INFORMATION ON THE processing OF PERSONAL DATA AND THE USE OF COOKIES IN THE FRUIT OF CONTAINS ASSOCIATED TO THE TREVORUTILITY.COM DOMAIN – Reg UE 679/16 – D.lgs. 196/03 s.m.i.
1 – Data controller, Data Protection Officer and contact information
2 – Purpose of processing
2.1 – General Purposes
2.2 Purpose of data processing without logging in – cookie management
2.3 Purpose of data processing for registration, logging in and for consulting the confidential content of trevorutility.com
2.4 Purpose of the processing of data communicated through the contact webform
2.5 Purpose of the processing of data processed following the request to subscribe to the newsletter
2.6 Purpose of data processing following access to trevorutility.com social network profiles
3 – Categories of data processed
4 – Scope of communication and dissemination
5 – Methods of processing, duration of storage and cancellation
6 – Assessment of the risks to the fundamental rights and freedoms of the individual and security measures
7 – Nature of consent and consequences of refusal to authorize the processing
8.1 Rights guaranteed by law
8.2 Methods of exercising rights
8.3 Reporting of critical issues in compliance with the law
1 – Data controller, Data Protection Officer and contact information
The Data Controller is BAGNOLI NET S.R.L., p.i. 02487260354 with registered office in VIA ROMA 31/B – 42035 CASTELNOVO NE’ MONTI (REGGIO EMILIA) and can be contacted at the following addresses info@bagnolinet.it – PEC bagnolinetsrl@legalmail.it – Tel +390522612073
The Data Protection Officer is: Giorgia Bagnoli and can be contacted at the following addresses: info@bagnolinet.it or at +390522612073
2 – Purpose of processing
2.1 – General Purposes
The use of the website on the domain trevorutility.com is possible in anonymous mode, by providing only name, surname and email address (in case of sending a request via web form) or following a login to the website backend.
In general, the processing operations connected to these purposes – including the use of cookies – are exclusively related to the technical and functional handling of the site, the fulfilment of regulatory obligations, the response to requests from the person concerned.
2.2 Purpose of data processing without logging in – cookie management
Access to the domain trevorutility.com without logging in is completely anonymous.
The cookies used this way are generated by:
• Google Tag Manager
• Google Analytics
• Jsndelivr.com
and serve (the first two) for the generation of statistics on access to, and use of, the specific pages of the site and, the third, for the optimized management of the website’s pages delivery.
The “Facebook” and “Youtube” icons allow you to connect directly to the relevant TrevorUtility profiles.
Although the Data Controller has no way of identifying the user accessing the site certified on the domain trevorutility.com, both Google and Facebook could, in full autonomy, identify the user on the basis of other information known to them. The user is therefore invited to read the respective information on the processing of personal data before proceeding.
2.3 Purpose of data processing for registration, logging in and for consulting the confidential content of trevorutility.com
The cookies generated for the use of the site in this mode are:
• Google Tag Manager
• Google Analytics
• Double click
and are used to generate statistics on access to, and use of, specific pages of the site.
The processing operations for which the provision of data is requested are finalized:
• the stipulation and execution of the contract for the use of the services of trevorutility.com,
• the fulfilment of the associated regulatory obligations,
• the exercise of the rights of the defence in the event of disputes
The traffic data (listed in point 3 below) automatically generated by the server hosting the Trevor Utility platform are processed for the purposes of
• allow access to the reserved part of the site
• manage user authentication
• manage the security of the platform
• respond to technical and access problems
2.4 Purpose of the processing of data communicated through the contact webform
The purpose of the processing of data communicated through the contact web form is exclusively to respond to the request made by the user
2.5 Purpose of the processing of data processed following the request to subscribe to the newsletter
The purpose of processing the data communicated through the request to subscribe to the newsletter is exclusively to send periodic information communications
2.6 Purpose of data processing following access to trevorutility.com social network profiles
By accessing without adopting any preventive measure to the social profiles of the Holder, the interested party could become idenfiticated or identifiable by the Holder himself. If the interested party wants to remain anonymous, it is necessary that, in advance, he regulates the access parameters in the most appropriate way.
