Privacy Policy

This information is made pursuant to art. 13 Legislative Decree 30.06.2003, 196 ("Code regarding the protection of personal data"), as integrated and/or modified by Legislative Decree 10.08.2018, n. 101, and of art. 13 of EU Regulation no. 2016/679 ("European General Regulation on the protection of personal data").

The Company Softsystem srl - Via Martin Luther King 28, 56020 Montopoli in Val d'Arno (PI) (later, "owner"), informs pursuant to art. 13, Legislative Decree 30.06.2003, 196 (later, "Privacy Code"), as integrated and/or modified by Legislative Decree 10.08.2018, n. 101, and of art. 13, EU Regulation n. 2016/679 (later, "GDPR") that your data will be processed in the manner and for the following purposes:

1. Object of the treatment

The owner takes care of the protection of your personal data and complies the legislation on the protection of personal data applicable (Privacy Code, Legislative Decree 10.08.2018, n. 101, and GDPR 12016/679). His personal data are processed with confidentiality and are transferred to third parties only on the basis of the provisions of this policy, or with his consent. We treat the personal data that provides us while using the website and/or after registration on the website.

In particular, we treat:

personal data, identifiers and non-sensitive (in particular, name, surname, tax code, p. VAT, email, telephone number-later, "personal data" or even "data") directly provided, with the registration on the site and/or the request to benefit from the individual socio-educational and socio-assistance services offered; Strictly nominal data minor users - data not directly provided - and in any case acquired within the limits of the provisions of art. 14, paragraph 5, GDPR - whose transmission is connected to the use of Internet communication protocols (exemplary mere title, access to the page, quantity of data transferred, message of status to access to which occurred, session ID numbers, IP addresses, URL addresses, etc.). These data allow you to reconstruct the path of your visits to the site.

2. Purpose of the treatment

His personal data are processed:

A) without its express consent (art. 24, letter a), b), c), privacy code and art. 6, lett. b), e), GDPR), for the following service purposes:

trial a contract request or a pre -contractual request;

execute to pre -contractual measures adopted behind his request;

elaborate internal statistics;

fulfill the tax obligations deriving from existing relationships;

fulfill the obligations provided for by the law, by a regulation, by the Community legislation or by an order of the authority;

safeguard the vital interests of the interested party or another natural person;

perform tasks of public interest or connected to the exercise of public authorities whose treatment owner is invested;

prevent or discover fraudulent activities or harmful abuse for the website;

pursue a legitimate interest of the data controller or third parties, within the limits and conditions referred to in art. 6, letter f), GDPR;

exercise the rights of the owner, (in mere example, the right of defense in court);

B) only upon his specific and unequivocal consent (articles 23 and 130, Privacy Code and Art. 7, GDPR), for the following marketing purposes:

Send via email newsletter, commercial communications and/or advertising material on products and/or services, different and/or dissimilar from those already purchased, offered by the owner.

3. Nature of the provision of personal data

The provision of your data for the purposes described in point 2, lett. A), n. IE II) has a necessary nature. In the absence of the conferment, we cannot guarantee his registration on the site, nor the possibility of giving course to his requests. The provision of data for the purposes described in point 2, lett. b), instead has optional nature. It may therefore decide not to confer any data or revoke the possibility of processing from our data previously provided. In this case, you will no longer receive our newsletters, while it will continue to receive our services and you will keep the right to registration on the site.

4. Method of treatment

The processing of your personal data is carried out by means of the operations indicated in art. 4, Privacy Code and art. 4, n. 2), GDPR and precisely: collection, registration, organization, conservation, consultation, processing, modification, selection, extraction, comparison, use, interconnection, block,

communication, cancellation and destruction of data. The processing of your data will be marked by the principles of correctness, lawfulness and transparency and will be able to

be carried out also through automated methods aimed at memorizing them, managing and transmitting them and will take place through suitable tools, as far as

reason and the state of the technique, to guarantee safety and confidentiality through the use of suitable procedures that avoid the risk of loss,

Unauthorized access, illegal use and diffusion.

5. Data retention period

The owner will draw the personal data for the time necessary to fulfill the aforementioned purposes and for no more than 2 years from the collection of data for the marketing purposes. After this storage term, the data will be destroyed or made anonymous.

6. Access to data

The personal data processed by the Data Controller will not be disseminated, or no knowledge will be given to subjects indetermined, in no possible form, including that of their available or simple consultation. Instead, they may be communicated to the workers who work for the owner and to some external subjects who collaborate with them. In particular, your data can be made accessible to:

employees and collaborators of the owner, consultants authorized to manage the site and the provision of the related services (by way of example: services

Customers, IT Department, etc.), in their capacity as internal and/or person responsible for the processing of personal data and/or system administrators;

third companies or other subjects (merely exemplary: credit institutions, professional studies, consultants, insurance companies, etc.) who carry out

Outsourcing activities on behalf of the owner, in their capacity as external and/or person responsible for the processing of personal data.

Your data may also be communicated, within the limits strictly necessary, to the entities entitled to access it by force of law, regulations, community regulations.

