Privacy Policy 

Dear Data Subject, we wish to inform you that the “European Regulation 2016/679 on the protection of natural persons with regard to the Processing of Personal Data, and on the free movement of such data” (from now on “GDPR”) provides for the protection of natural persons with regard to the processing of personal data as a fundamental right. 

Pursuant to Article 13 of the GDPR, therefore, we inform you that: 

1. CATEGORIES OF DATA: G.S.R. s.r.l. will process your personal data such as: 

Data collected automatically. During normal operation, the computer systems and applications used to operate this website detect data (the transmission of which is implicit in the use of Internet communication protocols) potentially associated with identifiable users. This category includes IP addresses or domain names of the computers used to connect to the website, URI (Uniform Resource Identifier) addresses of the requested resources, request timestamps, the methods used to submit the requests to the server, the size of the files obtained in response, numerical codes indicating the server response status and other parameters pertaining to the user’s operating system and IT environment. These data are processed, for no longer than is strictly necessary, for the sole purpose of obtaining statistical information on the use of the website and to check that it functions correctly. The provision of such data is mandatory as it is directly connected to web browsing. 

Data provided voluntarily by the user. The voluntary and explicit sending of e-mails to the addresses indicated in the different access channels of this website does not entail a request for consent and the eventual compilation of forms specifically prepared involve the subsequent acquisition of the address and data of the sender/user, necessary to reply to the requests produced and/or supply the requested service. The voluntary submission of e-mails to our e-mail addresses does not require further information or requests for consent. On the contrary, specific summary information may be reported or displayed on the pages of the website prepared for particular services on request (form). The user must therefore explicitly consent to the use of the data reported in these forms in order to send the request. 

Cookies. The website uses third-party technical/profiling cookies that may collect user-browsing data, the conferment of which is optional and takes place through the expression of free and informed consent. Cookies are used to analyse the effectiveness of the website, with the aim of rendering it easier to use and more intuitive in the future. The data collected through cookies is used to make the browsing experience more enjoyable and more efficient in the future, trying to evaluate the behaviour of the users and to modify the offer of content according to their behaviour. For more information, consult our Cookie Policy. 

2. SOURCE OF PERSONAL DATA: The personal data of which G.S.R. s.r.l. is in possession are collected directly from the Data Subject. 

3. DATA CONTROLLER: The Data Controller G.S.R. s.r.l. via Gerola, 1 – Calolziocorte may be contacted by telephone at 0341.631048 or by e-mail at gsr@gsr.it 

4. PURPOSE OF THE DATA PROCESSING AND LEGAL BASIS: The processing of your data has as its legal basis your consent and is carried out for the following purpose: To improve the web browsing experience. 

5. DATA RECIPIENTS: Within the limits relevant to the aforementioned processing purposes, your data may be communicated to partners, consultancy companies, private companies, appointed as Data Processors by the Data Controller or by law or to fulfil your specific requests. The Data Processors and Data Supervisors are promptly identified in the Privacy Document, which is updated on a regular basis. 

6. TRANSFER OF DATA ABROAD: The data collected are not subject to transfer abroad. 

7. RETENTION PERIOD: The data collected will be kept for a period of time no longer than the time necessary for the purposes for which they are processed (“conservation limitation principle”, Article 5 of the GDPR) or according to the deadlines established by law. Periodic verification is made of the obsolescence of the data stored in relation to the purposes for which they were collected. 

8. RIGHTS OF THE DATA SUBJECT: The Data Subject always has the right to request the Data Controller for access to their data, the correction or deletion, the limitation of the processing or the possibility to oppose to the processing, request data portability, revoke consent to the processing of data asserting these and other rights provided by the GDPR through a simple communication to the Data Controller. 

9. OPTIONAL OR MANDATORY CONSENT: The provision of your data is mandatory while browsing our website. 

10. METHODS OF DATA PROCESSING: The personal data you provide will be used for processing operations in compliance with the aforementioned regulations and the confidentiality obligations by which the Data Controller is bound. Your data will be processed using computer, paper or any other suitable type of storage system, in compliance with the appropriate security measures pursuant to Article 5, paragraph1, letter F of the GDPR.