Registration of the account to access the reserved area and make online purchases on the site www.aeroportodialghero.it (hereinafter also referred to as "website") requires the provision of specific personal data by the user (hereinafter also referred to as "data subject").
Therefore, as required by current legislation (art. 13 General Data Protection Regulation, hereinafter also referred to as GDPR), SO.GE.A.AL. S.p.A., the legal representative pro tempore, (hereinafter also referred to as "Data Controller" or "company") provides users with information relating to the processing of their data.
The Data Controller is SO.GE.A.AL. S.p.A., with a registered office in Regione Nuraghe Biancu, 07041 Alghero (SS), P. IVA 01635090903. The company can be contacted via email at firstname.lastname@example.org or by phone at +39.079.935011
DATA PROTECTION OFFICER (DPO) CONTACT
The Data Controller has appointed the Data Protection Officer. They can be contacted at email@example.com
WHAT DATA IS PROCESSED?
The data processed is the identification and contact information provided by the user during registration (by filling out the appropriate form), and further data provided through reserved areas or appropriate functions dedicated to services reserved for registered users.
WHAT ARE THE PURPOSES AND LEGAL BASIS OF THE PROCESSING?
Personal data is used to allow the interested party to register on the platform and take advantage of the services reserved for registered users through their account.
Therefore, the legal basis for the processing of such data is the execution of pre-contractual, contractual measures and legal obligations.
If agreed, the identification and contact information may be used for marketing and advertising purposes such as but not limited to the following; direct sales, market research, commercial communication of the activities and services offered by the owner, telemarketing, email and or SMS.
The legal basis for the processing of identification data for marketing purposes is consent. It should be noted that any consent given for the sending of commercial and promotional communications, on the basis of art. 130, paragraphs 1 and 2, of Legislative Decree No. 196/2003 (privacy Code), implies the receipt of these communications, which are not only through automated means of contact (SMS, email, and other messages), but also through traditional methods (such as paper mail or calls via operators).
Consent can be revoked at any time.
If necessary, the data may also be used in the Data Controller's legitimate interest to verify correct system functionality and system security.
HOW IS DATA COLLECTED
The data collected is processed with computer tools and residual in paper form. Adequate security measures are taken to prevent data loss, illicit or incorrect use and unauthorised access.
DATA TRANSFER ABROAD
The data is managed through the servers and used by the Data Controller for the website and third party services (used for payments and for receiving requests by email) that involve a transfer of data abroad in compliance with the necessary guarantees (standard contractual clauses).
DATA STORAGE PERIOD
The data relating to the account is kept until the user requests to cancel or until 24 months after the last access.
The data processed for the management of purchases is kept in accordance with the laws related to administrative and accounting purposes and within the prescribed terms set forth by the rights and obligations underlying the processing.
If agreed, the data processed for marketing purposes will be retained for two years, without prejudice to the right of the opposition. The person concerned may exercise freely and without any charges at any time to the sending of promotional communications via automated or traditional means.
The Data Controller reserves the right without prejudice, and for security means to store data beyond the indicated terms.
WHAT HAPPENS IF THE DATA IS NOT PROVIDED?
The provision of data is optional and is subject to the user's wish to register. Failure to provide data will make it impossible to create an account and use the functions reserved for registered users.
The data will be processed by the Data Controller and by the staff authorised to do the processing.
The competent authorities may have knowledge of the data in the case of specific requests which the holder is required by law to give. For example, to companies providing IT supply services, to payment services providers, to consultants that the owner uses for financial and administrative management and, to consultants for the management of litigation and legal assistance.
It should be noted that some of the indicated subjects operate as owners, and others are responsible for the processing of data and communication. Those who operate as independent controllers do so because it is required by law or necessary to fulfil the obligations arising from the pre-contractual relationship or the holder's legitimate interest in maintaining the security of the computer systems and in the systems security conduct.
The detailed list of the subjects to whom the data may be communicated can be requested by contacting the Data Controller.
It should be noted that personal data communication is limited to only categories of data whose transmission is necessary for the performance of the activities and purposes pursued.
THE USERS RIGHTS
The law recognises that the interested party has the right to ask the Data Controller for access to personal data, the rectification or cancellation of data, the limitation or opposition to the processing of their data, as well as the right to data portability.
It should be noted that you have the right to oppose the processing of marketing data.
The interested party may assert their rights at any time, without formalities, by contacting the Data Controller or the Data Protection Officer through the contact information listed on this website. The Data Controller will respond within 30 days of receiving the request, as required by current legislation.
The rights recognised by current legislation on the protection of personal data is provided in detail below.
The interested party is then informed, and if they consider that the processing of their personal data occurs in violation of the provisions of the RGDP, they have the right to file a complaint with the guarantor, as provided for by art. 77 of the regulation itself or to appeal to the appropriate courts (art. 79 of the regulation).
Further information is contained on the website, user and cookie information can be accessed at any time from the footer of the website.
Send us a complaint or a suggestion