NOTES ON DATA PROCESSING: information obligations, according to Art. 13 and 14 GDPR 679/2016
1. Name and contact details of the person responsible for processing and the company data protection officer
This data protection notice applies to data processing by:
Vitalstein OHG d. Schwitzer K. & Kasslatter M.
39049 Pfitsch (BZ)
South Tyrol / Italy
Phone: +39 0472 765239
ZEP / PEC (only for Italy): firstname.lastname@example.org
Tax, VAT and registration number in the Bozen commercial register: 02648450217
2. Collection and storage of personal data as well as the type and purpose of their use
a) When you visit our website, the browser used on your device automatically sends information to the server on our website. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your part and stored until it is automatically deleted:
– IP address of the requesting computer,
– date and time of access,
– name and URL of the file called up,
– website from which access is made (referrer URL),
– browser used and, if applicable, the operating system of your computer and the name of your access provider.
The data mentioned are processed by us for the following purposes:
– ensuring a smooth connection to the website,
– for the contractual processing.
– ensuring comfortable use of our website,
– evaluation of system security and stability as well as
– for further administrative purposes.
b) When registering for our newsletter: if you have requested according to Art. 6 Para. 1 S. 1 lit. a GDPR, we will use your email address to regularly send you our newsletter. It is sufficient to provide an email address to receive the newsletter. You can unsubscribe at any time, for example directly on the website. Alternatively, you can send your unsubscribe request at any time to email@example.com by email.
c) When using our contact forms: If you have any questions, we offer you the opportunity to contact us using a form provided on the website. It is necessary to provide a valid email address so that we know who sent the request and to be able to answer it. Further information can be provided voluntarily. Another contact form is available when you send a wishlist. Several data must be entered here so that we can make you the best possible offer. The data processing for the purpose of contacting us takes place in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR based on your voluntarily given consent. The personal data collected by us for the use of the contact form will be automatically deleted after your request has been dealt with, if they are not required for processing a sale.
3. User generated content
The sender of content (photos / videos / reports, etc.) confirms that he owns all rights to the material sent. He transfers all rights to reproduce, distribute, publicly reproduce and make publicly accessible this material. Recordings made by the sender on the occasion of the same event will not be forwarded to other media and will not grant third parties any rights to them.
The site owner is entitled to edit and archive the sender’s material. The rights granted by the sender are unlimited in time, space and / or content. The site owner is not obliged to identify the author of the work. The sender of content undertakes not to violate any applicable legal provisions or any contractual provisions when using the website owner’s services.
In particular, he undertakes to ensure that any content he sends in does not violate the rights of third parties, that the applicable criminal laws and youth protection provisions are observed and that no racist, grossly offensive, pornographic or extremist, violence glorifies or trivializes, advertises a terrorist or extremist political association, Disseminated content that encourages a criminal offense, contains insulting statements, insulting or unsuitable for minors or any other criminal content. In order to protect the data, the sender also undertakes to comply with the recognized principles of data security and to check the content with the greatest possible care for viruses, worms, Trojans or other programs that endanger or impair the functionality of the website. Sending in advertising content, especially spamming, is not permitted. The sender releases the site owner from any claims by third parties that they may assert against the site owner due to the sender’s violation of their rights. This also includes the costs of adequate legal prosecution and legal defense. The site owner is entitled to reject, delete or edit / change the submissions without giving reasons. There is no legal right to publication.
In the case of publication, the sender gives his consent to the publication of the content, his name and place of residence. There is no entitlement to remuneration/fee.
How data is used in public administration
The processing is to fulfill a task of public interest in fulfillment of the obligations according to the law on public communication, the accessibility law and the code of digital administration.
In accordance with transparency legislation, we indicate that there are product placements on this webpage and content that is placed on behalf of third parties; (D, lgs. No. 97 of May 25, 2016 – FOIA and transparency)
Mandatory information according to EU Regulation No. EU 524/2013 of the European Community
Platform for online settlement of consumer disputes (EU ODR) https://ec.europa.eu/consumers/odr
The data are processed with IT systems and/or in manual form, at least by means of suitable procedures that guarantee the security and confidentiality and availability of the same.
The communication of the data is optional.
Failure to provide data has the effect of preventing this administration from responding to the requests submitted by the data subjects.
The data can be communicated to: all legal entities (offices, corporations and organs of public administration, companies or institutions) who are obliged to know or are allowed to know them within the meaning of the provisions, as well as those persons who have the right to access files or the general citizen access. In the case of special personal data and / or data on criminal convictions and offenses, the notification is made to the legal subjects specified in the regulation for the processing of sensitive and judicial data (measure of the data protection authority) and in the forms specified there.
The data can be taken note of by the person responsible, the processors, the data protection officer, the person responsible for processing personal data and the system administrator of this administration.
The data will only be disseminated within the framework permitted by the regulations.
The processing according to the information provided will only last as long as is absolutely necessary to meet the obligations imposed on the person responsible by national and / or transnational laws, as well as by the laws of the countries to which the data may be transmitted are.
4. Transfer of data
A transfer of your personal data to third parties for purposes other than those listed below does not take place. We will only pass on your personal data to third parties if:
– according to Art. 6 Para. 1 S. 1 lit. a GDPR you have given express consent to this,
– the transfer according to Art. 6 Para. 1 S. 1 lit. f GDPR is required to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
– in the case that there is a legal requirement for the transfer according to Art. 6 Para. 1 S. 1 lit. c GDPR, and
– this is legally permissible and according to Art. 6 Para. 1 S. 1 lit. b GDPR is necessary for the processing of contractual relationships with you.
Third country transfer: Google processes your data in the USA and has submitted to the EU_US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework).
5. Rights of data subjects
You have the right:
– to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can obtain information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a The right to lodge a complaint, the origin of your data, if we have not collected it, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information on their details;
– to immediately request the correction of incorrect or incomplete personal data stored by us in accordance with Art. 16 GDPR;
– to request the deletion of your personal data stored by us in accordance with Art. 17 GDPR, unless processing to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend Legal claims is required;
– to request the restriction of the processing of your personal data in accordance with Art. 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it to assert it Need to exercise or defend legal claims or you have objected to processing in accordance with Art. 21 GDPR;
– in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common, and machine-readable format or to request that it be transmitted to another person responsible.
– to revoke your consent given to us at any time in accordance with Art. 7 Para. 3 GDPR. As a result, we are no longer allowed to continue the data processing based on this consent in the future and
– to complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our headquarters.
– For further information, please visit the homepage https://www.garanteprivacy.it/
6. Right to object
If your personal data has been processed on legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, provided there are reasons for this that arise from your particular situation or the objection is directed against direct mail. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.
If you would like to exercise your right of withdrawal or objection, an email to firstname.lastname@example.org is sufficient.
7. Data security
We use the popular SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser when you visit our website. Usually this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether a single page of our website is being transmitted in encrypted form by the closed key or lock symbol in the lower status bar of your browser. We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
8. Current status and changes to this data protection declaration