Who we are
Our website address is: https://www.andreapanarello.com.
Information pursuant to art. 13 of Regulation (EU) no. 2016/679 (“GDPR”)
Protection, confidentiality, guarantee, and protection of personal data.
We protect the confidentiality of personal data and guarantee the necessary protection so that they are not at risk of violation. In relation to the provisions of the legislation in reference to the title, the user (hereinafter referred to as “Interested”) is provided with information on the processing of his personal data.
Holder and responsibility of the treatment – (art.13, 1st comma letter a, art.15, letter b GDPR)
Panarello Andrea is a company with the activity based in Milan (MI), via Massarenti 15, Zip Code 20148, and Panarello Andrea (Owner), acts as owner for any reference for this purpose, it can be contacted at andrea.panarello@gmail.com. In order to carry out the activity in the most efficient and regular way, the information concerning the interested party is received and collected and consequently processed by the Data Controller.
What personal data we collect and why we collect it
In relation to the types of data processed, readability and clarity are proposed by proposing the following scheme:
| Data Category | Exemplification of the types of data (which can be collected in whole or in part and adequately protected) |
| Personal data | Name, surname, physical address, municipality of residence, province and nationality, landline and/or mobile phone, fax, tax code / VAT number, e-mail address (s); possible copy of identity card. |
| Telematic traffic data | Log, Incoming IP address. |
Sanaden does not ask the interested party to provide so-called data “Details”, that is, according to the provisions of art. 9 of the GDPR, i.e. data such as racial or ethnic origin or political, sexual, religious orientations as well as biometric and health data.
The Data Controller is responsible for personal data protection (Data Protection Officer -DPO) and can be contacted for any information and request at the following email: info@sanaden.com. In relation to the data collection of the data subject, the websites directly or indirectly connected are: www.sanaden.com, www.sanaos.com, www.andreapanarello.com. All the abovementioned domains refers to the “Owner”.
For any information or request, the interested party may also contact the owner at the following address: Tel: 0 0 3 9 3 4 0 5 3 6 0 7 8
Purpose of data collection
The data are used by the Data Controller are used to follow up on the registration request and the supply contract for the chosen Service(s), manage and execute the contact requests sent by the Data Subject, provide assistance, fulfill the legal and regulatory obligations to which the Data Controller is required to function of the activity carried out. In no case Sanaden resells the personal data of the interested party to third parties or uses them for undeclared purposes.
In particular, the data of the interested party will be processed for:
a) personal registration and requests for contact and/or information material. The processing of the personal data of the interested party takes place to carry out the preliminary activities which are consequent to the request for registration, the management of requests for information and contact, and/or sending information material, as well as for the fulfillment of any other obligation arising. The legal basis for these treatments is the fulfillment of the services inherent in the request for registration, information, and contact and/or sending information material and compliance with legal obligations.
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Analytics
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Who we share your data with
None
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
The interested party has the right to obtain the following from the data controller:la conferma che sia o meno in corso un trattamento di dati personali che lo riguardano e in tal caso, di ottenere l’accesso ai dati personali e alle seguenti informazioni:
· the purposes of the treatment;
· the categories of personal data in question;
· the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if recipients from third countries or international organizations;
· when possible, the expected retention period of personal data or, if not possible, the criteria used to determine this period;
· the existence of the right of the interested party to ask the data controller to correct or delete personal data or to limit the processing of personal data concerning him or to oppose their treatment;
· the right to lodge a complaint with a supervisory authority;
· if the data are not collected from the data subject, all information available on their origin;
· the existence of an automated decision-making process, including profiling, and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the data subject.
· the adequate guarantees provided by the third country (outside the EU) or an international organization to protect any data transferred
· the right to obtain a copy of the personal data being processed, provided that this right does not affect the rights and freedoms of others; In the event of further copies requested by the interested party, the data controller can charge a reasonable fee contribution based on administrative costs.
· the right to obtain from the data controller the correction of inaccurate personal data concerning him without undue delay
· the right to obtain from the data controller the cancellation of personal data concerning him without undue delay, if the reasons provided for by the GDPR in art. 17, including, for example, in the event that they are no longer necessary for the purposes of the processing or if this is assumed to be illegal, and the conditions provided for by law always exist; and in any case if the treatment is not justified by another equally legitimate reason;
· e) the right to obtain the limitation of processing from the data controller, in the cases provided for by art. 18 of the GDPR, for example where you have contested its accuracy, for the period necessary for the Data Controller to verify its accuracy. The interested party must be informed, in reasonable times, also of when the suspension period has been completed or the cause of the limitation of the treatment has ceased, and therefore the limitation itself revoked;
· the right to obtain communication from the owner of the recipients to whom the requests for any corrections or cancellations or limitations of the processing carried out have been sent, unless this proves impossible or involves a disproportionate effort.
