Palazzo degli Antoci manages this website www.palazzoantoci.it
As required by the European Union Regulation 2016/679 (“GDPR”), and in particular by the articles 13 and 14 as well as by Legislative Decree n.196/2003 s.s.m.m.i., below we provide you in your capacity as “interested party” the information required by law relating to your personal data processing
We invite you to take a careful look at the ways in which we acquire and process your personal data and to express your consent or your refusal in this regard.
OWNER OF THE TREATMENT AND CONTACT DETAILS
Palazzo degli Antoci VAT number 00522150887
Registered office: Via Giacomo Matteotti, 42 – Ragusa (RG)
Type of data collected
The navigator voluntarily and spontaneously provides his personal data and other information during online registration, sending order forms or with a phone call, an e-mail, a live chat session, or by other means of communication .
To meet technical, statistical, web marketing needs and to adapt the services rendered to the actual needs of customers/surfers, the computer systems and software used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The acquired data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
Data provided voluntarily by the user
The spontaneous and voluntary sending of e-mails to the addresses indicated on this site or the sending of personal data involves the automatic acquisition of the same by the CRM systems used by the Site in order to allow a prompt response and support to requests advanced, as well as all the data included in the message or in the content of the chat.
Web Measurement Systems
The Site may use web traffic analysis and evaluation systems, aimed at acquiring anonymous navigation data, through the non-acquisition of the IP, and relating to the behavior of visitors within the Site, as well as their liking for the same. Cookies may also be used for this purpose.
Purpose and legal basis of the processing
The processing of personal data spontaneously provided by the navigator, or otherwise acquired, may be carried out for:
1) sending of the requested information material. This purpose is based on art. 6 paragraph 1 letter B) of the GDPR.
2) register service activation requests; This purpose is based on art. 6 paragraph 1 letter B) of the GDPR.
3) ascertain, exercise or defend the rights of the Data Controller in court. This purpose is based on art. 6 paragraph 1 letter F) of the GDPR and is considered, with reference to the balance of interests, prevailing over the rights and freedoms of the interested party. You will be able to exercise, among other things, the rights referred to in Article 21 of the GDPR.
4) fulfill a legal obligation. This purpose is based on art. 6 paragraph 1 letter C) of the GDPR.
5) carry out statistical analyzes for marketing purposes;
6) detect the degree of satisfaction of surfers;
7) communicate information relating to the service to registered users;
8) sending of informative material, manuals, CDs.
The processing of data for the purposes indicated with numbers 5), 6), 7) and 8) are based, pursuant to art. 6 paragraph 1, letter A) of the GDPR, on your specific and distinct consent. The provision is optional. We inform you that failure to provide them does not prevent you from using our services, but you will not be able to receive newsletters, commercial communications and advertising material relating to the products and/or services offered.
Nature of the contribution
In addition to the anonymous data collected by our systems while browsing, the visitor is free to provide or not provide their personal data in the forms, order forms, live chats, to telephone operators. Any refusal to provide us with your personal data could make it absolutely impossible to provide you with the service requested or to fulfill the obligations established by law.
For all contractual obligations and those required by law, the data will be kept for a period of 10 years from the termination of the contractual relationship. The data collected for the purposes referred to in numbers 5), 6), 7) and 8) are kept for two years starting from the granting or renewal of the consent and unless revoked by the interested party.
In any case, the cases in which retention for a subsequent period is required by the competent authorities or pursuant to the applicable legislation or for the management of the dispute are excluded.
Data transfer abroad
The personal data of the interested party are processed within the European Economic Area or in countries outside the European Economic Area (EEA) which offer an adequate level of data protection in accordance with the “adequacy decisions” of the European Commission.
Communication to third parties and categories of recipients
For the purposes of pursuing the aforementioned purposes, the recipients of your personal data may be:
Members of staff responsible for managing user accounts;
Service providers (such as legal and/or tax consultants, assistance, maintenance, providers of networks and electronic communication services) appointed as data processors and by the related personnel expressly authorized to process;
Competent authorities to respond to your requests and to deal with complaints;
Authorities that can access your data by law (such as, for example; Public Administration, Public Bodies, Judicial Authorities, Supervisory and Control Authorities);
A detailed and updated list of these subjects and their privacy qualifications can be requested from the Data Controller.
Rights of the interested party
The interested party, at any time, may exercise the rights provided for by articles 15 to 22 of the New Regulation 2016/679 (GDPR) and this also pursuant to Legislative Decree n. 196 of 30 June 2003, against the Data Controller and more precisely: you have the right, in the cases provided for, to request: access to your personal data, the rectification or cancellation of the same or the limitation of the treatment or to oppose to their treatment, the notification of the recipients of the personal data being processed, the portability of their personal data, not to be subjected to a decision based solely on automated processing.
The interested party also has the right to revoke any consent given to the processing of data, at any time and without prejudice to the lawfulness of the processing carried out before the revocation.
The rights are exercised with a request made, without formalities and free of charge, to the Data Controller by sending an e-mail to the address: info*palazzoantoci.it (*=@)
The interested party also has the right to lodge a complaint pursuant to art. 77 GDPR 2016/679 to the competent Supervisory Authority based on his habitual residence, or place of work or place of violation of rights; for Italy, the Guarantor for the protection of personal data is responsible for the Data Protection Authority.
Update dated 06/02/2023