The purpose of this page is to describe how the portal is managed with reference to the lawful, correct, relevant, and inexcessive processing of users’ personal data.
The information is also provided pursuant to art. 13 of EU Regulation 679/16 (GDPR) to those who interact with the web services of Enoristrò Project Shaping Srls by browsing the enoristro.it portal and/or by contacting us (by phone, online form or email at the addresses indicated on the site) and/or through our social media pages.
The Data Controller is:
Project Shaping Srls
Strada vicinale dei Poggi 6/d 58015 Orbetello (GR)
The list of data processors and those authorized to process user data can be consulted at the headquarters of the aforementioned owner.
Project Shaping Srls, as Data Controller, would like to inform you about which data it collects and how, in order to guarantee respect for your fundamental rights and freedoms, with particular reference to the confidentiality and security with which the collected data is treated.
The data processed by Project Shaping Srls consists of:
The computer systems and applications dedicated to the operation of our web portal detect, during their normal operation, certain data (the transmission of which is implicit in the use of Internet communication protocols) which can potentially be associated with identifiable users. The collected data includes the IP addresses and domain names of the computer of the users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the requests, the method used to submit the requests to the server, the size of the files obtained in response, the numerical code indicating the status of the responses given by the server (successful, error, etc.) and other parameters concerning the operating system, the browser and the IT environment of the user. This data is processed, for the time strictly necessary, for the sole purpose of allowing users to browse and to obtain anonymous statistical information on the use of the site and to check its regular functioning or to ascertain responsibility in the event of computer crimes. The provision of such data is mandatory as it is directly linked to the web browsing experience. The legal basis of this processing is represented by the legitimate interest of the owner to ensure the proper functioning of the computer systems and to proceed with the investigation of alleged computer crimes (also on the basis of the existence of a legal obligation).
The user voluntarily provides its data in the following circumstances:
The optional, explicity and voluntary sending of emails to the addresses indicated on this portal entails the subsequent acquisition of the sender’s address, necessary to respond to requests as well as any other personal data included in the message. The legal basis is represented by the need to carry out pre-contractual measures adopted on the basis of your request.
The optional, explicit and voluntary sending of messages through Whatsapp, Facebook, Instagram, YouTube or other social media channels aimed at receiving information about our business or asking questions entail the subsequent acquisition of such data necessary to provide an answer to what is requested. This type of service allows you to interact with live chat platforms, managed by third parties, directly from the pages of this website. This allows the user to contact the website’s support service, or this website to contact the user while browsing the site’s pages.
In the event that an interaction service with live chat platforms is installed, it is possible that, even if the users engage such service, it collects usage data related to the pages in which it is installed. Additionally, live chat conversations may be recorded.
The legal basis is represented by the need to carry out pre-contractual measures adopted on the basis of user’s request.
The personal data sent in order to subscribe to our newsletter (consisting of the user’s e-mail address, name and surname) will be used for the purpose of periodically sending a newsletter containing information on our activities and projects. The data will be recorded in a protected electronic and/or computerized archive and treated in a completely confidential manner by Project Shaping Srls, the data controller, in full compliance with the law, through personnel specifically authorized to process user data.
For the delivery and management of the Newsletter, we use the service offered by MailChimp (The Rocket Science Group, LLC, 512 Means St., Suite 404 – 30318 – Atlanta, Georigia) and hereinafter simply “MailChimp”.
The collected data is stored on secure MailChimp servers.
In relation to the purposes described below, when the administrator sends the newsletter, the data is retrieved using the tools made available by MailChimp and the newsletter will be sent through them.
The legal basis of the processing is your consent: we will use the requested data only with your authorization.
We specify that at any time, the user may exercise the rights recognized by the legislation and specified in the appropriate section called “Rights of the interested parties” by contacting the Data Controller directly. Finally, we remind you that each subscriber has the right to unsubscribe from the Newsletter at any time by clicking on the appropriate link indicated in the body of the Newsletter itself.
The legal basis of the treatments indicated above is the user’s express and unambiguous consent, in the legitimate interest of the owner, in the fulfillment of legal and/or contractual obligations (pursuant to Article 6 of the GDPR) as specified above.
The collection and processing of the user’s personal data will be carried out exclusively for purposes strictly connected and instrumental to the evasion of requests promoted by email, telephone, contacts via social media channels as well as for potential fulfilments and obligations provided for by laws, regulations, community regulations or by provisions issued by authorities legitimated by law and by supervisory and control bodies and for anonymous and aggregate statistical purposes
The personal data collected to respond to the requests of the interested parties will be processed only for the time necessary to carry out what is requested. The data collected for promotion and direct marketing purposes (sending newsletters) will be kept until a request for revocation of consent by the user is received. The Data Controller may be obliged to keep personal data for a longer period in compliance with a legal obligation or by order of an authority, or for its own legitimate interest in order to protect its own right, even in court. At the end of the retention period, the personal data will be deleted. As such, at the end of this term, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
User data will be processed using suitable tools to ensure its confidentiality, integrity and availability. The processing is carried out on paper and through information and/or automated systems and will include all the operations or set of operations provided for in art. 4 of the GDPR and necessary for the processing in question, including communication to the subjects in charge of the processing itself. The data in question will not be disseminated; instead, it may be communicated to subjects, public or private, operating within the scope of the purposes described above.
User data can only be accessed by authorized persons within the scope of the duties assigned by the Data Controller. For the purposes indicated, the data – or some of them – may also be accessible or may be communicated to subjects to whom the right to access personal user data is recognized by provisions of law or secondary or community legislation or as service providers. strictly connected to the management of the website (as Data Processors).
The management and storage of personal user data will take place on paper, duly stored in special locked archives and/or on servers located within the European Union by the Data Controller and third-party companies appointed and duly appointed as Data Processors. The data provided will not be transferred to third countries or international organizations and will not be disseminated.
The transmission of the user’s browsing data is mandatory to continue browsing this site.
The provision of user data to process the requests made by the user is necessary for this purpose.
The provision of data for the purpose of sending our newsletters is optional.
The provision of data resulting from the notification of an issue is optional.
What are the user’s rights in relation to the GDPR? The Data Controller, according to the provisions of the GDPR, guarantees the user the following rights:
If the user believes that we have not respected the rights regarding the protection of personal data, the user can contact the Guarantor Authority for the protection of personal data. Alternatively, if residing in another country, a user may contact the local Data Protection Authority.
This information may be subject to changes. Any substantial changes will be communicated by email or through our website.
Last updated 02/03/2022