Information pursuant to EU Regulation 2016/679 ("GDPR")
WHO WE ARE: THE “DATA CONTROLLER”
Trieste Terminal Passeggeri S.P.A is the data controller of your personal data.
The head office is located in Punto Franco Vecchio Molo IV – 34135, Trieste, and the contact details are as follows: firstname.lastname@example.org
The Data Protection Officer is Att. Michele Grisafi, head office located in Trieste, Via del Coroneo 33 (mail: email@example.com).
PERSONAL DATA PROCESSED AND PURPOSES OF PROCESSING
The IT systems and the software procedures used for the operation of this site acquire some personal details, the transmission of which is implicit in the use of Internet communication protocols.
This category of data includes the IP addresses or domain names of the computers and terminals used by the users, the addresses in URI/URL form (Uniform Resource Identifier/Locator) of the resources requested, the time of the request, the method used when submitting the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply given by the server (successful, error, etc.) and other parameters concerning the operative system and the IT environment of the user.
These data, necessary for the use of web services, are also processed for the purpose of:
– obtaining statistical information on the use of the services (most visited pages, number of visitors per hour or day, geographical areas of origin, etc.);
– checking the correct operation of the services offered.
The browsing data do not persist for more than seven days and are deleted immediately after their aggregation (except for any need for investigation of crimes by the judicial authority).
Data communicated by the user
The optional, explicit and voluntary sending of messages to the contact addresses published on the website, as well as the compilation and forwarding of forms on the website, entail the acquisition of the sender’s contact data, necessary to reply, as well as all personal data included in the communications.
Specific information is published on the pages of the website prepared for the provision of certain services, with a request for consent to processing.
The site is free from profiling cookies and personal data collection (cookie-free).
Some structural technical cookies are required to ensure the proper functioning of web pages. The complete list can be consulted at the foot of this page.
LEGAL BASIS FOR PROCESSING
The company may process the above personal data without specific consent, except as required for the compilation of specific forms, as the legal basis for lawfulness of processing derives from the execution of pre-contractual measures taken at the request of the data subject (eg. request for information via email), as well as for the pursuit of the legitimate interest of the company to promote and achieve its statutory purposes.
The conferment of data for the above purposes is free and optional, however, any refusal involves the impossibility for the company to pursue this purpose.
The data are entered in an electronic database and/or stored in paper files.
The data are not subjected to automated decision-making or profiling of any kind.
RECIPIENTS OF THE DATA
The personal data may be known by collaborators and employees of the company, as subjects authorised and specially instructed to process them.
The data may be communicated to external subjects (e.g. companies that manage web platforms, agencies connected or belonging to other territorial bodies, etc.) for the purposes outlined above, if there is a need for their involvement. These subjects will act as autonomous Data Controllers, or will be appointed as Data Processors.
DATA RETENTION PERIOD
The company will keep the data for the time strictly necessary to achieve the above purposes and also to meet any need for access and recovery of data. After 24 months from acquisition (7 days for browsing data), if there is no further need for contact or obligation to retain the data, the data will be deleted.
RIGHTS OF THE DATA SUBJECT
The rights granted include the rights to:
request access to your personal data and information about them; rectify inaccurate data or integrate incomplete data; delete personal data (if any of the conditions set out in art. 17, paragraph 1 of the GDPR are met and in compliance with the exceptions set out in paragraph 3 of the same article); limit the processing of personal data (if any one of the conditions set out in article 18, paragraph 1 of the GDPR applies);
request and obtain – in the event that the legal basis of the processing is the contract or consent, and the same is carried out by automated means – personal data in a structured format, readable by an automatic device, also in order to communicate said data to another data controller (the so-called right to portability of personal data);
object at any time to the processing of personal data when special situations occur relating to them;
withdraw consent at any time, limited to cases where processing is based on consent for one or more specific purposes and relates to common personal data (e.g. date and place of birth or place of residence) or to particular categories of data (e.g. data revealing health or sex life). However, the processing based on consent and carried out prior to the revocation of the same remains lawful;
With reference to the purposes indicated above, the data subject has the right, at any time, to request the termination of processing and the sending of email communications by the company, with a request to be presented to the contacts indicated above.
RIGHT TO LODGE A COMPLAINT
If the data subject considers that his rights have been compromised, he has the right to lodge a complaint with the Data Protection Authority, with headquarters in Piazza Venezia n.11 – 00187 Rome.