· the right to receive personal data concerning him in a structured, commonly used and machine-readable format and the right to transmit such data to another data controller without hindrance by the data controller to whom he has provided them, in cases provided for by art. 20 of the GDPR, and the right to obtain the direct transmission of personal data from one data controller to another, if technically feasible.
· For any further information and in any case to send your request you must contact the Data Controller at info@sanaden.com. The Data Controller may request further information from the interested party to ensure that he and not others can exercise the rights mentioned above.
Where we send your data
Visitor comments may be checked through an automated spam detection service. The personal data of the interested party are stored in paper, IT and telematic archives located in countries where the GDPR (EU countries) is applied. They are stored in database accessibile only to the holder.
Your contact information
The processing of the personal data of the interested party takes place to carry out the preliminary and consequent activities to the purchase of a Service, the management of the related order, the provision of the Service itself, the relative billing and the payment management, the handling of complaints and / or reports tosupport service and the provision of assistance itself, the prevention of fraud and the fulfillment of any other obligation deriving from the contract. The legal basis for these treatments is the fulfillment of the services inherent in the contractual relationship and compliance with legal obligations.
Additional information
Do our plugins track any data?
We do not track any user data via our plugins. But if our plugin depends on any third party service, they might track user data. This can happen in following two ways:
1. Embedded Widgets
Some of our plugins have features to integrate embedded widgets as is, from third party services (like Facebook Like, Facebook Recommend, Twitter Tweet official buttons). You can include relevant text in the privacy policy of your website as mentioned below.
2. Third-party APIs/Connections
Our plugins send request to third party APIs via website-visitor’s web browser to fetch information (like social shares, social comment count). This request made by web browser may include IP address, which can then be seen by the third-party that it’s being requested from. This API request doesn’t include any personal data of the website user other than the IP address. To make your users aware of this, you can include relevant snippets in your website’s privacy policy.
Where is the data collected by your plugins stored?
We do not store any data fetched by our plugins on our servers, neither we share that data with any third party. Our plugins run absolutely on your website and store the data in the database of your website.
Do your plugins load any external scripts?
As mentioned before, our plugins run absolutely from your website and hence load the scripts too from your website with exception of third-party embedded widgets (like Facebook Like/Recommend official button, Twitter tweet official button, Facebook Comments) which require our plugin to load scripts from the servers of relevant service. You can include relevant snippets in the Privacy Policy of your website stating how these services handle privacy of your users.
GDPR Privacy Policy Snippets
We collect your public profile data only from your consent that you grant before initiating Social Login, from the social network used to login at our website. This data includes your first name, last name, email address, link to your social media profile, unique identifier, link to social profile avatar. This data is used to create your user profile at our website. You can revoke this consent at any time by sending us an email.
We collect your public profile data only from your consent that you grant before initiating Facebook Login, from the social network used to login at our website. This data includes your first name, last name, email address, unique identifier, link to social profile avatar. This data is used to create your user profile at our website. You can revoke this consent at any time by sending us an email.
Facebook Comments
If you are using Facebook Comments feature of any of our plugin, you can add following in the privacy policy of your website:
We embed Facebook Comments plugin to allow you to leave comment at our website using your Facebook account. This plugin may collect your IP address, your web browser User Agent, store and retrieve cookies on your browser, embed additional tracking, and monitor your interaction with the commenting interface, including correlating your Facebook account with whatever action you take within the interface (such as “liking” someone’s comment, replying to other comments), if you are logged into Facebook. For more information about how this data may be used, please see Facebook’s data privacy policy: https://www.facebook.com/about/privacy/update
GooglePlus Comments
If you are using GooglePlus Comments feature of any of our plugin, you can add following in the privacy policy of your website:
We use GooglePlus Comments widget at our website for you to be able to comment at our webpages using your GooglePlus account. From this interaction Google automatically collects and store certain information in server logs like IP address, device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request, in accordance with their data privacy policy: https://policies.google.com/privacy
Disqus Comments
If you are using Disqus Comments feature of any of our plugin, you can add following in the privacy policy of your website:
We use Disqus Comments widget at our website for you to be able to comment at our webpages using Disqus commenting system. Disqus may collect information about you when you register for and use the Service. Such information may include “Personally Identifiable Information” which means information that identifies you as an individual, such information may include, but is not limited to, your name, email address, telephone number, username or account ID, and “Non-Personally Identifiable Information” which means information that does not identify you as an individual. Non-Personally Identifiable Information may include, but is not limited to, information about your browser, your IP address, device ID, what pages you visit on our Partner Sites, which website you came from, what advertisements you clicked on, whether on our Partner Websites, the Service or other third party websites, and other information about your online activity that does not identify you as an individual, in accordance with their data privacy policy: https://help.disqus.com/terms-and-policies/disqus-privacy-policy
