Dear Visitor,

we wish to inform you that the “European Regulation 2016/679 on the protection of individuals with regard to the processing of personal data, as well as on the free movement of such data” (hereinafter “GDPR”) provides for the protection of individuals with regard to the processing of personal data as a fundamental right. Pursuant to Article 13 contained in the aforementioned regulation, we inform you that:

1. CATEGORIES OF DATA

Rationis S.r.l. will process your personal data such as:

• Data collected automatically. The computer systems and applications dedicated to the operation of this website detect, during their normal operation, some data (the transmission of which is implicit in the use of Internet communication protocols) potentially associated with identifiable users. The data collected includes the IP addresses and domain names of the computers used by users connecting to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server and other parameters concerning the operating system, the browser and the IT environment used by the user. These data are processed, for the time strictly necessary, for the sole purpose of obtaining statistical information on the use of the site and to check its regular functioning. The provision of such data is mandatory as it is directly linked to the web browsing experience.
• Data provided voluntarily by the user. The voluntary and explicit sending of e-mails to the addresses indicated in the different access channels of this site does not imply a request for consent and any compilation of specifically prepared forms entail the subsequent acquisition of the address and data of the sender / user, necessary to respond to the requests produced and / or provide the requested service. The voluntary sending, on your part, of e-mails to our e-mail addresses does not require further information or requests for consent. The user must therefore explicitly consent to the use of the data contained in these forms in order to send the request.
• The site uses technical cookies necessary for the proper functioning of the site. The site does not use third-party cookies. For more information see the cookie policy.

2. SOURCE OF PERSONAL DATA

The personal data of which Rationis S.r.l. is in possession are collected directly from the interested party.

3. DATA CONTROLLER and DPO

The Data Controller of your personal data is Rationis S.r.l., with registered office in Via Foro Buonaparte 63 in Milan, responsible for the legitimate and correct use of your personal data and which you can contact for any information or request at privacy@rationis.it. The structure of the Data Controller is equipped with a Data Protection Officer (or “DPO”). The DPO is available for any information concerning the processing of personal data carried out by the Data Controller at the address privacy@rationis.it.

4. PURPOSE OF DATA PROCESSING AND LEGAL BASIS

The processing of your data has as its legal basis your consent and is carried out for the management of the following purposes:
• For the management of any user requests;
• For monitoring the correct functioning of the portal;
• For newsletter subscription and marketing communications;

In addition, the data will be processed in anonymized and / or aggregate form to improve the web browsing experience and to monitor the correct functioning of the portal, as well as for the protection of the same. Finally, your data will be processed for the fulfillment of obligations under laws, regulations and / or community regulations, or arranged by supervisory and control authorities; In this case, the legal basis of the processing is the fulfillment of the legal obligations to which the Data Controller is subject. This site processes your data in a lawful and correct manner, adopting appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of your data.

5. DATA RECIPIENTS

Within the limits relevant to the processing purposes indicated, your data may be disclosed to partners, consulting companies, private companies, appointed as Data Processors by the Data Controller or for legal obligations or to fulfill your specific requests. The Data Processors and Persons in charge of the processing in office are punctually identified in the Privacy Document, updated periodically.

6. TRANSFER OF DATA ABROAD

The data collected are not transferred abroad.

7. RETENTION PERIOD

The data collected will be kept for a period of time not exceeding the achievement of the purposes for which they are processed (“conservation limitation principle”, art.5, GDPR) or according to the deadlines established by law. The verification of the obsolescence of the data stored in relation to the purposes for which they were collected is carried out periodically.

8. RIGHTS OF THE INTERESTED PARTY

The interested party always has the right to request from the Data Controller access to your data, the correction or cancellation of the same, the limitation of processing or the possibility of opposing the processing, to request data portability, to revoke consent to processing by asserting these and other rights provided by the GDPR by simple communication to the Data Controller. Finally, you have the right to lodge a complaint with the privacy authority in the event that you believe that an offense has been generated related to the processing of your data.

9. METHODS OF DATA PROCESSING

The personal data you provide will be subject to processing operations in compliance with the aforementioned legislation and the confidentiality obligations that inspire the activity of the Data Controller. The data will be processed both with IT tools and on paper and on any other type of suitable support, in compliance with the appropriate security measures pursuant to Article 5 paragraph 1 letter F of the GDPR.

10. PLEASE NOTE

The information is not to be considered valid for other websites that may be consulted through links on the domain websites of the Data Controller, which is not to be considered in any way responsible for the websites of third parties.