Privacy Policy
1. Abstract
Consultation of the web page https://www.dilemmi.com/ involves the intake of information having the nature of personal data. Where their processing proves necessary without, however, a legal basis for doing so, we will always request your free, explicit and informed consent. Exceptions are those cases in which the processing of data is permitted by virtue of legal provisions. In compliance with the provisions of EU Reg. 2016/679 (European Regulation for the Protection of Personal Data, hereinafter “Regulation”) we provide you with due information regarding the processing of the personal data you provide. The information is not to be considered valid for other websites that may be consulted through links on the domain websites of the owner, who is not to be considered in any way responsible for the websites of third parties. This information is provided in accordance with art. 13 of the Regulations for the Protection of Personal Data) and is also inspired by the provisions of Directive 2002/58/EC, as updated by Directive 2009/136/EC, on Cookies as well as the provisions of the Provision of the Guarantor Authority for the Protection of Personal Data of June 10, 2021, No. 231.
2. Processable personal data
Personal data is any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, by reference in particular to an identifier such as a name, an identification number, location data, an online identifier, or one or more characteristic elements of his or her physical, physiological, genetic, mental, economic, cultural or social identity.
3. Data Controller
Dilemmi S.r.l.
Via Spluga, 49
23870 Cernusco Lombardone (LC)
Italy
Reg. Number: IT03908510138
privacy@dilemmi.com
Dilemmi is responsible for ensuring the application of organizational and technical measures necessary and appropriate for the protection of personal data. The company has appointed a Data Protection Officer (the so-called “DPO”), in charge of ensuring compliance with the rules for the protection of its Privacy, who can be contacted for matters relating to the processing of your data, at the following e-mail address: dpo@dilemmi.com
4. Methods of data processing and access
The owner adopts a contextualization prototype that incorporates the basic elements of the Regulations. The data will be processed mainly with electronic – computer tools and stored both on computer media and on any other type of suitable media, in compliance with the security measures provided for in its Internal Regulations (Company’s Information Security Policy, hereinafter “ICT Policy”) and may involve all the operations provided for in Article 4, paragraph 2 of the Regulations that may be necessary. No personal data are provided to third parties for commercial purposes, no selling or renting of personal data is carried out. Finally, processing will not be subject to automated decision-making. The data may be known in connection with the performance of assigned tasks by the Owner’s staff, including, temporary workers, consultants, collaborators all specially authorized to the processing. In fact, The person in charge/authorized/designated is a natural person, bound by law to comply with data protection obligations, appointed by letter of appointment and bound by confidentiality agreement.
5. Data Transfer
The data are currently processed and stored in the national territory. They may also be processed, on behalf of the writer, by companies and/or professionals, including external ones, to the extent necessary for the performance of the services entrusted to them within the territory of the European Union or Extra-EU after recognition of adequacy by the European Commission (Art. 45 Regulations), or with adequate safeguards that provide for enforceable rights and effective remedies for the data subjects (Art. 46 Regulations).
6. Data Security Policy
Dilemmi has introduced measures to protect the security of user data. It treats the data of visitors/users lawfully and fairly, taking appropriate security measures to prevent unauthorized access, unauthorized disclosure, modification or destruction of data. It is committed to protecting the security of your personal data during their submission, using Secure Sockets Layer (SSL) software, which encrypts information in transit. The processing is carried out using computer and/or telematic tools, with organizational methods and logic strictly related to the stated purposes. Regarding the protection and security of data, it is not possible to provide detailed descriptions of them, since the protection of security measures to prevent unauthorized disclosure, is at least as important as the security measure itself. However, by making an express and specific request such information can be requested by you, through the communication channels described above.
7. Purpose: the processing activities
Visiting our website involves the collection and processing of personal data, including our social media profiles. By using or consulting the site, as a concluding behavior, visitors and users approve this privacy policy and consent to the processing of their personal data in the manner and for the purposes described below, including possible disclosure to third parties if necessary for the provision of the service. The data may be subject to the processing of:
7.1 Website Navigation
The provision of data is implicitly provided and is done automatically by browsing the Website, so if you do not intend to provide any personal browsing data, please do not visit this Website or use it. When you browse our Website, your browser will transfer certain data (so-called “Observed Data”) to our web server. In particular, the following data are collected, stored and used briefly: I) IP address – II) Date and time of access – III) Content of the request (specific site) – IV) Access status /http status code – V) Volume of data transferred – VI) Web site requesting access – VII) Browser, language settings, browser operating system version and surface.
