In compliance with the obligations deriving from national legislation (Legislative Decree 30 June 2003 No. 196, Code regarding the protection of personal data, and subsequent amendments) and European (European Regulation for the protection of personal data No. 679/2016, GDPR ), this site respects and protects the privacy of visitors and users, making every possible and proportionate effort not to infringe the rights of users.
This site does not publish advertisements, does not use data for the purpose of sending advertising, however it uses third-party services in order to improve the use of the site, third parties that may collect user data and then use them to send advertisements. personalized advertising on other sites.
Subjects of the treatment
The data controller pursuant to the laws in force is Cristina Gasperi, legal representative of CriCr Design, who can be contacted via email email@example.com.
Legal basis of the processing
This site processes data mainly on the basis of user consent. The granting of consent takes place through the banner displayed at the first access, or through the use or consultation of the site, as a conclusive behavior. By using or consulting the site, visitors and users approve this privacy statement and consent to the processing of their personal data in relation to the methods and purposes described below, including any disclosure to third parties if necessary for the provision of a service.
The data for site security and for the prevention of abuse and SPAM, as well as data for the analysis of site traffic (statistics) in aggregate form, are processed on the basis of the legitimate interest of the Data Controller in protecting the site and of the users themselves. In such cases, the user always has the right to object to the processing of data (see par. User rights).
Purpose of the processing
The processing of the data collected by the site, in addition to the purposes connected, instrumental and necessary for the provision of the service, is aimed at the following purposes:
Collection of data and information in an exclusively aggregated and anonymous form in order to verify the correct functioning of the site. None of this information is related to the natural person-User of the site, and does not allow identification in any way. Consent is not required.
Collection of data and information in order to protect the security of the site (spam filters, firewalls, virus detection) and of the Users and to prevent or unmask fraud or abuse to the detriment of the website. The data are recorded automatically and may possibly also include personal data (IP address) that could be used, in accordance with the laws in force on the subject, in order to block attempts to damage the site itself or to cause damage to other users, or in any case harmful activities. or constituting a crime. These data are never used for the identification or profiling of the User and are periodically deleted. Consent is not required.
While the Users are browsing, the following information may be collected and stored in the site's server (hosting) log files:
- internet protocol (IP) address;
- browser type;
- parameters of the device used to connect to the site;
- name of the internet service provider (ISP);
- date and time of visit;
- web page of origin of the visitor (referral) and exit;
- possibly the number of clicks.
These data are used for statistical and analytical purposes, in an exclusively aggregated form. The IP address is used exclusively for security purposes and is not crossed with any other data.
Place of processing
The data are processed at the headquarters of the Data Controller, and at the datacenter that hosts the server infrastructure - owned by Memetic. The datacenter is located in the European Economic Area.
The data collected by the site during its operation are kept for the time strictly necessary to carry out the specified activities. Upon expiry, the data will be deleted or anonymised, unless there are other purposes for their conservation.
The data (IP address) used for site security purposes (blocking attempts to damage the site) are kept for 30 days.
Data for analytics (statistics) purposes are stored in aggregate form for 24 months
Transfer of collected data to third parties
The data collected by the site is generally not provided to third parties, except in specific cases: legitimate request by the judicial authority and only in the cases provided for by law; if it is necessary for the provision of a specific service requested by the User; for carrying out security checks or site optimization.
Transfer of data to non-EU countries
This site may share some of the data collected with services located outside the European Union area. In particular with Google through the Google Analytics service. The transfer is authorized on the basis of specific decisions of the European Union and the Guarantor for the protection of personal data, in particular decision 1250/2016 (Privacy Shield), for which no further consent is required. The companies mentioned above guarantee their adherence to the Privacy Shield.
We treat visitor / user data in a lawful and correct manner, adopting appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data. We are committed to protecting the security of your personal data while it is being sent, using Secure Sockets Layer (SSL) software, which encrypts information in transit. The processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, categories of employees involved in the organization of the site or external parties (such as third party technical service providers) may have access to the data.
This site uses the following categories of cookies:
- analysis cookies, used directly by the site operator to collect information, in aggregate form, on the number of users and how they visit the site. They are assimilated to technical cookies if the service is anonymized.
Instructions for disabling cookies can be found on the following web pages:
Third party cookies
Google Analytics: used to analyze the use of the site by users, compile reports on site activity and user behavior, check how often users visit the site, how the site is tracked and which pages are visited most frequently. The information is combined with information collected from other sites in order to create a comparative picture of the use of the site compared to other sites of the same category.
Collected data: browser ID, date and time of interaction with the site, page of origin, IP address.
Place of data processing: European Union, as the anonymization of the service is active.
The data collected do not allow the personal identification of users, and are not crossed with other information relating to the same person. They are treated in aggregate form and anonymized (truncated to the last octet). On the basis of a specific agreement (DPA), Google Inc. (data controller) is prohibited from crossing such data with those obtained from other services.
Further information on Google Analytics cookies can be found on the Google Analytics Cookie Usage on Websites page.
The user can selectively disable (opt-out) the collection of data by Google Analytics by installing the specific component provided by Google on their browser (opt out).
Pursuant to European Regulation 679/2016 (GDPR), the User can, according to the methods and within the limits established by current legislation, exercise the following rights:
- object in whole or in part, for legitimate reasons, to the processing of personal data concerning him for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication;
- request confirmation of the existence of personal data concerning him (right of access);
- know its origin;
- receive intelligible communication;
- have information about the logic, methods and purposes of the processing;
- request the updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected;
- in cases of consent-based processing, receive only the cost of any support, its data provided to the owner, in a structured and readable form by a data processor and in a format commonly used by an electronic device;
- the right to lodge a complaint with the supervisory authority
- as well as, more generally, to exercise all the rights that are recognized by the current provisions of the law.
Requests should be addressed to the Data Controller.