1. DATA CONTROLLER
By consulting the website www.placesonline.com all data concerning identified or identifiable persons may be processed.
The data Controller of the abovementioned treatment of personal data is Paesionline S.r.l., with registered office in Rocca di Papa (RM), Via Francesco D’Assisi 4, VAT No. 09172321003, e-mail firstname.lastname@example.org.
The data Manager is Luca Cotichini. The complete list of the data Managers may be found at the premises of Paesionline S.r.l. and it may be consulted upon written request sent by mail or e-mail to the abovementioned addresses, indicating as object “Privacy – list of data Managers”.
2. TYPE OF DATA TREATED
2.1. NAVIGATION DATA
When operating, the computer systems and software procedures necessary for the correct functioning of the Site collect some personal data which are implicitly transmitted in the use of internet communication protocols.
This information is not collected in order to be associated with identified users, but in virtue of its nature, it may lead to their identification.
This category of data includes IP addresses or domain names of the computers utilized by users who connect to the Site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to send a request to the server, the size of the file obtained in reply, the numeric code indicating the state of the reply given by the server (sent, error) and other parameters relating to the user's operating system and data processing environment.
These data shall only be used to obtain anonymous statistical information concerning the use of the Site and to verify its correct functioning. The data shall also be used in case it should be deemed necessary to determine the liability for any data processing offences detrimental to the Site.
The so-called session cookies (which are not stored persistently on the user's computer and are deleted when closing the browser) are used for the sole transmission of the session IDs (made up by casual numbers generated by the server) necessary to enable a secure and efficient exploration of the site.
2.2. DATA PROVIDED VOLUNTARILY BY THE USER
Apart from such data, the Controller shall process the information provided by the user when registering on the Site, such as name and surname, date of birth, street and e-mail address, and any further data related to video, text and photo contents (all together referred to as “Contributions”) in order to (i) send newsletters, (ii) send via e-mail advertising and promotional information related to the Site, to the tourist sector as well as others, (iii) carry out market research, (iv) elaborate all data provided by the registered user and those collected owing to the user's navigation on the Site so as to identify the relevant commercial profile and to use the results of such elaboration for promotional and commercial purposes, as well as (v) publish the Contributions in compliance with the limits and conditions, (vi) offering discounts therein foreseen.
3. NATURE OF THE DATA AND CONSEQUENCES IN CASE OF REFUSAL TO REPLY
In order to enable the Controller to publish the users' Contributions it is necessary to consent the treatment of personal data. Therefore, in case of refusal, the service shall not be supplied and relevant discounts shall not be granted.
The user is free to provide his/her data for the remaining purposes of the Site. However, the refusal of the abovementioned treatment shall entail the impossibility of being informed about new marketing initiatives and of being updated on any new services offered on the Site related to the tourist sector and/or any further activities related to other sectors.
4. MODALITIES OF THE TREATMENT
All personal data are processed by means of manual computer systems and are automatized for the length of time necessary to achieve the objective for which they are collected.
The Controllers follow specific security measures in order to guarantee the treatment of the data in compliance with the personal data protection law, with a particular attention in preventing any data loss, any illicit or uncorrect data use, or unauthorized access to data banks.
5. THE INTERESTED PARTY'S RIGHTS
The person to whom the personal data refer has the right, in any moment, to obtain confirmation of the existence or non-existence of any personal data concerning him/her, and receive an intelligible communication of said data, even if they have not been registered yet.
The interested party has the right to obtain information concerning:
- the source of the personal data;
- the purposes and the modalities of the treatment;
- the logic applied in case of treatment performed using electronic equipment;
- the data controllers' and managers' identifying details ;
- the parties or categories of parties to which the personal data may be communicated, or which may be informed about such data, as representatives appointed for that territory by the State, or as managers or people in charge.
The interested party has also the right to obtain:
- the updating, modification, that is when interested, and integration of the data;
- the deletion, transformation into anynomous form or the blocking of any of the data processed unlawfully, including data which do not need to be stored with regard to the purposes for which they were collected or subsequently treated;
- a declaration stating that those to whom the data have been communicated are aware of the operations referred to in paragraphs 1) and 2), including their content, except in the case in which it is not possible to fulfil said obligation or if it entails an involvement of means which is clearly disproportionate as to the right protected.
The interested party has the right to oppose, totally or partially:
- to the treatment of his/her personal data, for legitimate reasons, even though pertaining to the purpose of the collecting;
- to the treatment of his/her personal data for the sending of advertising material or the carrying out of market research or for business communications.
In order to assert the abovementioned rights, please write to the Controllers, sending your request to the registered office address or to the e-mail address as mentioned in paragraph 1, indicating as object “Privacy – assertion of rights ex art. 7 of Lgs.D. 196/2003”.
6. COMMUNICATION AND DATA DISCLOSURE
All personal data collected on the Site shall not be disclosed, sold, or transferred to third parties, except where required by law.
Therefore, in any case, with the exception of communications or disclosure of data requested, in compliance with the law, by police, judicial authorities, information and security bodies or other public subjects with the aim of defending and granting State security or for prevention, investigation or repression of crimes.