Type of data
Observed Data (telematics traffic data)
Purpose
Activities related to and necessary for information security
Legal Basis
Legitimate overriding interest of the Holder
Data Retention
Twelve months the telematics traffic data
7.2 Cookie
On the site we use “technical” cookies, small files of information that are recorded on the memory of your computer, smartphone or tablet as you browse the site itself, which serve solely for its proper functioning and to improve your browsing experience. No computer techniques are used in any way for the direct acquisition of your personal identification data or systems for tracking or profiling you. In fact, our systems do not use any type of persistent cookies. Even though Dilemmi S.r.l. unipersonale strives to implement possible technical measures to disable or neutralize any third-party cookies on its site, sometimes these types of files could still be activated using functions that allow you to interact with social networks and these could then track your browsing. For more information please see the privacy policy of the respective social networks.
7.3 Use of telematic addresses for sending communications and/or inquiries
The conferment is given by the optional, explicit and voluntary sending of messages to the contact addresses. Failure to provide the data will result in the impossibility of obtaining what has been requested or to use the services. It is not, therefore, necessary to acquire your consent, since the refusal to provide the data would not allow us to establish the contractual relationship and / or the fulfillment of the resulting obligations.
8. Scope of data knowledge
The data collected by the site, in addition to the purposes related, instrumental and necessary to the provision of the service, may be shared with third parties for the purposes listed below. Specifically:
- Ancillary activities: communicating data to third parties who perform functions necessary or instrumental to the operation of the service, technical, logistical and other activities on our behalf. Providers have access only to personal data that are necessary to perform their tasks, and agree not to use the data for other purposes, and are required to process personal data in accordance with applicable regulations
- Public and private entities, including as a result of inspections or audits or for the fulfillment of obligations arising from the Law or mandatory Regulations, Community Regulations or National Regulations
Third parties to whom your Personal Data may be disclosed act as:
- Data controllers, i.e., entities that determine the purposes and means of the processing of Personal Data
- Data Processors, i.e., individuals who process Personal Data on behalf of the Data Controller
Personal data will not be disseminated and therefore will not be brought to the knowledge of unspecified subjects: they may be communicated, meaning by this term the giving of knowledge to one or more determined subjects, other than the Data Controller, the Managers, internal but also external to the corporate structure and the data processors identified and appointed, for the pursuit of the purposes indicated above and in any case within the limits of the same.
9. Privacy Rights
At any time you may exercise your rights, as described in Articles 15-21 of the Regulation, by means of a written request to the Data Controller, or to the DPO, at the contact addresses above, attaching a valid ID*. In the event you believe that the processing of personal data relating to you is carried out in violation of the provisions of the Regulation, you have the right to lodge a complaint with the Guarantor, or take legal action in the appropriate courts.
*To ensure the proper exercise of rights, you must make yourself unambiguously identifiable. The Data Controller undertakes to provide feedback within 30 days and, if it is impossible to comply with these timeframes, to justify any extension of the timeframe. Feedback will be provided free of charge except in cases of unfoundedness (e.g., there is no data concerning the requesting data subject) or excessive requests (e.g., repetitive over time) for which a fee may be charged not exceeding the costs actually incurred for the research carried out in the specific case. Rights referring to personal data concerning deceased persons may be exercised by those who have an interest of their own or are acting to protect the data subject or for family reasons deserving protection.
10. Changes
The Owner reserves the right to change, update, add or remove portions of this policy at its discretion and at any time. In order to facilitate such review, the notice will contain the date of the update. Any updates will be communicated to you in a timely manner by appropriate means, if the Controller will follow up on the processing of Your data for purposes other than those set forth in this notice, prior to proceeding with such processing and in time to provide Your explicit consent, if necessary.