This privacy policy is drafted to comply with the obligations set forth in Article 13 of the EU Regulation 679/2016 (hereinafter “GDPR”), Article 10 of Directive No. 95/46/EC, and the provisions of Directive 2002/58/EC, as updated by Directive 2009/136/EC, regarding Cookies.
This privacy policy exclusively concerns this website.
This page is accessible through a link at the bottom of all pages of the website, in accordance with Article 122, paragraph 2, of Legislative Decree 196/2003, and following the simplified procedures for information and consent for the use of cookies published in the Official Gazette No. 126 of June 3, 2014, and related register of measures No. 229 of May 8, 2014.
Data Controller
GAL Sulcis Iglesiente Capoterra e Campidano di Cagliari S.C.A.R.L.
Headquarters: Via Aldo Moro 6 – 09010 Masainas (SU)
Business Registry:Cagliari
Registration Number: 02324550926
VAT – Tax Code: 02324550926
PEC: galsulcisiglesiente@pec.it
Email: info@galsulcisiglesiente.it
Types of Processed Data
Personal Data voluntarily provided by the User on sudovestsardegna.it
The Data Controller directly collects Personal Data and other information from Users during the completion of online forms on the website sito.net to provide the requested services. These include data such as:
- Name
- Surname
- Phone number
- Company
- City
The User assumes responsibility for third-party Personal Data obtained, published, or shared through sito.net and guarantees the right to communicate or disseminate them, releasing the Data Controller from any liability to third parties.
Usage Data collected automatically when the User uses sudovestsardegna.it
The computer systems and software procedures responsible for the operation of the website sito.net acquire, during their normal operation, certain Personal Data, the transmission of which is implicit in the use of Internet communication protocols.
- Information about the devices used to access the website sito.net (e.g., IP address, operating system type, or browser ID);
- Log data (e.g., log files that detect when a device accesses our servers, recording the nature of each access and the originating IP address);
- Usage data of the website sito.net (e.g., date and time of access and activities carried out during navigation).
This data is not accompanied by any additional personal information and is used to:
- Obtain anonymous statistical information about the use of the site;
- Manage control needs for its use;
- Ascertain responsibility in case of hypothetical computer crimes.
Personal Data can be freely provided by the User or, in the case of Usage Data, collected automatically during the use of sudovestsardegna.it. Unless otherwise specified, all Personal Data requested by sudovestsardegna.it is mandatory. If the User refuses to provide them, sudovestsardegna.it may be unable to provide the Service.
Purposes of the Processing of Collected Data
User data is collected to allow the Data Controller to provide its Service, as well as for the following purposes:
- Statistics
- Contact Management
- Email Sending
- Spam Protection
- User Contact
- Displaying content from external platforms
Details on the processing of Personal Data
Personal data processed to contact the user
Contact via phone and/or SMS
Users who have provided their phone number may be contacted by the website sudovestsardegna.it for commercial or promotional purposes related to the services offered by the Data Controller or to meet support requests.
Personal Data collected: phone number
Contact form / Reservation request
By filling out the contact form on the website sudovestsardegna.it with their Data, the User consents to their use to respond to requests for information, quotes, or any other nature indicated by the header of the form.
Personal Data collected: email; name; surname; phone number
Personal data processed for statistical purposes
The services contained in this section allow the Data Controller to monitor and analyze traffic data and serve to track User behavior.
Matomo Analytics
Matomo Analytics (formerly Piwik) is an open-source web analytics platform installable on its server.
It is a web analytics service that uses the collected data to track and examine the use of the website sudovestsardegna.it.
This Matomo integration is done in On-Premise mode, installed on the server to make Matomo a first-party cookie in all respects. 100% of the data is owned by the owner since Matomo is hosted on the servers.
Registered Office: Germany
Processed Personal Data: Anonymized Data
Here is the link to the Privacy Policy: https://matomo.org/privacy-policy/
Legal Basis
Data generated by accessing the site and purposes
The legal basis legitimizing the processing of such data by the Data Controller is the need to make the functionalities of the website sudovestsardegna.it usable following the User’s access.
