INFORMATION REGARDING PERSONAL DATA PROCESSING
According to and for Legislative Decree no. 196/2003, as amended by Legislative Decree no.101 / 2018, as well as according to articles 13 and 14 of EU Regulation 679/2016, laying down provisions on the protection of individuals concerning the processing of personal data, we inform you that this privacy statement applies to personal data that you provide to the Site or that derive from the collection by means of cookies and other web tracking technologies.
1. THE DATA CONTROLLER
The owner of the processing of personal data is MATTEO MARELLO (Tax Code: MRLMTT86M07A479Z and contact address info@mamasuites.com).
2. PLACE OF DATA PROCESSING
The data processing takes place at the offices mentioned above of the owner and is only handled by technical personnel in charge of processing.
In case of need, the personal data connected to the site's services can be processed by the company's staff that takes care of the maintenance of the technological part of the site. In this case, they will be appointed as data processors.
3. NATURE OF THE DATA PROCESSED AND PURPOSE OF THE TREATMENT
The information provided to us by sending an email and/or by filling out the registration form will be used only to answer your questions or satisfy your requests.
The data relating to the IP addresses or domain names of the computers used by users who connect to the Site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method of use in submitting will also be processed the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment.
These data will be used to obtain anonymous statistical information on the use of the Site to check its correct functioning and will be deleted immediately after processing.
The aforementioned data could be used to ascertain responsibility for hypothetical computer crimes against the Site.
After expressing your consent, the Site may use your personal data for different purposes, such as sending promotional and commercial information. Your data may be available to our business partners to transmit helpful information or send promotional material of interest.
4. LEGAL BASIS OF THE PROCESSING
All personal information you provide results from your free choice; we have no illegal means to obtain this information without your consent.
5. METHOD OF TREATMENT
The processing of personal data may be carried out with or without the aid of electronic and, in any case, automated means.
The computer systems and software procedures used to operate this website acquire, during their regular operation, some personal data whose transmission is implicit in the use of internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which could, through processing and association with data held by third parties, allow users to be identified.
The processing will be carried out in compliance with every precautionary measure that guarantees its lawfulness, security, and confidentiality.
6. SUBJECTS OR CATEGORIES OF SUBJECTS TO WHOM THE DATA COULD BE COMMUNICATED
Personal data may be disclosed to the persons in charge (collaborators, suppliers, secretarial staff, etc.) or any data processors in charge.
We may communicate your data to public and private subjects, who can access the data under the provisions of the law, regulations, or community legislation, within limits established by the aforementioned rules (such as, for example, institutions and social security bodies and welfare, associations of local authorities, administrations and public bodies, associations, foundations, associations or organizations of an associative and/or insurance type) to subjects who need to access data for purposes auxiliary to the relationship between the parties, within the strict limits necessary to carry out the aforementioned auxiliary tasks (by way of example, banks and credit institutions, service delivery companies, carriers and shipping companies are mentioned), to our consultants, within limits necessary to carry out their role in our organization, subject to appointment as responsible for the processing of the data provided to him. Your data will not be disclosed by us, meaning by this term the disclosure of it to indeterminate subjects in any way, including by making them available or consulting, unless there is a specific consent, free and informed by you expressed and granted for each type of treatment.
7. RIGHT TO PROVIDE DATA
Without prejudice to the personal autonomy of the interested party, the optional, explicit, and voluntary sending of e-mails to the addresses indicated on this Site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the missive.
8. PERIOD OF CONSERVATION OF PERSONAL DATA
Personal data will be used only for the period necessary to accomplish the previously established purposes or until the moment in which you clarify your opposition to the Site using your personal data or until the moment in which you do not withdraw your consent.
Suppose the Site is required, by law, to keep your personal data for a longer time or where the Site needs your personal data to promote or defend against legal questions. In that case, the company will keep your personal data until the end of the relevant period of compulsory custody or until the questions are resolved.
In any case, personal data will not be kept for 10 years.
9. TRANSFER OF DATA TO NON-EU COUNTRIES
This Site may share some of the data collected with services outside the European Union area.
In particular, with Google, Facebook, and Microsoft (Linkedin), social plugins, and the Google Analytics service. The transfer is automated.
10. USER’S RIGHTS
The end-user has the right, following current legislation, to exercise one or more options from those described below:
- Right of withdrawal: the end-user has the full right to request the complete termination of the consent of the data collected by us at any time and without giving a reason.
- Right to be forgotten: the end-user has the full right to request the complete cancellation, from any media, of their data collected by us, without providing any express reason. By exercising this action, he understands that the provision of our services may be subject to limitations or may be completely denied.
- Right of rectification and access to data: the end-user has the full right to check at any time the set of data that the company has collected on it. Additionally, he can request the rectification and modification of the data collected (for example, following a change of domain or method of telephone/e-mail contact).
- Right to request support from the Irish Privacy Guarantor: the end-user has the right to request permission and additional information from the Privacy Guarantor, available at https://www.privacyshield.gov/welcome.
11. SECURITY
The data are stored and controlled by adopting technical and organizational security measures suitable to guarantee a level of security adequate to the risk and minimize the risk of loss and destruction, unauthorized access, and non-processing allowed and/or different from the purposes for which the processing is carried out.
Taking into account state of the art and the costs of implementation, as well as the nature, object, context, and purposes of the processing, as well as the risk of varying probability and gravity for the rights and freedoms of individuals, the owner of the treatment and the data controller put in place appropriate technical and organizational measures to ensure a level of security appropriate to the risk, which includes, among others, where applicable:
a) pseudonymization and encryption of personal data;
b) the ability to ensure the confidentiality, integrity, availability, and resilience of processing systems and services permanently;
c) the ability to promptly restore the availability and access of personal data in the event of a physical or technical accident;
d) a procedure for testing, verifying, and regularly evaluating the effectiveness of technical and organizational measures in order to ensure the security of the processing.
In assessing the adequate level of security, a particular account is taken of the risks presented by the processing, which arise in particular from the destruction, loss, modification, unauthorized disclosure, or access, accidentally or illegally, to data personal data transmitted, stored or otherwise processed.
The data controller and the data controller ensure that anyone acting under their authority and having access to personal data does not process such data unless instructed by the data controller unless required by Union law or of the Member States.
