Information pursuant to Articles 13 and 14 of European Regulation 2016/679 and Italian harmonization legislation.

Pursuant to Articles 13 and 14 of European Regulation 679/2016 (hereinafter also “GDPR”) and Italian harmonization legislation, it is hereby specified that the data subject’s personal data is collected and processed by SISMA S.R.L. as the data controller (hereinafter: “Controller” or “Sisma Project”) and for this reason, we hereby provide information regarding the processing of your data.

1. Purpose, legal basis of processing, and consequences of refusal

Your personal data may be processed for the following purposes:

a) viewing the web pages on the website www.sismaproject.com (the “Site”);

b) registration and access to the Site’s reserved areas for the provision of online services offered by the Data Controller;

c) fulfillment of obligations arising from legal provisions, regulations, codes, or procedures approved by competent authorities and other institutions;

In relation to the purposes referred to in points a), b), and c) above, the provision of personal data does not require your consent,

pursuant to Article 6, letters b) (Implementation of pre-contractual measures adopted at the request of the data subject – performance of a contract) and c) (Legal obligation) of the GDPR.

With particular reference to the purpose referred to in point b), it is specified that any refusal to provide data or the provision of incorrect data may make it impossible for the Company to provide the requested service, comply with legal obligations, and process and respond to user requests. The processing of information marked with an asterisk in the forms on the Site is necessary to fulfill your request.

2. Categories of data collected

When visitors leave comments on the site, we collect the data shown in the comments form, as well as the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After your comment is approved, your profile picture is visible to the public in the context of your comment.

The data collected and processed by Iren to fulfill the purposes referred to in paragraph 1 are:

Browsing data

The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols or is used to improve the quality of the service offered.

This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association, allow users to be identified.

This category of data includes the IP addresses or domain names of computers used by users connecting to the Site, the URI (Uniform Resource Identifier) ​​addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.), and other parameters relating to the user’s operating system and IT environment.

Data Provided Directly by the User

Users are not required to provide personal data to visit the Site. However, contact between users and the Data Controller, through authentication for the Site’s services and completion of contact forms, sending emails, messages, or any other type of communication to the addresses indicated on the Site, entails the acquisition of common personal data, such as, for example, name, surname, address, and telephone number, as well as any other personal data that may be provided by the user voluntarily when interacting with the Company through the Site.

Specific information will be provided or displayed on the site pages dedicated to particular services.

3. Processing Methods and Data Retention Periods.

The data collected will be processed and stored in a manner that guarantees the security and confidentiality of the data.

The retention period for data processed for the purposes referred to in paragraph 1 depends on the purposes for which they are processed.

The criteria used to determine the applicable retention period are the following: the personal data covered by this policy will be retained for the time necessary (i) to navigate the user’s Site, (i) to manage complaints or specific requests from the user, to assert rights in court as well as for the time required by applicable laws.

4. Scope of communication, transfer abroad, and dissemination of personal data.

The processing of personal data will be carried out by the Data Controller’s internal staff as Data Processors.

Furthermore, the processing of personal data may be carried out by other companies belonging to Ecosistemi, as well as by parties providing instrumental services, including technical and organizational services, for the purposes indicated in the paragraph.

Their list is constantly updated and is available upon request by sending a communication to the address below or an email to: info@sismaproject.com.

Personal data will not be disseminated or transferred in any way outside the EEA (European Economic Area).

5. Rights of the Data Subject

In relation to data processing, you may exercise the rights provided for in Articles 15 to 22 of European Regulation 2016/679 (reproduced in abbreviated form at the bottom of this policy). To exercise your rights, you may contact the Data Controller by sending a written communication to the address above or by email to info@sismaproject.com

6. Data Controller and Data Processor

Data Controller: SISMA S.R.L., with registered office at Via Giacinto Diano 6 – 80078 – Pozzuoli (NA), Italy, VAT No. IT09783161210

To contact the Data Controller or obtain a complete and updated list of data processors appointed by the Data Controller, please send an email to info@sismaproject.com