Z.One Concept S.r.l., in its capacity as Data Controller, hereby provides the following specific information on the management of its website (https://www.z-oneconcept.com) with regard to the processing of the personal data pertaining to the users consulting it. This is also a disclosure made pursuant to Article 13 of the EU Regulation 2016/679 (« GDPR » or « Regulation”).
REGULATORY REFERENCES
- Directive 2002/58/EC concerning the « processing of personal data and the protection of privacy in the electronic communications sector”;
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/ec (General Data Protection Regulation).
- Legislative Decree No. 196 of 30 June 2003 ‘Personal Data Protection Code’, as amended by Legislative Decree No. 101 of 10 August 2018.
DATA CONTROLLER
The Data Controller is Z.One Concept S.r.l with registered office in Malnate (VA), via Brodolini n. 30, e-mail address: [email protected]
DATA PROCESSING LOCATION
The processing operations related to the web services of this site take place at the aforementioned headquarters of Z.One Concept S.r.l. and at the offices of other third parties, specifically appointed as Data Processors, who offer outsourcing services.
TYPES OF PROCESSED DATA
Browsing Data
The IT systems and software procedures used to operate this website acquire, as part of standard operation, certain personal data, the transmission of which is implicit in the use of Internet communication protocols. Such information is not collected to be associated with identified data subjects. This data category includes the IP addresses or domain names of users’ computers that connect to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment. Such data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning, and are deleted immediately after processing. Data could be used to ascertain liability in the event of hypothetical cybercrimes to the detriment of the website.
Data voluntarily provided by the user
The optional, explicit and voluntary submission of personal data by the user (including: name, surname and e-mail address) by filling in the registration forms on this site or by calling any of the telephone numbers shown on the site, entails the subsequent acquisition of the data provided by the user, which are necessary to provide the service or to send the information requested.
COOKIES
Please refer to the Cookie Policy accessible at https://www.z-oneconcept.com/fr/privacy-e-cookie-policy/ for more information on the cookies we use.
Please refer to the following link to issue, revoke or modify your consent to the installation of cookies [•]
Purposes your Data are processed for |
What entitles us to process your Data |
How long your Data are stored |
Replying to information requests submitted by users via the website |
The legal basis is consent that is manifestly expressed by filling in the form (Art. 6(1)(a) GDPR) |
Until the achievement of the intended purpose |
Educational content access purposes |
The legal basis of data processing is the execution of the contract to which the data subject is party or the performance of pre-contractual measures taken at the data subject’s request (Art. 6(1)(b) GDPR) |
Until such time as the statute of limitations relating to any contractual actions that may arise with respect to the transaction in the performance of which the data are processed has expired |
Sending of commercial communications by means of the newsletter. |
The legal basis of data processing is consent (Art. 6(1)(a) GDPR). |
Until revocation of consent |
Protection purposes in case of improper website use or fraud attempts |
The legal basis of data processing is legitimate interest (Art. 6(1)(f) GDPR) |
For the period of time necessary to enable the Controller to act or defend himself/herself against any claims made against him/her or in order to prevent damage resulting from conduct by users in breach of the law |
In addition to the above, data and information collected may be processed by the Controller in order to prepare reports or other types of internal statistical analysis. Such activities will be carried out mainly by drawing on information concerning website traffic. Such information will be processed in aggregate form for the sole purpose of enabling us to improve the operation of the website and the quality of our services.
LINKS TO OTHER WEBSITES
This website may contain links or references to other websites or social media pages. We inform you that the Data Controller does not control the cookies or other tracking technologies of such websites and social media pages to which this Policy does not apply. We therefore suggest that you consult the respective privacy policies of these websites and social media pages.
OPTIONAL PROVISION OF DATA
Aside from browsing data (necessary for the proper functioning of the website), you are free to provide your personal data. However, failure to provide them may result in the impossibility of obtaining what has been requested.
PROCESSING METHOD
Personal data are processed through automated systems and only for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are applied to prevent data loss, illicit or incorrect use and unauthorised access.
DATA SHARING, COMMUNICATION AND DISSEMINATION
Personal data will be processed by authorised data processing personnel of the Data Controller pursuant to Article 29 of the GDPR or by third parties carrying out activities strictly related to the above-mentioned purposes and instrumental to the execution of the service, such as IT system management and website management. Other than in these cases, personal data will not be disclosed to anyone, except as provided for in the contract or with your express authorisation. In this regard, personal data may be disclosed to third parties, but only and exclusively in the event that: a) explicit consent is given to share data with third parties; b) information needs to be shared with third parties in order to provide the requested service; c) information is needed to comply with requests from Judicial or Public Security Authorities. No data deriving from the web service will be disclosed.
PERSONAL DATA TRANSMISSION TO THIRD COUNTRIES
Personal data will not be transmitted to third countries, meaning countries outside the European Union or the European Economic Area. In the event of such, the Controller declares and warrants to comply with the provisions of Articles 44 et seq. of the GDPR.
RIGHTS OF DATA SUBJECTS
The legislation in force and in particular Articles 15 et seq. of the GDPR provide for various rights that you may freely exercise vis-à-vis the data controller, as set out below: Right of Access; Right of Rectification; Right to erasure or « right to be forgotten »; Right to restriction of processing; Right to receive notification in case of rectification or erasure of personal data or restriction of processing; Right to Data Portability; Right to object to processing.
To exercise these rights, you may contact the Data Controller by sending a registered letter or by writing to the above-mentioned e-mail address.
WITHDRAWAL OF CONSENT
You shall have the right, at any time, to withdraw the consent granted for personal data processing without prejudice to the lawfulness of processing based on the consent before the withdrawal.RIGHT TO LODGE A COMPLAINT
If you consider that your personal data is being processed in breach of the GDPR, you have the right to lodge a complaint with the Data Protection Authority (Art. 77 of the GDPR) or, alternatively, to take legal action (Art. 79 of the GDPR).
AMENDMENTS TO THE PRESENT PRIVACY POLICY
The Data Controller periodically checks its privacy and security policy and, if necessary, revises it in relation to regulatory, organisational or technological changes. If the policy changes, the new version will be published on this website page.