Politica sulla Privacy

This page describes the methods used to manage the website you are visiting, with reference to the processing of personal data of users who browse it and/or register for the various services offered.

This information notice is provided pursuant to Art. 13 of Legislative Decree 30 June 2003 No. 196 – Personal Data Protection Code – and Art. 13 of GDPR 679/2016 – “European Regulation on the protection of personal data”.

The information notice applies exclusively to the following website and not to any other websites that may be accessed by the user via links: inchiostromagico.it

DATA CONTROLLER

The data controller is Inchiostro Magico srls – Via Trinacrian. 4, 95041 Caltagirone (CT), VAT No. IT06234030879.

DATA PROCESSOR

The data processor is Cascone Maria, c/o Inchiostro Magico srls – Via Trinacrian. 4, 95041 Caltagirone (CT), VAT No. IT06234030879.

DATA SOURCE

The personal data processed are those provided by the data subject during:
visits or phone calls;
pre-contractual data and information;
operations necessary for processing orders and other requests;
accounting management and tax obligations;
requests for information, including via email or through forms on the website.

PURPOSES OF DATA PROCESSING

Customers’ personal data, if provided, are processed by the Data Controller in order to:
send communications of various kinds and through different means (telephone, mobile phone, SMS, email, fax, regular mail);
submit or fulfil incoming requests;
exchange information aimed at performing the contractual relationship, including pre- and post-contractual activities;
carry out operations necessary for processing orders and other requests;
finally, customers’ personal data will be included in the Data Controller’s archives and used (pursuant to Art. 130 paragraph 4 of Legislative Decree 196/2003 and the General Provision of the Data Protection Authority published in the Official Gazette on July 1, 2008 No. 188/C, guidelines 6, points a, b, c) to send communications regarding products, services, news, and promotions.

DATA PROCESSING LOCATION

The data processing related to the web services of this site takes place at the aforementioned headquarters and is handled only by the administrative staff appointed to data processing, or by individuals in charge of occasional maintenance operations, and in any case not by subjects external to Inchiostro Magico srl, headquartered at Via Trinacrian. 4, 95041 Caltagirone (CT), VAT No. IT06234030879.

No data derived from the web service is communicated or disclosed to third parties, except as described above.

DATA RECIPIENTS

Personal data processed by the Data Controller will not be disseminated, meaning they will not be made available to unspecified parties in any form, including mere consultation. They may be communicated, strictly as necessary, to parties who, for the purpose of fulfilling orders or other requests or services related to a transaction or contractual relationship with the Data Controller, must provide goods and/or perform services on behalf of the Data Controller. They may also be communicated to parties authorized to access them by law, regulations, or EU legislation. In such cases, service providers will be selected among those offering adequate guarantees, as required by Art. 46 GDPR 679/16.

TYPES OF DATA PROCESSED

Navigation data

The computer systems and software procedures used for the functioning of this website may acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified individuals, but could, due to its nature and through processing and association with data held by third parties, allow the identification of users. This category includes IP addresses or domain names of the computers used by users who connect to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the server response status (successful, error, etc.) and other parameters related to the user’s operating system and computing environment. These data are used exclusively to obtain anonymous statistical information on site usage and to check its proper functioning, and are deleted immediately after processing. The data could be used to ascertain liability in the event of hypothetical computer crimes against the site; except for this possibility, web contact data do not persist for more than thirty (30) days.

DATA VOLUNTARILY PROVIDED BY THE USER

The voluntary, explicit, and optional sending of emails to the addresses listed on this site entails the subsequent acquisition of the sender’s address—necessary in order to respond to requests—as well as any other personal data included in the message. Specific summary information will progressively be made available or displayed on the site pages dedicated to specific services upon request.

COOKIES

See the page Cookie Policy

Disabling cookies may prevent the correct functioning of certain services or the use of certain content.

DATA RETENTION

The Data Controller retains and processes personal data for the time necessary to fulfil the purposes indicated. Afterwards, personal data will be stored, but no longer processed, for the period established by applicable civil and tax regulations.

OPTIONAL PROVISION OF DATA

Aside from what is specified for navigation data, users are free to provide personal data requested in the forms addressed to the Data Protection Authority or otherwise indicated when contacting the Office to request informational materials or other communications. There is no obligation for users to provide such data; however, failure to provide them may prevent access to dedicated sections, company updates, and/or the requested services. It should be noted that in some cases (not related to the ordinary management of this site) the Authority may request information pursuant to Art. 157 of Legislative Decree No. 196/2003 for the purpose of monitoring personal data processing. In these cases, responding is mandatory, under penalty of administrative sanctions.

PROCESSING METHODS

Personal data are processed using automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, unlawful or improper use, and unauthorized access (password-protected access, encryption, firewalls, etc.).

RIGHTS OF DATA SUBJECTS

With reference to Art. 7 of Legislative Decree 196/2003 and Articles 15 – right of access, 16 – right to rectification, 17 – right to erasure, 18 – right to restriction of processing, 20 – right to data portability, 21 – right to object, 22 – right to object to automated decision-making under GDPR 679/16, data subjects have the right at any time to obtain confirmation of the existence of their personal data, know their content and origin, verify their accuracy, or request their integration, updating, rectification, deletion, anonymization, or blocking of data processed unlawfully, as well as to object, for legitimate reasons, to their processing.

Requests must be addressed to Inchiostro Magico srl, specifying the subject of the request, the right being exercised, and attaching a copy of an identity document proving the legitimacy of the request, through:

E-MAIL: info@inchiostromagico.it

REGULAR MAIL: Inchiostro Magico srls – Via Trinacrian. 4, 95041 Caltagirone (CT)

WITHDRAWAL OF CONSENT

With reference to Art. 23 of Legislative Decree 196/2003 and Art. 6 of GDPR 679/16, the data subject may withdraw consent at any time, if previously granted.

REFUSAL TO PROVIDE DATA

Customers may not refuse to provide the Data Controller with the personal data necessary to comply with the legal regulations governing commercial transactions and taxation.

Providing additional personal data may be necessary to improve the quality and efficiency of the transaction. Therefore, refusal to provide the data required by law will prevent order fulfilment.

Individuals acting on behalf of “legal entity” customers may refuse to provide their personal data to the Data Controller.

However, providing personal data is necessary for the correct and efficient management of the contractual relationship. Therefore, refusal to provide such data may compromise the contractual relationship, in whole or in part.

AUTOMATED DECISION-MAKING

The Data Controller does not perform any processing that involves automated decision-making on the data of customers or individuals acting on behalf of “legal entity” customers.

This document, published at the above addresses, constitutes the “Privacy Policy” of this website and may be subject to updates at any time, without notice.