Personal data privacy policy

Disclaimer pursuant to and for the purposes of article 13-14, GDPR 2016/679 / EU

In compliance with the aforementioned European Regulation and the rules compatible with this Regulation of Legislative Decree 30 June 2003 no. 196 (Privacy Code) and subsequent changes, we are to provide you with the necessary information regarding the processing of personal data you provide on this website. The information must not be considered valid for other websites that may be consulted through links on the domain owner's internet sites, which are not to be considered in any way responsible for third party websites.

This is an information that is also provided pursuant to art. 13- 14, GDPR 2016/679 / EU - European General Regulations on Personal Data Protection.

The information is also based on the Recommendation n. 2/2001 that the European authorities for the protection of personal data, gathered in the Group established by art. 29 of the directive n. 95/46 / EC, adopted on 17 May 2001 to identify certain minimum requirements for the collection of personal data online, and, in particular, the methods, timing and nature of the information that the data controllers must provide to the users when they connect to web pages, regardless of the purpose of the link

 

THE DATA CONTROLLER

The Controller of any personal data that is processed further to consulting our site, and all other data that is used to supply our services, is MAVECON S.r.l., Via Dell’Esperanto, 20 37135 VERONA.

 

RIGHTS OF THE DATA SUBJECTS

Pursuant to art. 7 of Legislative Decree n. 196/2003, the subjects the personal data refers to have the right at any time to obtain the confirmation as to whether their personal data exists or not, and to learn the content and origins of the same, to check the accuracy of the data, and to have the data integrated, updated or amended.

The data subjects also have the right to request the data be cancelled, transformed into anonymous data or blocked if they are being processed in violation of law, and they may also oppose the data processing for legitimate reasons at any time.

Any requests pursuant to art. 7 of Legislative Decree n. 196/2003 must be sent to MAVECON S.r.l., Via Dell’Esperanto, 20 37135 VERONA, or by email to: ecommerce@johnbarritt.com

 

DATA PROCESSING LOCATION AND PURPOSE

The processing for the web services offered in the site [which in hosting 3Rockets SRL - Corso Passo Buole 5/A, 38061 Ala (TN) - Italy ("www.3rockets.it")], takes place in the Data Controller’s head office, processed exclusively by employees and operators appointed by MAVECON S.r.l. for the processing, or by any occasional maintenance service operators.

No data derived from the web services are communicated or disclosed to third parties without express prior authorisation.

The personal data that users forward to request services, information or anything else in our site, are used exclusively to evade their request, and to provide the requested service, and are not communicated to third parties unless this is compulsory under the terms of the contract, law or is strictly necessary to satisfy the requests.

Specific purposes for individual processing are detailed in the offer of the services provided by the company. In relation to the single offers, the user will find specific information about the personal data processing in compliance with art. 13 of Legislative Decree 196/2003. This information is inspired by the principles given in the Company’s Privacy Policy.

 

TYPE OF DATA THAT IS PROCESSED
1. Surfing data

The computer systems and software procedures used for the site to function acquire certain personal data during their normal operations, which are implicitly transmitted when internet communications protocols are used.

These data are not collected to then be associated to identify subjects but, due to their specific nature, they could enable identifying the users by means of processing and association with data that is held by third parties. This data category includes the IP addresses and computer domain names that the users use to connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the request time, the method used to make the request to the service, the size of the returned file, the numeric code indicating the reply status from the server (successful, error, etc.) and other parameters relative to the operating system and computer environment used by the user.

These data are used exclusively to obtain anonymous statistical data about the use of the site and to check it works correctly, and they are deleted immediately after being processed.

The data in question could be used to ascertain responsibility in the case of any computer crimes that damage our site, however barring this eventuality, the data on web contacts are generally not kept for more than seven days.

 

2. Data provided voluntarily by the user

The optional, explicit or voluntary sending of emails to the addresses in the site means that the sender’s address is automatically acquired, which is necessary to reply to the request, together with any other personal data that may be given in the email.

Specific summary information is given in the site pages relative to special request services.

