Florence Season 1

WEBSITE DATA PRIVACY INFORMATION FORM
updated to EU Reg. 2016/679
(European Regulation on the protection of personal data)
1. Introduction
Wholly house by Mattia Vescovi takes user privacy seriously and is committed to respecting it. This privacy policy (“Privacy Policy”) describes the personal data processing activities carried out by Wholly house di Mattia Vescovi through the website www.polimedia.net and the related commitments undertaken in this sense by the Company Wholly house di Mattia Vescovi can process the personal data of the user when he visits the Site and uses the services and functions present on the Site. In the sections of the Site in which the user's personal data are collected, a specific information is normally published pursuant to art. 13/15 of EU Reg. 2016/679.
Where required by EU Reg. 2016/679, the user's consent will be requested before proceeding with the processing of their personal data. If the user provides personal data of third parties, he must ensure that the communication of the data to Wholly house di Mattia Vescovi and the subsequent processing for the purposes specified in the applicable privacy information complies with EU Reg. 2016/679 and the applicable legislation.



2) Identification details of the Data Controller, Data Processor and Privacy OfficerMattia Vescovi, email [email protected] 3) Type of data processed Visiting and consulting the Site generally does not involve the collection and processing of the user's personal data, except for navigation data and cookies as specified below. In addition to the so-called "navigation data" (see below), personal data voluntarily provided by the user may be processed when he or she interacts with the Site's features or requests to use the services offered on the Site. In compliance with the Privacy Code, Wholly house di Mattia Vescovi may also collect the user's personal data from third parties in the course of its activities.

4) Retention of personal data Personal data are stored and processed through computer systems owned by Wholly house di Mattia Vescovi and managed by Wholly house di Mattia Vescovi or by third party technical service providers; for more details, please refer to the "Scope of accessibility of personal data" section below. The data are processed exclusively by specifically authorized personnel, including personnel in charge of carrying out extraordinary maintenance operations. 5) Purposes and methods of data processing Wholly house di Mattia Vescovi may process the user's common and sensitive personal data for the following purposes: use by users of services and functions on the Site, management of requests and reports from its users, sending newsletters, management of applications received through the Site, etc.In addition, with the additional and specific optional consent of the user, Wholly house di Mattia Vescovi may process personal data for marketing purposes, i.e. to send the user promotional material and/or commercial communications relating to the Company's services, at the addresses indicated, or through traditional methods and/or means of contact (such as paper mail, telephone calls with an operator, etc.) and automated (such as communications via the Internet, fax, e-mail, SMS, applications for mobile devices such as smartphones and tablets -CDs. APPS-, social network accounts -e.g. via Facebook or Twitter-, auto-attendant phone calls, etc.).Personal data are processed both in paper and electronic form and entered into the company information system in full compliance with EU Reg. 2016/679, including the security and confidentiality profiles and inspired by the principles of correctness and lawfulness of processing. In accordance with EU Reg 2016/679, the data are kept for 12 months.

6) Security and quality of personal data Wholly house di Mattia Vescovi undertakes to protect the security of the user's personal data and complies with the security provisions provided for by the applicable legislation in order to avoid data loss, illegitimate or illicit use of data and unauthorized access to the same, with particular reference to the Technical Regulations on minimum security measures. In addition, the information systems and computer programs used by Wholly house di Mattia Vescovi are configured in such a way as to minimize the use of personal and identification data; These data are processed only for the achievement of the specific purposes pursued from time to time. Wholly house di Mattia Vescovi uses multiple advanced security technologies and procedures to promote the protection of users' personal data; For example, personal data is stored on secure servers located in locations with protected and controlled access. You can help Wholly house di Mattia Vescovi to update and keep your personal data correct by communicating any changes to your address, job title, contact information, etc. 7) Scope of communication and access to data The user's personal data may be communicated to: all subjects to whom the right of access to such data is recognized by virtue of regulatory provisions; to our collaborators and employees in the context of their duties; to all those natural and/or legal, public and/or private persons when the communication is necessary or functional to the performance of our activity and in the manner and for the purposes illustrated above;

