This privacy statement was last updated on December 15, 2024 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.
This page describes how the site is managed in relation to the processing of personal data of users who consult it. This information is provided in compliance with art. 13 of Regulation 2016/679 (GDPR), pursuant to art. 13 of Legislative Decree no. 196/2003 (Personal Data Protection Code).
DATA CONTROLLER:
Massimo Cantara, Via Cairoli, 5 – 21100 Varese (VA) – e-mail: info@mediterraneanretreatscenter.org
DATA PROCESSOR
Mediterranean Retreats Center with its administrators is the sole controller of the processing pursuant to Article 29 of the Personal Data Protection Code, as it is responsible for the maintenance of the technological part of the site.
PLACE OF DATA PROCESSING
The Data is processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For further information, contact the Data Controller.
TYPES OF DATA COLLECTED
Data provided voluntarily by the user: among the Personal Data collected by this site, provided voluntarily by the user, independently or through third parties, there are: e-mail address. The User is free (and it is highly recommended) to use a pseudonym and temporary email for his anonymity. We kindly ask NOT to send sensitive personal data, NOT to use emails like “name.surname@gmail.com” Sending emails to the addresses indicated on this site involves the subsequent acquisition of the sender’s email address as well as any other personal data included in the message necessary to perform the requested services. Unless otherwise specified, all Data requested by this site are mandatory. If the User refuses to communicate them, it may be impossible to provide the Requested Service. In cases where the User indicates some Data as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or on its operation. Users who have doubts about which Data are mandatory, are encouraged to contact the Owner.
Browsing data
The data collected automatically are browsing data. : Although not collected in order to be associated with the user’s identity, such data could indirectly, through processing and association with data collected by the Data Controller, allow their identification. In particular: the list of data collected: IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site: except for this eventuality, at present the data on web contacts do not persist for more than seven days.
METHODS OF PROCESSING
The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data. Processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated.
LEGAL BASIS OF PROCESSING
The Data Controller processes Personal Data relating to the User if one of the following conditions applies: – the User has given consent for one or more specific purposes; Note: in some jurisdictions the Data Controller may be authorized to process Personal Data without the User’s consent or any other of the legal bases specified below, until the User objects (“opts-out”) to such processing. However, this does not apply if the processing of Personal Data is regulated by European legislation on the protection of Personal Data; – processing is necessary for the performance of a contract with the User and/or for the execution of pre-contractual measures; – processing is necessary to fulfill a legal obligation to which the Data Controller is subject; – processing is necessary for the performance of a task carried out in the public interest or in the exercise of public authority vested in the Data Controller; – processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties. It is always possible to ask the Data Controller to clarify the specific legal basis for each processing and in particular to specify whether the processing is based on the law, provided for by a contract or necessary to conclude a contract. In any case, the dissemination and transfer of data outside the EU area is excluded.
PURPOSE OF THE PROCESSING OF COLLECTED DATA
The data collected through this site are NOT collected for marketing purposes. The User’s Data is collected to allow the Owner to provide its Services, as well as for the following purposes: Contacting the User, responding to questions, offering support, sending quotes and other communications of this type. By sending their Data, the User consents to their use to respond to requests for information, quotes, or any other nature indicated by them.
Personal Data collected: e-mail.
STORAGE PERIOD – DURATION OF TREATMENT
The Data is processed and stored for the time required by the purposes for which they were collected. Therefore: Personal Data collected for purposes related to the performance of a contract between the Owner and the User will be retained until the performance of such contract is completed. Personal Data collected for purposes attributable to the legitimate interest of the Owner will be retained until such interest is fulfilled. The User can obtain further information regarding the legitimate interest pursued by the Owner in the relevant sections of this document or by contacting the Owner. When the processing is based on the User’s consent, the Data Controller may retain the Personal Data for a longer period until such consent is revoked. Furthermore, the Data Controller may be required to retain the Personal Data for a longer period in compliance with a legal obligation or by order of an authority. At the end of the retention period, the Personal Data will be deleted. Therefore, upon expiration of such period, the right of access, cancellation, rectification and the right to portability of the Data can no longer be exercised. CONDITIONS FOR CONSENT (GDPR N.679/2016)
– If you accept our privacy policy for the use of data, the forms will send us a notification demonstrating that consent has been given. – We assume explicitly that the data provided by you are of adults, as per the mandatory field requested by us and notified to us. We do not accept data from minors. – The data we collect are strictly necessary to start a possible commercial collaboration and/or to be able to communicate with us.
