In compliance with obligations deriving from the European Regulation for the Protection of Personal Data n. 679/2016, GDPR and subsequent amendments, this site respects and protects the privacy of visitors and users (hereafter “Users”) by putting in place every possible and proportionate effort not to damage the rights of the interested parties.
Data Controller and Data Processors
The Data Controller in accordance with the General Data Protection Regulation (GDPR), other data protection laws applicable in EU Member States and other data protection provisions is:
SANTUARIO S. M. DELLE GRAZIE
Via delle Grazie, 13 – 25122 Brescia
Tel. / Fax Segreteria: (+39) 030 43323
In addition to the Data Controller, in some cases, Personal Data may be accessed by categories of persons involved in the organization of the site (webmasters, administrative, commercial, marketing, legal, system administrators) and external subjects (as suppliers of third party technical services, couriers, hosting providers, IT companies, communication agencies) appointed, in case of need, as Data Processors by the Data Controller. The updated list of Managers can always be requested from the Data Controller.
Our Users can send requests regarding the protection of personal data, privacy and security at firstname.lastname@example.org .
Personal Data – any information relating to an identified or identifiable natural person.
Processing – any operation or set of operations performed on Personal Data or on a set of personal data.
Interested party – a natural person whose Personal Data has been processed.
Children –natural persons under the age of 16.
Principles for the protection of Personal Data collected by santuariodellegrazie.brescia.it
We commit ourselves to follow the following principles for the protection of Personal Data collected:
- We process Personal Data only for legitimate, fair and transparent purposes, always based on legitimate reasons. We process the data keeping in mind the User’s rights. We will provide, on request, all information on the data that have been processed.
- The processing of Personal Data is always limited to the purpose of the request. Our processing activities always correspond to the purposes for which personal data have been collected.
- Data processing is performed only with strictly necessary data. We collect and process only the minimum amount of Personal Data required for any purpose.
- Data processing is limited to a certain period of time. We will not store Personal Data for longer than necessary.
- We are committed to ensuring the accuracy and compliance of the data collected.
- We are committed to ensuring the integrity and confidentiality of the data collected.
Personal Information collected by santuariodellegrazie.brescia.it
Information provided voluntarily
The information provided voluntarily is that entered by the User in santuariodellegrazie.brescia.it through the contact forms/forms. They may include e-mail address, name and surname, a telephone number, etc.: that is, the data needed to offer the User a product/service or to improve the user experience.
The optional, explicit and voluntary sending of e-mail and/or ordinary mail to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other Personal Data included in the message. The User remains solely responsible for the relevance and accuracy of the data sent.
In the comment and/or contact forms of this site, only the data necessary for the response is collected. This information may include, for example, name and e-mail address. In particular, with regard to comments, the User expressly consents that the inserted contents are freely viewable also by other visitors. The data received will be used exclusively for the provision of the requested service and only for the time needed to provide the service. The information that the user makes public through the services and tools made available to them, are provided by the user knowingly and voluntarily, exempting this site from any liability regarding any violation of laws. It is up to the interested parties to verify that they have permission to enter Personal Data of third parties or contents protected by national and international standards.
Information that is automatically collected
This is data that is automatically stored in logs of server log files. The information collected can be the following: (1) types of browsers and the versions used, (2) the operating system used by the access system, (3) web site of origin and destination of the visitor (referral), (4) ) the country of origin, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the name of the Internet service provider (ISP) and (8) any other similar data and/or information that can be used in case of attacks on the computer system.
This is in any case anonymous information that is mainly used to improve the experience of visitors/users of the site or to ensure an optimal level of protection of the processed Personal Data. The anonymous data of the server’s log files are stored separately from all Personal Data provided by the interested parties. The traffic on this site is monitored by Web Hosting by collecting the IP addresses of data subjects for a period of one month.
Information derived from our partners
We also collect information from our trusted partners, but only if they have identified appropriate legal justifications to share this information. These data are those that you have provided directly to our partners or that have been collected about you for other legal reasons.
Place of processing of data collected by santuariodellegrazie.brescia.it
The data collected from this site are processed at the headquarters of the Data Controller, and at the Web Hosting data centre. Web hosting is responsible for processing data processing data on behalf of the holder, is located in the European Economic Area and acts in accordance with European standards.
Web References Hosting used by santuariodellegrazie.brescia.it:
SiteGround Italia S.r.l.
Via Agnello 8,
20121 Milano, Italia
Sito web di SiteGround
Use of Personal Information collected by santuariodellegrazie.brescia.it
We use Personal Information in order to:
- Provide adequate service: among these data we include, for example, the registration of an account.
- Improve the User’s user experience.
- Fulfil an obligation under the law or contract.
We will use Personal Data for purposes of legitimate interests and/or with the User’s consent.
For reasons related to the conclusion of a contract or the fulfilment of contractual obligations, we will process Personal Data for the following purposes:
- To identify the User.
- To communicate information requested by the User.
For reasons of legitimate interest, we will process Personal Data for the following purposes:
- Security purposes (spam filters, firewalls, virus detection): the automatically recorded data may also include Personal Data such as IP address, which could be used, in compliance with applicable laws, in order to block attempts to damage the same site or to damage other users, or in any case to undertake harmful activities or activities constituting a crime. Such data are never used for the identification or profiling of the User, neither crossed with other data nor supplied to third parties, but used only for the purposes of protection of this site and its users.
We may also process Personal Data to fulfil obligations arising from the law and/or use Personal Data for cases provided by law. We reserve the right to use only anonymized data. We will retain billing information and other information regarding the User only for the time established by the obligations arising from the law.
