1) What is a “Personal Data” ?
A personal data is a piece of information that identifies or allows identifying a natural person and provides details about that person’s features, habits, lifestyle, personal relationships, health, financial status, and so on. Special importance should be attached to
The evolution of new technologies has made other types of personal data especially significant – for instance, data relating to electronic communications (Internet- or phone-based) and geolocation data disclosing a person’s whereabouts and movements.
2) The Main Players
3) Interaction with Social Network or with other External Platforms
All the information collected through this website is in any case subject to Privacy settings, which every User sets up individually on different Social Networks.
If there’s a service of interaction with a Social Network, it can collect traffic data about visited pages, even if the User doesn’t use the service.
Button +1 and social widget of Google+ (Google Inc.)
Button +1 and social widget of Google+ are interaction services with Google+ Social Network, supplied by Google Inc.
Collected data: Cookie and Data of use.
Like Button and social widget of Facebook (Facebook, Inc.)
Like Button and social widget of Facebook are interaction services with Facebook Social Network, supplied by Facebook, Inc.
On this website remarketing campaigns can be periodically active through Facebook.
Collected data: Cookie and Data of use.
Tweet Button and social widget of Twitter (Twitter, Inc.)
Tweet Button and social widget of Twitterare interaction services with Social Network Twitter, supplied by Twitter, Inc.
Collected data: Cookie and Data of use.
4) What Is the Right to the Protection of Personal Data?
The right to the protection of personal data is a fundamental right of individuals and is provided for in the Italian Personal Data Protection Code (legislative decree no. 196 dated 30 June 2003) as well as in several Italian and international legal instruments. In particular, this right allows every person to make sure that their personal data is only processed in compliance with the rules and principles laid down in the law. The Italian Data Protection Code (section 5) regulates the processing of personal data (including data held abroad) by any entity that
Specific security and protection measures are envisaged in the DP Code and specific steps must be taken if another individual’s personal data is processed. The rights afforded to data subjects under the DP Code may be exercised by applying directly to the Data Controller (see section 7); there are, however, some exceptions to this rule.
5) Right to Access Your Personal Data
Everyone has the right to request a natural person, a business, an association, a political party, and so on, to provide information on whether their personal data is being processed and to obtain all the personal information held by the Data Controller. In particular, everyone has the right to know: a. The source of the personal data that is being processed; b. The purposes and mechanisms of the processing; c. Whether the personal data is being processed electronically and what is the logic underlying the processing; d. The information identifying the Data Controller and/or the Data Processor and/or the representative appointed for the Italian territory; e. The entities or categories the personal data may be disclosed to or become known by to the extent they act as representatives appointed for the Italian territory, Data Processors or Data Controllers. To exercise this right
How to exercise this right*
6) Right to Update, Rectify, or Erase Your Personal Data
Everyone may request that whoever processes their personal data a. Updates, rectifies or supplements the data (the latter if proof of a specific interest can be provided); b. Blocks, erases or anonymises the data, if
NOTE: The fact that a data is updated, rectified or erased must be made known to any entity the data has been disclosed or disseminated to, unless this proves impossible or entails an effort that is unquestionably disproportionate compared with the right to be protected. How to exercise this right*
7) Right to Object
You may object to the processing of your personal data: a. On legitimate grounds; b. In all cases, i.e. without having to justify your objection, if your data is processed for marketing and commercial communications purposes. How to exercise this right* NOTE: As of 1 February 2011, a subscriber listed in telephone directories through his name and phone number has to sign up for the Public Opt-Out Register if he does not wish to receive operator-assisted telemarketing calls (see Section 130, paragraph 3-bis and subsequent ones, of the DP Code). PLEASE APPLY TO THE DPA’s “UFFICIO RELAZIONI CON IL PUBBLICO” (FRONT DESK) FOR ADDITIONAL INFORMATION
