Why this Notice
Modalities are herein described for the processing of personal data entered by the users of Grimaldi Lines website.
As per art. 13 of Italian d.lg. n. 196/2003 - Codice in materia di protezione dei dati personali (Italian Personal Data Protection Code), this notice is aimed to anybody interacts with GRIMALDI GROUP S.p.A. web services through the address below:
The policy below is intended only for the website above and shall not be applied to any other websites consulted by the Site User while surfing through Grimaldi Lines website.
The policy follows the EU Recommendation n. 2/2001 concerning the protection of personal data, as adopted on 17 May 2001 by the European Authorities identified by art. 29 of directive n. 95/46/CE, and is aimed to set minimum requirements to be applied when collecting personal information on-line. In particular, it sets out the data processing modalities and times as well as the nature of the information to be provided to the site users by the data controller when the users visit Grimaldi Lines web pages for whatever reasons.
Said Recommendation and a brief description of its purposes are reported in the following.
The Data Controller
The entity entrusted with the control of site users personal data is GRIMALDI GROUP S.p.A., headquartered in Via Emerico Amari, 8 – 90139, Palermo – Tax code 00117240820 and VAT n. IT00117240820 – Fax +390815517401 – E-mail: firstname.lastname@example.org.
Data processing location
Data will be processed at the headquarters of GRIMALDI GROUP S.p.A., sited in Via Marchese Campodisola, 13 – 80133, Napoli, and will be handled only by staff assigned to the Department responsible for Personal Data Processing.
Data concerning the payment online of tickets will be handled by:
- Consorzio Triveneto;
- Monte dei Paschi di Siena;
- MyBank Unicredit;
acting as independent controllers in a safe location and in no way will be handled and processed by Grimaldi Group S.p.A.
Which data is processed
a) Data automatically supplied by the User
During operations, information systems and procedures connected with our website collect personal data about the User to be provided compulsorily in order to allow the registered user to access the services offered.
When processed or associated with data owned by third parties, this type of information allows the identification of the user or the party concerned.
This category includes the IP address or domain names of the computers used for access, Uniform Resource Identifiers, the time of the request, the modality used for submitting the request to the server, the size of the file received in response, the numeric code indicating the state of the server response (successful, failed, etc.) and other parameters relative to the Site User’s operating system and IT environment.
This type of information is used only to the purpose of obtaining anonymous statistical information about the use of the website and to check the website is properly operated. It will be deleted immediately after its processing. This kind of data could however be used to verify responsibility in case of any cybercrimes against the site. In any case, data from web contacts is stored for no longer than seven days.
b) Data voluntarily supplied by the User
The User personal email address and other personal data supplied by voluntarily sending electronic mails to the addresses specified in this website, including the sending of forms for the request of any information, as well as any type of registration or subscription to newsletters, is collected and processed. Specific relative reports will be displayed on the website pages if requested.
Voluntary provision of data
Except for what specified about data automatically supplied by the User, the Site User is free to choose whether to provide personal data or not when filling in the forms for newsletter registration, as well as for any request of information or contacts with the Company Departments. The User is aware that the service or information requested might not be provided in case said data should be missing.
Data Processing Modalities
Personal information is processed by automated tools only for the length of time required to execute the services requested. Specific security measures have been implemented to prevent any loss or illegal and inappropriate use of personal data as well as unauthorized access.
Rights of the Parties concerned
Pursuant to art. 7 of the Italian Personal Data Protection Code, Parties concerned are entitled to be confirmed at any time the acquisition of their personal data as well as the type of information collected in order to verify its appropriacy or request its adjustment or update.
As provided for in the same article above parties concerned are entitled to request the removal of the information illegally processed and in any case oppose the processing of such data for any legitimate reasons.
Any request concerning the above is to be submitted to: email@example.com or sent by ordinary mail to the Data Controller, GRIMALDI GROUP S.p.A., Via Marchese Campodisola, 13 – 80133, Napoli.