Privacy

Privacy policy – GDPR 1.0

Aldrovandi Swimming Pool, with legale  Via Ulisse Aldrovandi 11, Rome (hereinafter referred to as   "Titolare”), as data controller, informs you pursuant to art. 13 D.Lgs. 30.06.2003 n. 196 (hereinafter referred to as “Codice Privacy”) and art. 13 EU Regulation n. 2016/679 (hereinafter referred to as “GDPR") that your data will be processed on the OVH site in the following ways; and finalità:

1. Subject of treatment

Subject of processing are personal data, identifying and non-sensitive (by way of example but not exhaustive: name, surname, company name, address, telephone, e-mail - hereinafter referred to as   "personal data nbsp;o anche “dati") that the Data Controller treats as & eacute; by you communicated during registration on the OVH website, on the occasion of participation in opinion and approval surveys, filling out forms on the Site, registration for events organized by the owner, online support or generic requests and requests to subscribe to mailing lists for the sending of newsletters.  

2. Treatment finalità

Your personal data is processed in the following ways:

1. A) without Your express consent (art. 24 lett. a), b), c) Privacy Code and art. 6 lett. b), e) GDPR), for the following Service Purposes:

• gestire e manutenere il Sito o garantirne il corretto funzionamento;
• permettere la fruizione dei Servizi eventualmente da Voi richiesti;
• partecipare tramite il Sito ad iniziative organizzate dal Titolare (come eventi, ecc);
• processare una richiesta di preventivo o contatto generico;
• adempiere agli obblighi previsti dalla legge, da un regolamento, dalla normativa comunitaria o da un ordine dell'Autorità;
• adempiere agli obblighi connessi alla gestione dell'associazione e dei rapporti con i soci;
• realizzare attività inerenti lo scopo statutario della Aldrovandi Swimming Pool;
• prevenire o scoprire attività fraudolente o abusi dannosi per il Sito;
• esercitare i diritti del Titolare, come ad esempio il diritto di esercizio di un diritto in sede giudiziaria.

1. B) Solo previo Vostro specifico e distinto consenso (artt. 23 e 130 Codice Privacy e art. 7 GDPR), per le seguenti Altre Finalità:

• inviare e-mail per sondaggi di opinione e di gradimento, newsletter e/o inviti ad eventi o iscriverVi ad eventi di cui è parte o che organizza il Titolare, newsletter promozionali o commerciali.

3. Treatment mode

The processing of personal data è carried out by means of the operations indicated in art. 4 Privacy Code and art. 4 n. 2) GDPR and precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data. Your personal data are subject to both paper and electronic and/ or automated processing, through the use of website hosted on Cloud or server managed by the company; ENGINE LAB srls in Italy or other European country and not. The Data Controller shall process the personal data for the time necessary to fulfill the above purposes and in any case for no more than 10 years from the termination of the relationship for the Purposes; and for no more than 2 years from the collection of data for the Other Purposes.

4. Security

The Data Controller has adopted various security measures to protect your data against the risk of loss, abuse or alteration. In particular: has adopted the measures referred to in art. 32-34 Privacy Code and art. 32 GDPR and protected data transmission protocols known as HTTPS;

5. Data access

Your data may be made accessible for the purposes referred to in art. 2.A) and 2.B):

• to employees and collaborators of the Data Controller, in their capacity as persons in charge and/or internal data processors and/or system administrators;
• a società third parties or other parties (as a guide: ENGINE LAB Srl, OVH Srl, Aruba Spa, NetSons Spa, Cycom China Ltd and other website providers, Google Llc, Hotjar Ltd, other cloud providers, e-payment service providers, suppliers, hardware and software support technicians, shippers and carriers, credit institutions, professional offices, etc.) that carry out activities & agrave; outsourcing on behalf of the Data Controller, in their capacity & agrave; of data processors.
• Company & agrave; third party suppliers of systems for sending newsletters and other customer satisfaction services (indicative: The Rocket Science Group Llc, Engine Lab Srl, Mailup Spa, Qualitando Srl

6. Data communication

Your data will not be disclosed without your consent.

