This page contains a description of the procedures adopted to process the personal data of the users of this Website. This information is provided, pursuant to Art. 13 of EU General Data Protection Regulation 679/2016 relating to the processing of personal data (hereinafter “EU-GDPR”), to anybody who interacts with the web services of Simone Perini, accessible online from the address:
corresponding to the initial page of the official Website of Simone Perini.
PROCESSING OF PERSONAL DATA
Personal data processing is defined as any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, structuring, storage, processing, selection, block, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, limitation, erasure or destruction.
La titolarità dei dati, conferiti volontariamente, e trattati a seguito della consultazione del sito, è attribuita, a Simone Perini.
Indirizzo: via di Ripoli 166, 50126 Firenze Italia
Tel + 39 339 8590386
The computer systems and software procedures set up to operate this Website acquire, during their routine operation, some personal data, the transmission of which is implied in the use of Internet communication protocols.
This information is not collected to be associated with identified subjects, but, due to its very nature, could, through processing and associations with data held by third parties, enable the identification of users.
This category of data includes IP addresses or computer domain names used by users to connect with the Website, URI (Uniform Resource Identifier) addresses of the requester resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the state of the response given by the server (successful, error, etc.), and other parameters relating to the operating system and IT environment of the user.
The data so collected could be used to ascertain responsibilities in case of computer crime against the Website.
Data directly provided by the user
The data provided on a discretionary, explicit and voluntary basis as requested in several sections of this Website are used with the purpose of processing the user’s requests (including, for example, but not limited to, requests for information or clarifications by calling the telephone numbers indicated in the Website or by writing to the email addresses provided).
Any specific summary information is reported or displayed in the Website pages prepared for services upon request, so that the user’s attention is drawn on the processing of his/her personal data.
The personal data of identifiable persons will be processed in compliance with principles of correctness, lawfulness, transparency, and privacy protection.
Data will be primarily processed with the help of electronic or automated equipment, according to appropriate procedures and means to ensure their security and confidentiality, in compliance with the Privacy Code and EU-GDPR. In particular, all the necessary technical, computer, organizational, logistic, and procedural security measures will be adopted to ensure the minimum protection level required by the law and to permit only the persons charged with the processing of data by each of the Data Controllers or Data Processors designated by each Data Controller to access them.
Data will also be managed and protected in environments under constant control access.
The personal data provided by the user for the purposes described may be disclosed or transferred to the following subjects:
- employees and/or partners of Simone Perini;
- companies or consultants in charge of installing, maintaining, updating and, generally, managing the hardware and software of Simone Perini;
- companies charged by Simone Perini to send online notices;
- any public or private subject, natural or legal person being a legal / accounting or tax advice / consulting firm, whenever the disclosure is necessary or useful for the correct fulfilment of the contractual obligations assumed in connection with the services rendered through the Website, as well as of any legal obligation;
- freight forwarders and any entity in charge of delivering or picking up purchased products;
- any subject (including Public Authorities) who have access to data under statutory or administrative provisions.
PROVISION OF DATA
The provision of personal data by the users is totally optional; however, refusing to enter said data in the page dedicated to registration for the purpose of providing the service will make it impossible for the user to use the Service offered in the Website http://simoneperiniphotographer.com/
DATA STORAGE PERIOD
Personal data will be stored for the period required to achieve the purposes for which they have been collected and processed in compliance with the applicable legal terms.
DATA SUBJECT’S RIGHTS
The Data Subject has the following rights:
- to access his or her own personal data;
- to ask the Data Controller to rectify any of his or her inaccurate personal data without undue delay. Taking the purposes of processing into account, the Data Subject has the right to have incomplete personal data completed, even by providing a supplemental declaration;
- to obtain the erasure of his or her personal data without undue delay and the Data Controller must erase said personal data without undue delay if any of the following reasons apply:
- personal data are no longer necessary for the purposes for which they had been collected or otherwise processed;
- the Data Subject revokes his or her consent on which the processing is based in compliance with Article 6, paragraph 1, letter a), or with Article 9, paragraph 2, letter a) of EU Reg. 2016/679, and if no other lawful ground for processing exists;
- the Data Subject opposes the processing pursuant to Article 21, paragraph 1, and there is no prevalent lawful ground for the processing, or opposes the processing pursuant to Article 21, paragraph 2 of EU Reg. 2016/679;
- personal data have been processed unlawfully;
- personal data must be erased to fulfil a legal obligation imposed by the laws of the European Union or of the Member State the Data Controller must obey;
- personal data have been collected in connection with the services offered by the company related to the information mentioned in Article 8, paragraph 1, of EU Reg. 2016/679.
