Personal data protection notice for users of the www.racheli.it website
Premises
The company Racheli S.r.l. (hereinafter referred to as the “Company” or the “Data Controller”), as Data Controller of this website, (hereinafter referred to as the “Site”) is particularly attentive to the application of the principles in force regarding the processing of personal data and in particular the lawfulness, correctness, transparency, limit of purpose and conservation, minimisation, accuracy, integrity, and confidentiality, as well as the security measures adopted to protect the same.
That being said, in compliance with the provisions of Articles 13 and 14 of EU Regulation 2016/679 (hereinafter also referred to as the “Regulations”), and, where applicable, of Legislative Decree no. 196 of June 30, 2003 (hereinafter referred to as the “Code”), with this information notice (hereinafter referred to as the “Information Notice”), describes hereinafter, the nature of the personal data collected, the purposes and methods of processing adopted, and the entities to which the personal data of users who simply browse or consult the Site, or spontaneously send communications, to the contact details made public on the Site are destined (hereinafter referred to as “Users”).
Please note that the Information Notice does not concern other sites, pages, or online services that can be reached through hypertext links, relating to resources outside the Data Controller’s domain, which may be published on the Site for completeness of information. As a preliminary remark, we point out that the request for access and/or consultation of the Site by Users may entail the processing of personal data relating to identified or identifiable persons, which are processed by the Data Controller in accordance with the law.
More specifically, the Site may be accessed by Users interested in consulting the information contained therein and possibly asking questions, requesting in-depth analyses, proposals/offerings of professional services in the field of IP, by filling in a specific contact form, which entails the release of personal data – name and e-mail address – necessary for being contacted and receive replies. This Policy can be printed by using the print command in the settings of any browser.
Data controller
The data controller is the company Racheli S.r.l., with registered office at Viale San Michele del Carso No. 4 20144 Milan (MI), VAT no. 09683760962, duly registered at the Milan Register of Companies, which can be reached at the e-mail privacy@racheli.it.
Type of data processed
The data processed through access to the Site fall into two different macro categories, better specified below, such as: browsing data, including cookies, and data provided voluntarily by Users.
BROWSING DATA
As is known, technically, Internet communication protocols, computer systems, and software procedures connected to the proper functioning of the Site, involve the automatic acquisition of certain personal data in the course of their normal operation.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the Users’ computer environment.
Browsing data are collected solely in the legitimate interest of enabling Users to enjoy the content published on the Site and are properly administered and managed. This data is used for the sole purpose of monitoring the proper functioning of the Site by obtaining anonymous statistical information on the use of the Site and is deleted immediately after processing. The data in question could be used to ascertain responsibility in the event of any computer crimes against the Site: except in this case, data on web contacts are generally not retained for more than seven days.
More information on browsing data can be found in the Cookie Policy section.
SOCIAL LINKS
The Site also features plug-ins and/or social links that allow logged-in Users to access content on third-party platforms that may issue cookies and collect personal data.
The collection and use of the information obtained by means of the plug-in are governed by the respective privacy policies of the social networks, to which refer, and in this regard, no responsibility can be attributed to the Data Controller for the data processing operations carried out by the plug-in provider.
DATA VOLUNTARILY PROVIDED BY USERS
The category of data voluntarily provided by the Users may consist of personal contact data such as – name, surname, e-mail address – or other personal data, possibly and voluntarily provided by the Users in the “Message” field, in order to make the interested party identified or identifiable. On this point, Users are invited not to send in their communications personal data of third parties that are not strictly necessary to enable Users to receive the requested information. All the above-mentioned personal data are generally provided by filling in the contact form, made by the Users when accessing the Site, in order to request information on a certain service or to use a certain service.
The e-mail address provided by the Users at the time of registration may be used by the Data Controller to send newsletters and information communications on IP matters or regarding its services or services similar to those offered by the Data Controller or requested by the Users, without prejudice to the Users’ right to object to the sending of such communications at the time of data collection and at any time thereafter. It is possible to refuse to receive further informative communications or newsletters at any time by clicking on the appropriate unsubscribe link at the bottom of all communications sent.
Method of proceding
The Data Controller adopts appropriate security measures aimed at preventing unauthorised access, disclosure, modification, or destruction of the Site Users’ personal data.
Data processing is carried out by computer and/or telematic tools suitable for storing, managing, and transmitting data, with organisational methods and logics strictly related to the purposes indicated.
Purpose and legal basis of treatment
With reference to the data provided voluntarily by Users, the optional, explicit, and voluntary sending of e-mails to racheli@racheli.it or the filling in of the contact form on the Site entails the subsequent acquisition of the Users’ identification data – name and e-mail address – necessary to reply to requests, as well as any other personal data entered in the “Message” area. Therefore, the legal bases of the processing are the legitimate interest of the Data Controller to reply to communications received or the need to process requests made by Users.
The data will be kept for the time necessary to satisfy any requests made by the sender and, in any case, for the time required by specific provisions of law. However, Users have the right to request the removal of their data according to the terms, conditions, and limits provided for in Article 17 of the GDPR.
Eligibility of giving data
Apart from what is specified for navigation data, Users are free to spontaneously provide personal data to request information or services. Failure to provide them may result in the impossibility of obtaining what has been requested.
Place of proceding
Processing related to the web services offered by this site (physically hosted on Italian territory) is carried out at the Data Controller ‘s head office and is handled only by personnel authorised to process such data.
Occasionally, third-party suppliers may be allowed temporary access to the site’s memories for the sole purpose of technical assistance, in compliance with legal requirements and under the supervision of the Data Controller. Data are not disclosed abroad. Apart from the above, no data resulting from interaction with the site is communicated to third parties or disseminated.Data retention period
The personal data processed for the purposes specified in the part of the Policy relating to the PURPOSE AND LEGAL BASIS OF TREATMENT article 1.1, 1.2, 1.3 are kept for the period necessary to fulfil the legitimate interest of the Data Controller, provided that the interests or fundamental rights and freedoms of the Users requiring the protection of personal data do not prevail. Users may obtain further information regarding the legitimate interest pursued by the Data Controller by contacting the Data Controller directly.
At the end of the retention period, the personal data will be deleted and therefore at the expiry of this period, the right of access, cancellation, rectification, and the right to data portability can no longer be exercised.
Users’ rights
In relation to the processing of Users’ personal data, the Data Controller informs them of their rights as provided for in Articles 15, 16, 17, 18, 20 and 21 of the Regulation.
In particular, Users have the right to request, at any time, access to their personal data, their rectification or cancellation, the restriction of processing in the cases provided for by Article 18 of the Regulation, to obtain in a structured, commonly used and machine-readable format the data concerning them, in the cases provided for by Article 20 of the GDPR, at any time, to revoke pursuant to Article. 7 of the GDPR the consent given (where consent has been requested), to lodge a complaint with the Data Protection Authority, if they consider that the processing of their data is contrary to the legislation in force, the right to object at any time, for reasons related to their particular situation, unless the Data Controller demonstrates the existence of compelling legitimate reasons to proceed with the processing, the latter rights prevailing over the interests, rights and freedoms of the data subject or useful for the establishment, exercise or defence of a right, in court.
How to exercise rights
In order to exercise the rights identified above, Users may address a request to the contact details of the Data Controller, indicated in this document. Requests will be dealt with by the Data Controller as soon as possible or in any case within one month of their receipt.
This notice has been updated as of March 21, 2023. Users are kindly requested to visit this section periodically in order to be constantly updated on any changes to the above-mentioned notice.