I – INFORMATION REGARDING THE WEBSITE’S PRIVACY POLICY

1. This section contains information about how Lucia Bonassisa manages the processing of user data on bonassisa.it.
2. This notice is also provided pursuant to art. 13 of Legislative Decree no. 196/2003 (Personal Data Protection Code) and art. 13 of EU Regulation no. 2016/679 (GDPR) for users interacting with bonassisa.it, accessible from the homepage: https://bonassisa.it/
3. This information applies only to bonassisa.it and not to any other websites accessed by the user via links contained therein.
4. The purpose of this document is to provide information about how, when, and what type of data processing information must be given to users when they access the webpages of bonassisa.it, according to Italian and European legislation.
5. This notice may be updated following the introduction of new regulations. Users are therefore invited to periodically check this page. If the user is under sixteen, pursuant to art. 8, paragraph 1 of EU Regulation 2016/679, their consent must be authorized by their parents or legal guardians.

II – DATA PROCESSING

1. Data Controller

1. The data controller is the natural or legal person, public authority, service, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. They are also responsible for security aspects.
2. For this website, the data controller is Lucia Bonassisa, and for any clarification or to exercise user rights, you may contact her at the following email address: l.bonassisa@bonassisa.it

2. Data Processor

1. The data processor is the natural or legal person, public authority, service, or other body that processes personal data on behalf of the controller.
2. Under Article 28 of EU Regulation 2016/679, appointed by the data controller, the data processor for the bonassisa.it website is: Lucia Bonassisa

3. Location of Data Processing

1. The data processing resulting from the use of bonassisa.it takes place at Bonassisa Lab, via S.S. 16 km. 684,300 Zona Incoronata A.S.I. 71122, Foggia.
2. If necessary, data related to the newsletter service may be processed by the data controller or by persons appointed by them at their respective offices.

III – COOKIES

1. Types of Cookies

1. The website bonassisa.it uses cookies to make the user’s browsing experience easier and more intuitive. Cookies are small text strings used to store certain information that may concern the user, their preferences, or their internet access device (computer, tablet, or mobile phone) and are mainly used to adjust the site’s operation to user expectations, offering a more personalized browsing experience and storing previously made choices.
2. A cookie consists of a small set of data transferred to the user’s browser from a web server and can only be read by the server that performed the transfer. It is not executable code and does not transmit viruses.
3. Cookies do not record any personal information, and any identifiable data will not be stored. If desired, users can block the storage of some or all cookies. However, doing so may compromise the use of the site and the services offered. To proceed without changing cookie-related options, simply continue browsing.

Below are the types of cookies used:

2. Technical Cookies

1. There are various technologies used to store information on the user’s computer, which is then collected by other websites. Among these, the most well-known and commonly used is HTML. These technologies are used for navigation and to facilitate access and use of the site. They are necessary for the transmission of communications over the electronic network or for the provider to deliver the requested service to the customer.
2. There are various technologies used to store information on the user’s computer, which is then collected by other websites. Among these, the most well-known and commonly used is HTML. These technologies are used for navigation and to facilitate access and use of the site. They are necessary for the transmission of communications over the electronic network or for the provider to deliver the requested service to the customer.
3. The use of technical cookies allows safe and efficient use of the site.
4. Cookies placed in the browser and retransmitted via Google Analytics or similar services such as Blogger statistics are considered technical only if used directly by the site owner for site optimization. The site owner may collect information in aggregated form about the number of users and their browsing behavior. Under these conditions, Analytics cookies follow the same rules on consent and information as technical cookies.
5. Based on duration, cookies can be temporary session cookies that are deleted automatically at the end of the browsing session and used to identify the user, thus avoiding login on each page visited, and permanent cookies that remain active on the PC until expiration or deletion by the user.
6. Session cookies may be installed to allow access and permanence in the reserved area of the portal as an authenticated user.
7. They are not stored permanently but for the duration of the browsing session until the browser is closed. Their use is strictly limited to transmitting session identifiers, consisting of random numbers generated by the server, necessary to enable secure and efficient site exploration.

3. Third-Party Cookies

1. Cookies sent to the browser directly by the site being visited are distinguished from those sent by third-party sites.
2. Permanent cookies are often third-party cookies.
3. Most third-party cookies consist of tracking cookies used to identify online behavior, understand user interests, and personalize advertising proposals.
4. Third-party analytical cookies may be installed. They are sent by domains of third parties external to the website.
5. Third-party analytical cookies are used to detect user behavior on bonassisa.it anonymously, to monitor performance and improve usability. Third-party profiling cookies are used to create user profiles to send advertising messages aligned with the user’s expressed preferences.
6. The use of these cookies is governed by the rules set by the respective third parties. Users are therefore invited to consult the related privacy policies and instructions on managing or disabling cookies on their webpages.

4. Profiling Cookies

1. Profiling cookies create user profiles and are used to send advertising messages aligned with user preferences expressed during online browsing.
2. When these types of cookies are used, the user must give explicit consent.
3. Article 22 of EU Regulation 2016/679 and Article 122 of the Data Protection Code apply.

