INFORMATION ON PERSONAL DATA PROCESSING 20th January 2020
The company Quarzio S.r.l. (VAT 05395980872) with legal office in Via Giuseppe Mazzini 47 in Aci Sant’Antonio, Catania, as controller of data processing (hereinafter the “Controller”) of the website www.seotesteronline.com (hereinafter the “Site”) informs its visitors (hereinafter “Subjects”) according to the provision of art. 13 of the European Regulation n. 2016/679 entitled General Data Protection Regulation (hereinafter “GDPR”).
Controller is aware of the importance of personal data (hereinafter “Data”) processing of the Subjects and informs the latters on what type of Data are being processed and the related modalities.
The Subject is informed that proceeding through the navigation of the Site or expressing its will to use the services provided by the Controller, the former declares to have read and accepted the present information on Data processing (hereinafter “Information”).
For any doubt regarding the Information please contact the following email address:
What are the rights of the Subject?
Subject is entitled with the following rights:
- Right to be informed about a Data processing regarding its person and access to its Data;
- Right of rectification;
- Right of cancellation (erase) of Data;
- Right of limitation of processing;
- Right of Data portability in order to receive or disclose to another controller its Data in a format that shall be structured, common use and readable from automatic devices;
- Right of opposition to processing;
- Right of withdrawal of any given consent;
- Right of complaint before the competent supervisor authority regarding suspected violation of Data processing.
How to exercise rights?
Subject may exercise its rights sending a request to the indicated email address.
Controller will not charge any additional cost to Subjects for their request (unless it is deemed to be far exceeding the rights) and the former may request additional information in order to comply with request.
Request are usually compiled within 30 days, but in case the request is deemed to be complex or the Controller is overwhelmed from requests or it helds a certain level of complexity, it may require additional time (not exceeding 60 days) and, thus, Subject will be promptly informed by the Controller.
What Data are processed?
Controller process Data that are provided by the Subject and from third parties in order to fulfil with Subject request of being contacted or receive services of the Controller (hereinafter together “Services”).
- Data provided from Subject
|Categories of Data||Type of Data|
|Common Data||Name, surname, residence, email, phone, fiscal code/Vat number|
|Image Data||Profile image|
|Professional Data||Professional experience|
|Technical Data||IP address and cookies|
|Online presence Data||Link to public personal pages and social media, personal sites and any other material related to Subjects|
- Data collected from third parties
|Third parties||Type of data|
Controller may collect, use and share and disclose aggregated data, such as statistics, for any purpose.
Aggregated Data may be related to Data of the Subject, but once aggregated such Data cannot identify any Subject and are not to be considered a personal data. However, in case aggregated Data are combined or connected with Data of the Subject and it is identified, Controller will process aggregated Data as stated in the present Information.
Controller does not process any particular Data (particular Data are personal data related to ethnic origin, religious or philosophical convictions, sexual orientation, political opinions, genetic, bio and health data) as does not process any Data related to crime convictions of Subjects.
Why Data are processed?
Controller process Data regarding the purposes listed as follows.
GDPR requires that Controller shall have a legal base for each purpose of processing and one of the legal bases is the consent of the Subject.
Consent may be revoked at any time, but prior processing of consent revocation will not be influenced.
Here follows a table of purposes, description and processing period:
|Providing Services||Subject may request to be contacted or being provided with a specific service of the Controller.||Data will be processed until the Services are being provided.|
|Providing support to Subjects||Subjects may incur in technical problems during the navigation and, consequently, request assistance from the Controller.||Data will be processed until requests are completed.|
|Newsletter||Subject can subscribe to Controller newsletter in order to receive update on Controller activity.||2 years|
|Comply with law and regulations, provisions of public and judicial authorities.||Controller may process Data in order to respect laws and regulations, provisions of public and judicial authorities.||Period of processing is determined by law and regulations, provision of public and judicial authorities.|
What if Subject does not provide Data?
Controller will not provide Services or support to Subjects in case necessary Data are not provided by the Subject. In case such shall occur, Controller may request to the Subject to provide or integrate Data or, in case the latter does not provide or integrate, the former is entitled to delete Data and not providing Services or support.
For different purposes from the above mentioned providing Data is not mandatory and it will not influence Services or support.
Are Data disclosed or spreaded?
Data can be disclosed to third parties as follow:
|Receiving third party||Purpose of disclosure|
|Suppliers||Suppliers that support Controller with Services.|
|Advisors||In case it is mandatory for legal or authorities provisions, Controller can disclose Data to external advisors.|
|Public or judicial authority||Controller can disclose Data to such third parties in case it is mandatory by the law or by a specific provision of a public authority.|
Data will not be spreaded to third parties and will not be spreaded to the public.
Where are Data stored?
Controller stores Data in paper and digital archives both in its legal office and within the European Union. Controller may store Data outside European Union if it is necessary for purposes of processing and, in such case, it assures that Data are processed according to GDPR provisions, adequacy decision of the European Committee, Privacy Shields and agreements in order to provide an adequate level of Data security (last 2 requirements only if necessary/mandatory).
How does the Controller process Data?
Controller process Data by adopting the suitable security measures in order to prevent unauthorised access, disclosure, alteration and destruction of personal data.
Processing is executed through IT procedures and through paper, whether is deemed to be necessary, by authorized internal subjects and external processors appointed by the Controller.
What is the policy for processing minors’ Data?
Controller is aware of the delicacy of minors’ Data processing. In particular, Services are not intended to be provided to minors of age 16 and Controller does not process voluntarily such data: to this effect, Controller requests to Subject to not request Services in case they have less than 16 years old.
Controller requests to whom holds parental responsibility to control that Services are not requested by minors less than 16 years old. In case such event shall be acknowledged by the Controller, it will proceed to delete Data of the above mentioned Subjects.
What if there are links to other websites?
Controller shall not be liable for Data provided by the Subjects to other websites.
Changes to the present Information
Controller reserves the right to amend the present Information at any time. In case of amendments Controller will update the amended Information to the Site and communicate the amendment to Subjects.
Subject is informed that by using the Site after the amendments it accepts such amended.
Last update date: 20 January 2020.