PRIVACY POLICY INFORMATION FOR QyourQualityExperience.it

1. This section contains information regarding the management of QyourQualityExperience.it in relation to the processing of user data.
2. This notice is also valid for the purposes of art. 13 of Legislative Decree no. 196/2003, the Personal Data Protection Code, and for the purposes of art. 13 of EU Regulation no. 2016/679, relating to the protection of natural persons with regard to the processing of personal data and the free movement of such data, for subjects who interact with QyourQualityExperience.it, accessible at: https://QyourQualityExperience.it/privacy-policy
3. This notice applies only to QyourQualityExperience.it and not to other websites that may be visited by the user through links contained therein.
4. The purpose of this document is to provide information about the methods, timing and nature of the information that data controllers must provide to users when connecting to the web pages of QyourQualityExperience.it, regardless of the purpose of the connection, in accordance with Italian and European legislation.
5. This notice may be subject to changes due to the introduction of new regulations; users are therefore invited to periodically check this page.
6. If the user is under sixteen years of age, pursuant to art. 8, par. 1 of EU Regulation 2016/679, they must obtain consent through the authorization of their parents or legal guardians.

DATA PROCESSING

1. DATA CONTROLLER

1. The data controller is the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of personal data processing. They also handle security matters.
2. For this website, the data controller is Q SNC and for any clarification or exercise of user rights, they can be contacted at qcastellanza@gmail.com

2. DATA PROCESSING MANAGER

1. The data processing manager is the natural or legal person, public authority, service or other body that processes personal data on behalf of the data controller.
2. Pursuant to article 28 of EU Regulation no. 2016/679, appointed by the data controller, the data processing manager for QyourQualityExperience.it is Q SNC
3. The data processing generated by the use of QyourQualityExperience.it takes place at the controller's premises.
4. If necessary, data related to the newsletter service may be processed by the processing manager or persons appointed by them at their respective premises.

PROCESSED DATA

1. DATA PROCESSING METHODS

1. Like all websites, this site uses log files in which automatically collected information is stored during user visits. The information collected may include:
   • Internet Protocol (IP) address;
   • Browser type and device parameters used to connect to the site;
   • Internet Service Provider (ISP) name;
   • Date and time of visit;
   • Referring and exit web page;
   • Possibly the number of clicks.
2. The above information is processed automatically and collected in aggregate form only to verify the correct functioning of the site and for security purposes. Such information will be processed based on the legitimate interests of the controller.
3. For security purposes (anti-spam filters, firewall, virus detection), automatically recorded data may include personal data such as IP addresses, which may be used, in accordance with applicable laws, to block attempts to damage the site or to harm other users. Such data is never used for identification or profiling of the user, but only for the protection of the site and its users.
4. The site allows data entry in specific registration sections. Such data is considered voluntarily provided by the user when requesting the service. By entering the requested information, the user expressly accepts this privacy notice and consents to the content being freely used for the purposes stated in those sections.
5. Information that users choose to make public through the services and tools provided is given consciously and voluntarily, exempting this site from any liability regarding possible violations of the law. It is the user's responsibility to verify they have permission to enter third-party personal data or content protected by national and international regulations.

2. PURPOSE OF DATA PROCESSING

1. Data collected by the site during its operation is used exclusively for the purposes indicated above and kept for the time strictly necessary to carry out the specified activities, and in any case no longer than 5 years.
2. Data used for security purposes (blocking attempts to damage the site) is kept for the time strictly necessary to achieve the aforementioned purpose.

3. DATA PROVIDED BY THE USER

1. As indicated above, the optional, explicit and voluntary sending of email to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.
2. The entry of data in the appropriate sections of this site automatically entails their subsequent acquisition after accepting the authorization to send the data.

4. BROWSER CONFIGURATION SUPPORT

1. This site also incorporates plugins and/or buttons for social networks, in order to allow easy sharing of content on various preferred social networks. These plugins are programmed not to set any cookies when accessing the page to protect user privacy. Cookies are set, if provided by the social networks, only when the user makes actual and voluntary use of the plugin.
2. The collection and use of information obtained through the plugin are governed by the respective privacy policies of the social networks, to which please refer:
   • Facebook: www.facebook.com
   • Instagram: www.instagram.com

USER RIGHTS

1. Art. 13 par. 2 of EU Regulation 2016/679 lists the user's rights.
2. This site therefore intends to inform the user of the existence of:
   • the right of the data subject to request from the controller access to personal data (art. 15 EU Regulation), their update (art. 7, par. 3, let. a of Legislative Decree 196/2003), rectification (art. 16 EU Regulation), integration (art. 7, par. 3 let. a Legislative Decree 196/2003), restriction of processing (art. 18 EU Regulation) or to object, on legitimate grounds, to their processing (art. 21 EU Regulation), as well as the right to data portability (art. 20 EU Regulation);
   • the right to request erasure (art. 17 EU Regulation), transformation into anonymous form or blocking of data processed in violation of the law, including data for which retention is not necessary in relation to the purposes for which it was collected or subsequently processed (art. 7 par. 3, let. b of Legislative Decree 196/2003);
   • the right to obtain confirmation that operations of updating, rectification, integration, erasure, blocking, transformation have been brought to the attention, also regarding their content, of those to whom the data has been communicated or disseminated, except where this proves impossible or involves a manifestly disproportionate effort (art. 7 par. 3, let. c of Legislative Decree 196/2003).
3. Requests may be addressed to the data controller at the aforementioned email address (without formalities).
4. If the processing is based on art. 6 paragraph 1 letter a – express consent – or on art. 9 paragraph 2 letter a – express consent for the use of genetic, biometric, health-related data, or data revealing religious, philosophical beliefs or trade union membership, racial or ethnic origin, political opinions – the user has the right to withdraw consent at any time without affecting the lawfulness of processing based on consent given before withdrawal.
5. Similarly, in the event of a violation of the regulations, the user has the right to lodge a complaint with the Data Protection Authority, as the authority responsible for monitoring processing in Italy.
6. For a more detailed examination of the rights that apply, please see articles 15 et seq. of EU Regulation 2016/679 and art. 7 of Legislative Decree 196/2003.

COMPLIANCE

1. The controller notifies the Authority of the personal data processing it intends to carry out only if the processing concerns:
   • genetic, biometric data or data indicating the geographical position of persons or objects through an electronic communications network;
   • data suitable for revealing health status and sexual life, processed for assisted procreation, telemedicine health services related to databases or supply of goods, epidemiological surveys, detection of mental, infectious and communicable diseases, seropositivity, organ and tissue transplantation and health expenditure monitoring;
   • data suitable for revealing sexual life or the psychological sphere, processed by associations, bodies and organizations without profit, including unrecognized ones, of a political, philosophical, religious or trade union nature;
   • data processed with the aid of electronic tools aimed at defining the profile or personality of the data subject or analyzing consumption habits and choices or monitoring the use of electronic communication services;
   • sensitive data recorded in databases for personnel selection on behalf of third parties as well as sensitive data used for opinion polls, market research and other sample surveys;
   • data recorded in databases managed with electronic tools relating to the risk of economic solvency, financial situation, proper fulfillment of obligations, unlawful or fraudulent behavior.