This policy is an integral part of our general Privacy Policy, which can be found in the dedicated section of this website.
The contact form provided on this website serves the sole purpose of allowing visitors to contact the owner/manager of the site through an email message.
1. DATA OF THE PERSONAL DATA CONTROLLER
The data controller is Black Digital s.r.l., represented by the legal representative pro tempore, located at Via Cimitero, 3, Saviano (NA) tel. 3386848042; email: [email protected]; PEC: [email protected]
2. TYPES OF PROCESSED DATA
Personal data may include, but is not limited to:
| Type | Description |
| [X] Identifying, demographic, and contact data | Name, surname, and email address |
| [X] Connection data | IP address, login, MAC address, URI/URL addresses (Uniform Resource Identifier/Locator), server request time, server request method, characteristics of the file obtained in response, numerical identifier of the server response, data related to the operating system and the computer environment. |
3. PURPOSE AND LEGAL BASIS OF PROCESSING
The processing of your personal data aims to contact you using the provided contact information and answer to any requests you may have.
The legal basis for the processing is your consent.
If the data controller intends to further process personal data for a purpose other than the one for which it was collected, information about this different purpose and any relevant additional information will be provided before such additional processing takes place.
4. METHODS OF PERSONAL DATA PROCESSING
Please note that the data you voluntarily provide through the contact form will be transformed into an email that may be stored in the email client used by the website owner. These data will not be recorded on other media or devices, nor will any other data resulting from your website navigation be recorded.
The data will not be disclosed or communicated outside the structures of Black Digital s.r.l., except in cases expressly authorized by the data subject or as required by law for service fulfillment.
The processing does not involve automated decision-making, including profiling.
5. SECURITY MEASURES
The Data Controller will adopt all necessary security measures to minimize the risks of destruction or loss, even accidental, of the data, unauthorized access, or processing not allowed or not in accordance with the purposes indicated in this document, in full compliance with Article 32 of the GDPR. Authorized personnel process the personal data only after authentication with unique credentials that meet the requirements of robustness and inviolability.
Specific measures are taken to protect the computer tools used by the staff.
6. SCOPE OF COMMUNICATION AND RECIPIENTS OF PERSONAL DATA
Processing will be carried out exclusively by subjects duly authorized in writing by the Controller, in compliance with the provisions of applicable law. Personal data are also processed by the personnel (administrative, technical, and auxiliary) of the Controller, who act based on assigned tasks and specific instructions provided regarding the purposes and methods of the processing, in addition to applicable legal provisions.
For the pursuit of the aforementioned purposes, it may be necessary for the Controller to communicate your data to:
- third parties providing support activities of any kind for the provision of services by the Controller, in relation to which they carry out the processing of personal data, are designated as Data Processors and are bound by the respect for security and confidentiality measures for the processing;
- Authorities (e.g., judicial, administrative, etc.) when the conditions arise.
Transfer of Personal Data to a third country or an international organization outside the European Union:
Your Personal Data are processed within the territory of the European Union and are not disclosed.
If necessary, for technical or operational reasons, the Controller reserves the right to transfer your Personal Data to countries outside the European Union or international organizations for which there are “adequacy” decisions of the European Commission or based on adequate guarantees provided by the country to which the data must be transferred or based on specific derogations provided by the Regulation.
The data subject may request an updated list of all Data Processors appointed by the Controller at any time.
7. PERSONAL DATA RETENTION PERIOD
The processing will have a duration not exceeding that necessary for the purposes for which the data was collected, or to allow the exchange of communications between the requester and the Data Controller.
8. OBLIGATION TO PROVIDE DATA AND CONSEQUENCES
There is no obligation to provide the personal data requested in the contact form on this website. However, refusing to provide them will make it impossible to send the message to the website’s manager.
9. RIGHTS OF THE DATA SUBJECT
The data subject, regarding the processing of their Personal Data, is entitled to the following rights:
- request more information regarding the contents of this information
- right of access to personal data (Art. 15 GDPR);
- right to rectify personal data without undue delay (Art. 16 GDPR);
- right to erasure of data. Deletion is not allowed for data contained in acts that must be mandatory kept by the Controller (right to be forgotten, Art. 17 GDPR);
- right to restriction of processing (Art. 18 GDPR);
- right to data portability (Art. 20 GDPR);
- right to object (Art. 21 GDPR);
- right regarding automated decision-making, including profiling (Art. 22 GDPR);
- right to withdraw consent at any time, without affecting the lawfulness of the processing based on consent before the withdrawal (Art. 7 GDPR);
- right to lodge a complaint with the Data Protection Authority (Art. 77 GDPR), using the forms available at the following address:https://www.garanteprivacy.it/home/modulistica-e-servizi-online
These rights can be exercised by writing to the Data Controller.
10. CHANGES TO THIS POLICY
The Data Controller reserves the right to make changes to this policy at any time by notifying users on the pages of its website and, if technically and legally feasible, by sending a notification to the interested parties through one of the contact details in its possession.