Information and request for consent to the processing of personal data of the website www.nataliakarpman.it in compliance with EU Reg. 2016/679.
In compliance with the obligations established by the EU Reg. 2016/679 and by the Legislative Decree 101/2018 amending and supplementing the Legislative Decree 196/2003, regarding the processing of personal data, the Customer / Visitor is hereby informed that Natalia Karpman, with registered office in Nocera Umbra, Italy, Vocabolo Romagnano 49, 06025 VAT number: 03828220545, in the person of the legal representative, hereinafter "the Professional", will process the personal data concerning him/her and which have been or that will be communicated to the Professional itself.
The processing of personal data will be carried out in compliance with the regulations in force and under the following conditions. Premises
This data processing, pursuant to and for the purposes of EU Reg. 2016/679, is based on the principles of lawfulness, correctness, and transparency and is carried out for specific, explicit, and legitimate purposes.
The data for which authorization for processing is requested is always adequate, relevant, and limited to what is necessary, with respect to the purposes for which they are processed, in compliance with the principle of data minimization. Purpose of the processing
The processing of personal data is aimed exclusively at achieving the following purposes:
a) to fulfill any type of obligation required by laws or regulations in force;
b) for operational and management needs;
c) for the registration of accesses to the professional's website and the use of the services provided with this site;
d) for the need of monitoring the progress of relations with customers/visitors and/or the risks associated with them, for the satisfaction of the same and to improve such relations;
e) for marketing needs. Basis of processing
The legal basis for the processing of the Customer/Visitor's personal data is consent, where an action is required that does not lead to the stipulation of a contract (by way of example and not limited to: request for information); the contract if the Customer / Visitor has entered into a contractual and legally binding agreement with the professional. Processing methods
The processing of data may consist, in addition to their collection, in their registration and conservation. At the request of the Customer/Visitor they will be modified, communicated to another Data Controller, or deleted. All the previous actions will be carried out with the aid of electronic IT and telematic tools, in a manner and with suitable tools to ensure the security and confidentiality of the data.
In particular, all the technical, IT, organizational, logistical, and procedural security measures provided for by EU Reg. 2016/679 will be adopted, in such a way that the minimum level of data protection required by law is guaranteed.
It should be noted that, due to the conservation methods carried out, access to data is allowed only to the persons in charge of processing by the professional as better specified below. Duration of processing
The duration of the processing of personal data is limited to the time necessary to carry out the action requested by the Customer/Visitor who may, at any time, exercise the rights referred to in no. 10 of this information.
In any case, the data related to the invoicing will be kept, as required by law, in accordance with the Italian civil law for the conservation of accounting records, for a period of 10 years Type of data collected
The data collected by the professional, in the case of the conclusion of the contract and consequent formation of the account on the site, suitable for using the services purchased are:
Data necessary for billing;
Data required for payment
Instagram nickname (in the case of purchasing consultancy or coaching service).
The data collected for the purpose of the mere request for contact and information that does not materialize in the conclusion of a contract are:
The data collected for the purpose of blog comments are:
Email address Data provision
The provision of data is necessary for the execution of the action requested by the Customer / Visitor to the professional.
The Customer/Visitor certainly has the right not to grant said authorization and/or revoke it at any time, however, such refusal could compromise the smooth running of the relationship with the professional and, in particular, the impossibility of providing the requested services. Communication and dissemination of data
External communication of personal data collected for the purposes referred to in point 1 can only take place where:
a) such communication is mandatory to ensure compliance with the obligations
b) such communication is mandatory to ensure the correct establishment or continuation of the relationship established with the interested party.
The personal data collected for the achievement of the aforementioned purposes may be communicated, to the extent of their specific competence, to public and private subjects, natural and/or legal persons also with commercial and/or management purposes of information systems and/or payment systems, including external parties who carry out specific tasks on behalf of the professional.
In particular, the data may be disclosed to the following categories of subjects: banking institutions and companies specialized in payment management, law firms, consultancy, and commercial firms, public authorities, or administrations for those who comply with the law.
The data may also be disclosed, but only in aggregate, anonymous form, where it is impossible to identify the person to whom the data belong and for statistical purposes.
The data collected will not be disclosed voluntarily and for a fee to third-party companies for marketing or, more generally, commercial purposes. Transfer of data abroad
The personal data communicated by the user to the professional will not be transferred abroad.
The Customer/Visitor is also informed that this site contains plugins or other IT elements released by third parties that could transfer data within the United States of America or, in any case, outside the European territory. In this case, this transfer takes place pursuant to and for the purposes of art. 46 and 47 of the EU Reg. 2016/679 Rights of the interested party
Pursuant to and for the purposes of art. 15 and ss. of EU Reg. 2016/679, the Customer/Visitor has the right to ask the data controller, as better identified in the following point 12 of this privacy statement: access to personal data concerning him, the correction or integration of data inaccurate or incomplete; the cancellation of personal data no longer necessary, for which consent has been revoked or for which there is no other legal basis for processing (so-called Right to be forgotten); the limitation of the processing of the same, in the cases indicated by art. 18. of the aforementioned Regulation
The Customer / Visitor also has the right to request the transmission of data, in a commonly used format that can also be read by an automatic device, to another data controller (so-called "data portability"); he also has the right to oppose, at any time and for reasons connected with his particular situation, to the processing of personal data concerning him.
The requests of the Customer / Visitor, regarding their rights referred to in art. 15 and ss. Of the EU Reg. 2016/679, they will be satisfied without undue delay by the Data Controller and in any case within 30 days.
The above rights can be exercised either directly or through a person in charge, in the forms provided for by the EU Reg. 2016/679
In any case, it is noted that the data will be processed in such a way as to guarantee the security, integrity, and confidentiality of the data in compliance with the organizational, physical, and logical measures provided for by the provisions in force. Right to lodge a complaint
Without prejudice to any administrative or judicial appeal, the Customer/Visitor who believes that the processing that concerns him or her violates the 2016/679 EU Regulation, has the right to lodge a complaint with the supervisory authority (Privacy Guarantor). Right to compensation and liability
Anyone who suffers material or immaterial damage caused by a violation of EU Reg. 2016/679 has the right to obtain compensation from the data controller only if it is proven that the latter has not fulfilled the prescribed obligations.
The data controller is exempt from liability if he proves that the harmful event is not in any way attributable to him. Data Controller
The data controller is identified in the person of the Professional who can be contacted at the email address email@example.com Consent to data processing
It is reiterated to the Customer/Visitor that the provision of consent to the processing of personal data in the manner and for the purposes described above is optional.
In the event of a refusal of consent, the professional will not be able to process personal data with the consequent impossibility of providing the requested services. Additional information
This site also makes use of the so-called Navigation cookies.
For more information about it, it is advisable to view the relative policy
Last updated January 2023