 

3. Cookies

A cookie is a text element that is input to the computer hard disc further to authorisation. If authorisation is given, the text is downloaded into a small file. Cookies are used to streamline the web traffic analysis or to highlight when a specific site is visited, and they enable the web applications to send information to the single users. None of the users’ personal data is purposely acquired by the site. Cookies are not used to transmit personal data, nor are session cookies or persistent cookies of any type used or systems to trace the users.

 

OPTIONAL DATA PROVISION

Apart from the surfing data provision, the user is free to provide their personal data or not to chase up information material or to request other types of services or information offered by the company. However, failure to provide the information could mean it is impossible for the company to provide the service.

 

PROCESSING METHOD

The personal data are processed using printed and/or automatic systems, for the time that is strictly needed to satisfy the purposes for which they were collected.

Special security measures are observed to prevent data loss, illicit or incorrect use and unauthorised access.

 

RIGHTS OF THE DATA SUBJECTS

The processing will be carried out in an automated and / or manual manner, with methods and instruments aimed at guaranteeing maximum security and confidentiality, by persons specifically appointed to do so in compliance with the provisions of Articles 32 et seq. GDPR 2016/679. The data will be stored for a period not exceeding the purposes for which the data were collected and subsequently processed.

Any requests pursuant to art. 32 et seq. GDPR 2016/679 must be sent to MAVECON S.r.l., Via Dell’Esperanto, 20 37135 VERONA, or by email to: ecommerce@johnbarritt.com

 

Below are certain articles taken from Legislative Decree 196/2003:

 

Art. 7 (Right to access personal data and other rights)

1. The data subject has the right to obtain the confirmation of the existence or not of personal data regarding them, even if not yet registered, and their communication in an intelligible form.

2. The data subject has the right to an indication:

  • a) Of the origin of the personal data.
  • b) Of the purpose and methods of processing.
  • c) Of the logic applied in case of processing carried out with the aid of electronic instruments.
  • d) Of the details of the data controller, managers and representatives appointed as per article 5, paragraph 2.
  • e) Of the parties or categories of parties who may receive the data or who may learn of the data in their capacity as appointed representative in the country, managers or officials.

3. The data subject has the right to obtain:

  • a) The updating, rectification or, when interested, integration of the data.
  • b) The cancellation, transformation into anonymous form or blocking of data processed unlawfully, including those which do not need conserving in relation to the purposes for which the data were collected or subsequently processed.
  • c) Confirmation that the operations at letters a) and b) have been notified in term and content, to those who have received the data in any form, except in the case that said requirement is impossible or involves the use of means out of proportion to the right that is protected.

4. The data subject has the right to oppose, in all or in part:

  • a) For legitimate reasons, the processing of personal data, even if they are pertinent to the purpose of collection.
  • b) Personal data processing for sending advertising material, for direct sales, market surveys and for commercial communications.

 

Art. 13 (Information)

1. The data subject as well as any entity from whom or whose personal data are collected shall be preliminarily informed, either orally or in writing, as to:

  • a) The purposes and modalities of the processing for which the data are intended.
  • b) The obligatory or voluntary nature of providing the requested data.
  • c) The consequences if (s)he fails to reply.
  • d) The entities or categories of entity to whom or which the data may be communicated, or who/which may get to know the data in their capacity as data processors or persons in charge of the processing, and the scope of dissemination of said data.
  • e) The rights as per article 7.
  • f) The identification data concerning the data controller and, where designated, the data controller’s representative in the State’s territory, pursuant to Article 5, and the data processor. If several data processors have been designated by the data controller, at least one among them shall be referred to and either the site on the communications network or the mechanisms for easily accessing the updated list of data processors shall be specified. If a data processor has been designated to provide responses to data subjects in case the rights as per Section 7 are exercised, such data processor shall be referred to.

2. The information as per paragraph 1 shall also contain the items referred to in specific provisions of this Code and may fail to include certain items if the latter are already known to the entity providing the data or their knowledge may concretely impair supervisory or control activities carried out by public bodies for purposes related to defence or State security, or else for the prevention, suppression or detection of offences.

3. The Supervisor may issue a provision to set out simplified information arrangements as regards, in particular, telephone services providing assistance and information to the public.

4. Whenever the personal data are not collected from the data subject, the information as per paragraph 1, also including the categories of processed data, shall be provided to the data subject at the time of recording such data or, if their communication is envisaged, no later than when the data are first communicated.