To protect your personal data, you can first of all exercise the rights you have under Section 7 of the DP Code. How? A Data Subject can apply to the Data Controller or the Data Processor (if appointed), also via a Person Tasked with the Processing and via any suitable mechanisms (e.g. via registered mail, by sending faxes, or emailing a message). A model form can be downloaded here (http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1089924) to exercise this right. In some cases – which are expressly mentioned in the DP Code (see Section 9(1) ) - you may also apply verbally and the Person Tasked with the Processing or the Data Processor (if any) must make a summary note of the application. Depending on the specific case, you may apply for specific personal data, categories of data, or a specific processing operation; you may also apply for all the personal data relating to you, regardless of the type of processing. The Data Controller or the Data Processor (if appointed) must handle your application appropriately, also via a Person Tasked with the Processing, without delay and in any case
What should I do if my application for exercising the rights of section 7 in the DP Act is not handled on time, or if I am not satisfied with the way it was handled? If an application for exercising any of the rights of Section 7 in the DP Act is not handled timely or you are not satisfied with the reply provided to you, you as the data subject may claim your rights before either a judicial authority or the data protection authority (Garante). Lodging a Complaint with the DPA Lodging a complaint with the DPA is a formal procedure as it leads to the making of a decision followed by specific legal effects. In particular, you may either lodge this type of complaint with the DPA or claim your rights before a judicial authority. The procedure for lodging this complaint with the DPA is outlined in the DP Code and must be complied with strictly(see section 147 in the DP Code). You may lodge a complaint with the DPA only to claim the rights mentioned in section 7 of the DP Code (see section 141(1)c. of the Code) and only if the data controller (or the data processor, where appointed) handles your application for exercising any of the rights in question either in breach of the time limits mentioned above or in a way you consider to be unsatisfactory; you may also complain to the DPA if the lapse of the time limits mentioned above exposes you to impending, irretrievable harm (see section 146 of the DP Code). NOTE: You may not claim damages before the Italian DPA. Any damages claim may only be lodged with the competent judicial authority (see Section 152 of the DP Code). Case Handling Fee – You should provide proof that you paid the case handling fee (Euro 150.00) along with your complaint. Procedural Costs – Once the proceeding initiated by a complaint is through, the Garante calculates the relevant procedural costs (if this has been requested by either party) and awards those costs, in whole or in part, to the losing party. Offsetting of procedural costs is permitted, at the Garante’s discretion, for justified reasons. Under the law, procedural costs are calculated as a lump sum (see Section 150(3) of the DP Code). The Italian DPA set the said lump sum at a minimum of Euro 500.00 (by a collegiate resolution dated 19 October 2005); a threshold of Euro 1000.00 was also set by having regard to especially complex proceedings. Additional Remedies Lodging a Claim A detailed claim may be lodged with the DPA to report a breach of the applicable data protection legislation (see section 141(1)a. of the DP Code). Each claim is investigated on a preliminary basis to decide whether a formal administrative proceeding is to be initiated; such proceeding may result into the adoption of various measures (see Section 143 of the DP Code and Article 8 et seq. of the DPA’s Rules of Procedure no. 1/2007). Case Handling Fee – Proof of payment of the case handling fee is to be provided along with the claim (if the conditions are fulfilled for considering that a regular claim was lodged) Lodging a Report If you cannot or do not wish to lodge a detailed claim (for instance, because not all the relevant information is known to you), you may lodge a report with the DPA (see Section 141(1)b. of the DP Code and Articles 13 and 14 of the DPA’s Rules of Procedure no. 1/2007). The report is meant to provide information the DPA may decide to rely upon in order to check (in a general perspective) application of the relevant data protection legislation. How to lodge a report with the DPA – No formal requirements have to be met. The Contact Details shown in the “Contact Us” section may be used. No Case Handling Fee – There is no fee involved in lodging a report with the DPA. Who protects our personal data? Enforcing everyone’s right to the protection of their personal data is the task committed to the Italian Data Protection Authority (Garante per la protezione dei dati personali) in compliance with administrative law. Alternatively, the competent judicial authority may be seized (see Section 152 of the DP Code); judicial authorities are also competent for reviewing the DPA’s decisions that are challenged by any of the litigating parties. THE DPA’s TASKS The DPA’s tasks are set forth in the Italian Data Protection Code (legislative decree no. 196 dated 30 June 2003) as well as in other EU and national instruments. The Italian DPA ensures that personal data is processed appropriately and the rights of individuals are respected in processing their personal data – in both the public and the private sector. THE ITALIAN DPA DEALS, INTER ALIA, WITH THE FOLLOWING:
Copyright © 2013-2016 Nlp Seminars International