The objective of the measure is to identify a number of minimum requirements for the collection of personal data online and, in particular, the procedures, timing and nature of the information to be provided to users when they connect to the web page, regardless of the purpose of the connection.
The Data Controller
Data relating to identified and identifiable persons may be processed further to consultation of this site. The Data Controller is Soana, in place of its Legal Representative, contactable through written communication to the addresses at the foot of every page of the company website.
Types of data processed
The information systems and software procedures relied upon to operate this website acquire certain personal data as part of their standard functioning, the transmission of which is an inherent feature of Internet communication protocols. It is information which is not collected to be associated with identified data subjects, but by its nature could, through processes and associations with data held by third parties, permit the users’ identification. This data category includes the IP addresses or the domain names used by users connecting with the site, the URI (the so-called “Uniform Resource Identifier”) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, the returned file size, the numerical code indicating the state of the reply given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT context. These data are used solely for the purpose of obtaining statistical information on use of the site and to control its correct functioning. The data could be used, only further to request of the competent authorities, for ascertaining liability in the event of alleged cybercrime to the detriment of the site. The optional, explicit and voluntary forwarding of electronic mail to the addresses indicated on this site imply the subsequent acquisition of the address of the sender, necessary for responding to requests, as well as any other personal data included in the message.
The optional nature of the provision of data
Apart from what is specified for browsing data, the user is free to provide the personal data shown on the request forms to Soana or , in any case, indicated in contacts to invite the sending of informative material or other communications. Their failed provision can lead to the impossibility of obtaining what is requested.
In compliance with art. 8 of the GDPR, no one under 16 years of age may send information to this Website without the prior consent of their parents or legal guardians, or make purchases or enter into legal agreements through this site without the aforementioned consent, unless this is permitted by current laws.
Methods and purposes of processing
Personal data are processed with automated tools strictly for the necessary time to achieve the purposes for which they were collected. In accordance with art. 32 of the GDPR, specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. Data processing serve the following purposes: a) institutional purposes in compliance with legal obligations, related to the activities of Soana and compliance with national and / or EU regulations, regulations; b) registration to Soana and subscription to the newsletter: request from the interested party to register to the site and/or to receive communications from Soana relating to their business; c) request for information by the interested party on products or assistance in the pre or post sales phases;
d) communication and commercial activities: promotion and advertising in general including sending of newsletters, marketing, direct sales, promotion of new commercial offers from third party companies – to which the data may be communicated – through letters, telephone, e-mail , sms, etc .; e) research and profiling purposes: carrying out checks concerning the level of customer satisfaction; research and processing of statistics, including the ones in anonymous form, as well as market studies and research, user profiling, including ones with electronic tools; f) communication, transfer or concession of use, for any reason, of the data to third parties so that they can create, in relation to their own services and / or products third parties to whom the data may possibly be communicated (becoming these independent data controllers) , marketing activities by any means, processing of market research, studies and statistics, carrying out direct sales, user profiling, carrying out checks on the level of customer satisfaction, promotion and advertising.
The processing operations of personal data, such as the collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other available form, comparison or interconnection, limitation, cancellation or destruction, taken place both manually and electronically with such data being stored in an electronic database designed for this purpose to fulfill the obligations and for the purposes indicated above.
The personal data contained in the aforementioned automated information system, as well as those stored in the electronic archives of the Data Controller, are processed in accordance with the provisions of current legislation of the GDPR regarding security measures, in order to minimize the risks of destruction, loss, modification, unauthorized disclosure or access, accidentally or illegally, or treatment not in accordance with the purpose of the collection.
Consent of data supply
Apart from what has been said for navigation data, the user is free to provide personal data contained in the request forms to Soana or indicated in contacts to request the sending of informative material or other communications. Failure to provide data may make obtain what is requested impossible.
In reference to the purposes of the processing of points d, e, f, the consent to the processing of personal data is purely optional. Any requests on the exercise of data can be made directly through the appropriate form in the Assistance section.
