Information regarding the processing of personal data
This page explains this site’s management procedures in relation to processing the personal data of users who visit the webpage. This information is provided in accordance with current legislation on personal data for users who interact with the services of this site in the framework of the 2016/679 EU Regulation. This information is provided only for this site and not for other websites accessed via our links.
As a consequence of the use of the Web Site, personal information concerning identified or identifiable people might be collected and processed. ANDROMEDA TECHNOLOGIES LTD, based in Malta, Vision Exchange Building, Territorials Street, Mriehel, Birkirkara, BKR 3000 (below called “Controller”), manager of Discountone.net site (below called “Site”), as controller of personal data relating to users who use the site (below called Users), guarantees the protection of personal data in accordance with art. 13 of EU 679/2016, Regulation of the European Parliament and of the Council on 27 April 2016 relating the protection of people with regard the process of personal data and free movement of this data.
Employees of Controller and/ or people in charge of the management of personal data can know personal data of the Users.
These people, designated by the responsible for the treatment of data as data controllers, will process the data of the Users only for the purposes specified in this Policy and in accordance with the legislation.
Third parties that process personal data on behalf of Controller can know the personal data of Users as “External Subcontractors”, such as suppliers responsible for sending email on behalf of Controller.
The External Subcontractor of data is:
Adhoc Digital S.r.l. Unipers. located at Ospitaletto (BS), street San Rocco 1/A, 25035, VAT n. 04154690988
Location of data processing
Data related to web services is only handled by technical staff in the Office in charge of data, or by persons in charge of occasional maintenance operations. No data deriving from the web service shall be forwarded or disseminated.
Purpose of the data and legal basis of the data
Personal data provided by users who request or intend to use services or products offered through the site, or who receive further specific content, is only used to respond to requests or perform the service or provision requested and is only disclosed to third parties where this is necessary for said purpose. The legal basis of this data is the need to respond to the requests of the interested parties or to carry out activities foreseen by the agreements defined with the interested parties.
Apart from these situations, users’ browsing data is only kept for the time strictly necessary to manage the processing activities within the limits established by law.
Types of data processed
The computer systems and software procedures used to operate the site acquire some personal data during their normal operation and whose transmission is implicit in the use of Internet communication protocols. It concerns information that is not collected to be associated with specific individuals, but by their own very nature could, through the processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI addresses (Uniform Resource Identifier) of requested resources, the time of the request, the method utilised to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters related to the operating system and users. This data is used only to obtain anonymous statistical information on the Site and to check its correct functioning and is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site.
Data provided voluntarily by the user
The elective, explicit and voluntary sending of e-mail messages to the addresses posted on the Site entails the subsequent acquisition of the sender address, as well as of any other personal information included in the message. Specific summary information dedicated to particular services on request will be provided or displayed on the website pages.
The term cookies refers to textual elements that are inserted into the hard drive of a computer only after approval. Cookies have the function to streamline the analysis of traffic on the web or to report when a site is visited and allow web applications to send information to individual users. This website does not intentionally collect any personal data about users. No cookies are used for transmitting personal information, not even persistent cookies, or systems for tracking the users. The use of session cookies is strictly limited to the transmission of session identifiers (formed by random numbers generated by the server) necessary for the safe and efficient navigation of the website. Session cookies used on this site avoid using other computerised techniques, which could potentially affect the user’s privacy when browsing.
Optional provision of data
Apart from navigation data, as specified, the user is free to provide personal data in order to request the services offered by the Controller. Failure to provide personal data may make it impossible to obtain the service requested.
Processing methods and data retention times
Personal data is processed through automated systems for the time that is strictly necessary to attain the purposes for which it has been collected. Specific safety measures are in place to prevent loss of data, illegal or improper use and unauthorised access.
Data is kept only for as long as is strictly necessary for the fulfilment of the purposes.in this statement and will be deleted at the end of this period unless it must be kept for legal obligations or to enforce a legal claim.
Rights of the interested parties
Within the limits and under the conditions established by law, the controller is obliged to respond to the requests of the interested party regarding their personal data. In particular, based on the current legislation:
- The interested party has the right to obtain confirmation from the data controller whether they are or are not processing personal data concerning him and if so, to obtain access to the personal data and the following information:
- the purposes of the processing;
- the categories of personal data in question;
- the recipients or categories of recipients to whom the personal data has been, or will be, forwarded, in particular if there are recipients in third countries or international organisations;
- whenever possible, the retention period of the personal data provided or, if not possible, the criteria used to determine this period;
- the existence of the right to request that the data controller changes or deletes personal data or to oppose the processing of personal data concerning the data subject;
- the right to lodge a complaint with a supervisory authority;
- if the data is not collected from the data subject, all information available as to its origin;
- the existence of an automated decision-making process, including profiling
- The data subject has the right to obtain from the data controller the correction of inaccurate personal data concerning him without undue delay. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data integrated by providing an additional declaration.
- The data subject has the right to have the data controller delete any personal data concerning him without undue delay and the data controller is obliged to erase the personal data without undue delay within the limits and in the cases provided for by current regulations. The data controller shall forward the eventual corrections or cancellations or limitations of the processing to each of the recipients to whom the personal data has been transmitted within the limits and in the forms provided for by the current regulations.
- The interested party has the right to obtain the data limitation from the data controller.
- The data subject has the right to receive, in a structured, commonly used and automatically readable format, the personal data concerning them that has been provided to a data controller and has the right to transmit such data to another data controller without impediments on the part of the data controller providing the data.
To exercise the rights listed above, the interested party must submit a request using the following contact methods, which can also be used to contact the Data Protection Officer.
Requests should be sent to the Data Controller at the following address: email@example.com; the data protection officer designated by the Data Controller may also be contacted.
The current version of the information regarding the processing of personal data was updated on 01 March 2019.