This information is provided in accordance with the provisions of Article 13 of the General Regulation on the Protection of Personal Data (EU Reg. 2016/679 – GDPR).
It contains all the information about the methods, purposes and times of processing of Users’ personal data, as well as their rights and how they can be exercised.
- WHAT IS PERSONAL DATA?
The term “personal data” refers to all information relating to a natural person (his/her characteristics, habits, lifestyle, personal relationships, state of health, economic situation, etc.) that can be used to identify him/her, either on their own or in combination (Art. 4(1)(1) GDPR).
Personal data that identify a natural person directly are, for example, personal data (first and last name) and images. Personal data that indirectly identify a natural person are, for example, telephone number, tax code, IP address, e-mail address, license number, credit card details, etc.
In addition to the so-called “common” personal data (those indicated above and which are also referable to entities – public and private – associations and companies), there are the so-called “particular”, ex-sensitive personal data, i.e. those relating to health, life or sexual orientation, genetic data, biometric data, those revealing racial or ethnic origin, religious and philosophical beliefs, political opinions, trade union membership (art. 9 GDPR).
The so-called “judicial” personal data are instead those that reveal criminal convictions, security measures or the quality of defendant or suspect (art. 10 GDPR).
- WHAT PERSONAL DATA ARE PROCESSED?
Personal data provided by Users by voluntarily filling in the form to request advice in the areas indicated therein (name, surname, profession, e-mail and telephone).
Navigation data and anonymous data, collected automatically, exclusively for the purpose of obtaining anonymous statistical information on the use of the Site (including, by way of example, IP addresses, navigation times, geographical data and other parameters relating to the User’s operating system and computer environment), as well as for security reasons and to ascertain responsibility in the event of computer crimes against the site or third parties.
- WHO PROCESSES PERSONAL DATA?
Users’ personal data are processed by Q DIVISION LTD, with registered office in Suite 4.01, Ormond Building 31-36 Ormond Quay Upper Arran Quay Dublin 7 – D07 F6DC, in its capacity as Data Controller, which can be contacted at the following e-mail address: [email protected].
The processing is carried out by the Data Controller and the Data Processors, identified in writing and with specific instructions.
The User may request a list of the Data Processors by sending a specific request to the following e-mail address: [email protected], including the word “Privacy” in the subject line.
- FOR WHAT PURPOSES ARE PERSONAL DATA COLLECTED?
The data provided voluntarily by the User by filling in the ad hoc consultancy request form (name, surname, e-mail, telephone) are processed exclusively for the purpose of responding to your requests for information.
The legal basis for the processing is consent, which is manifested in the request for information.
The provision of such data is necessary for the User to receive the requested service. Failure to provide such data will therefore make it impossible to provide the same.
Other data may be collected only at a later date in the event that the User decides to request advice. In this case, the User will receive a proposal for assistance and professional consultancy with a relative estimate, accompanied by the issue of a new information notice.
All personal data provided will be processed, electronically and otherwise, to the extent strictly necessary for the management of the sending of a quotation and related requests for information.
- WHERE ARE PERSONAL DATA PROCESSED AND STORED?
Personal data are processed at the Q Division headquarters.
Personal data may be processed using manual/computer/telematic/paper instruments, using methods strictly necessary to fulfil the purposes indicated in point 4 of this information notice and such as to guarantee the security and confidentiality of the data, as well as compliance with the specific obligations laid down by law.
- HOW LONG WILL PERSONAL DATA BE STORED?
No person under the age of 14 may submit personal data through this site without the prior consent of their parents or guardian.
- WHAT ARE THE USER’S RIGHTS?
The User has the right to exercise the following rights provided for and regulated by Articles 15 et seq. of the GDPR.
- Right of access: the User has the right to know what personal data are processed by the data controllers, for what purposes, to whom they are communicated and has the right to obtain a copy of them.
- Right to revoke consent: if the User has given consent, he may revoke it at any time, easily, by contacting the joint owners at the following email address: [email protected]. Revocation of consent does not affect the legitimacy of the processing carried out up to that moment.
- Right of rectification: if you realize that you have communicated incorrect or incomplete personal data to the Joint Data Controllers, you have the right to request the correction of the error or the addition of information available to the Joint Data Controllers.
- Right to erasure – “right to be forgotten”: the User may request the erasure, anonymization or blocking of personal data processed in breach of the law, including data whose retention is unnecessary for the purposes of processing. However, the Joint Data Controllers will not be able to comply with the User’s request and will have to keep the data if required by law and/or relevant reasons of public interest or if the Joint Data Controllers demonstrate that they have suffered an unlawful act and must defend themselves before the Judicial Authorities.
- Right to restrict processing: You have the right to request that the processing of your personal data be restricted to certain purposes only. In this case, the co-processors will retain the personal data collected up to that moment and will request consent each time they carry out processing for each additional purpose pursued. In any case, the data controllers may process the User’s personal data for the exercise or defense of legal claims or to protect the rights of another person or for important reasons of public interest.
- Right to personal data portability: the User has the right, at any time, to request and receive his or her personal data in a structured, commonly used and readable format on his or her device in order to transfer it directly to another data controller.
- Right of objection: the User may object, at any time, to the processing of his or her personal data if it is processed without his or her consent, provided that he or she gives detailed reasons for doing so.
- HOW CAN THE USER’S RIGHTS BE EXERCISED?
Users may exercise their rights by making a request to the following e-mail address: [email protected] indicating in the subject line “Exercise of privacy rights”.
The request is made freely and without constraints by the User, who has the right to receive, without delay, an appropriate response, and may renew it for justified reasons.
In any case, if the User believes that his/her personal data are processed in violation of the provisions of the GDPR, he/she has the right to lodge a complaint with the Guarantor (art. 77 GDPR) or to take legal action (art. 79 GDPR).
This is the link where you can find the complaint form and information on how to fill it in and submit it: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524.
In order to exercise your rights, you may avail yourself of the services of natural persons, entities, associations or bodies, conferring, for this purpose, a written proxy and having a trusted person assist you.
- HOW IS PERSONAL DATA PROTECTED?
Users’ personal data are collected in compliance with the principle of minimizing the data processed (only the data strictly necessary to provide the services and/or manage the information requested are acquired).
Processing operations are carried out in such a way as to guarantee the security of data and systems. Specific security measures are adopted in order to minimize the risks of destruction or loss, even accidental, of the data, unauthorized access, unauthorized processing or processing that does not comply with the purposes indicated in this information notice. In particular, the page uses the HTTPS protocol for server authentication and encryption of the communication channel. The security measures adopted, however, do not allow for the absolute exclusion of risks of interception or compromise of personal data transmitted by telematic means. It is therefore recommended that you check that your device is equipped with appropriate software systems to protect the telematic transmission of data, both incoming and outgoing (such as, for example, up-to-date antivirus systems, firewalls and anti-spam filters).
- CHANGES TO THE INFORMATION NOTICE