In accordance with the obligations arising from national legislation (Legislative decree No. 196 of 19 June 2003, the personal data protection code) and the community (GDPR, European regulation on personal data protection No. 679/2016) and subsequent Amendments, this site respects and protects the privacy of visitors and users by taking appropriate security measures to prevent unauthorized access, disclosure, alteration or unauthorized destruction of collected personal data. This page describes the methods of processing personal data of visitors and users who access this site; this information does not apply to other sites, pages or online services available through hypertext links that may be published on the site, but refers to resources external to this domain.
THE OWNER OF THE TREATMENT
In accordance with current legislation, the owner of the personal data of visitors and users who access this site is Mr. Andrea Vacca, the legal representative of a sole proprietor with PI 03374820789, based in Scalea (Cosenza) on Corso Mediterraneo. 149. You can contact the data controller via the contact page.
LEGAL BASIS FOR PROCESSING
TYPES OF DATA PROCESSED AND PURPOSE OF PROCESSING
Viewing data: like all websites, this site also uses log files in which information collected automatically is saved during user visits. This category of data includes IP addresses or domain names of computers or terminals used by users, the addresses in notation URI / URL (Uniform Resource Identifier / Locator) of the requested resources, time of request, the method used to send the request to the server, the size of the file obtained in reply, numeric code indicating the response status provided by the server (successful, error, etc d.) and other parameters related to the user's operating system and computer environment. This data, which is necessary for using the web services, is also processed in order to obtain statistical information about the use of the services (the majority of pages visited, the number of visitors by time or day, geographical areas of origin, etc.) and to verify the correct functioning of the services offered. Navigation data is not stored for longer than necessary to guarantee the site's operation, and is deleted immediately after it is aggregated (except in cases where a court of law detects crimes).
Data transmitted by the user: optional, explicit and voluntary sending of messages to contact addresses on the site, as well as the preparation and forwarding of forms on the site, entails the receipt of the sender's contact data required for the message, as well as all personal data included in the messages. The data received will be used exclusively for the provision of the requested service and only for the time required for the provision of the service. In any case, the collected data will never be transferred to third parties for any reason, unless it is a legal requirement of a judicial authority and only in cases provided by law.
Cookies and other tracking systems: see the cookie information page, which provides full information on this issue.
THE TREATMENT SITE
Data collected by the site is processed at the data Controller headquarters and in the Aruba Spa web hosting data center, which is called the data Processor. Aruba Spa-Via San Clemente 53-24036 Ponte San Pietro (BG) P. IVA 01573850516) processes data on behalf of a data controller operating in accordance with European standards, since it is based in the European economic area.
RIGHTS OF INTERESTED PARTIES
In accordance with European regulation 679/2016 (GDPR) and national legislation, data subjects can exercise the following rights: to request confirmation of the existence of personal data about it (the right of access); to know its origin; to receive intelligible communication; to have information about the logic, methods and purposes of treatment; to request its updating, correction, integration, cancellation, transformation into an anonymous form, blocking of data processed in violation of the law, including those that are no longer needed to achieve the purposes for which they were collected; in cases of consent-based treatment, obtain data provided to the owner through any support, in a structured and readable form by the data processor and in a format commonly used by an electronic device; the right to file a complaint with the privacy guarantor; and, more generally, exercise all rights recognized by the applicable provisions of the law. Requests should be sent to the data controller.