info@ambrosioecommodo.it
011 54 50 54
Consulting

INFORMATION ON THE PROCESSING OF PERSONAL DATA

Web portal https://ambrosioecommodo.it

(Articles 5-6-12-13 of EU Regulation no. 679/2016)

INFORMATION AND CONTACT DETAILS OF THE DATA CONTROLLER

Art. 13, paragraph 1, lett. a) EU Reg. no. 679/2016

  • Data Controller: Ambrosio & Commodo Associated Law Firm, Via Bertola 2, 10121 Turin, VAT number 02895500011
  • Contact details of the Data Controller: Tel. +39 011.545054 - Fax. +39 011.531321
  • Email: info@ambrosioecommodo.it
  • Contact details of the DPO: Lo Ambrosio & Commodo Associated Law Firm does not fit in the cases provided for by art. 37 of EU Reg. No. 679/2016
  • Lo Ambrosio & Commodo Associated Law Firm, Via Bertola 2, 10121 Turin, VAT number 02895500011, as the Data Controller of your personal data (hereinafter also the “Owner”), informs you, pursuant to art. 12 and 13 of the EU Regulation n. 679/2016 (General Data Protection Regulation, hereinafter referred to as for brevity "GDP is"), that your personal data will be processed by specifically authorized subjects and limited to the purposes and with the methods that will be specified below.

 Lo Ambrosio & Commodo Associated Law Firm (hereinafter referred to, for the sake of brevity, "Studio A&C") Informs you that it will specifically treat yours common personal data, i.e. name and surname, e-mail address, telephone number, identifiers and IP addresses o domain names, according to the purposes and methods defined and specified below.

The personal data of the Users of the Website, as described above, will be processed in the ways and in the forms prescribed by the GDPR, for the performance of the functions of this Website.

In particular, the personal data provided to the Data Controller will be processed for the pursuit of the following finality:

  1. to follow up on the specific requests addressed to the Data Controller by the User through the Website and its communication tools, or for communications of an informative nature relating to the services of the Data Controller, following the request for information via e-mail messages and other communication tools;
  2. for sending newsletters and information relating to information and legislative and regulatory updates, reporting of legal and cultural events.

This information is effective only with reference to the aforementioned web portal https://www.ambrosioecommodo.it, but not with reference to other and different portals or websites that may be consulted through the links therein, for which the Owner is in no way responsible.

The processing of the data provided in a generic way will be carried out, also following automatic collection during navigation, for the sole purpose of ascertaining and / or controlling access to the Website and / or the sole purpose of improving the functionality of the same, at in order to ensure a better browsing experience. For more information, please refer, in any case, to the specific Cookie Policy at the bottom of this page.

LEGAL BASIS OF TREATMENT

Apart from that specified for navigation data, the communication by you to the Data Controller of the personal data specified above, has the following prerequisites for the lawfulness of the processing legal basis:

  • 6, par. 1, letter a) of the GDPR, concerning your express free, specific, informed and unequivocal consent, as well as revocable, for the purposes referred to in point b).

The provision of your personal data is therefore necessary for the complete fulfillment of the purposes referred to in point 1) and, consequently, your refusal to provide the data may result in the failure to perform the said services and functions of the Website; the provision of your personal data is, however, purely optional for the treatment aimed at sending newsletters and legislative and regulatory updates, reporting of legal and cultural events referred to in point 2), and, therefore, any lack of consent does not prevent the fulfillment of the other indicated purposes. In any case, the consent you may have given may be revoked by you at any time, with immediate effect on the aforementioned company activities and services.

METHOD 'OF TREATMENT

Il Treatment of the personal data communicated by you is carried out by means of the operations indicated in art. 4 n. 2) of the GDPR, and precisely: "collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, communication, cancellation and destruction of data".

The personal data communicated by you are subjected to automated processing for the time strictly necessary to achieve the purposes for which they were collected, with technical and organizational methods adopted to prevent the loss of data, illicit and / or incorrect use and unauthorized access. , and therefore such as to guarantee a level of security adequate to the risk pursuant to art. 32 of the GDPR, by specifically authorized subjects, in compliance with the provisions of art. 29 of the GDPR, or of employees and / or collaborators of the Data Controller in their capacity as authorized subjects and / or system administrators, who will be able to carry out consultation, use, processing, comparison and any other appropriate operation in compliance with the provisions of the law necessary to guarantee, among other things, the confidentiality and security of the data as well as the accuracy, updating and relevance of the data in compliance with the stated purposes and methods.

It is specified, in particular, that the personal data communicated by you will be processed only at the headquarters of the Data Controller, except for what infra specified, will not, therefore, be disseminated, and, pursuant to art. 13, paragraph 1, lett. (e), the same may be processed only by authorized subjects and / or by any external data processors pursuant to art. 28 of the GDPR (in the person of individual professionals and / or complex professional associations), and / or by subjects who operate as independent data controllers, the list of which is available at the headquarters of the Data Controller and is provided following the written request of the 'concerned, and which explicitly include hosting companies and / or technical personnel in charge of the management and / or maintenance of the website, but only and exclusively for the purposes expressly and specifically indicated above.

SCOPE OF DISCLOSURE OF DATA

In relation to the purposes indicated above, the data may be communicated to the following subjects and / or to the categories of subjects indicated below, or they may be communicated to companies and / or persons, who provide services, including external ones, on behalf of the Data Controller.

Among these, for greater clarity, by way of example but not limited to: professionals and consultants also in associated form; subjects that provide services for the management of the information system and telecommunications networks (including e-mail and management of web portals and websites - cloud storage services - hosting); competent authorities and / or Supervisory Bodies for the fulfillment of legal obligations; subjects who carry out operations of control, revision and certification of the activities carried out by the Data Controller who operate as external data processors pursuant to art. 28 of the GDPR, or in total autonomy as separate subjects from the Data Controller.

This website may share some of the data collected with services located outside Italy and the European Union area. In particular with Google, Facebook and Microsoft (LinkedIn) also through social plugins and the Google Analytics service. Transfers outside the EU are authorized based on specifications decisions of the European Union Commission and the Guarantor for the protection of personal data, in particular decision 1250/2016 (Privacy Shield - here the information page of the Italian Guarantor), for which no further consent is required. The companies mentioned above guarantee their adherence to the Privacy Shield.

In any case, in the event that a possible extra-EU transfer of personal data should be necessary, the Data Controller from now on ensures that the data transfer will take place in compliance with the applicable legal provisions and in particular in accordance with articles 44 - 45 - 46 - 47 - 48 and 49 of the GDPR.

DATA STORAGE PERIOD

We point out that, in compliance with the principles of lawfulness, purpose limitation and data retention and minimization, pursuant to art. 5 of the GDPR, the retention period of your personal data is established for a period of time not exceeding the achievement of the purposes for which they are collected and processed, or for the entire duration of the fulfillment of the aforementioned purposes, and, therefore, exhausted. the purposes of the processing, your data will be deleted from any physical and IT support.

AUTOMATED DECISION-MAKING PROCESSES AND PROFILING

The Data Controller informs you that, for the purpose of processing your personal data, does not make use of automated decision-making processes, i.e. those aimed at making decisions based solely on technological means on the basis of predetermined criteria (i.e. without human involvement), nor does it carry out profiling activities, or the one aimed at using your personal data to analyze or predict aspects concerning professional performance, economic situation, health, personal preferences, interests, reliability, behavior, location or travel, etc.

RIGHTS

Right of Access pursuant to art. 15 of the GDPR and Right of Rectification pursuant to art. 16 of the GDPR

As an interested party, pursuant to art. 15 of the GDPR, you have the right to obtain from the Data Controller, confirmation of the existence or not of personal data processing concerning you, of obtain access to them and to all information referred to in the same art. 15, paragraph 1, letters from (a) to (h), by issuing a copy of the data being processed in a structured format, commonly used, readable by an automatic and interoperable device.

You, pursuant to art. 16 of the GDPR, also has the right to obtain from the Data Controller rectification and / or integration of the data being processed if they are out of date and / or inaccurate and / or incomplete.

Right of cancellation pursuant to art. 17 of the GDPR and right to limit the processing pursuant to art. 18 of the GDPR

As an interested party, you have the right to obtain, without undue delay, from the Data Controller, exclusively in the cases referred to in art. 17, paragraph 1, letters from (a) to (f), of the GDPR, cancellation of the data concerning you - with the exception of the hypotheses specifically provided for by art. 17 paragraph 3.

As an interested party you, pursuant to art. 18 paragraph 1, letters from (a) to (d), of the GDPR, has the right to request and obtain from the Data Controller, the limitation of processing of your personal data, or that such data are not subjected to further processing and can no longer be modified. The Data Controller ensures that the limitation of the processing is implemented by means of adequate technical devices that guarantee its inaccessibility and immutability.