Details on the processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
USER CONTACT SYSTEMS
These services allow you to manage a database of email contacts, telephone contacts or contacts of any other type, used to communicate with the User. They may also allow us to collect data relating to the date and time the messages are displayed by the User, as well as to the User’s interaction with them, such as information on clicks on the links inserted in the messages.
– Contact form (This Site)
The User, by filling in with his own Data the contact form, consents to their use to respond to requests for information, quotation, or any other nature indicated by the header of the form.
Personal data collected: Email, Name, Surname, Telephone number.
– Events Reservation Plugin Events Manager (This Site) We
collect and store the information that the User sends when making a reservation, in order to reserve the spaces requested for our event and keep a record of attendance.
Personal data collected: Email, Name, Telephone number.
INTERACTION WITH SOCIAL NETWORKS
These services allow interaction with social networks, or other external platforms, directly from the pages of this Site. The interactions and information acquired from this Site are in any case subject to the User’s privacy settings related to every social network. If an interaction service with social networks is installed, it is possible that, even if the Users do not use the service, the same will collect traffic data relating to the pages in which it is installed.
– Facebook Like button and social widgets (Facebook, Inc.)
The “Like” button and Facebook social widgets are services of interaction with the Facebook social network, provided by Facebook, Inc.
Personal data collected: Cookies and Data use.
The services contained in this section allow the Data Controller to monitor and analyse traffic data and are used to keep track of User behaviour.
– Google Analytics (Google Inc.)
The main purpose of Google Analytics is to analyse the traffic on this site. However, Google may use the data and information collected, inter alia, to evaluate its use and to provide online reports representing the activities of this site.
Google Analytics places a cookie on the computer system of those concerned. By setting this cookie, Google is enabled to analyse this site. On every page of this site where the Google Analytics tracking script is present, the data of the interested parties, through their browser, will be automatically sent to Google. Through this technical procedure, Google receives the IP address of those involved and will be able to understand the origin of visitors and the number of clicks on the site. The cookie is used to store personal information, such as access time, the position from which access was made and the frequency of visits relating to this website by the interested party.
For each visit to this site, such personal data, including the IP address of the Internet access used by the person concerned, will be transmitted to Google in the United States of America. This personal data is collected by Google through this site and is stored for 26 months. Google may transfer this personal data collected to third parties through the aforementioned technical procedure.
At the following link https://tools.google.com/dlpage/gaoptout?hl=it the additional browser component for deactivating Google Analytics is also made available by Google.
Personal Data collected: Cookies and Usage Data.
CONTENT ON EXTERNAL PLATFORMS
These services allow you to view content hosted on external platforms directly from the pages of this Website and to interact with them. In the event that a service of this type is installed, it is possible that, even if the Users do not use the service, the same will collect traffic data relating to the pages in which it is installed.
– Youtube Video Widget (Google Inc.)
Youtube is a video content visualization service managed by Google Inc. that allows this Site to integrate such contents within its pages.
Personal data collected: cookies and usage data.
– Google Font (Google Inc.)
Google Fonts is a service of visualization of font styles managed by Google Inc. that allows this site to integrate such contents within its pages.
Personal data collected:
– Google Maps (Google Inc.)
Google Maps is a map visualization service managed by Google Inc. that allows this site to integrate such contents into its pages.
Personal data collected: Cookies and usage data
Protection of Personal Data collected
We adopt special security measures to keep Personal Data safe:
- We use secure protocolsfor communication and data transfer (such as HTTPS).
- We constantly monitor our systems to prevent possible vulnerabilities and/or cyber-attacks.
- We use applications dedicated to strengthening the security of our site.
- We perform periodic updates of the applications (plugins) activated on our site.
However, Internet-based data transmission may, in principle, present security gaps, so absolute protection may not be guaranteed. In any case, we will notify any data breaches to the competent authorities in the ways and at the times provided for by the current privacy legislation. If we are in possession of Personal Data, Users will be informed directly in the case of violations related to their rights or interests. We will do everything reasonably possible to prevent breaches of security.
If you registered an account on this site, you are encouraged to keep your username and password secret.
We do not knowingly collect personal information about children.
Cookies and other technologies used
This site uses different types of cookies. Some cookies are placed by third-party services that appear on our pages.
Rights of the interested party
The interested party has the following rights:
- Right to information – means that you can know if Personal Data has been processed, what data are collected, how they are collected, for what purpose and by whom they are processed.
- Right of access – means that you have the right to access Personal Data collected, request and obtain a copy of Personal Data that has been collected.
- Right of rectification – means that you have the right to request the correction or deletion of Personal Data considered inappropriate or incomplete.
- Right to cancel – under certain circumstances it is possible to request the deletion of Personal Data from our archives.
- Right to restrict processing – in the sense that under certain conditions, the User has the right to restrict the processing of his personal data.
- Right to object to processing – this means that in some cases you have the right to object to the processing of your Personal Data, for example in the case of direct marketing.
- Right to oppose automated processing – means that you have the right to oppose automatic processing, including profiling, and not to be subject to a decision based solely on automated processing. This right does not apply whenever there is a result of profiling that produces legal effects that affect the User or that significantly affect him.
- Right to data portability – the right to obtain Personal Data in a readable format or, if possible, as a direct transfer from one processor to another.
- Right to file a claim – in case of refusal of a request under the right of access, the User has the right to know the reasons for the refusal.
- Right to request the intervention of the Control Authority – User has the right to request the intervention of the supervisory authority and/or the right to other legal remedies such as, for example, a claim for damages.
- Right of withdrawal of consent – the User has the right to withdraw any consent to the processing of personal data.
To exercise the rights of the User, Users can direct a request to the contact details of the Owner indicated in this document. The requests are filed for free and processed by the Data Controller as soon as possible, in any case within a month.
Changes to this privacy statement