Privacy Policy

Privacy and Personal Data Protection Policy

This information is provided, in compliance with Articles 13 and 14 of EU Regulation 679/2016 (hereinafter “Regulation”), to users (hereinafter: “Users” or “User”) of the desktop version of the website http://www.boneswimmer.it, (hereinafter: “Site”) owned by Autori srl., Data Controller (hereinafter: “Controller”) and is intended to describe the methods of management of the Site with reference to the processing of personal data, as well as to allow Users of the Site to understand the purposes and methods of processing of personal data by the Data Controller in the event of their provision.
The services offered by the Data Controller are intended for persons over the age of 18. If the Data Controller becomes aware of the processing of data of minors under 18 without valid parental or legal guardian consent, the Data Controller reserves the right to unilaterally terminate the use of the service offered and delete the data acquired.


Principles applicable to the Processing of Personal Data
Pursuant to and for the purposes of the Regulation, the Data Controller hereby declares that the aforementioned legislation provides for the protection of natural persons with regard to the processing of personal data, and that such processing will be based on the principles of fairness, lawfulness, transparency, and the protection of privacy and fundamental rights.


User Types
In relation to the use of the Site, Users can access some services (e.g. search for costumes, sizes, etc.) anonymously.


Purpose, legal basis of the Processing and Optionality of the Provision
The personal data provided by Users through the use of the Site will be processed with their consent, for the purposes described below:

  • A. This page describes the site's management methods with regard to the processing of users' personal data. Processing is always based on principles of lawfulness and fairness, in compliance with all applicable regulations.
  • B. This privacy policy is also provided as a Notice pursuant to Art. 13 of Legislative Decree 196/03 (Italian legislation on the processing of personal data in compliance with Directive 95/46–CE) and subsequent amendments and in compliance with Articles 13 and 14 of EU Regulation 679/2016, for the purpose of protecting personal data, to those who interact with the web services of this site, accessible electronically from the address corresponding to the homepage of the official website http://www.boneswimmer.it. This Notice applies only to the aforementioned site and not to other websites that may be accessed by the user via links. These sites are independent data controllers, and therefore reference is made to those sites.
  • C. This Policy is also inspired by Recommendation No. 2/2001, which the European data protection authorities, gathered in the Working Party established by Article 29 of Directive No. 95/46/EC, adopted on May 17, 2001, to identify certain minimum requirements for the collection of personal data online and, in particular, the methods, timing, and nature of the information that Data Controllers must provide to users when they connect to web pages, regardless of the purpose of the connection.
  • D. The data you freely provide will be processed in compliance with applicable laws. Specifically, processing will be based on the principles of fairness, lawfulness, transparency, relevance, completeness, and non-excessiveness. The data will be collected and recorded for the purposes set out in the following paragraph and retained for the period strictly necessary for these purposes.
  • E. Types of data processed, processing methods, purposes of processing, whether or not processing is optional.
  • F. Browsing data
  • G. The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
  • H. This information is not collected to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
  • I. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) ​​addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment.
  • J. This data is used solely to obtain anonymous statistical information on the use of the site and to verify its correct functioning, and is deleted immediately after processing. The data could be used to establish liability in the event of hypothetical cybercrimes against the site.
  • K. Data provided voluntarily by the user
  • L. The optional, explicit, and voluntary sending of emails to the addresses indicated on this site entails the subsequent acquisition of the sender's address and personal data necessary to respond to requests and/or provide the requested services, as well as any other personal data included in the message (and in its attachments) or in the appropriate forms.
  • M. Received emails are archived indefinitely on a server protected by appropriate security measures. The interested party may exercise all the rights provided for by Article 7 of Legislative Decree 196/2003 and subsequent amendments and in compliance with Articles 13 and 14 of EU Regulation 679/2016 and Legislative Decree 101/2018. Specifically, the interested party may find out what personal data is stored in the archive and request its deletion by writing to the Data Controller at privacy@boneswimmer.it.
  • N. The data will therefore be processed electronically and electronically to respond to requests and/or provide the requested service. Providing data is always optional, and failure to provide it will only make it impossible to process requests.
  • O. We may communicate your data (by which we mean making it known to one or more specific subjects) to subjects who can access the data pursuant to provisions of law, regulation, or EU legislation, within the limits set by such provisions, as well as to subjects who need to access your data for purposes ancillary to the relationship between you and us, to the extent strictly necessary to carry out the ancillary tasks.
  • P. Cookies
  • Q. No personal user data is collected from the site. Cookies are not used to transmit personal information, nor are persistent cookies of any kind, or user tracking systems, used. The use of session cookies (which are not stored permanently on the user's computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable safe and efficient browsing of the site.
  • A. The session cookies used on this site avoid the use of other IT techniques that could potentially compromise the privacy of users' browsing experience and do not allow the acquisition of personal data that could identify the user. For more information, please refer to the site's cookies page.
  • S. Place of data processing and scope of communication or dissemination.
  • T. Data related to this site's web services are processed by the Provider, to the extent strictly necessary to provide the hosting service, and at our organization's headquarters only by technical personnel in charge of processing, or by any persons in charge of occasional maintenance operations. No data deriving from the web service is communicated or disseminated. Personal data voluntarily provided by users via email or by completing specific forms is used solely to perform the requested service and is disclosed to third parties only if necessary for this purpose.
  • In order to provide certain services, such as receiving information on new listings or forwarding documentation, the User must provide them directly via email or telephone. The required data is limited to the following:
  • Name
  • Surname
  • E-mail address
  • Telephone number

