Privacy policy

Privacy policy provided pursuant to art. 13 of Legislative Decree dated 30/06/2003, no. 196 and art. 13 of EU Regulation 679/2016 (GDPR)

1. TYPES OF DATA COLLECTED

This information is provided in accordance with the provisions of Legislative Decree 30 June 2003, n. 196 (the “Privacy Code”), as well as in compliance with EU Regulation 679/2016 (the “GDPR”) and is applied to subjects who decide to access the website www.gerardosacco.com. (respectively, the “Users” and the “Site”), as well as to browse within it.

1.1. THE TYPES OF DATA COLLECTED ARE THE FOLLOWING:
BROWSING DATA

Simply browsing the Site involves the implicit collection of so-called “Navigation Data” which do not allow the identification, direct or indirect, of the User, including:

  • IP addresses;
  • they type of browser used;
  • the operating system;
  • the domain name and the addresses of websites from which access or exit are made;
  • data deriving from cookies and/or similar technologies: learn more about this information by visiting the Cookie Policy page.
DATA VOLUNTARILY PROVIDED BY THE USER

The essential data for the provision of certain services, such as the response to requests received, is the email address.

The data you can provide us, useful for an optimal service delivery, are the following:

name, surname, date of birth, city, telephone number and email address.

When you provide data of third parties you must be sure that these ones are adequately informed and that they agreed to process their data, personally assuming the responsibilities/consequences.

Children under 16 cannot provide us with personal data. We therefore accept no responsibility for any false statements. In any case, whereas we should recognize any false declarations we will proceed with the cancellation of the relative acquired data.

2. WE COLLECT SOME DATA ON OUR SITE, WHY?

2.1 TO MAKE OUR SERVICES ACCESSIBLE AND IMPROVE THEIR DELIVERY

Your data is used in order to ensure the functioning and provision of our services, such as by way of example and not limited to: communications from and to the customer and activities related to the administrative / accounting area and required by specific laws or regulation.
These treatments are needed to provide our services correctly but you can object at any time through the methods specified in point 6.

2.2 TO INFORM YOU ABOUT OUR COMMERCIAL ACTIVITIES

In case you have provided to us your express consent, we may use your data to inform you about promotional activities that may interest you.
These data are used in particular for:

  • update you on news related to events, initiatives and promotional and advertising activities.
  • carry out statistical reports related to promotional systems such as, by way of example, analyzes relating to the number of e-mails read or number of clicks made on the links.

3. IS IT COMPULSORY TO PROVIDE THE DATA?

Excepting for the data collected to improve the usability of the user during the browsing experience on our website, we do not collect any further data.
Therefore, the consent by the Users is optional for promotional and profiling purposes, in fact, your refusal to give consent would not imply a failure to provide the service.

4. WHO PROCESS YOUR DATA?

4.1 DATA CONTROLLER

The data controller is Gerardo Sacco & C. Srl · p.i. 02436720797

4.2 DATA PROCESSING MANAGER

To obtain information relating to the data processing manager, you can send an email to the address: privacy@gerardosacco.com

Your data will not be handed over or in any way transferred to third parties for any reason.

5. EXPORT AND CANCELLATION OF PERSONAL DATA PROCESSING

To export your personal data or request its cancellation, you can send a request to the email address: privacy@gerardosacco.com
Your personal data will be exported within 30 days or, in the event that the export is particularly complex, within three months.
The deletion of data will take place within the specified technical times and in accordance with the retention period indicated in point 7 which will not, however, exceed 30 days.

6. EXERCISE OF YOUR RIGHTS

Anyone who has provided us with their personal data can:

  • receive, from the owner, information relating to the existence, in our systems, of their own personal data, the origin of these ones, the purposes of treatment and, in the event of a request, will be able to obtain access to their own data and information referred to art. 15 of the EU General Data Protection Regulation 2016/679;
  • request the modification, deletion, and limitation of data processing in the event that one of the conditions provided by art. 18 of the EU General Data Protection Regulation 2016/679 is met;
  • oppose, for legitimate reasons, the processing of data or withdraw consent at any time;
  • receive their own personal data and be able to transmit them to another holder without impediments;
  • lodge a complaint with the Guarantor Authority for the protection of personal data in Italy.

The exercise of your rights as an interested party is free pursuant to art. 12 of the GDPR. However, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Data Controller may charge a reasonable fee, given the administrative costs incurred to manage the request or, otherwise, deny the satisfaction of the request.
Requests can be sent to the following email address: privacy@gerardosacco.com

7. STORAGE OF DATA

The data will be stored in paper and / or electronic / computer form and for the time strictly necessary to meet the purposes indicated in point 2. In any case for a period not exceeding 24 months, except in the case of temporal regulatory provisions that will dispose differently or until the consent expressed by the interested party will be revoked.
For direct marketing and profiling purposes, the data will be stored for the maximum period provided by the applicable legislation (respectively 24 and 12 months).
Invoices, accounting documents and transaction data are kept for 10 years in accordance with the law (including tax obligations).
In the case of exercising the right to oblivion, the data will be kept in a protected form and with limited access, for the purposes of ascertaining and prosecuting crimes, for a period not exceeding 12 months from the date of request, they will subsequently be deleted or made anonymous in irreversible ways.

7.1 DATA PROTECTION

The data are collected, according to the indications of the reference legislation, by the subjects indicated in point 4 of this information.
The data will be processed according to the logic and purposes set out in point 2 and the security measures provided by art. 32 of the EU General Data Protection Regulation 2016/679

8. POLICY AMENDMENTS

In case of amendments to this policy, the Data Controller will inform Users with the utmost clarity through its pages or alternative means.