Right to data portability pursuant to art. 20 of the GDPR

As an interested party, you have the right to receive, pursuant to art. 20 of the GDPR, by the Data Controller the personal data concerning you, the processing of which is carried out by automated means, in a structured format, commonly used and readable by an automatic device, and also has the right to transmit such data to another holder of the treatment, or to obtain from the Data Controller, where technically feasible, the direct transmission of such data to another specifically identified Data Controller.

Right to object to processing pursuant to art. 21 of the GDPR

She has the right to object to the processing at any time of personal data concerning you, for reasons connected to your particular situation, in cases where the processing of your data is necessary (1) for the performance of a task of public interest and / or connected to the exercise of public powers of which the Data Controller is invested in; (2) for the pursuit of a legitimate interest of the Data Controller or a third party; (3) for profiling activities carried out by the Data Controller on the basis of the previous points.

She also has the right to object to processing of your personal data for reasons connected to your particular situation if they are processed for scientific or historical research purposes or for statistical purposes pursuant to article 89, paragraph 1 of the GDPR, except in the case in which the processing is necessary for the execution of a task of public interest.

How to exercise the above rights

You can exercise the rights listed above by sending a request to the email address privacy@ambrosioecommodo.it.

The Data Controller will confirm receipt of your request and provide you with information relating to the action taken, with reference to the exercise of your rights provided for in articles 15 to 22 of the GDPR, within 1 (one) month of receipt of the request. If necessary, and taking into account the complexity and number of requests, the Data Controller may extend this term by 2 (two) months, subject to a reasoned communication to be sent within 1 (one) month of receipt of the request.

The Data Controller will communicate any rectification, cancellation, limitation of opposition to all recipients, as identified by art. 4, paragraph 1, n. 9 of the GDPR, to which such data have been transmitted, unless this proves impossible and / or involves a disproportionate effort.

Following the sending of your request for rectification, cancellation, limitation of opposition, if the Data Controller has reasonable doubts about your identity, he will request further information to confirm it. These communications will be sent by email from the address privacy@ambrosioecommodo.it.

In the event that the Data Controller does not comply with your request within the term of 1 (one) month from receipt of the request, the latter will inform you of the reasons for the non-compliance, informing you as of now of your right to propose complaint to the Supervisory Authority (Guarantor for the protection of personal data), as specified pursuant to art. 13, paragraph 2, letter (d) and governed by articles 77 et seq. of the GDPR.

Cookies

No personal user data is acquired from the site.

We do not use cookies to transmit information of a personal nature, nor are used cd persistent cookies of any kind, or systems for tracing users.

The use of so-called session cookies (which are not stored permanently on the user's computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow the safe and efficient exploration of the site.

The so-called session cookies used on this site avoid the use of other IT techniques that are potentially prejudicial to the privacy of users' browsing and do not allow the acquisition of the user's personal identification data.

Cookie settings

You can decide whether to authorize or not authorize the server of our Website to save cookies on your computer. You have the option of setting your browser at any time so that cookies are neither accepted nor saved. Alternatively, you can also set the function so that a warning is displayed each time before accepting a cookie or set your browser to only accept cookies from certain websites. Furthermore, you can delete previously saved cookies at any time.

It is important to note that, if you refuse to accept cookies from this website, it is possible that certain functions of the website itself cannot be used in whole or in part. To facilitate the use of the Website, we therefore recommend that you set your browser so that the cookies on this site are accepted.

The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of the user's behavior.

Google Analytics cookies (Google)

Google Analytics is a web analytics service provided by Google Inc. ("Google"). Google uses Personal Information collected for the purpose of tracking and examining the use of this Application, compiling reports and sharing them with other services developed by Google. Google may use the Personal Data to contextualise and personalize the advertisements of its advertising network.

Personal data collected: Cookie and Usage Data.

Processing location: USA - Privacy Policy - Opt Out

Interaction with external social networks and platforms

These services allow interaction with social networks or other external platforms directly from the pages of the Application. The interactions and information acquired by this Application are in any case subject to the User's privacy settings relating to each social network. In the event that an interaction service with social networks is installed, it is possible that, even if the Users do not use the service, it collects traffic data relating to the pages in which it is installed.

Button Likes and Facebook social widgets (Facebook)

The "Like" button and Facebook social widgets are interaction services with the Facebook social network, provided by Facebook Inc.

Personal data collected: Cookie and Usage Data.

Processing location: USA - Privacy Policy

Twitter Tweet button and social widgets (Twitter)

Twitter Tweet button and social widgets are interactive services with the social network Twitter, provided by Twitter Inc.

Personal data collected: Cookie and Usage Data.

Processing location: USA - Privacy Policy

Menu