this policy describes, pursuant to the Art. 13 of the EU Regulation 2016/679 (General Data Protection Regulation, hereinafter GDPR), the modalities of processing of personal data provided by the User during the navigation and use of this website. The processing will be based on the principles of lawfulness, transparency, fairness and protection of the confidentiality and rights of the User, always in accordance with national and European legislation currently in force (d.lgs. 196/2003, d.lgs. 101/2018, GDPR).
The Data Controller
The Data Controller is Terminal Darsena Toscana s.r.l., Loc. Darsena Toscana – Porto Industriale – 57123 Livorno; tel: 0586 258111; e-mail: firstname.lastname@example.org
Type of data collected
Terminal Darsena Toscana collects personal information about the User.
Specifically, the personal data processed through the website are as follows:
1) navigation data: the IT systems and software procedures used for the operating of the websites may acquire, during their normal functioning, some data whose transmission is implicit in the use of Internet communication protocols. This category of data could include IP addresses or domain names of the computers used by users who connect to the site, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, and other parameters relating to the user’s IT environment. This data is only used for the purpose of receiving anonymous statistical information on the use of the website, in order to improve the browsing experience and manage the services we provide;
2) data provided directly by the User through the “Registration” section: the data required are: first name, surname, e-mail, job title, company and position held, type of customer, address, telephone and fax numbers, as well as the chosen username;
3) personal data collected when the User sends an e-mail to the e-mail addresses indicated on the site in order to receive information, or to request a specific service: in this case the sender’s address, necessary to reply to the request, as well as any other personal data included in the message, will be processed;
4) personal data, including “special” data, contained in CVs and cover letters, provided by the User by sending application to the e-mail addresses indicated on the website.
Purposes and legal basis of processing
The data provided will be processed, in accordance with the conditions of lawfulness under Article 6 GDPR, for the following purposes:
1) to execute the User’s requests and to answer questions formulated at the e-mail addresses indicated on the site. The processing of the data collected has as its legal basis the legitimate interest of the Data Controller (art. 6 (f) GDPR) to be more efficient, provide information on the services offered as well as improve and develop new products and services;
2) to execute all pre-contractual and contractual measures adopted at the request of the User, as well as all related operational and management requirements. The legal basis in this case is represented by the need to execute the contract to which the User is a party or to execute pre-contractual measures (Art. 6 (b) GDPR);
3) to comply with legal obligations to which the Data Controller is subject. In this case, the legal basis is represented by the need to comply with legal obligations that require the Data Controller to process certain types of personal data (Art. 6 (c) GDPR);
4) The processing of data contained in the CVs and cover letters received is lawful because it is necessary to implement pre-contractual measures (Art. 6 (b) GDPR) taken at the request of the data subject. The processing of “special” data is lawful on the basis of the Supervisory Authority Provision of 5 June 2019, containing “Prescriptions relating to the processing of special categories of data, pursuant to Article 21, paragraph 1 of Legislative Decree No. 101 of 10 August 2018”, supplementing and amending the General Authorisation No. 1/2016.
Mandatory or optional nature of data provision and consequences of refusal to provide data
The provision of data is optional, but in some cases it is an indispensable condition for being able to satisfy the User’s requests and for the effective fulfilment of commercial and contractual relations, as well as for compliance with legal obligations provided for by administrative and fiscal regulations; therefore, failure to provide data will make it impossible to establish contractual relationship or to fulfill the obligations contractually undertaken. In the “Registration” section, the data considered mandatory are marked with a red arrow, while the provision of further data is purely optional.
Method and place of processing
The Data Controller performs the necessary processing operations through internal subjects specifically authorised to process data. Data processing is carried out using both paper media and electronic tools, using instruments and procedures that guarantee security and confidentiality, with organisational methods and logic strictly related to the purposes indicated. The Data Controller processes personal data in compliance with current security provisions in order to minimise the risks of destruction and loss, including accidental loss, of data, of unauthorised access, of processing that is not permitted or does not comply with the purposes of collection and of unlawful or incorrect use of the data.
The data are processed at the Data Controller’s offices and in any other place where the parties involved in the processing are located. For further information, please contact the Data Controller.
The User’s personal data will not be disclosed to unspecified people but may be communicated to:
1) professionals, collaborators, legal persons and third parties who provide technical and organisational services on behalf of Terminal Darsena Toscana. These subjects will process the data as Data Controllers, Joint Data Controllers or Data Processors, for the purposes specified. A complete and up-to-date list of the Data Processors is available from the Data Controller;
2) subjects who have the right to access the data by force of provisions of the law’s or regulation’s provisions or in application of European legislation, within the limits and for the purposes foreseen by such provisions.
Transfer outside the EU
Personal data will not be transferred abroad to non-EU countries that do not ensure adequate levels of personal data protection. If this would be necessary to provide the User with services or to conclude a contract, we ensure that the transfer of personal data to non-EU countries will take place in compliance with Articles 44 et seq. of the GDPR.
The data will be processed for the strictly necessary time to fulfill the User’s requests or – in general – to achieve the purpose for which they were collected. The data may also be stored for the entire duration of the commercial and contractual relationship and also in compliance with the storage periods provided for by law for administrative and fiscal purposes.
Links to other websites
This information is provided only for this website and not for other websites that may be consulted through links. Terminal Darsena Toscana cannot be responsible for personal data provided by users to external parties or to any websites linked to this site.
Pursuant to Articles 15 to 22 of the GDPR, the User may exercise the following rights:
a. access to personal data: the right to obtain confirmation as to whether or not personal data concerning him exist, even if they have not yet been recorded, and their communication in intelligible form;
b. obtain the rectification or erasure of the data or the restriction of their use;
c. obtain information about the source of the personal data, the purposes and methods of the processing, the categories of data, the recipients or categories of recipients to whom the personal data have been or will be disclosed and the storage period;
d. to oppose – for legitimate reasons – the processing of all or part of the personal data and, in particular, to oppose the processing of the data for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication;
e. data portability;
f. revoke consent, at any time, without prejudice to the lawfulness of the processing based on the consent given before revocation;
g. to file a complaint with the supervisory Authority or take legal action.
The exercise of the rights listed, with the exception of letter g), may take place by sending a request to the e-mail address email@example.com or to the other contact details of the Data Controller indicated in this document.
Removal of registered users
The User may at any time request completely independently to be removed from the list of registered Users. Once connected to the site of Terminal Darsena Toscana, in his preferences he will find the function “Unregister”. Since this function causes the complete removal of all data, it is not possible to send an e-mail to confirm the operation.
Data Protection Officer (DPO)
The Data Protection Officer is Digital Strategy S.r.l.s. – MyDpo service, with registered office in Via dei Lanzi 33, 57123, Livorno (LI). In the event of an alleged violation of the legislation on the protection of personal data, you can contact the Data Protection Officer at the email address firstname.lastname@example.org.
This document was updated on January 18, 2022.