7. Data communication

Without his express consent (pursuant to art. 24 lett. A), b), d), privacy code and art. 6 lett. b), c), gdpr), the owner will be able to communicate his data for the purposes indicated to supervisory bodies, judicial authorities as well as to all other subjects to whom communication is mandatory by law for the completion of the purposes

said.

8. Data transfer

The management and conservation of personal data will take place on the server of the owner and/or third -party companies in charge and duly appointed as Data Processors, located within the European Union, or in accordance with the provisions of articles 45 E Seg., GDPR. The servers are currently located in the European Union. The data will not be transferred outside the European Union. In any case, it remains understood that, if it is necessary to transfer the location of the servers, to Italy and/or the European Union and/or non-EU countries, this movement will always take place in accordance with articles 45 E Seg., GDPR. In this case, however, the Data Controller ensures that the transfer of non-EU data will take place in accordance with the applicable law provisions by entering into, if

necessary, agreements that guarantee an adequate level of protection and/or adopting the standard contractual clauses provided by the European Commission.

9. Navigation data

The computer systems and software procedures in charge of the functioning of the site can acquire, during their normal activity, some personal data whose transmission is implicit in the use of Internet communication protocols. These are information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and associations with data held by third parties, allow to identify users (ie parameters relating to the user's operating system and the IT environment). These data are used by the owner to the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. These data can also be used for the assessment of liability in the event of hypothetical IT crimes against the site.

10. Cookies

When using our site, cookies are kept on your computer. Cookies are made up of small text files that are saved on your computer and provide us with certain information. They are widely used in order to make the websites work more efficiently to improve the user's experience, as well as to provide certain information to the owners of the site. Our site uses cookies that remain on your computer for different times. Some expire at the end of each session and some remain longer so that when you return to our site, you can benefit from a better experience as a user. Web browsers allow you to exercise a certain control over cookies through browser settings. Most browsers allow to block cookies or block cookies of certain sites. Browser can also help them eliminate cookies when it closes the browser. However, it should keep in mind that this could mean that any opt-out or preferences that has set up on the site

they will be lost. We invite you to consult the technical information relating to your browser for instructions. If you choose to disable the cookies setting or if you refuse to accept a cookie, some parts of the service may not work correctly or may be significantly slower.

11. Rights of the interested party

In its capacity as an interested party, it has the rights referred to in art. 7, Privacy Code and art. 15, GDPR and precisely the rights of:

obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form;

Get the indication:

a) the origin of personal data;

b) the purposes and methods of treatment;

c) of the logic applied in case of treatment carried out with the help of electronic tools;

d) of the identification details of the owner, the managers and the designated representative pursuant to art. 5, paragraph 2 Privacy Code and art. 3, paragraph 1, GDPR;

e) of the subjects or categories of subjects to whom personal data may be communicated or who may become aware of it as a representative designated in the territory of the State, of managers or in charge;

obtain:

a) the update, rectification or, when it has an interest, the integration of data;

b) the cancellation, the transformation into anonymous form or the blocking of data processed in violation of the law, including those of which retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;

c) the certificate that the operations referred to in letters a) EB) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except for the case in which this fulfillment proves to be impossible or entails a use of means manifestly disproportionate to the protected law;

oppose, in whole or in part:

a) for legitimate reasons for the processing of personal data concerning you, although pertinent to the purpose of the collection;

b) the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market or commercial communication research, through the use of automated call systems without the intervention of an operator by email and/or through traditional marketing methods by telephone and/or paper mail. It should be noted that the right of opposition of the interested party, exposed to the previous point b), for direct marketing purposes through automated methods extends to traditional ones and that in any case the possibility for the interested party remains to exercise the right of opposition even partially. Therefore, the interested party can decide to receive only communications through traditional methods or only automated communications or none of the two types of communication.

Where applicable, it also has the rights referred to in Articles 16 - 21, GDPR (right of rectification, right to oblivion, right of limitation of treatment, right to portability of

data, the right of opposition), as well as the right to complain to the guarantor authority.

12. Methods of exercise of rights

You have the right to ask the Data Controller for access to the data concerning it, their adjustment or cancellation, the integration of incomplete data, the limitation of the processing; to receive data in a structured format, commonly used and readable by automatic device; to revoke the consent given in relation to the processing of your sensitive data at any time and oppose in whole or in part, to the use of data; to propose a complaint to the authority, as well as to exercise the other rights recognized by you by the applicable discipline. May at any time exercise the rights by sending:

A registered letter with a registered with Softsystem srl

Via Martin Luther King 28, 56020 Montopoli in Val d'Arno (PI).

An e-mail.

13. Minori

If the person who confers the data is less than 14 years old, this processing is legitimate only if and to the extent that, this consent is provided or authorized by the owner of parental responsibility for which identification data is acquired.

14. Owner, responsible and in charge

The data controller is Company Softsystem Srl - Via Martin Luther King 28, 56020 Montopoli in Val d'Arno (PI). The updated list of managers and those in charge of treatment is kept at the headquarters of the data controller.

15. Changes to this information

This information can be varied. It is therefore recommended to regularly check this information and refer to the most updated version.