We would like to inform you that European Regulation 2016/679 (hereafter GDPR) establishes rules on the protection of individuals with regard to the processing of personal data, as well as rules on the free movement of such data aimed at protecting the fundamental rights and freedoms of natural persons, in particular the right to the protection of personal data. The free movement of personal data within the Union may not be restricted or prohibited for reasons relating to the protection of individuals with regard to the processing of personal data. We would therefore point out that ‘personal data’ within the meaning of the above mentioned GDPR means any information relating to you directly or indirectly in your quality as an Interested Party, in particular regarding an identifier such as your name, an identification number, location data, an online identifier or one or more elements characteristic of your physical, physiological, genetic, mental, economic, cultural or social identity. The site’s management methods are also described herein with reference to the processing of personal data of users who consult it and have access to the reserved area. This information is also provided in accordance with art. 13 of the GDPR to those who interact with the METEDA SRL web services, which can be accessed electronically at the addresses:
www.meteda.it > www.metadieta.it > www.metadieta.com
This information is provided only for sites referable to METEDA SRL and not for other websites that may be consulted by the User through links. Following consultation of this site, data relating to identified or identifiable persons may be processed.
The purpose of this information is to identify certain minimum requirements for the collection of personal data online, and, in particular, the manner, timing and nature of the information that data controllers must provide users when they connect to web pages, regardless of the purpose of the link.
1. IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER
The identity of the Data Controller and its references, also reported in the header, are as follows:
2. PURPOSE OF THE PROCESSING – LEGAL BASIS
The processing operations connected to the web services of this site are carried out at the above mentioned offices of the Data Controller, at the offices identified by the operator of the website and are carried out only by personnel authorised to the processing, or by persons in charge of occasional maintenance operations. No data deriving from the web service is disclosed. The personal data provided by users who request the sending of material regarding the service requested (or even only of an informative nature) are used to respond to the User’s requests and may be communicated to third parties only if necessary and if involved and functional to the fulfilment of the aforementioned requests.
The collection and processing of the User’s personal data will be carried out in compliance with the general principles of necessity, fairness, relevance and not excessive and in particular the data processing will be carried out for:
A. to answer questions and provide the information requested by the User (the optional, explicit and voluntary sending of e-mails to the addresses indicated on this site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message) and to contact the User regarding the services provided by METEDA Srl;
B. the use of so-called video tutorials, provided – subject to registration of the individuals concerned – by the writer through the dedicated page of the company web portal, in order to instruct each registered User on the functionality and use of the proprietary applications licensed;
C. the “NEWSLETTER” service to which the User may freely subscribe. The personal data provided by users when registering for the above service will be used solely for the purpose of sending the newsletter and will not be disclosed to third parties, nor will they be used in non-anonymous and/or aggregate form for profiling and similar activities;
D. assistance request activities (ticketing), with authenticated access via login and password, or assistance with remote connection;
E. insertion of requests for assistance on our corporate CRM;
F. necessary and indispensable treatments of an operational, management, accounting and other nature;
G. some data (identification and fiscal) will be used for registrations and communications required by law;
H. verification of the degree of customer satisfaction with regard to the services produced and any other kind of request, through personal or telephone interviews, to which each interested party will be free not to lend themselves and which, in any case, will be kept anonymous and will not be used for purposes other than customer care, with a view to a constant improvement of customer support services;
I. prior “consent of the interested party” for purposes functional to commercial/promotional activities such as commercial communications, sales, sending advertising material or for carrying out market research on the services offered (for example: updates on initiatives, offers and promotions relating to services and products related to the activities of METEDA Srl and third parties with whom it collaborates, programs and promotions, including online, aimed at rewarding or retaining potential customers).
The legal basis for the processing can be identified, according to art. 6 of EU Reg. 679/16 (see also below, art. 3):
3. LAWFULNESS OF TREATMENT
The treatment is lawful as at least one of the conditions is met:
Article 6(1)(a), (b), (c), (f).
(a) the data subject has given his or her consent to the processing of his or her personal data for one or more specific purposes;
(b) processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the request of the data subject;
(c) processing is necessary for the performance of a legal obligation to which the data controller is subject;
d) processing is necessary for the pursuit of the legitimate interest of the data controller (such as, for example, the prevention of fraud or abuse to the detriment of our website: It may be considered a legitimate interest to process personal data for direct marketing purposes as highlighted in recital 47 of the GDPR ) or by third parties, provided that the interests or fundamental rights and freedoms of the data subject which require the protection of personal data do not prevail, in particular if the data subject is a minor
4. RECIPIENTS OF PERSONAL DATA
The communication to the identified recipients will take place only if they are involved and functional to the achievement of the purposes referred to in point 2 above, therefore the personal data collected and processed may be: a) used anonymously for statistical purposes;
a. made available to the Data Controller’s Collaborators, as Managers or persons authorized to process personal data;
b. communicated to third parties, natural or legal persons, public administrations, professionals, law enforcement agencies, government agencies, regulatory bodies, courts or other public authorities authorized by law;
c. communicated to commercial partners, only in case of prior and express consent of the User.
d. if necessary, transferred to another Data Controller in accordance with the provisions of GDPR, including the right to data portability;
The list of Data Processors is available at the headquarters of the Data Controller.
5. CATEGORIES OF PERSONAL DATA
No special categories of personal data (those revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, data concerning the health or sex life or sexual orientation of the person) or data relating to minors are processed. The personal data processed are only and exclusively those necessary and functional to the correct achievement of the purposes indicated in point 2.
6. DATA RETENTION
The data provided for the purposes set out in point 2 will be stored:
Personal data will not be disseminated and will be destroyed when we no longer need or obligation to keep them. At the express request of the interested party, they will be destroyed within thirty (30) days of the same, unless they must not be kept intact due to mandatory legal requirements.
7. MODALITIES OF TREATMENT
The computer systems and software procedures used to operate the platform of this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes IP addresses (to verify the user’s reliability and for security purposes) or the domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this possibility, at present the data on web contacts do not persist for more than seven days.
The personal data subject to processing will be processed:
Cookies are used, which are small files stored on your computer’s hard drive and are used to provide services and/or information. Most cookies are “session cookies” and are therefore deleted from your hard drive at the end of the session (when you log out or close your browser). They may be present on certain pages of the site in order to analyze access to web pages, customize your services, content and advertising, measure the effectiveness of promotions and ensure trust and security. The so-called session cookies used in this site avoid the use of other computer techniques potentially prejudicial to the confidentiality of users’ navigation and do not allow the acquisition of personal identification data of the User.
9. PROVISION OF DATA
Apart from what has been specified for navigation data, the user is free to provide the personal data requested by means of special masks relating to services, products and any other kind of request that the operator of the site, or its commercial partners, are able to offer.
Failure to provide such data may make it impossible to respond to any requests or use the services or products that the site operator or its commercial partners are able to provide.
10. RIGHTS OF THE DATA SUBJECT
We inform you that, as the Interested Party, you have all the rights provided for by articles 15-16-17-17-18-20-21-22 of the GDPR, by virtue of which:
(Document updated to 15/05/2018)