Privacy policy

Data protection policy for website users

Your privacy matters to us: you can count on us! Read our policy to understand how we process your personal data, and, if you have any questions, please contact us by writing to: privacy@idweb.it

INTRODUCTION
Your privacy is important to us at IdWeb srl.

We have written this privacy policy (hereafter also just “policy”) in a simple and understandable way to help you understand who we are, what data about you we collect, and what we do with it. We want you to be aware that your personal data (hereafter also, simply “data” or “your data”) is represented by any information or set of information from which you can be identified, directly or indirectly, particularly by reference to an identifier, such as your first and last name, e-mail address, telephone number, etc.
Please consider that since this is a generic disclosure, you may find more specific information in relation to different services we offer elsewhere on the site, as well as we may provide different information in relation to specific processing. Please take some time to read the entire notice so that if you do not agree with the way we process personal information, you can avoid providing it to us.

What is the purpose of this policy?
This policy explains how we collect and use (that is: process) your information when you visit our website.

WHO ARE WE?

When this policy says “we” it refers to the data controller, which is IdWeb srl Via Giovan Battista Venturelli 11H (06012) Città di Castello Perugia

WHAT TYPES OF DATA WE COLLECT?
We collect your data when you interact with us. You give us data when you contact us to request information, but we also collect your data automatically when you browse the site.

WHAT TYPES OF DATA WE COLLECT ABOUT YOU?
We may collect your data when you visit our website or ask us for information. We not only collect data that you provide directly, but some data is collected automatically as a result of browsing the site. Below you will find an overview of the categories of data we may process:
A) information you provide to us directly
Categories of data:
– Identification data (Examples of data types: First name, last name, date of birth).
– Contact data (E-mail, phone number)
– Any other information you decide to share with us (content, feedback, opinions, reviews, and any information you provide to us by any means).
B) Information that we collect automatically
During their normal operation the computer systems and software procedures used to operate the site acquire some personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes the IP addresses or domain names of the computers and terminals used by users, the addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.
These data, necessary for the use of web services, are also processed for the purpose of monitoring the proper functioning of the services offered.
Browsing data do not persist for more than seven days (except for any need to ascertain crimes by the judicial authorities).

HOW DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
Cookies are strings of text that are stored in your browser. They can be used for different purposes, either for technical reasons (to help you navigate the site properly) or to track users for marketing purposes (profiling).
We do not use cookies for user profiling, but we do use technical session (non-persistent) cookies, strictly limited to what is necessary for the safe and efficient navigation of the site.

DO WE TRANSFER YOUR DATA ABROAD?
Some processing may involve transfer outside the European Economic Area.
For website navigation, your data is only processed on servers that are located in the EU.
If you write to the email addresses found on the site or transmit data through the contact form, the data will be transferred to the U.S. by the mail service provider as a data controller, in the absence of adequacy decisions: the safeguard taken is the standard contractual clauses approved by the European Commission in 2021.

HOW LONG DO WE PROCESS YOUR DATA?
We process your data until the purpose for which we collected it is fulfilled, but sometimes we may need to process some data longer to fulfill a legal obligation.

HOW LONG DO WE KEEP YOUR DATA?
We keep your data for as long as necessary to fulfill the purpose for which we collected it (for clarification of purposes read “How do we use your data?”). Please keep in mind that in some cases a longer retention period may be permitted or required by law. Criteria for determining the retention period include:
– How long do we need the data transmitted through the platform to provide you with the service or to conduct our business?
– How long do we need your data to provide you with feedback?
– How long do we need your browsing data to ensure the security of the site?
– Have you revoked the consent you gave us (for the processing for which consent is needed)?
– Are we under a legal, contractual, administrative or similar obligation regarding the retention of your data? For example, when there are regulations requiring data retention, or judicial orders to retain data relevant in an investigation, or data must be retained to enforce a right in court.
Browsing data are retained for seven days.
The duration of processing may exceptionally be longer in case of any need for the investigation of crimes or offenses by the judicial or administrative authorities.

WHY DO WE COLLECT YOUR DATA?
We use your data to provide you with the best possible experience, from improving our services to giving assistance to site users.

HOW DO WE USE YOUR DATA?
We may use your data for various legitimate reasons and purposes related to our business. Below you can find the purposes that we process your data for:
Providing you with feedback or assistance (at your request) 
Case Study: responding to your requests or providing you with assistance through our communication channels;
Legal Obligations 
Case Study: Disclose data and information to competent authorities, data protection supervisory authorities, according to applicable regulations, obligations related to record keeping and reporting, conduct audits related to regulatory compliance comply with inspections and requests by governments or authorities, fulfill court requests, e.g. regarding witness obligations;
– Defense in court: Acting or defending ourselves in court;
– Cybersecurity (legitimate interest of the owner) – Developing and maintaining technical and organizational security measures, including with respect to the cybersecurity of the site.

WHAT IF I DON’T WANT TO GIVE YOU MY DATA?
The provision of browsing data is necessary in order to use the website. We have indicated on the site the contact details with which you can contact us, and providing the data is optional, but if you do not provide us with the data necessary to give you feedback, we may not be able to respond to your requests.

