Information on the processing of personal data pursuant to Regulation (EU) 679/2016
Pursuant to Regulation (EU) 2016/679 (hereinafter “GDPR” or “Regulation”), the methods for processing the personal data of the users who browse the website are described below
Following the navigation of the site mentioned above, data relating to identified or identifiable natural persons may be processed.
The data controller is Quadra Research S.r.l., with registered office in Udine, Viale Giovanni Paolo II 3, Tax Code/VAT number 02786400305.
To exercise the rights recognised by REGULATION (EU) 2016/679 (hereinafter “GDPR” or “Regulation”) or to request any clarification regarding the processing of personal data, it is possible to contact the Data Controller at: telephone (0432.486407), fax (0432.487229), email firstname.lastname@example.org.
INFORMATION ON THE TYPES OF DATA BEING PROCESSED
The computer systems and software procedures used to operate the site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes IP addresses or domain names of computers and terminals of users, addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment.
|Purpose and legal basis of the processing (Article 13, paragraph 1, letter c)||This data is used to check the correct operation of the site and to obtain statistical information (most visited pages, number of visitors by time or day, geographical areas of origin, etc.). The data could also be used to ascertain responsibility in case of hypothetical computer crimes against the site (legitimate interests of the owner).|
|Scope of communication (Article 13, paragraph 1, letters e, f)||The data is processed exclusively by internal personnel, duly authorised and trained in such processing and will not be disclosed to external subjects, disseminated or transferred to non-EU countries. Only in the event of an investigation can it be made available to the competent authorities.|
|Data retention period (Article 13, paragraph 2, letter a)||The navigation data are not stored.|
|Data provision (Article 13, paragraph 2, letter f)||The data is not provided by the data subject but is automatically acquired by the technological systems of the site.|
The optional, explicit and voluntary sending of messages to the contact addresses, as well as the completion and forwarding of the forms on the site, involve the acquisition of the sender’s contact data, necessary to respond, as well as all personal data included in the communications.
Specific information is published on the pages of the site dedicated to the provision of certain services.
RIGHTS OF THE DATA SUBJECT
The data subject has the right to request:
- access to his/her personal data and information (article 15 of the GDPR);
- the correction or cancellation of the same (articles 16 and 17 of the GDPR);
- the limitation of the processing of personal data (article 18 of the GDPR).
Furthermore, the data subject may:
- oppose the processing of personal data under the conditions and within the limits set out in article 21 of the GDPR;
- exercise the right to data portability (article 20 of the GDPR).
With regard to processing operations based on consent (pursuant to article 6, paragraph 1, letter a) and article 9, paragraph 2, letter a) of the GDPR), the data subject has the right to withdraw his/her consent at any time (without prejudice to the lawfulness of the processing based on the consent given before the revocation).
Finally, should the data subject believe that the processing of his/her personal data violates the GDPR, the data subject has the right to lodge a complaint with a supervisory authority (Data Protection Authority or any other competent body) pursuant to article 77 et seq. of the GDPR.