Privacy policy
The purpose of the privacy policy is to provide maximum transparency regarding the information collected by the site and how it is used. In compliance with the obligations deriving from national legislation (D. Lgs 30 June 2003 n. 196, Code regarding the protection of personal data, and subsequent amendments) and European regulations (European Regulation on the protection of personal data n. 2016/679, GDPR), this site respects and protects privacy by making every possible and proportionate effort to avoid harming users' rights.
Data Controller
The Data Controller is Gianfranco Soliani located at Via Val di Stava, 14 - 37060 Sona (VR) Italia, contactable at the email info@eco-air.it.
Legal basis of processing
This site processes data based on the consent of users. The granting of consent occurs through the banner at the bottom of each page and through the mandatory checkbox at the end of each information submission form. By using or consulting the site, users approve this privacy policy and consent to the processing of their personal data in relation to the methods and purposes described below, including any disclosure to third parties if necessary for the provision of a service.
The provision of data and therefore the consent to the collection and processing of data is optional; the user can refuse consent and can revoke consent already provided at any time by contacting the Data Controller indicated in section 1. Data Controller. However, refusing consent may make it impossible to provide some services.
The data for site security and for preventing abuse and SPAM, as well as data for statistical analysis of site traffic in aggregate form, are processed based on the legitimate interest of the Data Controller in protecting the site and its users. In such cases, the user always has the right to object to the processing of data (see section 11. User Rights).
Purpose of processing
The processing of data collected by the site, in addition to the purposes connected, instrumental, and necessary to the provision of the service, e.g., managing requests through contact forms, accessing reserved areas, sending orders, or other, is aimed at the following purposes:
Statistics (analysis)
Collection of data and information in exclusively aggregate and anonymous form in order to verify the correct functioning of the site. None of this information is related to the physical person-user of the site and does not allow their identification in any way. Consent is not required.
Security
Collection of data and information to protect the security of the site (anti-spam filters, firewalls, virus detection) and Users and to prevent or unmask fraud or abuse against the website. The data is recorded automatically and may also include personal data (IP address) that could be used, in accordance with current laws, to block attempts to damage the site itself or harm other users, or otherwise harmful activities or constituting a crime. Such data is never used for identifying or profiling the user and is periodically deleted. Consent is not required.
Ancillary activities
Communicating data to third parties that perform functions necessary or instrumental to the operation of the service, and to allow third parties to carry out technical, logistical, and other activities on our behalf. Suppliers have access only to the personal data necessary to perform their duties, and they commit to not using the data for other purposes and to processing the personal data in accordance with current regulations.
Data collected
This site collects user data in two ways:
Data collected automatically
During navigation, the following information is collected: this data is used for statistics and analysis and to identify any site anomalies, exclusively in aggregate form.
- The IP address and time. The information is stored for one hour.
- The browser user agent to analyze any communication errors with the site. In case of errors, the information is stored for a maximum of 30 days.
- Analysis of visits and traffic trends in an anonymous and aggregated manner. This information is stored for 24 months.
Data voluntarily provided
The site may collect additional data voluntarily provided by users during the use of available services. This data is acquired, for example, during information requests, online purchases, or registrations for access to any reserved areas. The data provided will be used exclusively for purposes related to the provision of the requested service and for communication with the user. No data will be shared with third parties without the explicit consent of the user, except for legal obligations.
Below are the data that may be requested:
- First name
- Last name
- Tax code
- Phone number
- Date of birth
- Address of residence or other relevant addresses
Place of processing
The data is processed at the location of the Data Controller indicated in section 1 of this document and at the operational office of the web agency that build this site, which will act respectively as Data Processor and Sub-Processors.
Data retention period
The data collected from forms and voluntarily entered by users for information requests, purchases, or other purposes are retained for the time strictly necessary to manage the request unless there are further purposes arising subsequently for retaining them; such an eventuality will be communicated to the user.
Transfer of collected data to third parties
The data collected by the site is not provided to third parties, except in specific cases: legitimate request by the judicial authority and only in the cases provided by law; when necessary for the provision of a specific service requested by the user; for the execution of security checks or site optimization.
Transfer of data outside the EU
The servers of the hosting provider of the Data Controller are located within the European Economic Area (EEA).
Security measures
We process the data of visitors/users lawfully and correctly, adopting appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of data. We are committed to protecting the security of personal data during transmission by using SSL certificates between servers and clients, which encrypt the information in transit. The processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated.
Cookies
This site uses cookies; cookies are text files that are recorded on the user's terminal. All information related to the cookies used by this site can be found on the cookie policy page.
User Rights
In accordance with the European Regulation 2016/679 (GDPR), the user may, according to the procedures and within the limits established by current legislation, exercise the following rights:
- Oppose in whole or in part, for legitimate reasons, the processing of personal data concerning them for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication;
- Request confirmation of the existence of personal data concerning them (right of access);
- Know the origin of the data;
- Receive intelligible communication;
- Have information about the logic, methods, and purposes of processing;
- Request the updating, rectification, integration, deletion, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary for the purposes for which they were collected;
- In cases of processing based on consent, receive their data provided to the data controller, in a structured format, readable by a data processor and in a format commonly used by an electronic device, at the sole cost of any support;
- The right to lodge a complaint with the supervisory authority (Data Protection Authority – link to the Authority's page);
- As well as, more generally, exercise all the rights recognized by current legal provisions.
Requests should be addressed to the Data Controller indicated in this document.
Update
This document was updated on 28/08/2024.