Information on the processing of personal data
with this privacy statement we wish to provide you with information about the
processing of your personal data carried out by Zappalà S.p.A., in the person of
legal representative pro tempore, with registered office in via Ardichetto s.n. CAP 95019
Zafferana Etnea (CT), and the measures set up to guarantee the safety of
themselves. We remind you that by personal data we mean any information that,
directly or indirectly, is referred to or can be referred to his person.
The legal basis on which data protection is based is in particular the
Regulation (EU) n.679 / 2016 – General Data Protection Regulation
(GDPR), by Legislative Decree no. 196 of 30 June 2003 (“Privacy Code”), by Legislative Decree no. 10 August
2018 n.101 (Provisions for the adaptation of national legislation to
provisions of Regulation (EU) 2016/679), as well as Recommendation n.2 of
17.05.2001 relating to the “minimum requirements for online data collection in the Union
European Union “adopted by the” Article 29 Working Group “, replaced in 2018 by the
European Data Protection Board.
The processing of personal data by Zappalà S.p.A. occurs later
access to the site http: //www.zappalà.it/ by virtue of which the device you have
used and our server exchange information, which they can also
concern personal data. The information thus collected is used, among other things, for
optimize our site and for the purposes referred to in this statement.
The information is provided only for the http: //www.zappalà.it/ site and not for other sites as well
web possibly consulted by the user through links contained therein.
The information may undergo changes for the introduction of new rules in
privacy matters, therefore we invite you to periodically check this
Holder of the treatment
The treatment, which is the natural or legal person, public authority,
service or other body which, individually or together with others, determines the
purposes and means of processing personal data, as well as security profiles, is
Zappalà S.p.A., in the person of its pro tempore legal representative, with registered office in
via Ardichetto s.n. CAP 95019 Zafferana Etnea (CT). For any clarification or for
to exercise your rights, you can write to the following dedicated e-mail address:
Subject of the Treatment
The functioning of this website involves the use of IT systems and
software procedures that acquire, during their exercise, some personal data
concerning web browsing, the transmission of which is implicit in the use of the protocols of
internet communication. This is information that is not collected to be
associated with identified interested parties, but which by their very nature could,
through processing and association with data held by third parties, allow to
identify users (e.g. IP addresses, addresses in URI – Uniform Resource notation
Identifier – of the resources requested, etc.), and other parameters relating to the user’s operating system and IT environment. This data is used at
only to check the correct functioning of the site and extract information
anonymous statistics on the use of the site and are deleted later
processing. The Zappala S.p.A. has a legitimate interest in pursuing these purposes,
for which data processing (within the limits indicated) is necessary.
In particular, the Owner deals with:
– personal data, directly and voluntarily provided by you when using the
website, or while using a service or feature of the same
– personal data whose transmission is connected to the use of the
internet communication (access to the web page, quantity of data transferred,
logins occurred, session ID numbers, IP addresses, URL addresses, etc.).
Purpose of the treatment
Personal data are processed for the following purposes (art.6, paragraph 1, GDRP):
– make the functionality of the website usable, provide a service or one
functionality of the same website. The legal basis of the treatment la
supply, execution of services and features;
– guarantee the technical functioning of the website, services and functionalities
of the same. The legitimate interest constitutes the legal basis of the processing
of the Data Controller to ensure the correct technical functioning of the
services and features;
– respond to user questions and requests. It constitutes a legal basis
of the treatment answer questions and requests spontaneously
formulated by the user to the Data Controller;
– comply with legal obligations, court proceedings or orders from the
Authority. The fulfillment of obligations constitutes a legal basis for processing
provided by law, by regulation, by community legislation or by an order
– legitimately protect the operations, privacy, security, properties of the
Data Controller, allowing the Data Controller to exercise his rights.
The legitimate interest of the Data Controller constitutes the legal basis of the processing a
protect yourself legally and exercise your rights.
In the processing of personal data which can, directly or indirectly,
identify his person, we respect the principle of strict necessity. For such
reason, our website is set up in such a way that the use of personal data is
reduced to a minimum and so as to limit the processing of personal data that
allow to identify it only in case of need or at the request of the Authorities e
of the police force, or to ascertain responsibility in the event of crimes
IT damage to our website.
Processing methods and retention period
The processing of personal data can take place both through IT systems and
automated processes, both in manual mode. It will be about methods and tools
suitable to guarantee security and confidentiality through the use of suitable procedures
that avoid the risk of loss, unauthorized access, illicit use and dissemination.
The processing of personal data is carried out pursuant to art.4, paragraph 1, n.2 of the
GDPR, or any operation or set of operations, carried out with or without
the aid of automated processes applied to personal data or data sets
personal, such as collection, registration, organization, structuring, the
storage, adaptation or modification, extraction, consultation, use,
communication by transmission, diffusion or any other form of commissioning
provision, comparison or interconnection, limitation, cancellation or
The processing of personal data will be based on principles of correctness, lawfulness and
transparency and will be kept only for the time strictly necessary for
achievement of the purposes for which they were collected and processed, in accordance with
law and as indicated above, except in cases where the current legislation does not
requires data retention for longer periods.
In cases where you decide to cancel your account on the site
http: //www.zappalà.it/ personal data will be kept only for the purpose of
administrative character, except for other needs for which their further
maintenance is granted or required by specific legal provisions.
Who will process your personal data
Your personal data may be made accessible, for the purposes indicated above, to
– Zappalà S.p.A. with registered office in via Ardichetto s.n. CAP 95019 Zafferana
Etnea (CT), by its employees, collaborators and suppliers, in their capacity as
managers or processors;
– subjects and authorities whose right of access to personal data is expressly
recognized by law, by regulations, by community regulations or by
measures issued by the competent authorities, as well as all others
subjects to whom communication is mandatory by law. These recipients, a
depending on the circumstances, they will process personal data as owners,
managers or processors;
– any other third party service providers, appointed as managers of the
treatment, the list of which will be regularly updated and made available
available by contacting Zappalà S.p.A..
