Privacy Policy

Dear User,

Pursuant to Art. 13 EU Regulation 2016/679 (hereinafter “GDPR”), we inform you that the processing of the data you provide will be carried out using methods and procedures aimed at ensuring that the processing of personal data is carried out in compliance with the fundamental rights and freedoms, as well as the dignity of the data subject, with particular reference to confidentiality and security, personal identity and the right to protection of personal data.

We would like to remind you that processing means any operation or set of operations, performed with or without the help of automated processes and applied to personal data or sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction (Art. 4 GDPR).

1) Object of processing

The data processed by Lido Azzurro Varedo S.r.L. refer to:

  • Automatically collected data. The computer systems and applications dedicated to the operation of this website detect, during their normal operation, certain data (the transmission of which is implicit in the use of Internet communication protocols) potentially associated with identifiable users. The data collected include the IP addresses and domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters concerning the operating system, the browser and the computer environment used by the user. This data is processed, for the time strictly necessary, for the sole purpose of obtaining statistical information on the use of the site and to check its regular operation. The provision of such data is compulsory as it is directly related to the web browsing experience.
  • Data provided voluntarily by the user. The processing of data provided by you by filling in forms is subject to your express and unequivocal consent, which you may give in the form-specific information.
    Your voluntary sending of e-mails to our e-mail addresses does not require any further information or request for consent.
  • Cookies. The site uses third-party technical cookies. The cookies operate in order to analyse the effectiveness of the site and make it easier and more intuitive to use over time. A separate cookie policy is available for more information (insert link to cookie policy).
2) Legal basis of processing

The legal basis for such processing is found in:

  • in his express and unequivocal consent (pursuant to Art. 6.1(a) of the GDPR);
  • in the legitimate interest of the data controller (ex Art. 6.1(f) of the GDPR).
3) Purpose of processing

Personal data and any changes that you communicate to the Controller in the future are collected and processed as a result of contractual obligations arising from the contract for the supply of products or services exclusively for the following purposes.

Response to enquiries:

  • response to requests received by e-mail or telephone;
  • management of correspondence and communications.

Improved browsing experience:

  • personal data are processed for the sole purpose of improving your browsing experience.
4) Modalities of treatment

The personal data you provide will be processed in compliance with the aforementioned legislation and with the confidentiality obligations that inspire the Controller's activity. The data will be processed both by computer and on paper or any other suitable support, in compliance with the appropriate security measures pursuant to Article 5(1)(f) of the GDPR.

Processing is limited to the following operations and in the following manner:

  • collection of data from the data subject;
  • recording and processing in computerised form;
  • organisation of archives in a predominantly automated form.

The data in question will not be disseminated, while they will or may be communicated to public or private entities operating within the scope of the purposes described above.

5) Data Retention

For the purpose referred to in point 3, the data collected will be kept for a period of time not exceeding the achievement of the purposes for which they are processed (“principle of limitation of storage”, Art. 5 GDPR).

6) Access to treatment

The data will be made accessible for the purposes set out in point no. 3:

  • employees/collaborators in their capacity as authorised processors, subject to appropriate appointment;
  • to third parties, partners of the data controller.
7) Data Communication

The data will not be disclosed to unauthorised third parties or disseminated in any way. To this end, processing is conducted with the use of appropriate security measures to prevent unauthorised access to the data by third parties and to guarantee confidentiality.
Without the need for express consent, the Controller may communicate your data for the purposes set out in point 3 to the following entities:

  • external collaborators and managers of the company entrusted with carrying out processing operations.
8) Data Transfer

The management and storage of personal data will take place on servers located within the European Union of the Data Controller and/or third party companies appointed and duly appointed as Data Processors.

Data will not be transferred outside the European Union.

In case of transfer of personal data outside the European Union, adequate security safeguards will be put in place. You can request further information in this regard and obtain a copy of the relevant safeguards by sending a request to the contact details provided by the Data Controller.

9) Nature of data provision and consequences of refusal to answer

The provision of data for the purposes set out in section 3.1 is mandatory if you wish to make contact with the Lido. In their absence, it will not be possible to proceed with taking charge of and answering your contact request.

The provision of data for the purpose referred to in point 3.2 is automatic as a function of the normal operation of navigation processes. Without such conferment, navigation would not be possible.

10) Rights of the data subject

According to the provisions of the GDPR, the data subject has the following rights vis-à-vis the data controller:

  • obtain confirmation as to whether or not personal data concerning him/her are being processed and, if so, to obtain access to the personal data (Right of Access Art. 15);
  • obtain rectification of inaccurate personal data concerning him/her without undue delay (Right of Rectification Art. 16);
  • obtain the deletion of personal data concerning him/her without undue delay, and the controller is obliged to delete personal data without undue delay if certain conditions are met (Right to be forgotten Art. 17);
  • obtain restriction of processing in certain cases (Right to restriction of processing Art. 18);
  • receive in a structured, commonly used and machine-readable format the personal data concerning him/her that he/she has provided and has the right to transmit these data to another controller, without hindrance from the controller to whom he/she has provided them, in certain cases (Right to data portability Art. 20);
  • object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her (Right to object art. 21);
  • receive without undue delay notice of the personal data breach suffered by the data controller (Art. 34);
  • withdraw express consent at any time (Conditions for Consent Art. 7).

Where applicable, in addition to the rights under Articles 16-21 GDPR (Right to rectification, Right to be forgotten, Right to restriction of processing, Right to data portability, Right to object), the data subject has the right to complain to the Data Protection Authority.

11) Methods of exercising the right

Data subjects who wish to exercise their rights may contact the data controller by email: info@piscinavaredo.it

12) Data Controller

The data controller is Lido Azzurro Varedo S.r.L. Viale Felice Rebuzzini 20, Varedo (MB) - P.I.00711020966.

The list of persons responsible for and authorised to process data can be consulted at the above-mentioned office of the data controller.

13) Updating this policy

This Information Notice is subject to change. Any substantial changes will be communicated to interested parties by means of a notice or publication on the company website.