Privacy Policy

The site www.fratellicavalletti.it collects and processes some data as described below, in compliance with the legislation prescribed by the Eu Reg. 679/2016 and the national legislation in the field of Privacy (Legislative Decree 101/2018) as well as amendments and additions.
The owner of the site, in fact, in compliance with the recommendations of the Privacy Guarantor on the adaptation of the GDPR, places great importance on the privacy of visitors and users in order not to infringe their rights.
The intent of this privacy statement is to provide transparency and understandable information relating to the information collected on the site and its use.
This information applies exclusively to the online features of the site and is valid for visitors / users of the site. The information does not apply to all information collected outside the web channel where this website is located.

Browsing data and storage times
Data acquired from system and security logs
This site, during user visits, automatically acquires information through system LOGs and security logs.
The information collected could be the following:
– time and date of the visit;
– IP address and name of the provider of origin;
– records of errors and problems.
All these data, collected in aggregate form, are used only to support diagnostics for security purposes. Example: In the event of an attack, the logs are monitored to block unauthorized access and to prevent malicious activity.
Access to these data is only at the server administration level and are never used for the identification or profiling of the user / visitor but only acquired for the protection and security of the present site. They could be used only in the event of a crime, and only at the request of the judicial authority in the cases provided for by law.
The LOG data collected by the site are processed at the headquarters of the Data Controller and at the web Hosting datacenter.
The web hosting is responsible for data processing (hosting Siteground) and processes the data only at the explicit request of the owner and acts in compliance with European regulations.
The data used for security purposes are kept for 90 days.

Automated decision-making processes
For more detailed information on the types of cookies used, on other tracking techniques and on the information we collect about them, please read our cookie policy at the following link (link to the cookie policy)

Purpose and legal basis of the processing
The purpose of our data processing activities is to comply with legal obligations, pursue our legitimate interests and business purposes.
In fact, for the processing of data we rely on the legal bases described below:
– art. 6 lett. a) GDPR, i.e. your consent, provided for certain processing of personal data;
– art. 6 lett. b) GDPR, i.e. when the processing of personal data is necessary for the fulfillment of the obligations deriving from a contract (e.g. if you send requests for information and, to such requests, an order follows from you, in fact, the processing of data is essential);
– art. 6 lett. c) GDPR, i.e. when the processing of personal data is necessary to fulfill a legal obligation;
– art. 6 lett. f) GDPR, i.e. based on the legitimate interest of our company or third parties – provided that the interests or fundamental rights and freedoms of the data subject do not prevail – considering that our main legitimate interest is the development and execution of our commercial activity (and this corresponds to the legitimate interests of companies expressly described by the European legislator).

Security measures
The processing of data acquired by surfers through this site is managed in a legal manner, adopting all appropriate measures to:
• increase security
• prevent unauthorized access
• prevent unauthorized disclosure of data.
The processing is carried out using IT devices, with logics and organizational methods strictly related to the purposes described above. In addition to the owner, as in the case of Google Analytics, data access is delegated to technical consultants involved in the site project.
The parties involved, always appointed by the data controller company, can also be external and are intended as third party technical service providers, hosting providers, IT companies, web marketing agencies.

User rights
Pursuant to European Regulation 679/2016 (GDPR), and according to the methods and within the limits established by current legislation, the navigator / user can exercise the following rights:
Right of withdrawal, or the updating / rectification / integration and deletion of data;
request confirmation of the existence of their data

The reference Authority is the Guarantor for the Protection of Personal Data

Update of the privacy policy and Cookie policy
This document is updated on 09/02/2022