Rights of the interested party
The GDPR recognizes the following rights to the interested party:
– art. 15, right of access: obtain confirmation from the Data Controller
whether or not data processing is in progress and in this case obtain access
to personal data and other related information;
– art. 16, right of rectification: obtain the rectification of the
inaccurate personal data concerning him or the integration of personal data
– art. 17, right to erasure (“right to be forgotten”): obtain from the owner of
processing the deletion of personal data if one of the reasons exists
provided by the GDPR;
– art. 18, right to limitation of treatment: obtain from the Data Controller
treatment the limitation of treatment when one of the hypotheses occurs
provided by the GDPR;
– art. 20, right to portability: receive in a structured, usable format
common and readable by automatic device the personal data concerning
the interested party, provided to a Data Controller and has the right to transmit
such data to another Data Controller without hindrance by the
Holder of the treatment;
– art. 21, right to object: object, in whole or in part, to the processing of
– art. 22, automated decision making: oppose a decision based
only on automated processing.
Methods for exercising rights
You can exercise your rights at any time by contacting the Data Controller
treatment in the following ways:
– by e-mail to the address firstname.lastname@example.org;
– by registered letter with return receipt Zappalà S.p.A., via Ardichetto s.n. CAP 95019 –
Zafferana Etnea (CT).
If the interested party believes that the data has been processed in violation
of Regulation (EU) n.679 / 2016, without prejudice to any other administrative appeal or
jurisdiction, pursuant to art. 77 of the Regulation, can lodge a complaint
to the supervisory authority. In Italy, this function is performed by the Guarantor for the protection of personal data, to which reference is made for any information to the official website
of the Authority https://www.garanteprivacy.it/.
All promotional initiatives attributable to Zappalà S.p.A. they are exclusively
those published on our official channels. Should you receive by other ways,
promotional messages, we invite you to report it promptly as it
it could be false initiatives aimed at harming your privacy.
Changes to this information
This information is subject to change. We recommend checking
regularly this information and refer to the most updated version.
The Data Controller
Last revised April 17, 2020
Information on the use of “cookies”
What are cookies?
Cookies are small data files that the browser loads on the User’s computer or device. Cookies help the browser to browse websites, but can not collect any information stored on the computer or in the User’s files.
When the server uses a web browser to read cookies, these can cause the website to provide a more user-friendly service. To protect the User’s privacy, the browser allows the website to access only the cookies that it has already sent to it.
Types of cookies
• strictly necessary cookies. These cookies are essential for the proper functioning of the sites of the owner and are used to manage the login and access to the reserved functions of the site. The duration of cookies is strictly limited to the work session (closed the browser are deleted). The public part of the Data Controller’s websites remains normally usable.
Analysis and performance cookies. These cookies are used to collect and analyze the traffic and use of the site anonymously. These cookies, even without identifying the user, allow, for example, to detect if the same user returns to connect at different times. They also allow you to monitor the system and improve its performance and usability. The deactivation of these cookies can be performed without any loss of functionality.
For some of the features that are active on the Zappalà website, we use third-party providers who may use their own cookies.
A notable example is the presence of “social plugins” for Facebook, Twitter and LinkedIn. These are parts of the page visited generated directly by the aforementioned sites and integrated into the page of the host site. The most common use of social plugins is aimed at sharing content on social networks.
The presence of these plugins involves the transmission of cookies to and from all sites managed by third parties. The management of the information collected by “third parties” is governed by the relative information to which reference is made.
How to refuse and delete cookies?
Type of cookie
Monitoring conversions Facebook Ads (Facebook, Inc.)
Tracking conversions of Facebook Ads is a statistics service provided by Facebook, Inc. that connects data from the Facebook ad network with the actions performed within this Application. Personal data collected: cookies and usage data.
Facebook information: https://www.facebook.com/help/cookies/
Facebook (configuration): log in to your account. Privacy section.
Place of processing: USA.
Google Analytics (Google)
Google Analytics is a web analytics service provided by Google, Inc. (“Google”) that uses “cookies” through which it collects User Data that is transmitted and stored at Google’s servers in the United States. Google uses this information for the purpose of tracking and examining the use of the Website, compiling reports and providing other services relating to the activities of the Website. Google may use the Data to profile the User and carry out promotional transactions in relation to products and / o services distributed by Google or by third parties.
For more information: https://www.google.it/policies/privacy/partners/
The user can selectively disable the action of Google Analytics by installing on his browser the opt-out component provided by Google. To disable the action of Google Analytics, please refer to the link below: https://tools.google.com/dlpage/gaoptout
Place of Treatment: USA.
Tracking conversions of Google AdWords (Google Inc.)
Google AdWords Conversion Tracking is a statistics service provided by Google Inc. that links data from the Google AdWords ad network with actions taken within this Application.
Personal data collected: cookies and usage data.
Place of processing: USA
MailChimp (The Rocket Science Group, LLC.)
MailChimp is an address management and emailing service provided by The Rocket Science Group, LLC. Personal data collected: email.
Place of processing: USA
Place of processing: Malta
Duration of cookies
Some cookies (session cookies) remain active only until the browser is closed or when the logout command is executed. Other cookies “survive” when the browser is closed and are also available in subsequent visits by the user. These cookies are called persistent and their duration is set by the server when they are created. In some cases a deadline is set, in other cases the duration is unlimited. The owner does not use persistent cookies.
However, browsing the pages of the website of the Owner, you can interact with sites operated by third parties who can create or modify persistent cookies and profiling.