In compliance with the General Data Protection Regulation (EU) 2016/679 – “GDPR”, and in particular pursuant to Art. 13, we hereby provide the necessary information regarding the processing of the personal data provided. This policy does not apply to other websites that may be consulted via links on the data controller’s domain website, who is therefore not liable in any way for third-party websites.
This policy is also based on Recommendation No. 2/2001, which the European Data Protection Authorities, brought together in the Working Party established by art. 29 of Directive 95/46/EC, adopted on 17 May 2001 to identify certain minimum requirements for the collection of personal data online, and, in particular, the manner, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection, as well as the provisions of Directive 2002/58/EC, as amended by Directive 2009/136/EC, regarding Cookies.
Personal data (art. 4 GDPR) means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (C 26, C 27, C 30).
The computer systems and software procedures put in place to make this website function will acquire, during normal operation, certain personal data for which transmission is implicit in the use of Internet communication protocols. This category of data includes: IP addresses or the domain names of computers and terminals used by users, URI/URL (Uniform Resource Identifier/Locator) addresses for the requested resources, the time of the request, the method used to make the request to the server, the size of the file received in response, the numerical code indicating the status of the response provided by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computing environment.
Data communicated by the data subject
The optional, explicit and voluntary sending of messages to the contact addresses, as well as the filling in and sending of forms on the Data Controller’s website, entails the acquisition of the sender’s contact data, which are necessary in order to reply, as well as all personal data included in the communications.
The Data Controller, pursuant to articles 4 and 24 of Regulation (EU) 2016/679, is LIMONTA SPORT SPA, with registered offices in Corso XXV Aprile 167/b, 22036 Erba (CO), represented by its Managing Director pro tempore. The contact email of the Data Controller is: firstname.lastname@example.org, telephone +39 035 481 2111.
For more information on the cookies used by this website, please see the cookies policy via the following Link.
|Purpose of data processing||Legal basis||Duration of data storage||Nature of provision|
Legitimate interest of the Data controller (Art. 6, par. 1, letter f) GDPR): activities strictly necessary for the operation of the site and the provision of the platform navigation service.
|Until the end of the browsing session||The provision of navigation data is necessary in order to allow navigation of the website. Failure to provide said data will render it impossible to navigate on the site.|
|Filling out the contact request form||Pre-contractual measures(art. 6 par. 1 letter b) GDPR): the execution of pre-contractual measures adopted at the request of the data subject.||1 year||The provision of data is necessary in order to receive a reply from the Data controller. Failure to provide the data will result in the impossibility to fulfil the request.|
|Direct marketing activities via subscription to the newsletter service||Consent (art. 6 par. 1 letter a) GDPR): the data subject has freely consented to the processing of their personal data.||Until consent is revoked (Opt-out)||The provision of data is optional and without it, your data will not be processed for this purpose. Refusal to provide the data will not affect the usability of the other purposes indicated.|
|Profiling of users to send promotional communications regarding activities/products/services in line with their interests||Consent (art. 6 par. 1 lett. a) GDPR): the data subject has freely consented to the processing of their personal data.||5 years, or in the event of withdrawal of consent (opt-out), whichever is earlier||The provision of data is optional and without it, your data will not be processed for this purpose. Refusal to provide the data will not affect the usability of the other purposes indicated.|
|Sending CVs for job applications||Pre-contractual measures (art. 6 par. 1 letter b) GDPR): the execution of pre-contractual measures adopted at the request of the data subject.||Maximum 24 months||The provision of data is necessary. Failure to provide personal data will render it impossible to apply.|
Data of a personal nature that has been provided may be communicated to recipients who will process the data in their role as autonomous data controllers or as data processors (article 28 of the GDPR) or as an authorised figured acting under the authority of the Data Controller (article 29 of the GDPR) in order to fulfil existing contracts with the Company or for related purposes. In particular, the data may be communicated to recipients belonging to the following categories:
– entities providing IT management services for the Data Controller and services for the management of the telecommunications network (including the website and electronic mailing services).
– freelancer, firms or companies providing assistance and consultancy services.
– the respective authorities for the fulfilment of legal obligations and/or compliance with measures issued by public organisations, on request.
The list of Data Processors is constantly updated and is available from the Data Controller’s headquarters.
Data transfer to a third-party country and/or an international organisation
Personal data provided will not be transferred outside the European Economic Area (EEA).
There are no fully automated decision-making processes as the Data Controller performs profiling activities through the intervention of the operator, in particular processing consumer profiles and analysing consumer habits and choices in order to improve the commercial offer and services proposed.
Rights of the data subject | Lodging complaints with the Supervisory Authority
You may exercise your rights as expressed in Articles 15 and onwards of Regulation (EU) 2016/679 by contacting the Data Controller by email to email@example.com. You have the right, at any time, to ask the Data Controller for access to, rectification of, erasure of, or restriction of your personal data. Furthermore, in applicable cases, you have the right to object to the processing of your data at any time. In applicable cases, you have the right to the portability of your personal data, and in this case the Data Controller will provide you with said personal data in a structured, commonly used and machine-readable format. In addition, you have the right to object at any time to the processing of your data based on legitimate interest and, in applicable cases, you have the right to revoke the consent given without affecting the lawfulness of the processing based on the consent before revocation. To stop the sending of marketing communications, simply write an email to firstname.lastname@example.org with the subject line “unsubscribe marketing”. To stop the sending of personalised profiled marketing communications simply write an email to email@example.com with the subject line “unsubscribe profiling”. Without prejudice to any other administrative or judicial solutions, if you consider that the processing of data concerning you violates the provisions of Regulation (EU) 2016/679, pursuant to Art. 15 letter f) of the aforementioned Regulation (EU) 2016/679, you have the right to lodge a complaint with the Italian Data Protection Authority (https://www.garanteprivacy.it/).
Date of revision: 1 June 2022