8) Nature of provision of personal data The provision of certain personal data by the user is mandatory to allow the Company to manage communications, requests received from the user or to contact the user to follow up on his request. This type of data is marked with an asterisk [*] and in this case the provision is mandatory to allow the Company to follow up on the request which, failing that, cannot be processed. On the contrary, the collection of other data not marked with an asterisk is optional: failure to provide such data will not result in any consequences for the user. The provision of personal data by the user for marketing purposes, as specified in the section "Purposes and methods of processing" is optional and refusal to provide them will have no consequences. The consent given for marketing purposes is extended to the sending of communications through both automated and traditional methods and/or means of contact, as exemplified above. 9) Rights of the data subject 9.1 Art. 15 (right of access) , 16 (right of rectification) of EU Reg. 2016/679 The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed and, if so, to obtain access to the personal data and the following information: a) the purposes of the processing; (b) the categories of personal data concerned; (c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations; (d) the envisaged period for which the personal data will be retained or, if this is not possible, the criteria used to determine that period;e) the existence of the right of the data subject to request from the controller the rectification or erasure of personal data or the restriction of the processing of personal data concerning him or her, or to object to their processing; f) the right to lodge a complaint with a supervisory authority; h) the existence of automated decision-making, including profiling and, at least in such cases, meaningful information on the logic used, as well as the significance and expected consequences of such processing for the data subject. 9.2 Right pursuant to art. 17 of EU Reg. 2016/679 – right to erasure ("right to be forgotten") The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall be obliged to erase the personal data without undue delay, if one of the following grounds applies:a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; b) the data subject withdraws the consent on which the processing is based in accordance with point (a) of Article 6(1) or point (a) of Article 9(2) and if there is no other legal basis for the processing; (c) the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or objects to the processing pursuant to Article 21(2); d) the personal data have been unlawfully processed; (e) the personal data must be erased for compliance with a legal obligation under Union or Member State law to which the controller is subject; f) the personal data have been collected in relation to the offer of information society services referred to in Article 8, paragraph 1 of EU Reg. 2016/679

9.3 Right pursuant to Article 18 Right to restriction of processing The data subject has the right to obtain from the data controller the restriction of processing when one of the following applies: a) the data subject contests the accuracy of the personal data, for the period necessary for the controller to verify the accuracy of such personal data; b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests instead that their use be restricted; c) although the controller no longer needs the personal data for the purposes of the processing, the personal data are necessary for the data subject to establish, exercise or defend legal claims; d) the data subject has objected to the processing pursuant to Article 21, paragraph 1, of EU Reg 2016/679 pending verification of whether the legitimate reasons of the data controller prevail over those of the data subject. 9.4 Right referred to in Article 20 Right to data portability The data subject shall have the right to receive the personal data concerning him or her which he or she has provided to a controller in a structured, commonly used and machine-readable format and shall have the right to transmit those data to another controller without hindrance from the controller 10) Revocation of consent to processing The interested party has the right to revoke consent to the processing of his/her personal data by sending a registered letter with acknowledgement of receipt to the following address: Florence accompanied by a photocopy of his/her identity document, with the following text: <>. At the end of this operation, your personal data will be removed from the files as soon as possible. If you wish to have more information on the processing of your personal data, or exercise the rights referred to in point 7 above, you can send a registered letter with acknowledgement of receipt to the following address: Florence. Before we can provide you with, or amend any information, we may need to verify your identity and answer certain questions. An answer will be provided as soon as possible. 11) Security of the server where the sites managed by Polimedia are hosted The infrastructure where Mattia Vescovi's Wholly house server is hosted is designed and built to ensure maximum security, availability and data integrity, as required by the security measures described in the GDPR: redundancies on all support infrastructures, data centers equipped with monitoring and access control, video surveillance, raised floors, fire and anti-seismic systems, Uninterruptible power supply systems