Dear www.dovevivo.it website user
pursuant to Regulation (EU) 2016/679 (hereinafter the "Regulation"), this page describes the methods of processing the personal data (identified or identifiable) of users who visit the DoveVivo S.p.A. website, electronically accessible at www.dovevivo.com.
The information provided here does not apply to other websites, web pages or online services accessible using hypertext links that may be present on the website but that refer to resources existing outside this domain.
The Data Controller is DoveVivo S.p.A., Viale Monte Nero, 6 - 20135 MILAN (MI), Tel. 02 36697390 Email privacy@dovevivo.com
The personal data indicated on this page are processed by the undersigned:
as they are required if the services are to be provided, or in order to respond to the data subject’s requests (pursuant to Article 6.1 b) of the Regulation);
for marketing and profiling purposes only, provided that the data subject specifically consents to this (pursuant to Article 6.1 a) of the Regulation);
in order to comply with a legal obligation (pursuant to Article 6.1 c) of the Regulation).
The IT systems and software procedures utilised to run this Site acquire personal data as part of their normal functioning; the transmission of such data is implicit in internet communication protocols. Such data is not collected in order to be associated with identified data subjects, but the nature of this data could enable users to be identified by means of processing operations and by association with data held by third parties.
This category includes IP addresses or the domain names of user’s computers, addresses in URI/URL (Uniform Resource Identifier/Locator) notation of requested resources, the time the request is made, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server's response (successful, error, etc.) and other parameters related to the user's operating system and computer environment.
Such data, which are required in order to benefit from the web services, are also processed for the following purposes:
to obtain statistical information on the use of the services (most visited pages, number of visitors per hour or day, geographical areas of origin, etc.);
to control the correct operation of the services offered.
Navigation data are stored only for the period required in order to provide the services (without prejudice to the requirements of the Judicial Authorities in investigating offences).
The optional, explicit and voluntary transmission of messages to the undersigned's contact addresses, the transmission of private messages to institutional profiles/pages on social media (if this possibility is provided for), and the completion and submission of forms on the aforementioned websites all involve the acquisition of the sender's contact data, which are necessary in order to reply to such messages and forms, as well as all personal data included in the communications themselves.
Cookies and pixels are used for user profiling but no other tracking methods are used.
The use of session cookies (non-persistent) is strictly limited to what is necessary in order to ensure a safe, secure and efficient website browsing experience. The user controls the storage of session cookies in computer terminals or browsers; on the servers, however, at the end of the HTTP sessions cookie-related information is recorded in service logs, and data is retained for the same length of time as other navigation data.
Personal data are processed using electronic or automated means, applying organisational and processing logics that are strictly related to the designated purposes, and in such a way as to guarantee the data's security, integrity and confidentiality, thus reducing the risk of data loss or destruction, prohibited access, unauthorised modification and disclosure.
The data gathered cannot be disseminated or disclosed and will not be transferred outside EU Commission designated safe countries, nor to non-participants of international programs for the free movement of data (e.g. EU-US Privacy Shield).
The following entities whom the undersigned designates as Data Processors, pursuant to Article 28 of the Regulation, are recipients of data collected after the aforementioned website is consulted:
our web platform hosting service provider (currently Microsoft);
our analysis and profiling service providers (see table above).
The undersigned's personnel are also responsible for processing personal data collected; the undersigned acts on the basis of specific authorisations and instructions provided in relation to the purposes and methods of the data processing itself.
The data subject is entitled to receive confirmation from the Data Controller as to whether or not personal data concerning said data subject are being processed and, if so, the latter is entitled:
to obtain access to the personal data in question, to request to have the personal data rectified or erased, to have the data processing restricted, or to object to the data processing;
to receive from the Data Controller that data subject's personal data, in a format that is structured and in common use and readable on an automatic device, and also to transmit this data to a different data controller (data portability);
to be informed about the existence of an automated decision-making process, including profiling;
to revoke one's consent at any time, if the revocation is specifically notified, without prejudice to the legality of data processing operations already conducted based on consent given prior to the revocation;
to file a complaint with the supervisory authority.
The provision of your data is not compulsory, but optional; however, if such data is not provided this could make it impossible to have your requests processed.
M-Pri14 v.07 of 01/07/2020