This page describes how to manage the site with reference to the processing of personal data of users who consult it. This is an information that is also provided pursuant to art. 13 of the EU General Regulation 2016/679 (hereinafter “GDPR”) on the protection of personal data for those who interact with web services accessible electronically from the address: http://www.slenos.eu and https://www.slenoscapital.com.
The information is provided only for the site in question and not for other websites that may be consulted by the user via links. The information is also based on Resolution no. 13 of 1 March 2007 “on the internet and e-mail” of the Privacy Guarantor, and the Recommendation no. 2/2001 that the European authorities for the protection of personal data, gathered in the Group established by art. 29 of directive n. 95/46 / EC, adopted on 17 May 2001 to identify some minimum requirements for the collection of personal data online, and, in particular, the methods, times and nature of the information that the data controllers must provide to users when they connect to web pages, regardless of the purpose of the link.
The processing of personal information concerning you will be based on principles of correctness, lawfulness and transparency and the protection of your privacy and your rights. The legislation in question provides first of all that anyone who processes personal data is required to inform the interested party about which data is being processed and for what purpose, therefore, according to the provisions of art. 13 of the GDPR 2016/679, we provide you with the following information:
EXTREME IDENTIFICATION OF THE HOLDER, THE MANAGER AND THE REPRESENTATIVE OF THE HOLDER IN THE TERRITORY OF THE STATE
Following consultation of this site, data relating to identified or identifiable persons may be processed. We inform you that the Data Controller is Mr Andrea Cesaretti, and that the updated list of Managers can always be requested at the headquarters in Via Marecchiese 166, Rimini, Italy (Zip code: 47922), to which communications for the exercise of the rights recognized to the interested party must be forwarded. of articles 15 to 23 of the GDPR by registered letter, PEC or e-mail where the complete list of subjects to whom the data may be communicated is also available.
PLACE OF DATA PROCESSING
The treatments connected to the web services of this site take place at the Slenos’ registered office and are only handled by technical personnel in charge of processing, or by persons in charge of occasional maintenance operations. No data deriving from the web service is communicated or disseminated. The personal data provided by users who submit requests for information or registration to the site mailing list are used for the sole purpose of performing the service or provision requested.
TYPE OF DATA PROCESSED
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.
These data are used only to obtain anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site: except for this possibility, the data on web contacts do not persist for more than six months.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the site set up for particular services on request.
No personal user data is acquired by the site in this regard. Cookies are not used to transmit information of a personal nature, nor are so-called c.d. persistent cookies of any kind, or systems for tracking users. The use of c.d. session cookies (which are not stored permanently on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe exploration and efficient site. I c.d. session cookies used on this site avoid the use of other IT techniques that are potentially prejudicial to the confidentiality of users’ browsing and do not allow the acquisition of personal identification data of the user.
LOG FILES AND THEIR STORAGE
The log files will be tracked for security reasons that require the registration and maintenance of the log files and their accessibility by the judicial police in the event that the latter requests them. To this end, the access log files will be kept for a period not exceeding: 6 months / -1 year. Any access controls will be carried out gradually and in full compliance with the law, in particular with the principles of necessity and proportionality.
LEGAL BASIS AND PURPOSE OF THE PROCESSING
The Data is collected by us with the exclusive purpose of the correct and complete performance of our commercial activity towards you, with the purposes described below, or:
- provision of services based on web interface (user data registration);
- provision of information relating to your specific request on Slenos services;
- purposes related to the obligations established by laws, regulations, community legislation and provisions issued by authorities legitimated by law;
- The processing of personal data for the purposes from point a) to point c) above does not require your express consent (Article 24, letter a) and b) of the Code and art. 6 lett. b) and e) of the GDPR);
- carrying out marketing and promotional activities for the Controller’s products and services, commercial communications, both by automated means without operator intervention (eg. SMS, fax, mms, e-mail, etc.) and traditional (by telephone, mail);
- Subscription to receive periodic News Letters.
The processing of personal data for the purposes in points d) and e) above requires your express consent (Article 23 of the Code and Article 7 of the RGPD). This consent concerns both the automated communication methods and the traditional ones described above. You will always have the right to easily and free of charge, in whole or in part, to the processing of your data for these purposes, for example by excluding automated contact methods and expressing your desire to receive commercial and promotional communications exclusively through traditional methods of contact.
The legal basis of the processing is based both on the consent of the interested party and on the legitimate interest of the Data Controller to inform the interested parties about scheduled training events based on their respective interest.
OBLIGATION OR RIGHT TO PROVIDE DATA AND CONSEQUENCES OF ANY REFUSAL
Apart from that specified for navigation data, the user is free to provide personal data contained in the request forms or indicated in contacts to get information about the real estate offers from the writer, or to request registration in the mailing list of the site, or sending requested information.