Fancy Facebook Comments Pro
following in the privacy policy of your website after enabling the GDPR opt-in from GDPR section:
We collect the data related to the Facebook Comment you post, only from your consent that you grant before posting Facebook Comment at our website. This data includes your Facebook account name, unique Facebook account identifier, unique identifier associated to the posted Facebook comment, unique open graph object identifier of the webpage at which you posted the comment, unique identifier associated to the parent comment if you reply to an existing comment. This data is used to show recent Facebook Comments made all over our website. You can revoke this consent at any time by unchecking the opt-in displayed above comment box
If you have enabled email notification from the Notification section, you can add following in the privacy policy of your website after enabling the GDPR opt-in from GDPR section:
We send the Facebook Comment you post, to page/post author and/or website administrator via automated email, only from your consent that you grant before posting Facebook Comment at our website. This data includes just the Facebook comment posted by you. You can revoke this consent at any time by unchecking the opt-in displayed above comment box
Facebook Comments Moderation
policy of your website after enabling the GDPR opt-in from GDPR section at add-on options page:
We collect the data related to the Facebook Comment you post, only from your consent that you grant before posting Facebook Comment at our website. This data includes your Facebook account name, unique Facebook account identifier, unique identifier associated to the posted Facebook comment, unique open graph object identifier of the webpage at which you posted the comment, unique identifier associated to the parent comment if you reply to an existing comment. This data is used to show recent Facebook Comments made all over our website. You can revoke this consent at any time by unchecking the opt-in displayed above comment box
Facebook Comments Notifier
We send the Facebook Comment you post, to page/post author and/or website administrator via automated email, only from your consent that you grant before posting Facebook Comment at our website. This data includes just the Facebook comment posted by you. You can revoke this consent at any time by unchecking the opt-in displayed above comment box
Social Analytics for Sharing
We use Google Analytics to track social shares made at our website. Google automatically collect and store certain information in their server logs which includes device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL, cookies that may uniquely identify your browser or your Google Account, in accordance with their data privacy policy: https://policies.google.com/privacy
We embed a Facebook widget to allow you to see number of likes/shares/recommends and “like/share/recommend” our webpages. This widget may collect your IP address, your web browser User Agent, store and retrieve cookies on your browser, embed additional tracking, and monitor your interaction with the widget, including correlating your Facebook account with whatever action you take within the widget (such as “liking/sharing/recommending” our webpage), if you are logged in to Facebook. For more information about how this data may be used, please see Facebook’s data privacy policy: https://www.facebook.com/about/privacy/update
We use a Twitter Tweet widget at our website. As a result, our website makes requests to Twitter’s servers for you to be able to tweet our webpages using your Twitter account. These requests make your IP address visible to Twitter, who may use it in accordance with their data privacy policy: https://twitter.com/en/privacy#update
We use a GooglePlus widget at our website. As a result, our website makes requests to Google’s servers for you to be able to share our webpages using your GooglePlus account. These requests make your IP address visible to Google, who may use it in accordance with their data privacy policy: https://policies.google.com/privacy
We use a Linkedin Share widget at our website to allow you to share our webpages on Linkedin. These requests may track your IP address in accordance with their data privacy policy: https://www.linkedin.com/legal/privacy-policy
How we protect your data
To keep interested party’s data safe is our priority. We want people visiting our website and using our service feel confidente and safe. We committ ourselves to process and protect data in the safest way for the onos who trust us.
The Data Controller, in line with the provisions of Recital 49 of the GDPR, processes, also through its suppliers (third parties and / or recipients), the personal data of the interested party relating to traffic to a strictly necessary and proportionate extent to ensure the safety of the networks and information, i.e. the ability of a network or information system to withstand, at a given level of security, unexpected events or illegal or malicious acts that compromise availability, authenticity, integrity and confidentiality of personal data stored or transmitted.
The Data Controller will promptly inform the interested parties, if there is a particular risk of violation of their data without prejudice to the obligations deriving from the provisions of art. 33 of the GDPR relating to personal data breach notifications.
The legal basis for these treatments is compliance with legal obligations and the legitimate interest of the Data Controller to carry out treatments relating to the purpose of protecting the corporate assets and security of the Panarello Andrea offices and systems.
What data breach procedures we have in place
After the identification of the data breach, we perform an investigation to fully understand the incident that might have occurred and at the same time we inform the data owners involved in the data breach. Consequently, we perform an assessment of the data breach, we formulate a recovery plan and notify the data breach to other relevant third parties or authorities.
What third parties we receive data from
We do not receive data from third parties.
What automated decision making and/or profiling we do with user data
According to the field of interest , we provide individual information through manual and/or automated means of communication, such as email marketing.