Data Protection Policy
Fiorenzo Data Protection Policy refersto our commitment to treat information of employees, customers,stakeholders and other interested parties with the utmost care andconfidentiality.
With thispolicy, we ensure that we gather, store and handle data fairly, transparentlyand with respect towards individual rights.
Personal Information is any data with which you could bepersonally identified.
Thispolicy refers to all parties (employees, customers, suppliers, etc.) whoprovide any amount of information to us.
1.2. Who is responsiblefor Data Protection?
The data collected on this website are processed by the websiteoperator. The operator’s contact details can be found in the website’s requiredlegal notice.
Employeesof Fiorenzo and its subsidiaries must follow thispolicy. Contractors, consultants, partners and any other external entity arealso covered. Generally, our policy refers to anyone we collaboratewith or acts on our behalf and may need occasional access to data.
1.3. How wecollect data
Some data are collected when you provide it to us. This could,for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems whenyou visit the website. These data are primarily technical data such as thebrowser & operating system you are using or when you accessed the page. Thesedata are collected automatically as soon as you enter our website.
1.4. What isthe data used for?
Part of the data is collected to ensure the proper functioningof the website. Other data can used to analyse how visitors use the site.
1.5. Whatrights do you have regarding your data?
You always have the right to request information about yourstored data, its origin, its recipients, and the purpose of its collection atno charge. You also have the right to request that it is to be corrected,blocked or deleted. You can contact us at any time using the address given inthe legal notice if you have further questions about the issue of privacy anddata protection. You may also, of course, file a complaint with the competentregulatory authorities.
1.6. Analytics& third-party tools
When visiting our website, statistical analyses may be made ofyour surfing behaviour. This happens primarily using cookies & analytics.The analysis of your surfing behaviour is usually anonymous, i.e., we will notbe able to identify you from this data. You can object to this analysis orprevent it by not using certain tools.
2.GeneralInformation & Mandatory Information
The operators of this website take the protection of yourpersonal data very seriously. We treat your personal data as confidential andin accordance with the statutory data protection regulations & privacypolicy.
If you use this website, various pieces of personal data will becollected.
Please note that data transmitted via the internet (e.g., viaemail communication) may be subject to security breaches. Complete protectionof your data from third-party access is not possible.
The responsible party is the natural or legal person who aloneor jointly with others decides on the purposes and means of processing personaldata (names, email addresses, etc.).
2.2. Revocation of your consent to the processing of your data
Many data processing operations are only possible with yourexpress consent. You may revoke your consent at any time with future effect. Aninformal email making this request is sufficient. The data processed before wereceive your request may still be legally processed.
2.3. Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, theperson affected may file a complaint with the competent regulatory authorities.The competent regulatory authority for matters related to data protection legislationis the data protection officer of the German state in which our company isheadquartered. A list of data protection officers and their contact details canbe found at the following link: https:// www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
2.4. Right to data portability
You have the right to have data which we process based on yourconsent or in fulfilment of a contract automatically delivered to yourself orto a third party in a standard, machine-readable format. If you require thedirect transfer of data to another responsible party, this will only be done tothe extent technically feasible.
2.5. SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons andthe protection of the transmission of confidential content, such as theinquires you send to us as the site operator. You can recognise an encryptedconnection in your browser’s address line when it changes from “ http://” to “ https:// ” and thelock icon is displayed in your browser’s address bar.
If SSL or TLS encryption is activated, the data you transfer tous cannot be read by third parties.
2.6. Encrypted payments in this website
If you enter into a contract which requires you to send us yourpayment information (e.g., account number for direct debits), we will requirethis data to process your payment.
Payment transactions using common means of payment(Visa/MasterCard, direct debit) are only made via encrypted SSL or TLSconnections. You can recognise an encrypted connection in your browser’saddress line when it changes from “ http:// ” to “https”//” and the lock iconin your browser line is visible.
In the case of encrypted communication, any payment details yousubmit to us cannot be read by third-parties.
2.7. Information, Blocking, Deletion
As permitted by law, you have the right to be provided at anytime with information free of charge about any of your personal data that isstored as well as its origin, the recipient and the purpose for which t hasbeen processed. You also have the right to have this data corrected, blocked ordeleted. You can contact us any time using opposition to promotional emails.
We hereby express prohibit the use if contact data published inthe context of website legal notice requirements with regard to sendingpromotional and informational materials not expressly requested.
The website operator reserves the right to take specific legalaction if unsolicited advertising material, such as email spam, is received.
3. Data Protection Officer
The DataProtection Officer shall have the following duties:
· Give advices to the Data Controller or the Data Processor,including its employees with respect to compliance with this law.
· Investigate the performance of the Data Controller or the DataProcessor.
· Coordinateand cooperate with the Office in the circumstance where there are problems withrespect to the collection, use, or disclosure of the Personal Data.
· Keepconfidentiality of the Personal Data known or acquired in the course of his orher performance of duty under this Law.
As partof our operations, we need to obtain and process information. This informationincludes any offline or online data that makes a person identifiable suchas names, addresses, usernames and passwords, digital footprints, photographs,social security numbers, financial data etc.
Fiorenzo collects this information in a transparent way andonly with the full cooperation and knowledge of interested parties. Once thisinformation is available to us, the following rules apply.
4.1. Fiorenzo data will be:
· Accurate and kept up-to-date
· Collected fairly and for lawful purposes only
· Processed by the company within its legal and moral boundaries
· Protected against any unauthorized or illegal access by internalor external parties
4.2. Fiorenzo data will not be:
· Communicated informally
· Stored for more than a specified amount of time
· Transferred to organizations, states or countries that do nothave adequate data protection policies
· Distributed to any party other than the ones agreed upon by thedata’s owner (exempting legitimate requests from law enforcement authorities)
4.3. Inaddition to ways of handling the data, Fiorenzo hasdirect obligations towards people to whom the data belongs. Specifically,we must:
· Let people know which of their data is collected
· Inform people about how we’ll process their data
· Inform people about who has access to their information
· Have provisions in cases of lost, corrupted or compromised data
· Allow people to request that we modify, erase, reduce or correctdata contained in our databases
5.1. To exercise data protection, we’re committed to:
· Restrict and monitor access to sensitive data
· Develop transparent data collection procedures
· Train employees in online privacy and security measures
· Build secure networks to protect online data from cyberattacks
· Establish clear procedures for reporting privacy breaches ordata misuse
· Include contract clauses or communicate statements onhow we handle data
· Establish data protection practices (document shredding, securelocks, data encryption, frequent backups, access authorization etc.)
5.2. Fiorenzo's data protection provisions will appear on our website fiorenzo.it.
Allprinciples described in this policy must be strictly followed. A breach of dataprotection guidelines will invoke disciplinary and possibly legal action.