Data communication scope
In relation to the aforementioned purposes, the personal data of the interested party may be disclosed to the following categories: (i) subjects to whom the data transfer is necessary or is in any case functional to the performance of the owner’s business; (ii) supervisory authorities and bodies, or other subjects whose right of access to said data is recognized on the basis of provisions of law or regulation; (iii) companies entrusted with auditing activities; (iv) survey companies about: quality of services provided, customer satisfaction, new products offering, marketing and advertising, etc; (v) companies that carry out archiving services for documentation, relating to relationships with customers; (vi) third-party companies that become, where appropriate, independent data controllers, for their own and / or third party marketing, promotion and advertising purposes attributable to different industrial sectors. The data collected, for which the relative consent has been given, may be disclosed, transferred, or licensed to use to natural and / or legal persons belonging to the categories described above for the same purposes referred to in this informative. These subjects will operate as independent data controllers or external data processors.
Means of processing
The personal data are processed with automated tools for the time strictly necessary for accomplishing the purpose for which they have been collected. In compliance with art. 32 of the GDPR, specific security measures are adopted to prevent the loss of data, unlawful uses and non-authorised access.
Rights of the data subjects
Dissemination of personal information
Personal information shall never be disseminated, apart from in the cases described in this policy.
What are cookies
Cookies are short fragments of text (letters/numerals), which allow the web server to memorise information about the customer (the browser) to be reused during the same visit to the site (session cookies) or in subsequent visits, also for long periods (persistent cookies). The cookies are memorised, on the basis of the user’s preference, by the single browser on the specific device used (computer, tablet, smartphone). Similar technologies are useable to collect information on the user’s behaviour and on the use of the services. Subsequently in this document, we will make reference to cookies and to all the similar technologies using always the term “cookies”.
What are the main types of Cookies
Management of third-party cookies
To guarantee greater transparency and convenience, a description and web address of the policy and the procedures for managing cookies is given for each third-party site installable through this site, besides offering the possibility to refuse consent for the installation of the cookies.
It’s a service for analysing web traffic provided by Google, used to monitor and improve the performance of the host site (performance cookies). Google Analytics can collect and analyse in anonymous form information regarding use behaviour. This information is collected by Google Analytics, which processes it in order to draw up reports on the websites. This site, through the anonymising of the user’s IP address, does not use (and does not consent third parties to use) the Google analysis tool to monitor or collect personal identification information. Google does not associate the IP address to any other data possessed by Google, nor links an IP address to the identity of a user. Google can also communicate this information to third parties if this is imposed by law or in the event that third parties process the aforementioned information on behalf of Google. For further information, reference should be made to the link indicated below:
The user can selectively disable the actions of Google Analytics by installing on their own browser the opt-out component provided by Google. To disable the action of Google Analytics, reference should be made to the following link:
Google Adwords is a service provided by Google which makes it possible to carry out advertising campaigns and to monitor conversions, to keep track of visualisations and the level of appreciation of an advertisement. For further information, reference should be made to the link indicated below: https://www.google.com/intl/it/policies/technologies/ads/ The user may selectively disable the actions of Google Adwords by installing on their own browser the opt-out component provided by Google. To disable the action of Google Adwords, reference should be made to the following link: http://www.google.com/settings/ads For all third-party cookies In the event that it is particularly difficult to identify all third parties, especially for the profiling of preferences, the following links are shown:
How to disable cookies from your browser
The user can also decide whether to accept the cookies or not, using their browser settings. Warning: total or partial disabling of technical cookies may compromise the use of the functions of the site reserved for registered users. In contrast, the public, non-reserved contents can be used also when completely disabling the cookies. The disabling of third-party cookies does not affect browsing in any way. The setting can be defined more specifically for different sites and web applications. The best browsers, moreover, permit the definition of different settings for own cookies and for third-party cookies. By way of example, in Mozilla Firefox, through the Tools->Options ->Privacy menu, it’s possible to access a control panel where the user can accept or not the different types of cookies and proceed with their removal. To deny consent for the use of one or more cookies, the user can access the Link according to their browser:
Microsoft Windows Explorer: