Privacy Policy

Privacy Policy

  1. Home
  2. Privacy Policy

Privacy Policy

We would like to inform you that European Regulation 2016/679 (hereafter GDPR) establishes rules on the protection of individuals with regard to the processing of personal data, as well as rules on the free movement of such data aimed at protecting the fundamental rights and freedoms of natural persons, in particular the right to the protection of personal data. The free movement of personal data within the Union may not be restricted or prohibited for reasons relating to the protection of individuals with regard to the processing of personal data. We would therefore point out that ‘personal data’ within the meaning of the above mentioned GDPR means any information relating to you directly or indirectly in your quality as an Interested Party, in particular regarding an identifier such as your name, an identification number, location data, an online identifier or one or more elements characteristic of your physical, physiological, genetic, mental, economic, cultural or social identity. The site’s management methods are also described herein with reference to the processing of personal data of users who consult it and have access to the reserved area. This information is also provided in accordance with art. 13 of the GDPR to those who interact with the METEDA SRL web services, which can be accessed electronically at the addresses:

www.meteda.it   >  www.metadieta.it > www.metadieta.com

This information is provided only for sites referable to METEDA SRL and not for other websites that may be consulted by the User through links. Following consultation of this site, data relating to identified or identifiable persons may be processed.

The purpose of this information is to identify certain minimum requirements for the collection of personal data online, and, in particular, the manner, timing and nature of the information that data controllers must provide users when they connect to web pages, regardless of the purpose of the link.

1.   IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER
The identity of the Data Controller and its references, also reported in the header, are as follows:

  • METEDA SRL
  • Address: Via Antonio Bosio, 2 Int.10 – 00161 Roma (RM)
  • Administrative and Operational Headquarters: Via Silvio Pellico, 4 – 63074 San Benedetto del Tronto (AP)
  • Contacts: e-mail privacy@meteda.it Phone: +39 0735 783021 Fax: +39 0735 83887

2. PURPOSE OF THE PROCESSING – LEGAL BASIS
The processing operations connected to the web services of this site are carried out at the above mentioned offices of the Data Controller, at the offices identified by the operator of the website and are carried out only by personnel authorised to the processing, or by persons in charge of occasional maintenance operations. No data deriving from the web service is disclosed. The personal data provided by users who request the sending of material regarding the service requested (or even only of an informative nature) are used to respond to the User’s requests and may be communicated to third parties only if necessary and if involved and functional to the fulfilment of the aforementioned requests.

The collection and processing of the User’s personal data will be carried out in compliance with the general principles of necessity, fairness, relevance and not excessive and in particular the data processing will be carried out for:

A. to answer questions and provide the information requested by the User (the optional, explicit and voluntary sending of e-mails to the addresses indicated on this site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message) and to contact the User regarding the services provided by METEDA Srl;

B. the use of so-called video tutorials, provided – subject to registration of the individuals concerned – by the writer through the dedicated page of the company web portal, in order to instruct each registered User on the functionality and use of the proprietary applications licensed;

C. the “NEWSLETTER” service to which the User may freely subscribe. The personal data provided by users when registering for the above service will be used solely for the purpose of sending the newsletter and will not be disclosed to third parties, nor will they be used in non-anonymous and/or aggregate form for profiling and similar activities;

D. assistance request activities (ticketing), with authenticated access via login and password, or assistance with remote connection;

E. insertion of requests for assistance on our corporate CRM;

F. necessary and indispensable treatments of an operational, management, accounting and other nature;

G. some data (identification and fiscal) will be used for registrations and communications required by law;

H. verification of the degree of customer satisfaction with regard to the services produced and any other kind of request, through personal or telephone interviews, to which each interested party will be free not to lend themselves and which, in any case, will be kept anonymous and will not be used for purposes other than customer care, with a view to a constant improvement of customer support services;

I. prior “consent of the interested party” for purposes functional to commercial/promotional activities such as commercial communications, sales, sending advertising material or for carrying out market research on the services offered (for example: updates on initiatives, offers and promotions relating to services and products related to the activities of METEDA Srl and third parties with whom it collaborates, programs and promotions, including online, aimed at rewarding or retaining potential customers).

The legal basis for the processing can be identified, according to art. 6 of EU Reg. 679/16 (see also below, art. 3):

  • in contractual requirements;
  • the need to comply with legal obligations;
  • the need, where required, to obtain unambiguous consent from each Interested Party.

3. LAWFULNESS OF TREATMENT
The treatment is lawful as at least one of the conditions is met:

Article 6(1)(a), (b), (c), (f).

(a) the data subject has given his or her consent to the processing of his or her personal data for one or more specific purposes;

(b) processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the request of the data subject;

(c) processing is necessary for the performance of a legal obligation to which the data controller is subject;

d) processing is necessary for the pursuit of the legitimate interest of the data controller (such as, for example, the prevention of fraud or abuse to the detriment of our website: It may be considered a legitimate interest to process personal data for direct marketing purposes as highlighted in recital 47 of the GDPR ) or by third parties, provided that the interests or fundamental rights and freedoms of the data subject which require the protection of personal data do not prevail, in particular if the data subject is a minor

4. RECIPIENTS OF PERSONAL DATA

The communication to the identified recipients will take place only if they are involved and functional to the achievement of the purposes referred to in point 2 above, therefore the personal data collected and processed may be: a) used anonymously for statistical purposes;

a. made available to the Data Controller’s Collaborators, as Managers or persons authorized to process personal data;

b. communicated to third parties, natural or legal persons, public administrations, professionals, law enforcement agencies, government agencies, regulatory bodies, courts or other public authorities authorized by law;

c. communicated to commercial partners, only in case of prior and express consent of the User.

d. if necessary, transferred to another Data Controller in accordance with the provisions of GDPR, including the right to data portability;

The list of Data Processors is available at the headquarters of the Data Controller.

5. CATEGORIES OF PERSONAL DATA
No special categories of personal data (those revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, data concerning the health or sex life or sexual orientation of the person) or data relating to minors are processed. The personal data processed are only and exclusively those necessary and functional to the correct achievement of the purposes indicated in point 2.

6. DATA RETENTION
The data provided for the purposes set out in point 2 will be stored:

  • For administrative/accounting purposes: for the period provided for by tax and civil law;
  • For Marketing purposes and sending newsletters: until the revocation of the consent given, until the exercise of the right to object and in any case no later than ten (10) years after collection.

Personal data will not be disseminated and will be destroyed when we no longer need or obligation to keep them. At the express request of the interested party, they will be destroyed within thirty (30) days of the same, unless they must not be kept intact due to mandatory legal requirements.

7. MODALITIES OF TREATMENT
The computer systems and software procedures used to operate the platform of this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This category of data includes IP addresses (to verify the user’s reliability and for security purposes) or the domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this possibility, at present the data on web contacts do not persist for more than seven days.

The personal data subject to processing will be processed:

  • manually and/or electronically and will be stored in special paper and/or electronic archives. The paper and electronic documentation will be correctly maintained and protected for as long as necessary for the processing using appropriate security measures, so as to minimize the risk of destruction or loss, unauthorized access or treatment not in accordance with the purposes of collection;
  • There is no automated decision making process and no profiling is carried out.

8. COOKIES
Cookies are used, which are small files stored on your computer’s hard drive and are used to provide services and/or information. Most cookies are “session cookies” and are therefore deleted from your hard drive at the end of the session (when you log out or close your browser). They may be present on certain pages of the site in order to analyze access to web pages, customize your services, content and advertising, measure the effectiveness of promotions and ensure trust and security. The so-called session cookies used in this site avoid the use of other computer techniques potentially prejudicial to the confidentiality of users’ navigation and do not allow the acquisition of personal identification data of the User.

The policy regarding the use of cookies on our site can be consulted in the appropriate section.

9. PROVISION OF DATA
Apart from what has been specified for navigation data, the user is free to provide the personal data requested by means of special masks relating to services, products and any other kind of request that the operator of the site, or its commercial partners, are able to offer.

Failure to provide such data may make it impossible to respond to any requests or use the services or products that the site operator or its commercial partners are able to provide.

10. RIGHTS OF THE DATA SUBJECT
We inform you that, as the Interested Party, you have all the rights provided for by articles 15-16-17-17-18-20-21-22 of the GDPR, by virtue of which:

  • The interested party has the right to obtain confirmation from the data controller as to whether or not personal data concerning him/her are being processed and, if so, to obtain access to the personal data and the following information: the purposes of the processing; (b) the categories of personal data concerned; (c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if they are recipients in third countries or international organisations; (d) where possible, the period for which the personal data are to be kept or, if that is not possible, the criteria used to determine that period; (e) the existence of the data subject’s right to request the controller to correct or delete the personal data or to object to the processing of the personal data concerning him/her;  (f) the right to lodge a complaint with a supervisory authority; (g) where the data are not collected from the data subject, all available information on the source of the data; (h) the existence of an automated decision-making process, including profiling as referred to in Article 22(1) and (4), and, at least in such cases, significant information on the logic used and the importance and expected consequences of such processing for the data subject.
  • the existence of the right of the data subject to ask the data controller for access to and rectification or erasure of personal data concerning him/her or to object to their processing, as well as the right to the portability of the data, including all available information on their source; to obtain, in addition, the erasure of personal data concerning him/her without undue delay pursuant to Article 17 (“right to be forgotten”).
  • where processing is based on Article 6(1)(a) or Article 9(2)(a), the existence of the right to withdraw consent at any time without prejudice to the lawfulness of processing based on consent given before the withdrawal;
  • the right to lodge a complaint with a supervisory authority;
  • to have a copy of the personal data undergoing processing from the controller, provided that the rights and freedoms of others are not violated; in the case of further copies requested by the data subject, the controller may charge a reasonable fee based on administrative costs. Where the request is received by electronic means, unless otherwise specified, the information shall be provided in an electronic format in common use;
  • This information shall be provided:
  • within a reasonable time after obtaining the personal data, but no later than 30 (thirty) days, in view of the specific circumstances in which the personal data are processed;
  • where the personal data are intended for communication with the data subject, at the latest at the time of the first communication to the data subject; or where communication to another recipient is envisaged, no later than the first communication of the personal data. All the rights of the data subject provided for by GDPR are exercised with a request addressed without formality to the Data Controller, also through an appointed person, to whom suitable feedback is provided without delay.

(Document updated to 15/05/2018)