This Privacy Policy is provided, pursuant to art. 13 of EU Regulation No. 2016/679 (hereinafter “GDPR”) and to art. 13 of Lgs. Decree 196/2003 as amended by Lgs. Decree 101/2018, to all those who interact with VERTUS S.R.L. browsing the site https://www.vertus.it/

We inform you that the processing of personal data supplied will be done using methods and procedures aimed at ensuring respect of fundamental rights and freedoms, the dignity of the person concerned, with particular regard to confidentiality, security, personal identity and to the right of protection of personal data and it will be conducted in accordance with the rules of lawfulness, correctness, pertinence and non-excess, as prescribed by the EU Reg. 679/16.

1) Data Controller

The Data Controller is VERTUS S.R.L. Via Sant’Orsola 3 – 20123 Milano – mail: info@vertus.it

2) Object of processing

The processed data refer to:

– Data collected automatically. Information on the use of the website.

The site uses the WordPress platform, therefore the navigation data collected automatically and indicated below are not accessible to the Data Controller, but will be processed directly by the platform https://it.wordpress.com/ on which the site is allocated; the related privacy policy can be consulted at  https://automattic.com/privacy/ 

The navigation on our site involves the processing of data on the browser and device you are using and of your IP address (this is the number that identifies a specific device on the internet and that is necessary so that the device can communicate with the sites). We will be able to analyse which site it came from, what it did or did not do on our site. The computer systems and applications dedicated to the operation of this website detect, during their normal operation, some data (the transmission of which is implicit in the use of Internet communication protocols) potentially associated to identifiable users. Among the collected data the following are included: the IP addresses and domain names of computers of the users who connect to the site, the addresses in URI notation (Uniform Resource Identifier) for resources requested, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the reply given by the server (successful, error etc.) and other parameters concerning the operating system, the browser and the IT environment of the user. These data are processed, for the time strictly necessary, for the sole purpose to obtain statistical information on the use of the site and to control its regular operation. The provision of these data is mandatory as it is directly linked to the web browsing experience.

During the navigation of Users the following information may be collected and stored in the log files of the server (hosting) of the site: 

– internet protocol (IP) address;

– browser type;

– parameters of the device used to connect to the site;

– name of the Internet Service Provider (ISP);

– date and time of visit;

– web page of origin of the visitor (referral) and exit page;

– possibly the number of clicks.

– Data provided voluntarily by the user. Within the site there are no data collection forms, therefore by browsing the website no further data can be voluntarily provided. The Data Controller does not require any other data.

– Cookies. The site uses first and third party technical cookies related to the operation of the site. The site does not use first-party/third-party profiling cookies which may collect users’ navigation data, the provision of which is mandatory for technical cookies to allow navigation. The cookies operate in order to analyse the effectiveness of the site and to make it easier and more intuitive over time. For more information please see the privacy policy provided by WordPress which can be consulted at the address https://automattic.com/privacy/  

3) Legal basis of processing

The legal basis of this processing is:

  1. in the fulfilment of obligations provided for by law (ex art. 6.1, lett. c), of the GDPR); 
  2. in the consent of the interested party to the processing, implicit, browsing within the site (ex art. 6.1, lett. a), of the GDPR);
  3. in the legitimate interest of the Data Controller (ex art. 6.1, lett. f), of the GDPR).

4) For what purposes we use your personal data

The collection and processing of personal data will be carried out without the need of your explicit consent:

– if applicable, for compliance and obligations provided for by EC laws and regulations or by provisions issued by authorities legitimated by law and by supervisory bodies;

– to protect the security of the site and users, to expose and prevent frauds and/or abuse against the website;

– to allow you to browse the website by collecting cookies of a technical nature;

– for the legitimate interest of the Data Controller, in case he wants to exercise a legitimate right in Court.

5) How long we keep your personal data

The data collected automatically will be stored and accessible by the WordPress platform for the period and in the manner indicated in the relative privacy policy, available at https://automattic.com/privacy/  

At the end of the retention period the Personal Data will be deleted. Therefore, at the end of this period the right of access, cancellation, rectification and the right to data portability can no longer be exercised.

6) Security of your personal data

The data will be processed using appropriate tools to ensure its confidentiality, integrity and availability. The processing is carried out through information systems and will include all operations or complex of operations provided for by art. 4 of the GDPR and necessary to the processing in question, including the communication with the subjects in charge of the processing itself. The data in question will not be subject to disclosure.

7) Who can access your personal data

Access to your data can only be made by authorized persons in the context of the tasks assigned by the Data Controller and/or third parties appropriately appointed external data processors pursuant to art. 28 UE Reg. 679/16, within the scope of the purposes described above; data, in addition, may be accessible or may be disclosed to those whose right to access your personal data is recognized by provisions of law or secondary or EC regulatory provisions.

8) Where your personal data are stored

To know how your browsing data collected automatically are managed and stored, please see the privacy policy provided by WordPress available at https://automattic.com/privacy/

The list of the persons in charge of and those authorized to the data processing is available at the Data Controller’s office.

9) Is it mandatory to consent to the provision of your data?

The provision of browsing data is mandatory to continue browsing the website.

The Data Controller does not require any other data.

 

10) What are your rights in relation to the GDPR?

According to the provisions of the GDPR, the Data Controller ensures the following rights:

• obtain confirmation whether or not personal data concerning you is being processed and, in this case, obtain access to personal data (Right of Access art. 15);

• obtain the rectification of inaccurate personal data concerning you without undue delay (Right to Rectification art. 16);

• obtain the deletion of personal data concerning you without undue delay: the Data Controller is obliged to delete your personal data without undue delay under certain conditions (Right to be Forgotten art. 17);

• obtain the restriction of processing in certain cases (Right to Restriction of processing art. 18);

• receive in a structured format, of common use and readable by automatic device the personal data you have provided and have the possibility, if necessary, to transmit them to another Data Controller (Right to data portability art. 20);

• object, in any moment, for reasons related to your particular situation, to the processing of data concerning you (Right to object art 21);

• receive without undue delay communication of the data breach suffered by the Data Controller and/or by the persons in charge, if said violation represents a threat to the rights and freedoms of the interested party (Art. 34);

• withdraw your expressed consent at any time (Conditions for consent art. 7).

11) Procedure to exercise rights

To exercise one of the rights indicated in point 10) you can send a registered letter with return receipt to the Data Controller: VERTUS S.R.L. – Via Sant’Orsola n. 3 – 20123 Milano or send an email at info@vertus.it

In addition, if you think that we have not respected your rights regarding the protection of personal data, you can contact the Data Protection Authority. Alternatively, if you reside in another Country, you can contact your local Data Protection Authority.

12) Update of this policy

This policy may change. Any material change will be communicated through our website.