If the Data Controller has disclosed personal data and is required to erase them under paragraph 1, keeping into account the technology available and implementation costs, Data Controller shall adopt reasonable measures, including technical measures, to inform the Data Processor that the personal data of the Data Subject request to erase any link, copy or reproduction of his/her personal data are being processed.
This does not apply to the extent that the processing is required:
- to exercise the right to freedom of expression and information;
- to fulfil a legal obligation that requires processing under the laws of the European Union or Member State of the Data Controller or for the performance of a task carried out in the public interest or exercising the public powers of the Data Controller;
- for reasons of public interest in the public health sector, in compliance with Article 9, paragraph 2, letters h) and i), and of Article 9, paragraph 3, of EU Reg. 2016/679;
- for archiving purposes in the public interest, for scientific or historical research or for statistical purposes, in compliance with Article 89, paragraph 1, to the extent that the right described in paragraph 1 may make it impossible or severely limit the achievement of the objectives of said processing; or
- to ascertain, exercise or defend of a right in court.
d) to obtain a limitation of processing from the Data Controller when any of the following situations occurs:
- the Data Subject objects to the accuracy of his/her personal data for the period required for the Data Controller to check the accuracy of said personal data;
- processing is illegal and the Data Subject opposes against the erasure of personal data and asks that their use be limited instead;
- although the Data Controller no longer needs the data for processing, the personal data are necessary for the Data Subject for the ascertainment, exercise or defence of a right in court;
- the Data Subject opposed against processing pursuant to Article 21, paragraph 1, while waiting for the Data Controller to check the prevalence of lawful reasons over those of the Data Subject.
If the processing is limited under the provisions set forth above, said personal data are processed, with the exclusion of storage, only with the consent of the Data Subject or for the ascertainment, exercise or defence of a right in court or to protect the rights of another natural or legal person or for reasons of significant public interests of the European Union or a Member State. The Data Subject who obtained the limitation of processing is informed by the Data Controller before the revocation of said limitation.
e) to oppose against the processing of one’s own personal data;
f) Portability of data. The Data Subject has the right to receive, in a structured, commonly used and machine-readable format, his or her personal data provided to a Data Controller and has the right to transmit said data to another Data Controller with no impediment from the Data Controller to whom he or she has provided them whenever:
- the processing is based on consent pursuant to Article 6, paragraph 1, letter a), or to Article 9, paragraph 2, letter a), or on a contract made pursuant to Article 6, paragraph 1, letter b) of EU Reg.; and
- processing is performed with automated means.
In exercising his or her own rights to the portability of data, the Data Subject has the right to obtain the direct transmission of his/her personal data from a Data Controller to another, if technically feasible.
The exercise of the right to data portability shall be without prejudice under Article 17 of EU Reg. 2016/679. That right does not apply to the processing required for the execution of a task of public interest or connected to the exercise of public powers vested in the Data Controller.
The right described does not prejudice the rights and freedoms of others.
g) Revocation of Consent. The Data Subject has the right to revoke his or her consent at any time. The revocation of consent does not prejudice the lawfulness of the processing based on consent given before the revocation. Consent shall be evoked as easily as it has been given.
h) Lodging complaints with the Data Protection Authority.
BROWSING THE WEBSITE
The use of session cookies is strictly functional to the optimization of the use of the Website, therefore it is exclusively aimed at ensuring the best possible navigation in the Website.
Other websites which may be linked from this Website might contain tracking systems not known to the owner of this Website. We do not guarantee that said external websites are equipped with appropriate security systems to protect the data processed and prevent damages (e.g. from computer viruses).
WEBSITE SECURITY MEASURES
Specific security measures have been adopted for the management of the Website in order to ensure safe and to protect the information contained in the Website from risks of loss or destruction, including accidental. In addition, although Simone Perini adopts appropriate antivirus systems, we remind users that they are expected, and actually also required by law, to provide their own workstations with appropriate systems for the prevention and detection of virus attacks.