navigation data
The computer systems and software procedures used to operate the site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site.
– Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mails to the addresses indicated on the site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the site set up for particular services on request.
– Third party data provided voluntarily by the user
In the use of the services we offer, if the user provides personal data of third parties, the user will act as an independent data controller with respect to this data, assuming all legal obligations and responsibilities. In this sense, the user grants the widest indemnity with respect to any dispute, claim, request for compensation for damage from treatment, etc. that should reach the Data Controller from third parties whose personal data have been processed through the use of the site’s services by the user in violation of the applicable rules on the protection of personal data. In any case, if the user provides or otherwise treats personal data of third parties in the use of the site, he / she guarantees from now – assuming all related responsibility – that this particular hypothesis of treatment is based on the prior acquisition – by the ‘user – the consent of the third party to the processing of information concerning him.
By cookies we mean a textual element that is inserted into the hard disk of a computer only after authorization. Cookies have the function of streamlining the analysis of web traffic or signaling when a specific site is visited and allow web applications to send information to individual users. No personal user data is acquired by the site in this regard. Cookies are not used to transmit information of a personal nature, nor are so-called c.d. persistent cookies of any kind, or systems for tracking users. The use of the so-called session cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the site. I c.d. Session cookies used on the site avoid the use of other IT techniques that are potentially detrimental to the confidentiality of user navigation and do not allow the acquisition of the user’s personal identification data.
4. Methods of processing and scope of data circulation
The processing will be carried out both with IT tools and with paper tools, and in any case in the manner and with the tools suitable to guarantee the security and confidentiality of the data, in compliance with the provisions of current legislation on the subject. In particular, technical, IT and organizational security measures have been implemented so that data protection is guaranteed, allowing access only to persons authorized to process the processing by the Data Controller or by any persons specifically designated as Data Processors by of the Owner.
The collected data will not be disclosed nor will it be communicated to third parties. However, it should be noted that as subjects authorized to process data in the forms and ways provided for by current legislation, all employees and / or collaborators of Seristur may become aware of the data, from time to time interested or involved in the respective duties in accordance with the instructions received. In this case, these subjects will be designated as authorized subjects for processing.
The data may also be processed by the following categories of subjects who will be appointed as external data processors: service providers who carry out specific IT, support or consultancy activities or whose activity is connected, instrumental or supportive to that of Seristur (eg . subjects who provide technical maintenance activities, professional offices and consultants, software suppliers, etc.), who always operate in such a way as to guarantee the security and confidentiality of the data.
5. Duration of treatment
The data collected will be kept for the time strictly necessary for the management of the purposes indicated above according to criteria based on compliance with the regulations in force and the correctness and balance between the legitimate interest of the Data Controller and the rights and freedoms of the interested party, as long as the marketing service requested, and will be canceled within 24 months from the date of termination of the service.
6. International transfers
The Data Controller does not transfer data outside the European Union, should we transfer them we will cover these transfers with an adequate level of protection.
7. Rights of the interested party
Finally, it is recalled that the interested party has specific rights including that of obtaining confirmation of the existence or not of their personal data even if not yet recorded, the communication in intelligible form of the same data, their origin as well as the logic and purposes of the treatment itself. The interested party can also obtain the cancellation, limitation of processing, transformation into anonymous form or blocking of data processed in violation of the law as well as updating, rectification or, if there is interest, integration of data and the portability of data to another Data Controller. It is also the right of the interested party to object, in whole or in part, for legitimate reasons, to the processing of his personal data, whether they are relevant to the purpose of the collection. The interested party also has the right to withdraw his consent at any time, without prejudice to the lawfulness of the processing based on the consent given prior to the revocation.
The interested party can also lodge a complaint with the Guarantor for the protection of personal data in the forms and methods provided for by current legislation.
To exercise the rights listed above, the interested party must submit a request to the address of the owner or via email to the following address firstname.lastname@example.org.