IV – DATA PROCESSED

1. Methods of Data Processing

1. Like all websites, this site uses log files in which information collected automatically during user visits is stored. The collected information may include:
   Internet Protocol (IP) address;
   • Type of browser and device parameters used to connect to the site;
   • Name of the internet service provider (ISP);
   • Date and time of visit;
   • Referring and exit web pages;
   • The number of clicks, if applicable.
2. This information is processed automatically and collected exclusively in aggregated form to verify proper site operation and for security reasons. This information is processed based on the controller’s legitimate interests.
3. For security purposes (anti-spam filters, firewalls, virus detection), automatically recorded data may also include personal data such as the IP address, which may be used, in accordance with applicable laws, to block attempts to damage the site or harm other users, or in the case of harmful or unlawful activities. These data are never used to identify or profile the user, but only to protect the site and its users, and are processed based on the controller’s legitimate interests.
4. If the site allows comments, or if specific services are requested by the user (including the option to submit a CV for potential employment), the site automatically detects and records some user identification data, including their email address. These data are voluntarily provided by the user when requesting service delivery. By submitting a comment or other information, the user accepts the privacy notice and consents to the free dissemination of the submitted content to third parties. Received data will be used solely for the requested service and for the time necessary to provide it.
5. Information users choose to make public through the site’s available tools and services is provided voluntarily and knowingly, exempting the site from any responsibility regarding law violations. It is the user’s responsibility to verify they have permission to enter personal data of third parties or content protected by national or international regulations.

2. Purposes of Data Processing

1. Data collected during site operation are used solely for the purposes indicated above and retained only for the time strictly necessary to carry out these activities and, in any case, no longer than 2 years.
2. Data used for security purposes (site damage prevention) are retained only for the time strictly necessary to achieve this purpose.

3. Data Provided by the User

1. As indicated above, the optional, explicit, and voluntary sending of emails to the addresses listed on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.
2. Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services upon request.

4. Support in Configuring Your Browser

1. The user may manage cookies through their browser settings. However, deleting cookies may remove preferences set for the site. For more information and support, users can visit the help pages of the browser they are using:
   • Internet Explorer
   • Firefox
   • Safari
   • Chrome
   • Opera

5. Social Network Plugins

1. This site also incorporates plugins and/or buttons for social networks to allow easy sharing of content on your preferred social networks. These plugins are programmed not to set cookies upon page access to safeguard user privacy. Cookies may be set only when the user voluntarily uses the plugin, if required by the social network. If the user browses while logged into the social network, they have already consented to the use of cookies transmitted via this site at the time of registering on the social network.
2. Information collected and used through the plugin is governed by each social network’s respective privacy policies. Users are invited to refer to:
   • Facebook
   • X
   • Pinterest
   • AddThis
   • LinkedIn

V – USER RIGHTS

1. Art. 13 paragraph 2 of EU Regulation 2016/679 lists user rights.
2. The website bonassisa.it informs the user of the existence:
   • of the right of the data subject to request from the controller access to personal data (Art. 15 EU Regulation), their update (Art. 7 paragraph 3 letter a of Legislative Decree 196/2003), rectification (Art. 16 EU Regulation), integration (Art. 7 paragraph 3 letter a of Legislative Decree 196/2003), restriction of processing (Art. 18 EU Regulation), or to object, for legitimate reasons, to their processing (Art. 21 EU Regulation), as well as the right to data portability (Art. 20 EU Regulation);
   • of the right to request the erasure (Art. 17 EU Regulation), anonymization, or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed (Art. 7 paragraph 3 letter b of Legislative Decree 196/2003);
   • of the right to obtain certification that operations of update, rectification, integration, erasure, blocking, and transformation have been made known to those to whom the data were communicated or disseminated, except where this proves impossible or involves a disproportionate effort (Art. 7 paragraph 3 letter c of Legislative Decree 196/2003).
3. Requests may be addressed to the data controller at the email address indicated above (without formal requirements) or using the template provided by the Italian Data Protection Authority.
4. If processing is based on Art. 6 paragraph 1 letter a – explicit consent for use – or Art. 9 paragraph 2 letter a – explicit consent for the use of genetic, biometric, or health-related data revealing religious or philosophical beliefs, trade-union membership, racial or ethnic origin, political opinions – the user has the right to withdraw consent at any time without affecting the lawfulness of processing based on previously given consent.
5. In case of a violation of applicable law, the user has the right to lodge a complaint with the Italian Data Protection Authority, which oversees processing in Italy.
6. For a more in-depth review of your rights, see Articles 15 et seq. of EU Regulation 2016/679 and Article 7 of Legislative Decree 196/2003.

VI – REQUIREMENTS

1. The data controller notifies the Data Protection Authority only if data processing concerns:
   • genetic, biometric, or geolocation data of people or objects via electronic communication networks;
   • data revealing health status or sex life, processed for assisted reproduction, telemedicine services, databases, epidemiological research, detection of mental, infectious, or contagious diseases, HIV positivity, organ and tissue transplants, and expenditure monitoring;
   • data revealing sex life or psychological sphere processed by non-profit associations, entities, or organizations, including non-recognized ones, with political, philosophical, religious, or trade-union purposes;
   • data processed using electronic tools aimed at defining the profile or personality of the data subject or analyzing consumption habits and choices or monitoring the use of electronic communication services, excluding processing strictly necessary to provide such services;
   • sensitive data stored in databases for personnel selection on behalf of third parties, as well as sensitive data used for surveys, market research, and other sample studies;
   • data recorded in databases managed with electronic tools relating to solvency risk, financial situation, compliance with obligations, or unlawful or fraudulent behavior.

VII – DATA SECURITY

1. This site processes user data lawfully and fairly, adopting appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of data. Processing is carried out using electronic and/or telematic tools, with organizational methods strictly related to the purposes indicated. In addition to the controller, categories of authorized personnel involved in site organization (administrative, marketing, commercial, legal, system administrators) or external parties (third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to data.

VIII – CHANGES TO THIS DOCUMENT

1. This document, published at: https://bonassisa.it/privacy-policy-gdpr/ constitutes the privacy policy of this site.
2. It may be subject to changes or updates. If changes are significant, they will be notified to users.
3. Previous versions of the document will remain available on this page.
4. The document was updated on 01/02/2020 to comply with applicable regulations, particularly EU Regulation 2016/679.