Privacy Notice - UE nr. 679/2016
“PRIVACY LAW” 
 
Pursuant to art.13 Regulation UE nr.679/2016 Privacy Law, you are informed that your data are processed by Sirmione2 Spa, the data controller, in compliance with the provisions in force, and in particular that:
 
Purpose of data processing
All personal data gathered via our website are and will be processed for the following purposes:
  • To send commercial information requested, in case of contact;
  • To send information and advertising material, if you specifically so request.
Data processing method
Data are processed (collected, recorded, stored and used) as follows:
  • using IT tools (with the aid of computers);
  • paper-based (by collecting documents in traditional dossiers, files and paper archives), strictly related to the purposes indicated and, in any case, to ensure the safety and confidentiality of data.
Nature of data submission
Your providing personal data is essential for us to provide the service requested. If you do not provide such data, it will be impossible for us to provide the service requested.
The optional, explicit and voluntary sending of electronic mails to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary to reply to requests, and of any other personal data included in the message. The information provided shall not be disclosed to any individual except for those involved in data processing.
Communication of data
The data collected shall not be disclosed to external companies.

Navigation data
During their normal operation, the IT systems and software procedures that enable this website to function acquire some personal data the transmission of which is implicit when Internet communication protocols are used. This information is not gathered in order to be associated with a particular person but rather, due to the nature of data so obtained, visitors could be identified through processing and combination with data held by third parties. This category of data includes IP addresses or domain names of computers used by visitors who log in the website, addresses of requested resources in URI (Uniform Resource Identifier) format, time of request, method used to submit the request to the server, size of the file obtained in reply, number code indicating the status of the reply given by the server (successful, error, and so on) and other parameters related to the visitor’s operating system and IT environment. These data may be used for the sole purpose of collecting information on external cracker attacks and they are automatically deleted at specific time intervals. These data could be used to establish liabilities in case of hypothetical IT crimes against the site or third parties; except for this possibility, under this condition, data are not saved permanently unless users so request.
Scope of disclosure of data
The disclosure of data is not envisaged.
The optional, explicit and voluntary sending of electronic mails to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary to reply to requests, and of any other personal data included in the message. The information provided shall not be disclosed to any individual except for those involved in data processing.
Persons in charge of data processing
The data controller is Sirmione2 Spa Via Salvo D'Acquisto, 15 - 25010 Colombare di Sirmione (Brescia) in the person of its legal representative.
Sales staff, technicians and administrative personnel specifically appointed may get to know the data processed. You may request to know the list of these Persons in charge.
Data Subject’s Rights
Pursuant to Article 7 of Italian Privacy Law.
  1. Data subjects are entitled to obtain confirmation as to whether or not personal data relating to them are held, even if they are not yet recorded, and the communication of the same in an intelligible form..
  2. Data subjects are entitled to be informed about:
    a. the source of personal data,
    b. the purposes and methods of processing,
    c. the logic applied if data is processed electronically,
    d. the identity of the data controller, data processors and the representative appointed pursuant to Article 5, par. 2,
    e. the recipients or categories of recipients to whom personal data may be disclosed or who may acquire such data as appointed representative(s) in the territory of the country, data processors or as part of their role as controllers or persons in charge.
  3. Data subjects are entitled to ask and obtain:
    a. that their personal data be updated, corrected, or when in their interest, completed;
    b. that data processed against the law be deleted, transformed into anonymous form or frozen, including data which need not be held to fulfil the purposes for which they were collected or subsequently processed;
    c. confirmation that the operations mentioned under letters [a-b] above have been notified, also as regards their content, of those to whom the data were communicated or distributed, unless this requirement proves to be impossible or involves a disproportioned effort compared with the right that is to be protected.
  4. Data subjects are entitled to object, in whole or in part:
    a. on legitimate grounds, to the processing of their personal data even though such data are relevant to the purpose for which they were collected;
    b. to the processing of their personal data for the purpose of sending advertising material or direct sales or for market research or commercial communication.
To exercise these rights as well as to know the updated list of the names of data controllers, you may refer to:
Sirmione2 Spa Via Salvo D'Acquisto, 15 - 25019 Colombare di Sirmione (Brescia)
Partners