This page describes the methods used to manage the site in relation to the processing of the personal details of the users who visit the site.
This policy information is provided in accordance with the terms of Article 13 of Italian Legislative Decree No. 196/2003 (the Italian Data Protection Act) to those who interact with the web services of Rocca delle Maće S.p.A. via the following e-mail addresses:
http://www.roccadellemacie.it and http://www.roccadellemacie.com
This policy information relates exclusively to the Rocca delle Maće site and not to other websites that may be visited by the user via links on the Rocca delle Maće site.
This information takes its cue from Recommendation No. 2/2001, which the European authorities for the protection of personal data – within the group established as a result of Article 29 of Directive No. 95/46/CE – adopted on May 17, 2001, in order to set out certain minimum requirements for the online compilation of personal data and, in particular, to set out the nature of the information (including the methods used and timescales applied) that data controllers must provide to users when users visit web pages, regardless of the reason for the visit.
THE DATA CONTROLLER
Data relating to identified or identifiable individuals may be processed once said individuals have visited this site. The data controller (i.e. the entity responsible for the processing operations) is Rocca delle Maće S.p.A., a company with its registered headquarters at the following address: Loc. le Maće 45, Castellina in Chianti (SI), Italy, Tel. +39 05777321, Fax. +39 0577743150, e-mail firstname.lastname@example.org.
The personal details supplied by users who submit requests for informative material (newsletters, responses, brochures, etc…) to be sent out to them are used exclusively to deliver the requested service and are disclosed to third parties only when necessary for that purpose.
LOCATION OF THE DATA-PROCESSING OPERATIONS
The processing operations relating to the web services of this site are dealt with exclusively by technical personnel charged with the relevant responsibility and are carried out at the aforementioned headquarters of Rocca delle Maće S.p.A. No details derived from the web service are communicated or disclosed.
TYPES OF DETAILS PROCESSED
The IT systems and software procedures deployed to ensure the functionality of this website acquire, during the normal execution of their operations, a number of pieces of personal data, the transmission of which is implicit in the use of communication protocols on the internet.
The pieces of information in question are not compiled in order to be associated with specifically identified individuals, but due to their very nature they could – by processing and associating them with data held by third parties – allow the identity of users to be revealed.
This category of details includes: the IP addresses or domain names of the computers used by the users to connect to the site; the web addresses, in the form of URIs (Uniform Resource Identifiers), of the requested resources; the time of the request; the method used to forward the request to the server; the size of the file received in response; the numerical code indicating the status of the response given by the server (success, fail, etc.) and other parameters relating to the user's operating system and IT environment.
These details are used for the sole purpose of providing anonymous statistical information on the use of the site and to check its correct functionality. They are cancelled immediately after they have been processed. The details may be used to ascertain responsibility in cases of computer crimes against the site, but – except in relation to this eventuality – the details on web hits will not be stored for more than seven days.
Details supplied voluntarily by the user
The optional, explicit and voluntary sending of e-mail to the addresses stated on this site connotes the subsequent acquisition of the e-mail address of the sender – which is required in order to respond to the requests – along with any other personal details included in the message.
None of the user's personal details are intentionally acquired from the site. Cookies (i.e. systems used to trace users) are not used for the transmission of personal information, nor are so-called persistent cookies of any type. The use of so-called session cookies (which are not stored on the user's computer and are deleted when the browser is closed) is strictly limited to the transmission of the session-identifier data (constituted by random numbers generated by the server), which is necessary to allow for the secure and efficient exploration of the site. The session cookies used on this site do not have recourse to other IT techniques that could potentially compromise the confidentiality of users' browsing operations, and moreover, they do not allow the acquisition of personal details that identify the users.
OPTIONAL NATURE OF THE GRANTING OF ACCESS TO DETAILS
Aside from those details compiled during browsing, the user is at liberty to provide his or her personal details to the data controller in the request forms on the Contact page, or to request the sending out of informative material or other communications. The refusal to provide said details may make it impossible for the requested service to be fulfilled.
METHODS USED FOR PROCESSING
The personal details supplied by users who send information requests or who book guided tours are used for the exclusive purpose of providing the requested service. They are not generally disclosed, though they may be communicated to third parties when necessary (i.e. to courier companies to enable the sending out of the requested informative material).
The personal details are processed using automated tools, and the processing operations last only as long as is required to fulfill the purposes for which the details were collected. Specific safety measures are put in place to prevent the loss of the details, their illegal or unfair use, or unauthorized access to them.
RIGHTS OF THE DATA SUBJECTS
You are hereby informed that Italian Legislative Decree No. 196/03 affords you, as the data subject, specific rights. In particular, you can demand confirmation from the data controller of whether or not any of your personal details are currently being held, and you can request that any details being held be communicated to you in an intelligible form. Moreover, you have the right to be informed as to the source of the personal details held, the purpose(s) for which they are being processed, the logic applied (in cases where the processing operations are conducted using IT equipment), the contact details of the data controller and the data managers, and those of the subjects or categories of subjects to which the personal details may be disclosed or which may become party to them.
You also have the right to request: the updating, correction or (when it is in your interest) completion of the details; the cancellation, making anonymous or blocking of access to any details processed illegitimately; and confirmation that the aforementioned operations have been communicated to any individuals to whom the details have been disclosed.
In addition, you have the right to oppose, for legitimate reasons, the processing of the personal details in question, even if still relevant to the purpose(s) for which they were collected, and to oppose the processing of the relevant personal details if said operation is being carried out with a view to sending you advertising, direct sales, market research or commercial material.
In relation to all of the above matters, please contact the data controller by mail, fax or e-mail, using the following details: Rocca delle Maće loc. le Macie 45, 53011 Castellina in Chianti (SI), Italy, fax +39 0577 7321, e-mail: email@example.com