The Information on this page of our web-site is compliant with the General Data Protection Regulation (EU) 2016/679 (henceforth GDPR or Regulation), whose aim is to guarantee that the processing of personal data be carried out in full respect of the rights and fundamental freedoms of natural persons. Since May 25^th, 2018 such Regulation acquired legal validity throughout the European Union.

Hence, all users of our web-site – which is accessible at www.ideapositivo.it (henceforth: Web-Site) – are to be considered as the recipients of the present Information pursuant to art. 13 of the Regulation.

Please note that such Information is provided exclusively for the use of our web-site and does not account for other web-sites, pages or on-line services the user may access through hyper-textual links.

The objectives we have set ourselves in observance of the principle of Accountability and of the norms set by the Regulation are especially:

• To ensure that web-users (our potential clients and beneficiaries of our services) understand which personal data we collect, as well as for what purpose and for how long, in strict observance of the principle of the limitation of data storage to the time necessary for the achievement of the intended purposes;
• To explain clearly and unambiguously how we use the personal data provided to us by web users and with whom we share them, in order to ensure ever-increasing efficiency in the navigation of our web-site, in compliance with the principles of adequacy, relevance and minimisation of data processing in relation to the purposes of the data controller;
• To explain to our users what their rights are (including the new ones introduced by the GDPR) and illustrate their possible choices concerning the processing of their personal data, thereby according them higher control on this matter as well as granting Idea Positivo the possibility to enhance data protection.

For the achievement of these objectives, Idea Positivo has implemented a set of technical and organizational measures in order to guarantee a satisfying level of safety and privacy as far as personal data are concerned. Such measures take into account: matters of technological upgrading; assessment of implementation costs; the nature of the handled data; the risks underlying data processing.

The controller of the processing of your data is IDEA POSITIVO Soc. Coop. a.r.l., located in Reggio Calabria, Via S. Lucia al Parco, 9, 89124 (henceforth “Idea Positivo” or “the controller”).

You can contact the controller by e-mail at info@ideapositivo.it as well as by phone at +39 0965 810829.

Upon visiting our web-site, data concerning identified or identifiable natural persons (users as well as third parties, i.e. “data subjects” according to the GDPR nomenclature) can be processed. Such data are either automatically collected by the web-site (in many cases via automatized systems) or personally provided by data subjects. Such data are:

a) log information

As part of their regular functions, the information systems and software procedures which make our web-site work collect some personal data, the transmission of which is implicit in the application of Internet communication protocols. Although such data are not collected for the purpose of being associated to identifiable subjects, their nature might lead to user identification through processing and association with data held by third parties.

This category of data includes: the IP address or domain names of computers and terminals used by visitors, the URI/URL addresses of the required resources, the time of request, the method adopted to submit the request to the server, the size of the file yielded in reply, the numeric code indicating the status of the server response to the request (e.g. error, successful) and other parameters related to the operating system and computer resources available to the user.

Log information, which includes data that are necessary for a correct use of web services, is also processed with the purpose of obtaining anonymous statistical information on the use of such services (e.g. most visited pages, number of visitors per day or time slot, geographical location) as well as to ensure their correct functioning.

The maximum storage period for such data is of seven days, unless the necessity of cybercrime investigation is raised by the judiciary.

b) data provided voluntarily by the user

The facultative, explicit and voluntary sending of messages to any of the contact addresses of Idea Positivo, the sending of private messages to the profiles/pages on social media (in those cases where such possibility is given), as well as the filling-out and submission of the “Contact Us” Form in the “Talk” section of the web-site all entail the acquisition of the user’s contact data (name, e-mail address) – which are necessary to answer – and of the personal information contained within the message.

Specific policies will be published on those pages of the web-site where services are offered for which it is necessary to collect the user’s personal information.

c) data collected by cookies

Cookies are small text strings transmitted by the web-sites visited by the user to his/her terminal through the browser used to open and visit web-pages. They get stored in order to be retransmitted to already-visited web-sites upon each subsequent visit by the user. During web sessions, the user might also receive on his/her terminal cookies sent by different web-sites or servers (i.e. “third parties”), which may host certain elements (such as images, maps, sounds, specific links to pages from other domains) contained within the web-site that the user is visiting.

In general terms, the Idea Positivo web-site uses:

• Technical session cookies (non-persistent), as far as it is necessary for a safe surfing experience and correct functioning of the web-site.

The storage of session cookies in terminals and browsers is controlled by the user, as at the end of each HTTP session servers register cookie-related information in service logs, with a maximum storage period of seven days (the same which applies to all other kinds of on-line surfing data).

Should he/she want to disable/refuse the use of the above-mentioned cookies, the user will be able to modify his/her browser settings at any time;

• Analytical cookies, collecting information in aggregate form regarding the number of visitors and how they use the web-site.
• Third-party cookies, used for sharing contents and information through the main social networks and channels (e.g. Facebook).

Each time the user decides to interact by using the social button/widget or to access the web-site after logging in through his/her Facebook account, some personal information may be collected by the administrators of social network platforms (e.g. the user’s visit to the web-site).

However, Idea Positivo has no access to the data that are autonomously collected and handled by the administrators of social network platforms. For further details and information, we invite you to read our Cookie Policy at the following link.

Idea Positivo collects and processes personal information provided by users by filling out the “Contact us” form contained within the “Talk” section of our web-site, as well as any further data they may subsequently provide:

A. in order to address contact and information requests concerning the services offered by Idea Positivo;

Providing personal data is essential for us to fulfil your requests of information. In this case, no consent to the acquisition of personal data is needed on your part. In spite of its legitimacy, any refusal to provide such data would indeed result in the impossibility for Idea Positivo to fulfil your request.

