This information is provided, pursuant to art. 13 of the European Regulation 679/2016 (GDPR), to those who connect to the website www.donnaoro.com and its pages. The information is provided only for the aforementioned site and not for other sites external to the portal, which may be consulted by the user via links. By browsing the above site, personal data of users who consult it and interact with its web services can be processed.
1) Data controller.
The data controller carried out on the website www.donnaoro.com is JDO S.R.L., in the person of its legal representative, with registered office in Via Archimede 10 00197 Rome (RM), VAT and C.F. 06102471007, e-mail firstname.lastname@example.org.
2) Nature of the data processed and purpose of the processing.
- a) Navigation data
Data relating to identified or identifiable persons may be processed subsequent to consultation of this website. The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. Is a matter of information not collected to be associated with identified interested parties (data subjects), but which might, by its very nature, allow users to be identified through procedures of processing and association with data held by third parties.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (e.g.success, error, etc.) and other parameters relating to the user’s operating system and computer environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check its correct functioning. The data could be used to ascertain responsibility, but only in case of hypothetical computer crimes committed against the website, and only in this case can specific procedures be activated to identify the author.
- b) Data provided by the user
The personal data that the user spontaneously provides, possibly using forms on the site, to request information or to answer their own questions also constitute the object of treatment.
These data will be processed for the purpose of providing an answer to the user and for commercial communication purposes and for marketing purposes via sms, e-mail and using similar tools; as well as, in order to fulfill obligations under European laws, regulations and standards, furthermore in the event of the need to exercise rights in court.
- c) Cookies
Please refer to the specific Cookies Policy published on the site for all the necessary information on the type and mode of operation of cookies and other services and features active on the website.
3) Legal basis.
Apart from what is specified for the navigation data that are necessary to make the services available on this website usable, the user is free to give his personal data if he intends to ask for information or ask questions to JDO S.R.L. and to receive commercial communications and for marketing purposes via sms, e-mail and using similar tools. The legal basis of the treatment consists in responding to a user request or in his consent for the purposes of sending the newsletter and for sending commercial and marketing communications.
4) Recipients of the data.
Only authorized under the direct authority of JDO S.R.L. have access to the users personal data and the external managers and sub-managers who provide the company with specific services and with whom JDO S.R.L. has entered into specific contracts, pursuant to art. 28 GDPR. The complete list of data processors and sub-managers is available by requesting it at the address of JDO S.R.L .: e-mail email@example.com.
The processing of the data collected through this site is processed only by personnel of the company specifically assigned to it, to whom operating instructions have been provided to carry out the processing activities in a lawful and correct manner.
The personal data collected on the company’s website may be disclosed to companies and entities that act as independent owners for the pursuit of their purposes.
Furthermore, personal data may be disclosed pursuant to a provision of law or regulation or to execute an order from an administrative or judicial authority.
All the foregoing subjects undertake to use the information received only for the processing purposes indicated above, to keep it confidential, intact and not available to unauthorized third parties.
5) Methods of treatment and storage time.
Personal data are processed with automated tools for the time strictly necessary to archive the purposes for which they were collected and to provide the services of this website.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. All information collected on the sites are stored and maintained in secure structures that limit access to authorized personnel only. The internet site is regularly checked for any security breaches, and to ensure that all information collected are inaccessible , accurate and unavailable to unrelated parties.
The data provided by the user will be deleted when they are no longer necessary to manage his requests, unless kept for administrative-accounting and tax purposes or/and trial in court for the limitation period of the related rights. The data collected for commercial communication and marketing purposes will be used for 24 months from their collection and will then be deleted unless the user has expressed a new consent.
6) Data transfer.
The data object of the treatment reside in servers located in the territory of the State. In any case, in the event of their transfer outside the European Union the JDO S.R.L. will adopt all the adequate guarantees prescribed by the GDPR for the protection of the users personal data.
7). Access right.
Articles 15 to 22 GDPR grant the user, as an interested party, the exercise of specific rights. Article 15 recognizes the right less ones to access their personal data and obtain a copy. The right to obtain a copy of the data must not infringe the rights and freedoms of others.
With the access request, the user has the right to obtain from JDO S.R.L. to whom the confirmation is addressed or not if the processing is being carried out on their personal data and to know the purposes and categories of data processed, the third parties whose data are communicated and whether the data are transferred to a non- European country with adequate guarantees. The user also has the right to know the retention time of his personal data, with respect to the aforementioned purposes.
8) Other rights.
With respect of their personal data, the user has the right to request the rectification of inaccurate data and the integration of incomplete data, the cancellation (right of oblivion) under the conditions indicated in art. 17, GDPR, the limitation of the treatment and the portability of the data.
The user also has the right to consent and to object, at any time to the processing of data that involved him for commercial communication purposes.
In emails addressed to the user will be specified how to oppose the receipt of further communications and may, at any time, oppose it.
For the exercise of rights, the user can contact JDO by writing an email to firstname.lastname@example.org or by writing to the headquarters address.
Before providing an answer, JDO may need to identity you by requesting a copy of your ID.
A written feedback will be provided to the user without undue delays.
In case the user believes that the processing of personal data violates the disposal of GDPR, has the right to make a complaint to the Guarantor Authority for personal data protection based in Rome, according to the article 77 of the GDPR , as well as appeal to the Judicial Authority.