The “unencrypted” access to the social profiles of the Data Controller implies that the data collected by the platform and made available to the Data Controller may be subject to statistical analysis and individualized by the platform and shared with the Data Controller (NOTE: It is NECESSARY TO DECIDE HOW TO USE THE ANALYTICS OF FB).
3- Categories of data processed
Personal data processed for the purposes referred to in:
• point 2.3 are: surname and first name (except in the case of individual companies/professionals, company name, address, business address, VAT number are not data relating to a natural person), as well as the entries generated by the webserver (IP of origin, date and time of connection, operating system, user-agent, etc.) without any possibility of knowing whether the data in question are true or whether they have been altered by the user.
• point 2.4 are: name and e-mail address (insofar as they belong to natural persons and not to legal persons)
• point 2.5 are: name, email, mobile phone number (as long as they belong to natural persons and not to legal persons)
4 – Scope of communication and dissemination
Except in cases required by law, personal data collected through this site will not be disclosed or communicated to third parties.
5 – Methods of processing, duration of storage and cancellation
Almost all personal data is processed by computer and occasionally manually.
Cookies are stored on the computer of the person concerned, who can delete them at any time.
Traffic data are stored, for the purposes referred to in point 2 above, for 2 months after which they are automatically deleted.
The registration data shall be kept for the duration of use of the service and, on termination of the service, shall be set aside for the duration of the civil and fiscal prescriptive period, so as to be made available only to public authorities.
The data sent by the person concerned for recontact shall not be retained, unless the person concerned confers them again at the time of registration for the use of the Trevor Utility services.
The data used to send the newsletter are deleted at the time of the request of the person concerned to no longer receive communications.
6 – Assessment of the risks to the fundamental rights and freedoms of the individual and security measures
The purposes of the processing of personal data requested from or conferred by the data subject and the personal data themselves do not constitute an appreciable risk to the fundamental rights and freedoms of individuals.
The personal data in question, in fact, are incapable of infringing the fundamental rights guaranteed by the Constitution and are not subject to individual profiling or other processings that may raise the level of risk referred to in the preceding paragraph.
The security measures adopted – in line with the level of risk referred to in the preceding paragraphs – shall consist at least of:
• use of a digital certificate for the identification of the site
• security-oriented design of the platform, with specific attention to the prevention of attacks such as SQL injection and Cross Side Scripting, as well as password management,
• installation of centralized antivirus and antispam software
• setting up of a backup system with the possibility of restoring the data within 72 hours
7 – Nature of consent and consequences of refusal to authorize the processing
Given the purposes of the processing, the type of data processed and the level of risk to the rights and fundamental freedoms of the person concerned, the Data Controller may go ahead with the processing without requesting the consent of the data subject.
However, as a measure of further guarantee, the processing operations that require the active provision of data by the person concerned are still subject to the provision of consent, the failure to provide which will not allow the sending of the newsletter nor the successful completion of the registration and conclusion of the contract.
8 – Rights guaranteed by the law, their exercise and reporting of critical issues in compliance with the law
The data subject shall have the rights set out in Articles 11 et seq. of Regulation (EU) No 679/16 and in particular – but not limited to – the right to know which personal data are being processed and the respective purposes and logic of processing, the right to request rectification, updating, erasure, blocking or restriction of processing of the data in question and the right to know the identity of the entities to whom or which the personal data have been communicated/disseminated.
8.2 Methods of exercising rights
The rights in question may be exercised directly against the Holder, by sending an e-mail to the address bagnolinetsrl@legalmail.it attaching a copy of an identity document (which will be used only for the management of the procedure referred to in this article).
The interested party must use a PEC in order to guarantee the certainty of the date of sending, in order to calculate the starting date of the terms for sending the reply.
In the absence of a PEC, the interested party must send the request to exercise his rights and the copy of the identity document by registered letter with return receipt to the registered office of the Holder, indicated in point 1 of this document.
The Holder shall reply within the time limits provided for by law, using the same address and the same communication channel chosen by the interested party.
8.3 Reporting of critical issues in compliance with the law
The interested party may report any critical issues in compliance with the regulations by writing to the Data Controller or Data Protection Officer at the addresses indicated in point 1 of this information notice.