B. for user profiling purposes, namely to allow us to carry out studies, statistical research and market analysis on the preferences of our clients, aimed at improving our services.

As providing data for this aim is entirely facultative, it requires specific consent on your part. Such consent shall be given in written form prior to the acquisition of personal data. The absence of consent to personal data processing for purpose B does not compromise or limit processing for the purposes described in A.

C.for a correct functioning of the web-site (with reference to cookies).

The controller of data processing directly collects your personal information through the “Contact us” form in the “Talk” section of our web-site.

The processing of your personal data is carried out in electronic form through the following activities: data collection, registration, organization, structuring, storage, consultation, adaptation or modification, use, communication, extraction, comparison, interconnection, limitation, erasure and data elimination.

In all cases, we process personal information in full respect of the principles of lawfulness and fairness described in art. 5 of the Regulation and operate so as to guarantee the secrecy and security of information.

Furthermore, we take full commitment in ensuring that the data and information we collect and use be adequate, relevant and limited to what is necessary for the above-mentioned purposes. We also assume responsibility to ensure that the processing be carried out in full respect of the security of personal data, also by means of adequate and effective technical and organisational measures enacted by the controller, in observance of the accountability principle prescribed by the new EU Regulation, so as to avoid the risk of data loss, unauthorized access, unlawful use and disclosure.

Such measures guarantee that access to personal data be limited to persons authorised by the controller, as well as to third parties held responsible for the act of processing.

We store your data for the amount of time required to carry out the processing according to the above-mentioned purposes. With specific reference to the purposes mentioned in A, we will not process your data any longer than 24 months after your last visit to the web-site.

For the profiling purposes described in B, we will store your data for a maximum amount of time of 7 years (in observance of the principles of relevance, minimisation and storage limitation), unless the user decides to exercise his/her right to object to data processing or to revoke his/her consent. At the end of the storage period, data will be automatically erased or made permanently and irreversibly anonymous.

In all cases, personal data will be stored both in adequately secured servers located within the European Union and in paper format. In the latter case, they will be archived in fire-resistant safes, which will be properly locked and solely made accessible to subjects authorised by the controller.

We only share your data with subjects who are authorized to data processing, hold external responsibility for it, can be considered recipients of your data by legal requirement, and cooperate with us through the activities necessary to achieve the above-mentioned purposes and to carry out the services that you request. In particular, they are:

• Persons involved in organisational activities related to the web-site (administrative and commercial entities, marketing or legal staff, system administrators)
• External entities (such as providers of technical services, hosting providers, IT companies)

Your data are not normally transferred outside of the European Union. However, the controller shall transfer your data outside of the EU if necessity arises. In this case, the transfer will be carried out in full observance of the applicable provisions of law, e.g. by application of the standard contractual clauses set by the European Commission or by adoption of binding corporate rules.

Pursuant to Articles 15, 16, 17, 18, 18, 20, 21 and 22 of the Regulation (EU) 2016/679, data subjects are entitled to appeal to the following rights with the controller of processing:

• Right of access: the right to obtain confirmation as to whether or not personal data concerning him or her are being processed, as well as the right to receive full information on the matter of processing;
• Right to rectification: the right to obtain rectification in those cases where personal data are incomplete or inaccurate;
• Right to erasure: in some circumstances described in the Regulation, data subjects hold the right to ask for erasure of data contained within the archive, if they are irrelevant to the continuation of the contractual relationship or unnecessary for legal purposes;
• Right to restriction of processing: under certain circumstances, you have the right to obtain restriction of processing, whenever such processing is irrelevant to the continuation of the contractual relationship or unnecessary for legal purposes;
• Right to data portability: the right to obtain the transfer of your data to a different controller;
• Right to withdrawal of consent: the right to withdraw your consent to data processing for profiling purposes at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
• the right to lodge a complaint with a supervisory authority at any time; if he/she deems the processing of his personal data through this web-site to be carried out in violation of the EU Regulation (GDPR), the data subject has the right to lodge a complaint with a supervisory authority, as stated in Art. 77 of the GDPR, or to bring proceedings before the court (art. 79 of the GDPR).

As concerns Idea Positivo, the above-mentioned rights can be exercised by the following means:

• by registered mail with return receipt, to be sent to the controller’s address: Via S. Lucia al Parco, 9, 89124 Reggio Calabria.
• By certified e-mail: fill out and attach the form for the exercise of the subject’s rights to info@pec.ideapositivo.it

Pursuant to art. 12 of the GDPR, the exercise of your rights in your quality of data subject is completely free of charge.

The list of persons in charge of your data processing and of staff members authorised to processing can be obtained by contacting the controller at the above-mentioned addresses.

The controller of processing holds the right to modify and/or implement this Privacy Policy, also in view of legislative changes ratified later than the pre-contractual or contractual relationship with the data subject, as well as on account of advice, general authorisations, guidelines, further guarantee measures set by the European or Italian Data Protection Supervisor, always with the purpose of providing higher protection through all phases of data processing. However, the above-said modifications will only be introduced after due notification to data subjects is published on our web-site or – if technical impediments occur – privately sent to them to one of the contact addresses provided to Idea Positivo. Should such modifications concern processing operations requiring the subject’s consent, the controller will have to reapply for the subject’s agreement.