Data subjects: users consulting the www.ribo.net website of “Ribo Evolution Srl”.
WHY THIS INFORMATION
Pursuant to Regulation (EU) 2016/679 (hereinafter referred to as the “Regulation”, or “GDPR”), this page describes the way in which the personal data of users consulting the “Ribo Evolution Srl” website, which can be accessed electronically at the following address: www.ribo.net, are processed.
This information does not concern other sites, pages or online services that can be reached via hypertext links that may be published on this site, but referring to resources external to the www.ribo.net domain.
CONTROLLER OF THE TREATMENT
Following navigation of the site, data relating to identified or identifiable individual person may be processed.
The data controller is “Ribo Evolution Srl”, with registered office in Via Pozze, 4, 47837 Montegridolfo (RN), VAT no.: 04426800407.
NATURE OF DATA PROCESSED, PURPOSE OF PROCESSING AND JURIDICAL BASIS
1) Browsing data
Legal basis: “data processing necessary for the navigation of the website” – contractual obligation – art.6 par.1 letter b) GDPR
The computer systems and software procedures used to operate this site collect, in the course of their normal operation, a few personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes the IP addresses or domain names of the computers and terminals used by visitors, the URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the visitor’s operating system and computer environment.
These data, necessary to navigate on the Site and to benefit from the information it contains, are also processed for the purpose of:
- Obtain aggregate and anonymous statistical information on the use of the Site (most visited pages, number of visitors per time period or per day, geographical areas of origin of visitors, etc.);
- Checking the correct accessibility of the content offered on the Site
- Preventing or combating any possible computer hacking, fraudulent use of the functionalities available on the site, also with a view to reconstructing security incidents and their traceability
Duration of storage:
Navigation data in compliance with the principles of lawfulness, purpose limitation, data minimisation, in accordance with Article 5 of the GDPR, will be conserved for a period of time not exceeding the achievement of the technical purposes described above for which they are collected and processed, except for any need to identify criminal activities by the judicial authorities.
2) Data communicated by the user
Legal basis: ‘data processing necessary to answer user queries’ – contractual obligation – Art. 6(1)(b) GDPR
The optional, explicit and voluntary sending of messages to the “Ribo Evolution Srl” contact addresses, the private messages sent by users to institutional profiles/pages and on social media (where this possibility is provided for), as well as the completion and forwarding of forms on the “Ribo Evolution Srl” websites, imply the acquisition of the sender’s contact data, necessary for replying, as well as all the personal data included in the same communications.
Specific information is published on the pages of the site intended for the providing of specific services, where necessary the user’s consent is collected, informing the user of the purpose and the option of providing it.
Duration of storage:
The data communicated by the user are kept for the time necessary to handle individual requests, any subsequent storage for statistical purposes implies the anonymisation of such data (subject to any need to verify criminal activities by the judicial authorities.
3) Cookies and other systems of traceability
The following are used:
(a) technical cookies necessary for user navigation, facilitating the correct navigation of the site and the accessibility of its contents by the user. Legal basis: “contract as functional and necessary”.
(b) analytical cookies used to process aggregate statistical analysis of the use and interaction with the site by the visitor. Subject to the user’s agreement. Legal basis: ‘consent’.
(c) profiling cookies enable information to be collected about the preferences expressed by the user during browsing and produce reports to be used for focused advertising and marketing campaigns. Legal basis ‘consent’.
Information on data processing, the purpose, duration and complete management of cookies, including their consent and revocation, can be found in the ‘Cookie Management’ document in the page footer.
4) Social Media Policy
Information on the processing of personal data through the social media platforms being used
Personal or ‘sensitive’ data included in public comments or posts within social media channels may be removed.
RECIPIENTS OF THE DATA
The recipients of the data collected as a result of the consultation of some of the services listed above are some subjects designated by the Data Controller pursuant to Article 28 of the Regulation, as data processors, and other additional service providers in the field of web-agencies, digital communication, system support, and any other digital service providers for which you can request a full list by writing to email@example.com
Some data and information may not be transmitted or collected by subjects identified as autonomous controllers. Such data are related to cookies that are usually anonymised before transmission, for statistical purposes. If transfer to non-EU countries is expected, the guarantee measures taken, described in paragraph 6 of this document, will be indicated.
The personal data collected are also processed by the staff of ‘Ribo Evolution Srl’, who act on the basis of specific instructions given regarding the purposes and methods of processing.
SECURITY OF PROCESSING
Personal data transmitted and stored for the time necessary for the stated purposes, are protected by specific technical and organisational security measures with reference to Art. 32 of the Regulation, which guarantee on a permanent basis confidentiality, integrity, availability and the ability to promptly restore the availability and access of personal data in the event of a physical or technical incident, including in the risk of accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed.
TRANSMISSION OF PERSONAL DATA TO NON-EU COUNTRIES
The controller does not transfer personal data to non-EU countries. If there is a need to do so, the data subjects will be informed in advance, and guarantee measures will be adopted for the transfer to the recipients, which depending on the case may be: verification of the existence of appropriateness decisions for the recipient country by the Commission, signing of standard contractual clauses, verification of the adoption of any additional measures in implementation of EPDB Recommendation 01/2020. As a derogation to these guarantees, for data processing (in ref. of Art. 49 of the GDPR), where applicable, the existence of a contract or pre-contractual measures in favour of the data subject or consent to the transfer is verified.
RIGHTS OF DATA SUBJECTS
You have the right to obtain from “Ribo Evolution Srl”, where applicable, access to your personal data, their rectification, cancellation, restriction of their processing, portability, or to contest their processing and to revoke your consent (where used as a legal basis) with reference to Articles 15 to 22 of the Regulation).
The request is made through the contact details of “Ribo Evolution Srl”, with registered office and operational headquarters in Via Pozze, 4, 47837 Montegridolfo (RN). In order to execute the rights, it is also possible to use the model prepared and available on the website of the Data Protection Authority at this link: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/9038275.
Data subjects who consider that the processing of personal data relating to them and carried out through this site violates the Regulation have the right to submit a complaint to the Garante, as provided for in Article 77 of the Regulation, or to take legal action (Article 79 of the Regulation). The model for submitting a complaint is available on the website of the Data Protection Authority at this link: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524