5. Paragraph 4 shall not apply:

  • a) If the data are processed in compliance with an obligation imposed by a law, regulations or Community legislation.
  • b) If the data are processed either for carrying out the investigations by defence counsel as per Act no. 397 of 07.12.2000 or to establish or defend a legal claim, provided that the data are processed exclusively for said purposes and for no longer than is necessary therefore.
  • c) If the provision of information to the data subject involves an effort that is declared by the Supervisor to be manifestly disproportionate compared with the right to be protected, in which case the Supervisor shall lay down suitable measures, if any, or if it proves impossible in the opinion of the Supervisor.

 

Art. 23 (Consent)

1. Processing of personal data by private entities or profit-seeking public bodies shall only be allowed if the data subject gives his/her express consent.

2. The data subject’s consent may refer either to the processing as a whole or to one or more of the operations thereof.

3. The data subject’s consent shall only be deemed to be effective if it is given freely and specifically with regard to a clearly identified processing operation, if it is documented in writing, and if the data subject has been provided with the information referred to in Section 13.

4. Consent shall be given in writing if the processing concerns sensitive data.

 

Art. 24 (Cases in Which No Consent Is Required for Processing Data)

1. Consent shall not be required in the cases referred to in Part II as well, if the processing:

  • a) Is necessary to comply with an obligation imposed by a law, regulations or Community legislation.
  • b) Is necessary for the performance of obligations resulting from a contract to which the data subject is a party, or else in order to comply with specific requests made by the data subject prior to entering into a contract.
  • c) Concerns data taken from public registers, lists, documents or records that are publicly available, without prejudice to the limitations and modalities laid down by laws, regulations and Community legislation with regard to their disclosure and publicity.
  • d) Concerns data relating to economic activities that are processed in compliance with the legislation in force as applying to business and industrial secrecy.
  • e) Is necessary to safeguard life or bodily integrity of a third party. If this purpose concerns the data subject and the latter cannot give his/her consent because (s)he is physically unable to do so, legally incapable or unable to distinguish right and wrong, the consent shall be given by the entity legally representing the data subject, or else by a next of kin, a family member, a person cohabiting with the data subject or, failing these, the manager of the institution where the data subject is hosted. Section 82(2) shall apply.
  • f) Is necessary for carrying out the investigations by defence counsel referred to in Act no. 397 of 07.12.2000, or else to establish or defend a legal claim, provided that the data are processed exclusively for said purposes and for no longer than is necessary therefore by complying with the legislation in force concerning business and industrial secrecy, dissemination of the data being ruled out.
  • g) Is necessary to pursue a legitimate interest of either the data controller or a third party recipient in the cases specified by the Supervisor on the basis of the principles set out under the law, also with regard to the activities of banking groups and subsidiaries or related companies, unless said interest is overridden by the data subject’s rights and fundamental freedoms, dignity or legitimate interests, dissemination of the data being ruled out.
  • h) Except for external communication and dissemination, is carried out by no-profit associations, bodies or organisations, recognised or not, with regard either to entities having regular contacts with them or to members in order to achieve specific, lawful purposes as set out in the relevant memorandums, articles of association or collective agreements, whereby the mechanisms of utilisation are laid down expressly in a resolution that is notified to data subjects with the information notice provided for by Section 13.
  • i) Is necessary exclusively for scientific and statistical purposes in compliance with the respective codes of professional practice referred to in Annex A), or else exclusively for historical purposes in connection either with private archives that have been declared to be of considerable historical interest pursuant to Section 6(2) of legislative decree no. 499 of 29 October 1999, adopting the consolidated statute on cultural and environmental heritage, or with other private archives pursuant to the provisions made in the relevant codes.

CHANGES TO THE PRIVACY POLICY

The owner reserves the right to change, update, add or remove portions of this privacy statement at its discretion and at any time. The data subject is required to periodically check for any changes to the address: www.johnbarritt.com/it/privacy-policy
In order to facilitate this verification, the information will contain the indication of the update date of the information. The use of the site, after the publication of the changes, will constitute acceptance of the same.
Date of renovation: 25.05.2018
Data controller: MAVECON S.r.l., Via Dell'Esperanto, 20 37135 VERONA