Last updated on 05/15/2024
This Privacy Policy relates to thewebsite https://www.torinoloft.com/ (hereinafter, the “Site“) and does not cover other websites that may be accessed through links to external sites/pages. It is intended as a disclosure made pursuant to the European Data Protection Regulation (hereinafter “GDPR“) and Italian industry regulations (hereafter, collectively, one and the other, the “Applicable Legislation”) to those who interact with the Site (hereinafter “Users” or even just in the singular “User“), consulting the relevant pages.
Regarding cookies, please refer to the Cookie Policy, to be understood as an integral part of this Privacy Policy.
The Data Controller is Immobiliare*Real Piemonte S.r.l. with registered office at Corso Vittorio Emanuele II, no. 52 – 10123 Turin (TO), C.F./P.IVA 00506410018, REA No. TO-454161, hereinafter also “Data Controller” or just “DataController“.
For any clarification, information, exercise of the rights listed in this Privacy Policy, you can contact the Data Controller at the following numbers: +39 3517517527, e-mail: info@torinoloft.com, PEC: 00506410018.torino@pec.ance.it .
The personal data processed through the Site are as follows.
The computer systems responsible for the operation of the Site acquire, in the course of their normal operation, some personal data in aggregate and not immediately identifiable form, the transmission of which is implicit in the use of Internet communication protocols. This is information that is not collected in order to be associated with identified data subjects, but by its very nature could allow Users to be identified through processing and association with data held by third parties. This technical/informational data is used solely for the purpose of obtaining statistical information in an anonymous or aggregate form on the use of the Site, monitoring the proper functioning of the services offered through the Site, and identifying anomalies and/or abuses. Such information is deleted immediately after being processed.
Through the Site, the User may voluntarily provide personal data such as:
The Data Controller will process the User’s data in compliance with the Applicable Regulations, assuming that they relate to the User himself or to third parties who have expressly authorized him to confer them or whose personal data the User was otherwise entitled to confer. With respect to such assumptions, the User agrees to indemnify and hold the Data Controller harmless from any dispute, claim, or demand for damages from the processing of personal data that may be received from such third parties.
Regarding the types of cookies loaded on the Site, please refer to the Cookie Policy.
The data acquired will be processed for the purposes and on the basis of the following legal bases.
PURPOSE |
LEGAL BASIS. |
|
a. |
Provide feedback to any requests for information/clarifications submitted using the form available on the Site. |
Processing is necessary for the performance of pre-contractual measures taken at the request of the User and/or a contract to which the data subject is a party [Art. 6(1)(b) of the GDPR]. |
b. |
To fulfill the legal obligations to which the Controller is bound, including responding to any requests to exercise the User’s rights as a data subject under the Applicable Legislation. |
The processing is necessary to comply with a legal obligation to which the Data Controller is subject [Art. 6(1)(c) of the GDPR]. |
e. |
Check for fraudulent or illegal uses of the Site and ensure its security and functionality in the interests of Users and the Owner. |
The legitimate interest of the Owner and the Users themselves in preventing or detecting any fraudulent or otherwise unlawful use of the Site [Art. 6(1)(f) of the GDPR]. |
f. |
Perform statistical research/analysis on aggregate or anonymous data, without, therefore, being able to identify the User and measure traffic and evaluate the use of the Site and the interest shown by Users. |
The legitimate interest of the Owner to verify the usability and desirability of the Site [Art. 6(1)(f) of the GDPR]. |
g. |
Ascertain, exercise or defend legal claims in court or whenever judicial authorities act in that capacity. |
Legitimate interest in establishing, exercising or defending a right in court or whenever judicial authorities exercise their functions [Art. 6(1)(f) GDPR]. |
The provision of data by the User is optional. Nevertheless, failure to provide them, in whole or in part, may result in the impossibility of providing the requested service and/or responding to any requests for information/clarification or requests to exercise the User’s rights as a data subject.
Data are processed by manual and/or computerized means, in each case in a manner suitable to ensure their security and confidentiality. To this end, the Data Controller has adopted and implements security measures, both technical and organizational, appropriate to the level of risk related to the processing performed.
Specifically, Site functionality is delivered over an HTTPS encrypted connection, and personal data is collected, stored and maintained on secure, firewall-protected servers physically located within the European Union.
The processing is carried out by the Owner’s staff specifically authorized by reason of their respective duties, as well as by the Data Processors specifically identified in writing, within the scope of their respective functions and in accordance with the instructions given by the Owner, ensuring the use of suitable measures for the security of the data processed and guaranteeing their confidentiality, for example, companies, consultants or professionals who may be in charge of the installation, maintenance, updating of the Site and, more generally, of the management of the Data Controller’s hardware and software, includinghosting provider and cloud computing service providers. The full list of Data Processors is available upon request.
In addition, the Data may be disclosed to the following categories of recipients:
The Owner’shosting provider ‘s servers are located within the European Economic Area (so-called S.E.E.). Therefore, the User’s personal data will not be transferred to third countries or international organizations.
Personal data of the User or provided by the User will be retained for a period not exceeding that necessary for the pursuit of the purposes stated above and for which they are processed.
Specifically:
The User and/or the third party on whose behalf the User has provided the data has the right to:
The Controller will notify each of the recipients to whom the personal data have been transmitted of any rectification or deletion or restriction of processing carried out, except where this proves impossible or involves disproportionate effort.
As a data subject, the User may exercise the above rights at any time by contacting the Data Controller at the above contact details.
To file a complaint with the Data Protection Authority, one may use the forms made available on the relevant website.
This Privacy Policy may be amended and/or supplemented and/or updated, including as a consequence of updates to Applicable Law. In this case, the Data Controller will inform the User of any changes and/or additions and/or updates that have affected this Privacy Policy by means of publication on the Site.