Data voluntarily provided by the User
The legal basis legitimizing the processing of such data by the Data Controller is the consent given by the User for specific purposes.
In any case, the Data Controller may process the User’s Personal Data if one of the following conditions exists:
- Processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
- Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
- Processing is necessary for the legitimate interests pursued by the Data Controller or third parties.
Methods of Processing and Storage Time of Personal Data
The Personal Data collected will be processed using electronic or automated tools, computer, and telematic means, or through manual processing strictly related to the purposes for which the Personal Data was collected and, in any case, in such a way as to ensure their security.
Data communicated by the User through the forms on the Site will be stored for a period not exceeding the achievement of the purposes for which they are processed, including those of storage and protection of the rights of the Data Controller, in full compliance with the principle of limitation of conservation provided by the GDPR and/or for the time necessary for legal obligations.
Following a User’s request for deletion, all Personal Data will be deleted, except for further storage required by legal and regulatory obligations.
In any case, the Data Controller implements a policy of Personal Data retention that limits the retention time to a maximum of three years, in compliance with the principle of minimization of data processing.
Location
Personal Data is processed at the operational offices of the Data Controller and in any other place where the parties involved in the processing are located.
The User’s Personal Data may be transferred to a country other than the one in which the User is located but always within the European Union. It is understood, however, that the Data Controller, if necessary, has the right to move the servers outside the European Union. In this case, the Data Controller ensures in advance that the transfer of Personal Data outside the EU will take place in accordance with applicable law, subject to the conclusion of the standard contractual clauses provided by the European Commission.
Authorized Subjects for Processing, Data Processors, and Communication of Personal Data
The processing of the collected data is carried out by internal personnel of the Data Controller specifically identified and authorized for processing according to specific instructions given in compliance with current legislation.
The Personal Data collected, if necessary or instrumental to the execution of the indicated purposes, may be processed by third parties appointed as Data Processors, or, depending on the cases, communicated to them as independent data controllers, namely:
- Natural persons, companies, associations, or professional firms that provide assistance and consultancy to the Data Controller;
- Companies, entities, associations that perform services connected and instrumental to the execution of the aforementioned purposes (market research and analysis services, maintenance of computer systems);
- External companies that the Data Controller uses to manage, on its behalf, User data for purposes such as: notification messages related to the services offered by the
- Data Controller and verification of the correctness of the email address provided during registration, statistical analysis, use of marketing platforms, IT services for data storage, and customer support.
The data communicated by the User through the “Reservation Request” form may also be communicated, in addition to the subjects indicated above, to the following categories of Recipients:
- Tour operators in the Sud-Ovest Sardegna territory who have accepted or will accept to be part of the Project
User Rights
In accordance with European Regulation 679/2016 (GDPR) and national regulations, the User can, according to the methods and within the limits provided by current legislation, exercise the following rights:
- Know its origin;
- Receive intelligible communication;
- Obtain information about the logic, methods, and purposes of the processing;
- Request the updating, rectification, integration, deletion, transformation into anonymous form, or blocking of data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected;
- In cases of processing based on consent, receive its data provided to the Data Controller, in a structured and readable form by an electronic device and in a format commonly used by an electronic device;
- The right to file a complaint with the supervisory authority.
How to exercise User rights
To exercise the rights of the data subject, Users can make a request by sending an email to the address: info@galsulcisiglesiente.it.
Requests will be handled by the Data Controller as soon as possible, in any case within one month.
Legal Defense
The Personal Data of the data subject may be used by the Data Controller in court or in the preparatory stages for its possible establishment for the defense against abuses in the use of the website sudovestsardegna.it or the connected services by the data subject.
The data subject declares to be aware that the Data Controller may be required to disclose Personal Data by order of public authorities.
Changes to this Privacy Policy
The Data Controller reserves the right to make changes to this privacy policy at any time by informing the data subjects on this page and, if possible, directly on the website sudovestsardegna.it and, if technically and legally feasible, by sending a notification to the data subjects through one of the contact details in the possession of the Data Controller. Therefore, please regularly consult this page, referring to the last modification date indicated at the bottom.