Privacy Policy

PRIVACY POLICY FOR USERS OF THE WEBSITE WWW.HACVIA.EU

This Privacy Policy is intended to describe how users’ and/or visitors’ personal data are managed and processed. It applies solely to the website www.hacvia.eu and not to other websites that may be accessed via internal links.

Data Controller
Luca Secondi, as the Data Controller, guarantees compliance with data protection regulations (Italian Legislative Decree 196/03, as amended by Legislative Decree 101/2018, and EU Regulation 2016/679).
Companies and businesses registered on our platform that participate independently in data processing activities may also act as autonomous data controllers.

Users/visitors are encouraged to carefully read this Privacy Policy before providing any personal information and/or filling in any electronic form on the website.

SUBJECT OF PROCESSING

The personal data processed through the website includes:

Browsing Data
The IT systems and software procedures used for the operation of this website acquire, during their normal operation, certain personal data that are implicitly transmitted when using Internet communication protocols.
This information, by its nature, could, through processing and association with data held by third parties, allow users/visitors to be identified (e.g. IP addresses, domain names of the computers used by users/visitors who connect to the site, etc.).
These data are used only to obtain anonymous statistical information and to check the website’s proper functioning.
No data deriving from the web service will be disclosed or communicated to third parties unless strictly necessary to fulfill user requests or legal obligations.

Data Voluntarily Provided by Users/Visitors
If users/visitors, while connecting to this website, voluntarily provide their personal data to access specific services or to make email requests, such actions will entail the acquisition of the sender’s address and/or any other personal data included in the message. These data will be processed only to respond to the request or to provide the requested service.

Cookies
In addition to the data explicitly provided to the Data Controller, further data may be collected through user navigation on the website via cookies. A “cookie” is a small text file that a website may automatically send to a user’s device when the site is accessed.
Cookies are used to facilitate navigation, gather information on the user’s browsing behavior, and enable services that require tracking of the user’s path through the website.
Regardless of cookies, the site logs the type of browser (e.g., Internet Explorer, Chrome, Firefox), operating system (e.g., Windows, macOS), host, and the URL from which the visitor accessed the website, as well as details of the requested page.
These data may be used anonymously and in aggregated form for statistical analysis of website use.
For full cookie management details, see the site’s Cookie Policy.

PROCESSING METHODS
Data processing is carried out using automated tools (e.g., electronic systems and software) and/or manually (e.g., paper-based) for the time strictly necessary to achieve the purposes for which the data were collected, and in compliance with current legal provisions.
We protect personal data using technical and organizational security measures to minimize risks of loss, misuse, unauthorized access, disclosure, or alteration. These measures include firewalls, data encryption, physical access restrictions to data centers, and access control mechanisms.

PURPOSES OF PROCESSING

In addition to what is described in specific information notices before filling in the forms on the site, the Data Controller processes data for the following purposes:

  1. Collection, storage, and processing for the purpose of establishing and managing the contractual relationship related to the services offered on the site;

  2. Use of users’ personal data (especially email addresses) to communicate regarding the contractual relationship;

  3. Processing of provided data and data gathered through browsing to deliver services aligned with the user’s preferences;

  4. Collection, storage, and processing of data for anonymous and/or aggregated statistical analyses;

  5. Activities necessary to perform our business operations, such as personalized content delivery (e.g., newsletter services);

  6. Communication of commercial information about future initiatives and new products or services;

  7. Market research and statistical analysis;

  8. Sending promotional or advertising materials and promotional initiatives, where users have given explicit consent.

LEGAL BASIS FOR PROCESSING
The legal basis for processing customers’ data through the website www.hacvia.eu lies in the contractual relationship regarding the services provided. Where such a relationship is absent, the legal basis is the Data Controller’s legitimate interest in economic freedom as per Article 41 of the Italian Constitution.
For purposes requiring consent, such consent will be obtained via specific forms and constitutes a valid legal basis.

RECIPIENTS
In addition to the Data Controller, categories of individuals involved in the site’s organization (e.g., administrative, sales, marketing, legal, IT staff) may access the data.
The Data Controller may also appoint external entities (e.g., third-party technical service providers, couriers, hosting providers, cloud services, IT companies, communication agencies) as Data Processors.
Data may also be disclosed to public authorities or entities if required by law or legal orders.

TRANSFER TO THIRD COUNTRIES
The Data Controller uses servers located in Italy for services provided through the site, which are considered compliant with EU Regulation 2016/679. The processed data will not be disseminated or transferred outside the EU.

PLACE OF DATA PROCESSING
The data processing activities related to the website’s services are carried out at the Data Controller’s registered office and are managed exclusively by technical personnel in charge of processing.

DATA STORAGE TIME AND LOCATION
Data are processed for the time necessary to perform the requested service and are then securely destroyed using tools such as document shredders for paper and data-wiping software for electronic media.

OPTIONAL OR MANDATORY DATA PROVISION
Except for navigation data, which are collected automatically, users/visitors are free to provide or withhold their personal data. Refusal to provide such data may result in the inability to obtain the requested service.

RIGHTS OF THE DATA SUBJECT
As the data subject, under Articles 15–22 of the GDPR, you may exercise the following rights:

  1. Confirmation of whether personal data exists and communication of such data in an intelligible form, including their origin and the logic applied to their processing;

  2. Deletion, anonymization, or blocking of data processed in violation of the law, within a reasonable period;

  3. Updating, rectification, or, where relevant, integration of the data;

  4. Certification that the operations described in points 2 and 3 have been notified to those to whom the data were communicated, unless this proves impossible or requires disproportionate effort;

  5. Rectification or deletion of data or limitation of their processing;

  6. Withdrawal of consent for optional processing not related to contract performance;

  7. Objection to processing for legitimate reasons, even if relevant to the data collection purpose;
    Request for data portability, right to be forgotten, and right to lodge a complaint with the competent Data Protection Authority. In Italy, this is the Garante per la Protezione dei Dati Personali: www.garanteprivacy.it.

Requests should be addressed in writing to the Data Controller at: secondi@unitus.it

FINAL CLAUSES
Given the ongoing evolution of data protection laws, this Privacy Policy may be subject to updates. The Data Controller invites users/visitors to check this page regularly.