The data required for the purposes referred to in letters a), b) and c) above must be provided for the fulfilment of legal obligations and / or for the conclusion and execution of the contractual relationship or the provision of the services or information requested. Therefore, your refusal, even partial, to provide such data would make it impossible for the inability to establish and manage the relationship itself and to provide the requested service. The provision of personal data necessary for the purposes referred to in letters d) and f) above is optional, therefore your refusal to provide such data would make it impossible to carry out the activities described therein without prejudice to the existing relationship.
DURATION OF TREATMENT AND PERIOD OF CONSERVATION OF PERSONAL DATA
The collected data are processed for the time necessary for the purposes for which they were collected, and in any case no later than the times prescribed by law. The data necessary for tax purposes are kept until the assessments relating to the corresponding tax period are defined, therefore for at least 10 years and more if the related annuity is not yet prescribed for tax purposes. At the expiry of this term, the data will be deleted or anonymized, unless there are other purposes for the conservation of the same (eg guarantee supply obligations, tax obligations).
The data collected and processed on the basis of consent for commercial and marketing purposes will be processed until revocation of the same, or at the end of the service provided and in the absence of it, will be kept for a maximum period of 2 years after which they will be destroyed or anonymized.
METHOD OF TREATMENT
The data processing takes place / will take place through the use of electronic tools by means of our computer system, and in this case they will be recorded on protected computer supports, or manually and the relative paper documentation will be correctly maintained and protected by us for all the time necessary for the treatment through suitable procedures to guarantee the security and confidentiality to prevent the loss of data in compliance with the security measures pursuant to art. 32 of the GDPR 2016/679, from illicit or incorrect use and unauthorized access and can be carried out both on paper and with the aid of automated electronic tools for the time strictly necessary to achieve the purposes for which they were collected.
COMMUNICATION AND DIFFUSION
Your data will not be “disseminated” by us, with this term meaning the disclosure of it to indeterminate subjects in any way, including by making them available or consulting, unless specific consent is granted by the interested party with a separate deed.
Your data may instead be “communicated” by us, with this term meaning the disclosure of it to one or more specific subjects, in the following terms:
- to persons appointed within our Company to process your data, and in particular to the employees of the Administration Office;
- to subjects who can access the data by virtue of the provision of law, regulation or community legislation, within the limits set by these rules;
- to subjects who need to access your data for purposes auxiliary to the relationship between you and us, within the limits strictly necessary to carry out the auxiliary tasks entrusted to them such as: creating institutes, couriers, etc..;
- to our consultants, within the limits necessary to carry out their assignment at our Company, or in an Outsourcing regime, as external Data Processors following our letter of appointment which imposes the duty of confidentiality and security in the processing of your data.
SOCIAL NETWORK PLUGIN
RIGHTS OF THE INTERESTED PARTIES
We inform you that in your capacity as an interested party, you have, pursuant to articles 15 to 23 of the GDPR 2016/679, the rights listed below that you can assert by making a specific request to the Data Controller and / or the data processor, as well as the right to lodge a complaint with a supervisory authority:
- Art. 15-Right of access
The interested party has the right to obtain from the data controller confirmation as to whether or not personal data concerning him is being processed and, in this case, to obtain access to personal data and information regarding the processing.
- Art. 16 – Right of rectification
The interested party has the right to obtain from the data controller the correction of inaccurate personal data concerning him without undue delay. Taking into account the purposes of the processing, the interested party has the right to obtain the integration of incomplete personal data, also by providing an additional declaration.
- Art. 17 – Right to cancellation (right to be forgotten)
The interested party has the right to obtain from the data controller the cancellation of personal data concerning him without undue delay and the data controller has the obligation to cancel the personal data without undue delay.
- Art. 18 – Right to limit the processing
The interested party has the right to obtain from the data controller the limitation of the processing when one of the following hypotheses occurs:
a) the data subject disputes the accuracy of the personal data, for the period necessary for the data controller to verify the accuracy of such personal data;
b) the processing is unlawful and the interested party opposes the cancellation of personal data and requests instead that its use be limited;
c) although the data controller no longer needs it for processing purposes, the personal data are necessary for the data subject to ascertain, exercise or defend a right in court;
d) the interested party opposed the processing pursuant to article 21, paragraph 1, pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party.
- Art. 20 – Right to data portability
The interested party has the right to receive in a structured format, commonly used and readable by an automatic device, the personal data concerning him provided to a data controller and has the right to transmit such data to another data controller without impediments from part of the data controller to whom he provided them. In exercising their rights regarding data portability pursuant to paragraph 1, the interested party has the right to obtain the direct transmission of personal data from one data controller to another, if technically feasible.
- Art. 21 – Right to object
The interested party has the right to object at any time, for reasons connected to his particular situation, to the processing of personal data concerning him pursuant to article 6, paragraph 1, letters e) or f), including profiling on the basis of these provisions.
- Art. 22 – Right not to be subjected to automated decision-making, including profiling
The interested party has the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or which significantly affects his person in a similar way.
How to exercise your rights You can exercise your rights or withdraw your consent at any time by sending a communication to the addresses and in the manner indicated below.