Without your express consent (ex art. 24 lett. a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may & agrave; instead communicate your data for the purposes referred to in art. 2.A) to Supervisory Bodies, Authorities & agrave; judicial as well as & eacute; to all other subjects to whom the communication is mandatory by law for the accomplishment of the purposes & agrave; said.  

The site could perform the tracking of navigation data for Keyword Advertising activities with functions of re-marketing without the same data in any way identify the person concerned.

7. Data transfer

The management and storage of personal data will be & agrave; in Europe, on servers located in Italy (or other nation) of the Data Controller and/ or companies; third parties appointed and duly appointed as Data Processors.

8. Nature of data provision and consequences of refusal to answer

The provision of data for the purposes & agrave; referred to in art. 2.A) è mandatory. In their absence, we can not guarantee né registration on the Site né the Services of art. 2.A).

The provision of data for the purposes & agrave; referred to in art. 2.B) è instead optional. You can therefore decide not to provide any data or to subsequently deny the possibility of processing data already & agrave; provided: in this case, you can not receive by e-mail invitations to events, newsletters, opinion surveys and promotions. In any case you will continue to be entitled to the Services referred to in art. 2.A).  

9. Rights of the data subject

As data subjects, you have the rights under art. 7 Privacy Code and art. 15 GDPR and precisely:

• i. obtain confirmation of the existence or not of personal data concerning you, even if not yet recorded, and their communication in an intelligible form;
• ii. obtain the indication: a) of the origin of the personal data; b) of the purposes & agrave; and methods & agrave; of the processing; c) of the logic applied in case of processing carried out with the help of electronic tools; d) of the identification details of the owner, the responsible persons and the appointed representative pursuant to art. 5, paragraph 2 Privacy Code and art. 3, paragraph 1, GDPR; e) of the subjects or categories of subjects to whom personal data may be disclosed or who may become aware of it as a representative designated in the territory of the State, managers or agents;
• iii. obtain: a) the updating, the rectification or, when you have interest, the integration of data; b) the cancellation, the transformation in anonymous form or the blocking of data processed in violation of the law, including those of which not è storage is necessary in relation to the purposes for which the data were collected or subsequently processed; c) proof that the operations referred to in letters a) and b) have been brought to the attention of, including as regards their content, of those to whom the data have been communicated or disseminated, except where such compliance proves impossible or involves the use of means manifestly disproportionate to the protected right;
• iv. object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning you, even if they are relevant to the purpose of the collection; b) the processing of personal data concerning you for the purpose of sending advertising material or direct sales or for the performance of market research or commercial communication, by the use of automated call systems without the intervention of an operator by e-mail and/or by traditional marketing methods by telephone and/or paper mail. Please note that the right of opposition of the interested party, set out in the previous point b), for purposes & agrave; direct marketing through methods & agrave; automated extends to the traditional and that however remains possible & agrave; for the data subject to exercise the right of opposition even in part. Therefore, the interested party can decide to receive communications only through traditional methods or only automated communications or neither of the two types of communication.

Where applicable, you also have the rights referred to in art. 16-21 GDPR (Right to rectification, right to be forgotten, right to restriction of processing, right to data portability, right to object), as well as & eacute; the right to complain to the Authority & agrave; Guarantor.

10. How to exercise rights

You can exercise your rights at any time by sending:

• una raccomandata a.r. alla Aldrovandi Swimming Pool, Via Ulisse Aldrovandi 11, Rome
• an email to direzione@aldrovandiresidence.it.

11. Minor

This Site and the Data Controller’s Services are NOT intended for children under 18 years of age and the Data Controller does NOT intentionally collect personal information relating to minors. In the event that information on minors were involuntarily registered, the Data Controller will delete them in a timely manner, at the request of users.

12. Owner, manager and appointees

The Data Controller è Aldrovandi Swimming Pool with registered office in Via Ulisse Aldrovandi 11, Rome.

External data processors are, respectively, Google llc that can process your data also independently as independent data controllers for the purposes & agrave; of its information.

The updated list of data processors and data processors kept at the headquarters of the Data Controller.

13. Changes to this Policy

This Policy may vary. It is therefore advisable to regularly check this Policy and refer to the most updated version.