INFORMATION FOR THE PROCESSING OF PERSONAL DATA IN OUR WEBSITE

This page describes the methods of processing the personal data of users who enter the site www.midainformatica.com . Following consultation of this site, data relating to identified or identifiable persons may be processed.

The information is also based on Recommendation no. 2/2001 that the European Authorities for the protection of personal data, gathered in the Group established by art. 29 of the directive n. 95/46 / EC, adopted on 17 May 2001 to identify some minimum requirements for the collection of personal data online, and, in particular, the methods, timing and nature of the information that the data controllers must provide to users when they connect to web pages, regardless of the purpose of the link.

This information is also provided in compliance with the legislation on the protection of individuals with regard to the processing of personal data pursuant to EU Regulation 679/2016 (hereinafter referred to as the “Regulation”).

1. HOLDER OF THE TREATMENT

The Data Controller is MIDA Informatica srl , Via Casalino 27, Bergamo, Italy (from now on “MIDA”) .

2. TYPES OF DATA PROCESSED

Navigation data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow browsing users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to this site, the URI ( Uniform Resource Identifier ) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the web server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. It should be noted that the aforementioned data could be used to ascertain responsibility in the event of hypothetical computer crimes against the website of the Data Controller.

Data provided voluntarily by the user

The optional, explicit and voluntary sending of personal data by filling in the appropriate forms on the site or e-mail messages to the addresses indicated in the appropriate sections of this site entail the subsequent acquisition of some personal data of the applicant, necessary to respond to the requests.

3. PROCESSING METHODS AND SECURITY MEASURES

Personal Data is processed with automated and non -automated tools , only for the time strictly necessary to achieve the purposes for which it was collected.

Employees or external technological partners specifically identified as managers and who allow the Data Controller to provide the services provided through the site, including suppliers of software solutions, web applications and storage services also provided through systems , may become aware of your personal data. of Cloud Computing and used for this purpose.

Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. The transmission of data provided voluntarily by the user by filling in the fields that make up the forms on the site are managed with SSL technology which codifies the information before it is exchanged via the Internet between the user’s computer and the central systems of the Data Controller, making them incomprehensible to unauthorized persons and thus guaranteeing the confidentiality of the information transmitted.

4. PLACE OF DATA PROCESSING

The data processing connected to the web services of this site takes place at:

• MIDA Informatica srl and are handled only by MIDA personnel, therefore duly authorized;
• the technological partners chosen by MIDA who process the data as independent managers or owners.

5. PURPOSE OF THE TREATMENT

The personal data provided by users will be used to allow access to the services offered within the site also by creating a personal area.

As a consequence of the creation of the personal area, the data provided will also be used for the following additional purposes:

• management of the enrollment relationship in fulfillment of the obligations deriving from:
  • by laws and regulations;
  • the MIDA Statute and Regulations,
• legal obligations related to civil, fiscal, accounting and administrative management regulations
• management of personal data for registration on our website;
• sending our newsletter

Registration is allowed to those who explicitly request it, by filling in the forms on the pages of the site specifically dedicated to these services, after reading the specific information and authorizing MIDA to process their personal data.

The data is collected directly from the interested party at the time of registration or filling in the fields on the website of the Data Controller.

MIDA does not process data that is not strictly necessary for the purposes set out below.

6. NATURE OF DATA CONFERENCE

Failure to provide the data requested in the forms on the site makes it impossible for the Data Controller to allow access to the services offered through the site.

7. DATA RETENTION PERIOD

The Data Controller will process the data for the entire period of time in which the interested party who has joined the services has not requested the cancellation without prejudice to the conservation obligations pursuant to the law.

8. RIGHTS OF THE INTERESTED PARTIES

In addition to the right of access concerning the possibility of obtaining from the Data Controller confirmation that the processing of his / her data is in progress, the interested party enjoys the rights recognized in art. 16-21 of the Regulation and precisely:

• obtain from the Data Controller the correction of inaccurate data concerning him without undue delay, or the integration of incomplete Personal Data, also by providing an additional declaration;
• obtain from the Data Controller without undue delay the cancellation of Personal Data concerning him, when:
• the data are no longer necessary with respect to the purposes for which they were collected or otherwise processed;
• the interested party revokes the consent to the processing of personal data and there is no other legal basis for the processing of the same;
• the interested party has opposed the processing and there is no legitimate overriding reason to proceed with the processing;
• the Personal Data have been unlawfully processed;
• Personal Data must be canceled to fulfill a legal obligation to which the Data Controller is subject;
• obtain from the Data Controller the limitation of the processing of Personal Data when:
• the interested party disputes the accuracy of the Personal Data, for the period necessary for the Data Controller to verify this circumstance;
• the Processing is unlawful and the interested party, opposing the cancellation of the data, only requests that its use be limited;
• although the Data Controller no longer needs it for the purposes of the Processing, the Personal Data are necessary for the assessment, exercise or defense of a right in court;
• the interested party has opposed the processing for the period necessary for the evaluation of the prevalence of the legitimate reasons of the owner with respect to yours.
• receive from the Data Controller in a structured format, commonly used and readable by an automatic device, the Personal Data concerning him if: (i) the processing is based on consent or on a contract; (ii) the processing is carried out by automated means. In this case, the interested party has the right to obtain the direct transmission of personal data from one owner to another, if technically feasible;
• oppose at any time, for reasons connected with his particular situation, to the processing of personal data concerning him.

9. METHOD OF EXERCISE OF RIGHTS

To exercise the rights, the interested party may contact the Data Controller by writing to the following address: gdpr@midainformatica.it or:

MIDA Informatica srl

Via Casalino 27, Bergamo 24121

PI / CF02758170167
T. 035 240591.

The deadline for replying to the interested party is thirty days, which can be extended up to three months in particularly complex cases; in these cases, the Data Controller provides at least one interlocutory communication to the interested party within the term of thirty days.

The exercise of the rights is, in principle, free of charge; the Data Controller reserves the right to ask for a contribution in the event of manifestly unfounded or excessive (even repetitive) requests, also in light of the indications that should be provided by the Privacy Guarantor.

10. CLAIM TO THE PRIVACY GUARANTOR

The interested party has the possibility to lodge a complaint with the Privacy Authority, which can be contacted at the website http://www.garanteprivacy.it

11. CANCELLATION FROM THE SERVICES

To cancel the registrations to the different services provided by the site, it will be necessary to follow the instructions on the site (eg for the newsletter) or request it from MIDA by sending a report via PEC: mida@pec.midainformatica.it .

12. INFORMATION ON THE USE OF COOKIES

You can consult the information on the use of cookies on the following page: https://www.midainformatica.it/cookie-policy/ .