THE “DATA CONTROLLER”
On accessing this Website, the data of identified or identifiable persons is handled. The “Data Controller” to this end is ING S.r.l. issued by Pool Service S.r.l. , a company governed by Italian law with head offices in Busto Arsizio, 21052 (VA) Italy P. IVA 03321470126 Tel: +39 0331 3111323, Fax: +39 0331 311529
PLACE OF DATA HANDLING
The handling involved in the Internet services of this Website is conducted in the above premises of the Data Controller’s head offices. The handling is only conducted by the technical personnel of the Office designated to handle the data, or by parties appointed occasionally to carry out any maintenance work necessary.
TYPE OF DATA HANDLED
The computer systems and software procedures used for the operational purposes of this Website acquire certain personal data, in the course of ordinary operation, whose transmission is implicit in the use of Internet communication protocols. It is information which is not gathered with an end to linking it with identified persons, although by its very nature it could be processed and associated with data held by third parties to allow users to be identified. This category of data includes IP addresses or the dominion names of the computers used by those connecting to the Website, URI addresses (Uniform Resource Identifier) of the resources requested, the time of request, the method used for forwarding the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters regarding the operative system and the user’s computer environment. This data is only used for the purposes of gathering statistical information about the use of the Website, and to ensure that it is functioning correctly. The data is immediately cancelled after it has been processed. The data could be used for ascertaining responsibility in the event of hypothetical IT-related offences which affect the Website.
Data supplied voluntarily by the user
The optional, explicit and voluntary transmission of personal data by the User by means of the registration forms on this Website involve the subsequent acquisition of the sender’s data. This data will be processed by the Data Controller with an end to responding to the service request received. If the User provides his or her consent, information and advertising material can also be sent to the User via email.
DISCRETIONALITY OF DATA SUPPLY
Apart from the points specified for navigation data, the User is free to supply the personal data indicated in the request forms at his or her discretion.
The personal data is handled exclusively using automatic instruments, and only for the amount of time strictly needed to achieve the purposes for which it was gathered or subsequently processed. Specific security measures have been implemented to prevent the risk of destruction or loss of data, whether accidental or otherwise, unauthorised access to data, or handling operations that are unlawful or which do not comply with the purposes for which it was gathered. The Data Controller has adopted all the Minimum Security Measures as required by law. The Data Controller, in observing the main international standards, has also adopted further security measures to minimise risks related to the confidentiality, integrity and availability of the personal data gathered and handled.
SHARING, COMMUNICATING AND DIFFUSING DATA
The data gathered can be transferred or communicated to other companies linked to the Data Controller for directly associated activities required to ensure the efficiency of the service, such as management of the data handling system, or for its handling by other companies for the same purposes. The personal data supplied by visitors is used with an end to providing the requested service or performance, in addition to providing information for advertising or promotional purposes, and is only communicated to third parties in the event it should be necessary for them to provide the requested services. Except for these cases, the data will not be divulged or supplied to third parties unless carried out in compliance with contractual or legal obligations, or where users have provided their consent accordingly. As a result, any information of a personal nature can be transmitted to third parties, including those residing abroad, solely and exclusively: a) where express authorisation is given to share data with third parties; b) where it is necessary to share the information to process the users’ requests; c) where this is indispensable in order to fulfil the requests of the Judicial Authorities or the Police. No divulgation or circulation of any kind of data whatsoever from the Web is carried out.
RIGHTS OF THOSE INVOLVED
The parties to whom the personal data refers are entitled to obtain, at any time, confirmation of the existence or otherwise of any personal data concerning them, to obtain information regarding its content and origin, to verify its accuracy, or request that additions or updates be made, or that the data be rectified (Art. 7 of Legislative Decree 30 June 2003 no. 196). In accordance with the same Article, the User is entitled to request the cancellation, transformation in anonymous form or the blocking of data which has been handled in violation of the law, and to oppose its handling for legitimate reasons, even where the data is pertinent to the purposes for which it was gathered.
The Data Controller periodically verifies its privacy and security policy. If necessary it updates it according to amendments introduced by the law, by the company or which are prompted by technological developments. Any changes to the aforementioned policy will be published on this page.
QUERIES, COMPLAINTS AND SUGGESTIONS