Privacy Policy

Information on the processing of personal data pursuant to Article 13 of EU Regulation 679/2016 and the Privacy Code as amended by Legislative Decree. 101/2018.

1. FOREWORD: DEFINITIONS

Personal data: means any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more characteristic elements of his or her physical, physiological, genetic, mental, economic, cultural or social identity.

Processing: means any operation or set of operations, whether or not involving automated processes, applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction.

Special categories of personal data: means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data relating to a person’s health or sex life or sexual orientation.

Data controller: means the natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of the processing of personal data.

2. DATA CONTROLLER

The Data Controller is MIEVA S.R.L. (C.F. / P.IVA: 02097260307), with headquarters at Via Taigete n. 17, San Michele al Tagliamento (VE), 30028 Fraz. Bibione, e-mail: ashanti@agenziamc.com; pec: mievasas@pec.it

3. TYPE OF DATA, PURPOSE AND LEGAL BASIS FOR PROCESSING

a) Browsing data: The personal data processed are only those that are provided by users during browsing and whose transmission is implicit in its internal communication protocols, such as IP address, operating system, browser used and other information collected through the cookies installed on the Site of which please view the specific information COOKIE POLICY. This data is used only to obtain anonymous information about the Site. The purpose of the processing is the proper functioning of the Site. The legal basis for the processing is the legitimate interest of the Data Controller.
b) Data for the preparation of quotes and requests for availability: these are personal and contact data such as name, surname, e-mail address, telephone number) provided by users, Mieva S.r.l. in general, except for specific customer requirements, does not process special data. We therefore invite users not to enter, in the collection form, data that may reveal racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership in parties, trade unions, associations or organizations of a religious, philosophical, political or trade union nature, state of health. The purpose of the processing is the fulfillment of the request made by the user. The legal basis is consent.
c) Data provided by the user by filling in the contact form: these are the personal and contact data (such as name, surname, e-mail address, telephone number) provided by users to fill in the contact form. Mieva S.r.l. in general, unless specifically requested by the customer, does not process special data. We therefore invite users not to enter, in the collection form, data that may reveal racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership in parties, trade unions, associations or organizations of a religious, philosophical, political or trade union nature, state of health. The purpose of the processing is the fulfillment of the contact request made by the user. The legal basis of the processing is consent.
d) Data collected for sending newsletters (periodic e-mail message to be updated on our activities and services). The legal basis for processing is consent.
e) Data collected for profiling activities consisting in the analysis of the services you requested and the processing by the agency of your profile in order to improve the commercial offer and services proposed to you. The legal basis for the processing is consent.
(f) Data collected for the agency to send commercial and promotional communications. The purpose of the processing is the sending of commercial information. The legal basis for processing is consent.

4. COMPULSORINESS OF PROVIDING DATA

The provision of data for the purposes mentioned in 3:

• letter a) is required to allow navigation on the site;
• (b), (c), (d), (e) (f) is optional.

5. METHODS OF PROCESSING AND COMMUNICATION OF DATA TO THIRD PARTIES.

Processing may be carried out through the collection, recording, storage and processing, and deletion of data by both paper and electronic means. Data are not subject to dissemination or automated decision-making.

They may be communicated to data processors, such as employees and collaborators of the Data Controller, third parties (companies and professionals) who provide services on behalf of the Data Controller related to the functionality of the site, business operations and the fulfillment of contractual, legal and administrative obligations.

Lastly, the data may be transmitted to the police and to the judicial and administrative authorities, in accordance with the law, for the detection and prosecution of crimes, the prevention of and safeguard against threats to public safety, as well as to enable the Data Controller to exercise or protect a right of its own or of third parties before the competent authorities, as well as for other reasons related to the protection of the rights and freedoms of others.

6. EXTRA-EU DATA TRANSFER

Data are stored and processed within the European Union.

In the event of any processing of personal data outside the European Union, the same will take place only after appropriate safeguards have been adopted, as required by the mandatory regulations.

7. DATA RETENTION PERIOD

The data provided will be kept for a limited period of time for the purposes stated in 3 above:

• browsing data are kept for as long as necessary to provide the service and, then, immediately deleted, except as provided for cookies in the appropriate policy COOKIE POLICY;
• data provided through the contact form are kept for as long as necessary to process the request;
• data retained to facilitate registration at subsequent stays are retained for 3 years (term to be considered renewed at each subsequent stay);
• data for marketing and profiling activities are kept until the manifestation of revocation of consent and in any case for a maximum period of 24 months after your last expression of interest;
• data for sending the newsletter are kept until consent is revoked (opt-out).

8. RIGHTS OF THE DATA SUBJECT

The data subject is entitled to exercise the following rights in relation to the personal data covered by this notice, as provided for and guaranteed by the Regulations:

• Right of access and rectification (Articles 15 and 16 of the Regulations): you have the right to access your personal data and to request that they be corrected, amended or supplemented.
• Right to data deletion (Art. 17 of the Regulations): in the cases provided for in the current legislation, you can request the deletion of your personal data;
• Right to restriction of processing (Art. 18 of the Regulations): you have the right to request the restriction of the processing of your personal data in case of unlawful processing or contestation of the accuracy of personal data by the data subject;
• Right to data portability (Art. 20 of the Regulation): you have the right to request to obtain, from the Data Controller, your personal data in order to transmit them to another Data Controller, in the cases provided for in the mentioned article.
• Right to lodge a complaint (Art. 77 of the Regulations and Art. 141 of Legislative Decree 101/2018): you have the right to lodge a complaint before the competent Data Protection Authority if you believe that a violation of your rights has occurred, or is occurring, with regard to the processing of your personal data (more information on this from www.garanteprivacy.it).
• Right to revoke consent given (Art. 13 of the Regulations): for personal data processing that finds its legal basis on consent, you have the right to revoke, at any time, the consent given, by contacting the Data Controller as indicated below.

9. WAYS OF EXERCISING RIGHTS

At any time, the data subject may exercise his or her rights with reference to the personal data processed by the Data Controller by sending a specific written request to exercise his or her rights by racc. a/r to the company’s registered office, or by e-mail to the address: ashanti@agenziamc.com or by pec to the address: mievasas@pec.it.