Methods of Processing and Storage of Personal Data
The Data Controller ensures that personal data is processed in full compliance with the Regulation, using manual, computerized, or electronic means. Processing may also be carried out using automated tools to store, manage, and transmit the data.
The data collected and processed will be protected using physical and logical methods to minimize the risks of unauthorized access, dissemination, loss, and destruction, pursuant to Articles 25 and 32 of the Regulation.
Data processing will last no longer than is necessary to fulfill the purposes for which it was collected, such as storing search criteria, providing notifications, publishing advertisements, and contacting professional operators.
Pursuant to Article 7, paragraph 3 of the Regulation, the data subject has the right to withdraw consent to the processing of his or her personal data at any time.
If the Data Controller does not receive a request for deletion, the personal data will be retained for a period not exceeding 10 (ten) years, starting from the date of the User's last access to the Site.


Recipients of Personal Data
The personal data collected may be processed by individuals or categories of individuals acting as Data Processors pursuant to Art. 28 of the Regulation or who are authorized to process data pursuant to Art. 29 of the Regulation.
Furthermore, for some services, data may be shared with companies that collaborate with or use the Data Controller's services for the sole purpose of providing the services requested by the User. In these cases, the companies are independent data controllers, and therefore the Data Controller is not responsible for the processing of data by them.
part of them. Furthermore, the Data Controller is not responsible for the content and compliance with personal data protection regulations by sites not managed by the Data Controller.
Outside of the aforementioned hypotheses, personal data will not be communicated except to subjects, bodies and Authorities to whom communication is mandatory by virtue of provisions of law or regulation.

Transfer of Data to a Third Country or to an International Organization
The personal data collected may be transferred outside of Italy, solely and exclusively for the performance of the requested services and in compliance with the specific provisions of the Regulation.
Some personal data may be shared with recipients located outside the European Economic Area. The Data Controller ensures that the processing of personal data by these recipients complies with the Regulation.

Rights of the interested party
Pursuant to Articles 15 to 22 of the Regulation, the User, as a data subject, has the right to exercise specific rights regarding his or her Personal Data. Specifically, the Data Subject has the right to obtain:

  • 1. confirmation of the existence or otherwise of personal data concerning him or her, even if not yet recorded, in a concise, transparent, intelligible and easily accessible form, using clear and plain language;
  • 2. the indication:

a. of the origin of the personal data;
b. of the purposes and methods of processing;
c. of the legitimate interests pursued by the Data Controller or by third parties;
d. any recipients or categories of recipients of the personal data;
e. of the possible intention of the owner to transfer personal data to a third country or to an international organization;
f. of the period for which the personal data will be stored;
g. the logic applied, as well as the importance and expected consequences of such processing for the data subject, in the case of processing carried out with the aid of electronic tools as part of an automatic collection and/or profiling process;
h. the identifying details of the Data Controller, the Data Processors, any designated Representative, and the Data Protection Officer (DPO);
i. the subjects and categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representative in the territory of the State, managers or persons in charge;

  • 3. the possibility of lodging a complaint with a supervisory authority;
  • 4. the updating, rectification or, when relevant, integration of the data;
  • 5. the deletion, transformation into anonymous form, or blocking of data processed in violation of the law, including data whose retention is not necessary for the purposes for which the data was collected or subsequently processed;
  • 6. the limitation of processing;
  • 7. the portability of personal data concerning him/her to another Data Controller;
  • 8. the revocation of the treatment;
  • 9. certification that the operations referred to in letters a) and b) have been brought to the attention, including with regard to their content, of those to whom the data have been communicated or disseminated, except in the case in which such fulfillment proves impossible or involves the use of means manifestly disproportionate to the right protected;
  • 10. opposition, in whole or in part, for legitimate reasons, to the processing of personal data concerning him or her, even if pertinent to the purpose of the collection.

Data Controller and Data Protection Officer

To exercise the rights under the previous point, the interested party may contact the Data Controller and/or the Data Protection Officer at any time for any communications regarding the processing of their Personal Data, or to know the updated list of any Data Processors.
Processing appointed by the Company, by sending communication to the contacts listed below:
The Data Controller:
Autori Srl - 18, Via Cappellini Alfredo - Gallarate – VA
info@boneswimmer.it


The Data Protection Officer:

Autori Srl - 18, Via Cappellini Alfredo - Gallarate – VA
info@boneswimmer.it


Changes
This policy may be subject to change. If Autori srl makes substantial changes to how it uses User data, it will notify the User by prominently posting the changes on its pages.