WHAT IS THE LEGAL BASIS FOR OUR PROCESSING?
We rely on several legal bases to lawfully process your data:
– Your consent (only when required or permitted by law). If we use consent as the legal basis for processing your data, you can withdraw it easily and without charge at any time;
– The need to comply with obligations imposed on us by law, or to exercise a right or defend ourselves in court;
– The need to pursue a legitimate interest of ours, such as, that of:
– ensuring that our network and information is secure;
– preventing suspected violations of law or investigating violations of law that have actually occurred, as well as of breaches of contracts with business customers or for non-compliance with policies or standards we follow.
The need to respond to or fulfill a request from you.
In addition, if you expressly request it, your data may be used to initiate pre-contractual processing.

HOW DO WE PROTECT YOUR DATA?
We protect your data with appropriate technical and organizational measures.
To protect your data, we take appropriate measures in compliance with applicable law, including asking our service providers to use appropriate measures to keep information about you confidential and to keep your data secure. Depending on the state of the art, implementation costs, and the nature of the data to be protected we put in place technical and organizational measures to prevent risks of destruction, loss, alteration, disclosure, or unauthorized access to your data.

DO WE SHARE YOUR DATA?
We will only share your data when required by law, or when you have expressly allowed us to do so, or to offer you the services you have requested. Your data will not be disseminated to an indiscriminate audience.

WHEN DO WE SHARE YOUR DATA?
We share your data with others only in the cases indicated below. If it is necessary to carry out the purposes set out in this policy, we may share your data with the recipients listed below:
– Providers: we may outsource certain services to third parties we trust to provide us with functionality and services, such as providing ICT services to manage the platform and email.
– Companies, professionals and consultants: we may share your data with professionals and consultants such as insurance companies, lawyers, accountants.
– Public and governmental authorities: when required by law, or when it is necessary to protect our rights, we may share data with relevant agencies.
You can ask us for detailed information about the parties to whom your personal data is disclosed (so-called “recipients”) by writing to the email or paper addresses listed in this policy.

DO WE USE SOCIAL MEDIA?
About the processing of personal data carried out by the managers of the Social Media platforms used by the Controller, please refer to the information rendered by them through their respective privacy policies. The Controller processes the personal data provided by users through the pages of the Social Media platforms referred to it, as part of its legitimate interest to promote and publicize the company’s activities, to manage interactions with users (comments, public posts, etc.) and in compliance with current regulations.
Social media are not technically linked to the site through cookies or pixels.

KEEP CONTROL!
We encourage you to maintain control over your data: Please keep your data accurate and up-to-date.

WHAT DO YOU NEED TO DO?
We want to remind you that it is your responsibility to ensure to the best of your knowledge that the data you provide to us is accurate, complete, and current. In addition, if you share other people’s data with us, it is a specific responsibility to treat that data in accordance with the law. For example, it will be your responsibility to inform the people, whose data you provide to us, of the contents of this notice and to obtain their consent if the law requires it.

WHAT ARE YOUR RIGHTS?
We give you access to your data. You can control your data by asking us to update, amend or, if the law permits, delete it by exercising your rights under Articles 15 to 22 of the GDPR (as applicable).

We encourage you to check your data regularly.
However, you can always contact us if you want to access or review, amend, update, restrict or delete the data you have provided to us (if we are no longer allowed to keep it or are not obliged to keep it).
You can object to certain processing.
You can revoke the consent you have given (for processing based on your consent only). Revocation does not affect the lawfulness of the processing carried out previously.
You can receive copies of your data (in a readable format in common use).
You can ask us to restrict the use of your data (if applicable) and any other information regarding the protection of your data.
We would like to clarify that with regard to data collected automatically during navigation by communication systems, we are not able to identify you based on the information stored. Therefore, Articles 15 to 22 of the GDPR do not apply to these types of data, in accordance with Article 11 paragraph 2 of the GDPR, unless you provide additional information that allows us to identify you in order to exercise your rights under these articles.

Our contact details are:
– Printed mail: IdWeb srl Via Giovan Battista Signorelli 11H (06012) Città di Castello Perugia
Online by e-mail: privacy@idweb.it

RIGHT TO OBJECT
You can always object to processing for marketing purposes, and we will follow up on your request. You can also object to profiling or processing based on legitimate interest. In the latter case, we will follow up on your request by assessing whether our legitimate interest outweighs your interests or fundamental rights and freedoms.

We do our best to respond to requests on time and without cost except when it requires disproportionate effort. In some cases we may ask you to verify your identity before we take over your request. If you are not satisfied with the response you receive, you can complain to the competent supervisory authority in your country (for Italy: Garante per la protezione dei dati personali).

WHEN WILL THIS POLICY BE UPDATED?
Over time, processing operations may evolve and change, and the notice reflecting them may be modified.
This policy may change over time. The most recent version of the policy on this site is the one that reflects the processing of personal data and information that we operate.
This policy was updated in February 2023.