The registrant of the website and the Data Controller is ENECTA SRL, a company incorporated in Italy with registered address at Viale Enrico Panzacchi n. 17, 40136 Bologna (BO), Italy, VAT No IT03677511200.
PERSONAL DATA, PURPOSE OF TREATMENT
Personal Data processed hereunder shall be data strictly necessary for the execution of the relative activities and shall include personal and contact data required for the operations of the Data Controller, according to Applicable Law.
The information systems and software procedures relied upon to operate this website acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols.
This data category includes the IP addresses and/or the domain names of the computers and terminal equipment used by any user, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user’s operating system and computer environment.
These data are necessary to use web-based services and are also processed in order to
– extract statistical information on service usage (most visited pages, visitors by time/date, geographical areas of origin, etc.);
– check functioning of the services.
Browsing data are kept for no longer than seven days (except where judicial authorities need such data for establishing the commission of criminal offences).
Data communicated by users
Sending messages, on the basis of the user’s free, voluntary, explicit choice, to the Enecta’s contact addresses, or sending private messages to the Enecta’s social media pages and profiles (where this option is available), and filling in and sending the forms made available on the Enecta’s websites in order to receive newsletters, information and communication relating to the sector of the industrial and pharmaceutical cannabis, entail the acquisition of the sender’s contact information – which is necessary to provide a reply – as well as of any and all the personal data communicated in that manner.
Specific information notices and request of consent will be displayed on the pages of the Website that are used for providing certain services.
Cookies and other tracking devices
No cookies are used to profile users nor are other user tracking systems implemented.
So-called session (non-persistent) cookies are used exclusively to the extent this is necessary to enable secure, efficient browsing. Storage of session cookies in terminal equipment or browsers is under the user’s control, whilst cookie-related information is stored server-side after HTTP sessions in the service logs for no longer than seven days like all other browsing data.
The legal basis for processing data under paragraph 4 above are processed by Enecta, as the case may be:
Pursuant to article 6, letter a), of Regulation UE n. 679/2016, the Data Subject expressed its consent spontaneously and has not thereafter revoked such consent; and/or
Pursuant to article 6, letter f), of Regulation UE n. 679/2016, processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
Personal Data collected and processed by the Data Controller could be communicated to subsidiary and affiliate companies of the Data Controller, according to the provisions of the Regulation.
The personal data collected as above are also processed by staff from the Enecta, acting on specific instructions concerning purposes and arrangements of such processing.
Data Controller will appoint providers of services in order to receive assistance in the execution of its activities connected to this website, to which it may communicate Personal Data. Such providers could be located outside the European Union, in Countries which offer an adequate level of data protection, based on a European Commission’s adequacy decision.
The following entities are recipients of the data collected in the course of visiting the websites listed above:
The Rocket Science Group LLC d/b/a MAILCHIMP: www.mailchimp.com/legal/privacy ;
GOOGLE LLC: https://policies.google.com/privacy
Data subjects may request Data Controller, at any time, to supply updated names and data of the Data processors appointed by the latter.
STORAGE AND ARCHIVING OF PERSONAL DATA
Personal Data processed by ENECTA is stored and archived both in hardcopy and using electronic means. Electronic storage shall be processed as follows:
Internal Server, accessible through passwords solely to personnel authorized to process Personal Data;
Hardware systems accessible through passwords solely to personnel authorized to process Personal Data.
Personal Data is processed for the time necessary to execute the scopes of use under paragraph 4 above, i.e. 2 (two) years and is stored for archive for 5 (five) years from their completion and, in any case, for the period necessary for the legitimate interest of the Data Controller to protect its right under the law.
RIGHTS OF THE DATA SUBJECT
Data Subjects have the right to obtain, where appropriate, access to their personal data as well as rectification or erasure of such data or the restriction of the processing concerning them, and to object to the processing (pursuant to Articles 15 to 22 of the Regulation).
The request can be filed at any time by the Data Subject by contacting ENECTA, in its capacity as Data Controller, using the contact data under paragraph 1 above.
Data Subject has the right to Data Portability of its Personal Data processed by ENECTA which, in such event undertakes to provide the Personal Data of the Data Subject in an organized and commonly used electronically readable format.
Without prejudice to other administrative or judicial remedies, the Data Subject has the right to send a complaint to the supervisory authority in Italy, or elsewhere in the EU, in the event that this becomes necessary.
Additional information on how to present a complaint are available at the following web sites of the Italian privacy authority at the following web address https://www.garanteprivacy.it/home/diritti/come-agire-per-tutelare-i-nostri-dati-personali