Information on the Processing of Personal Data
(re: Article 13 EU Regulation 2016/679 of June 2018)
Thank you for visiting the www.capaseccayacht.it website. This page explains how we handle and process personal data of visitors to our website. This policy is pursuant to art. 13 of EU Regulation 2016/679 concerning the protection of the personal data of users who interact with this site and its services. In accordance with the Regulation, all personal data handling policies will be based on the principles of legality, ethics, transparency, limited use and retention, data minimization, accuracy, integrity and confidentiality. Pursuant to art. 13 of the Regulation, we inform you that:
Identity of the Data Controller
The Data Controller is Massimiliano Esposito
Via Raffaele Fiorentino, nr.16
Sant’Agnello 80065 Napoli
The contact information of the Data Controller is:
Use and Legality
2.1 Exchange of information
Data is processed to execute Massimiliano Esposito using personal data (Regulation Article 6, paragraph 1, letter b) from the contact form on the site. Specifically, personal data will be processed for CPAGROUP by those responsible for data handling and/or processing. Data may also be processed by trusted companies that provide technical and organizational services on our behalf. In particular, as part of our website data processing, Massimiliano Esposito will be responsible for the management and maintenance of the same. These companies are our direct collaborators and act as Data Controllers. The processed data will not be transferred abroad or shared with third parties.
2.2 Legitimate interest
Collected data may be used by the owner for legitimate interests (Regulation Article 6 paragraph 1, letter f), as an example but not solely for the security of their information systems and the site, for analytics of site visits, and for the management of any disputes.
Types of Personal Data Processed
Data Handling and Processing Methods
Data handling and processing is done via tools and procedures that ensure security and confidentiality, and prevent data loss, illicit or incorrect use, and unauthorized access. In addition, data processing may be carried out via software or on paper for the time strictly necessary to achieve the purposes for which it has been collected.
Personal Data Storage
Data collected for the purposes referred to in paragraph 2 above are stored for the time strictly necessary to achieve the purposes for which they were collected.
Rights of the Interested Party
The interested party, pursuant to art. 15 of the Regulation, has the right to obtain confirmation that their personal data is being processed or not, and the right to obtain a copy of and access to their data and the following information: -purpose of the processing; -categories of personal data in question; -recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if recipients are located internationally; -when possible, the length of storage of personal data provided or, if not possible, the criteria used to determine this period; -all available information on the origin of the data if it is not collected by the data subject; -the existence of an automated decision-making process, including profiling. The interested party also has the right to: -obtain from the Data Controller the correction of inaccurate personal data concerning him without undue delay (Article 16 of the Regulations); -obtain from the Data Controller the cancellation (“right to be forgotten”) of personal data without undue delay (Article 17 of the Rules); -obtain from the data controller the limitation of processing (Article 18 of the Rules); -receive, if applicable, in a structured format, in common use and readable by automatic device, personal data concerning him (Article 20 of the Regulations); -to oppose at any time, for reasons connected to a specific personal situation, the processing of personal data (Article 21 of the Regulations); -revoke consent at any time without prejudice to the lawfulness of the processing carried out before the revocation (Article 7 of the Rules); -be informed of the existence of adequate safeguards if personal data is communicated internationally (Article 46 of the Rules); -file a complaint to a supervisory authority (Article 77 of the Rules); To exercise these rights, contact the Data Controller via the information listed in “1. Identity of the Data Controller”.
Obligation or Authority to Provide Data
This site provides users with a range of services that do not require personal data or information. However, some services require data for the exchange of information. Failure to provide such data will make it impossible to establish or continue the relationship, to the extent that such data are necessary for the exchange of information.