Information on the processing of personal data

This information describes the ways in which Revinet S.p.A., as Data Controller, collects and processes the personal data of users who consult and interact with the website
https://www.revinet.eu/

The processing of your personal data will be based on the principles of lawfulness, fairness, transparency, purpose and storage limitation, data minimization, accuracy, integrity and confidentiality, in accordance with the provisions of the GDPR.

1. Data Controller and Data Protection Officer (DPO)
   • The Data Controller is Revinet S.p.A., with registered office in Milan, via Bacchiglione n. 14/A.Email: info@revinet.eu
   • The designated Data Protection Officer (DPO) is Avv. Annalisa Cancro, who can be contacted at the office in Forlì, Corso Mazzini n. 16, or at the email address: avvocati.cancro@gmail.com.

2. Types of Data Processed
   The Data Controller processes the following categories of personal data:
   • A) Browsing Data
     The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes the IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, successful, error, etc.) and other parameters related to the user’s operating system and computer environment.
   • B) Data Provided Voluntarily by the User
     The optional, explicit and voluntary sending of messages to the contact addresses of the Data Controller, as well as the compilation and forwarding of any forms on the site (e.g. section “Contacts”, “Work with us”), involve the acquisition of the sender’s contact data (e.g. name, surname, email address, telephone number), necessary to respond, as well as all personal data voluntarily included in communications or curriculum vitae.

3. Purposes of the Processing, Legal Basis and Retention Periods

4. Nature of the Provision of Data
   • The provision of navigation data (point 2.A) is necessary to allow navigation on the site.
   • The provision of data provided voluntarily (point 2.B) is optional. However, failure to provide the data necessary for the purposes referred to in points 3.B and 3.C will make it impossible for the Data Controller to follow up on the user’s requests (answer a question or evaluate an application).

5. Categories of Data Recipients
   Your personal data may be communicated to:

1. 1. Data Controller’s staff, duly authorised and instructed in processing.
   2. Third parties who provide services on behalf of the Data Controller and who act as Data Processors pursuant to Article 28 of the GDPR. Such parties include, but are not limited to, providers of hosting services, website maintenance, and software platform providers.
   3. Public or judicial authorities, if required by legal obligations or for the defence of a right in court.

The updated list of Data Processors is available upon request at the Data Controller’s headquarters. The data will not be disseminated.

6. Transfer of Data outside the European UnionYour personal data is stored on servers located within the European Union. It is understood that the Data Controller, if necessary, will have the right to transfer the data also to non-EU countries. In this case, the Data Controller ensures that the transfer will take place in accordance with the applicable legal provisions, stipulating, if necessary, agreements that guarantee an adequate level of protection and/or adopting the standard contractual clauses provided for by the European Commission (art. 46 GDPR).

7. Cookies and Other Trackers
   This policy does not govern the processing of data carried out through cookies or other tracking tools. For all information relating to the use of these tools on this website, please consult the specific Cookie Policy, accessible via the link in the footer of the site.

8. Your rights
   As a data subject, you have the right to exercise the following rights, provided for in Articles 15-22 of the GDPR Cit. 1:
   • Right of access (art. 15): Obtain confirmation as to whether or not data concerning you is being processed and access such data.
   • Right to rectification (Art. 16): Obtain the correction of inaccurate personal data or the completion of incomplete personal data.
   • Right to erasure (“right to be forgotten”, art. 17): Obtain the erasure of your personal data, in the cases provided for by law.
   • Right to restriction of processing (art. 18): Obtain the restriction of processing when one of the hypotheses provided for by the law Cit. 26 occurs.
   • Right to data portability (art. 20): Receive personal data concerning you in a structured, commonly used and machine-readable format, in the cases provided for by law.
   • Right to object (art. 21): Object at any time, for reasons related to your particular situation, to the processing of personal data concerning you based on the legitimate interest of the Data Controller cit. 27.

9. Methods of Exercising Rights

   You can exercise your rights at any time by sending a written request to:

   • Revinet S.p.A., Via Bacchiglione n. 14/A, 20139 Milan, also by email to the address indicated above.
   • or by contacting the DPO at the addresses indicated in point 1.

10. 10. Right to Lodge a Complaint

        If you believe that the processing of your personal data is in violation of the provisions of the GDPR, you have the right to lodge a complaint with the Italian Data Protection Authority, located in Piazza Venezia n. 11, 00187 – Rome (www.gpdp.it), or to take legal action.