Privacy Policy

Pursuant to Legislative Decree No. 196/2003 and Regulation (EU) 2016/679 (hereinafter referred to as the "Regulation"), this page describes the methods for processing the personal data of users consulting the website accessible by electronic means at the following address: https://www.farofuturo.it.
We inform the user that data relating to identified or identifiable persons may be processed following consultation of this site.
This information does not concern other sites, pages or online services that can be reached via hypertext links that may be published on the site.

Identity of the Data Controller

The data controller is Faro Futuro S.R.L., with registered office in Bari (BA) Via Massaua n. 18, (Email: info@farofuturo.it, PEC: farofuturo@legalmail.it, Tel.: +39 080/8657000).
(hereinafter also 'the Holder')

Data source and type of data collected

1) Data provided by the User

The Data Controller collects the personal data provided by users when sending a message using the contact channels and/or contact forms on the site. The optional and voluntary sending of messages to the contact addresses, as well as the filling in and forwarding of the forms present on the site, entails the acquisition of the sender's contact data necessary to provide feedback, as well as all the personal data included in the communications.

2) Navigation data

The Controller collects data relating to the use of the website by the user.
The computer systems and software procedures used to operate this site acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes the IP addresses or domain names of the computers and terminals used by the users, the URI/URL (Uniform Resource Identifier/Locator) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server and other parameters relating to the user's operating system and computer environment.
These data, necessary for the use of web services, are also processed for the purpose of:
- obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or per day, geographical areas of origin, etc.);
- monitor the proper functioning of the services offered.

Browsing data do not persist for more than seven days and are deleted immediately after their aggregation (except in the event of the need to ascertain criminal offences by the judicial authorities).

3) Cookies and other tracking systems

In order to make its services as efficient and user-friendly as possible, this Site makes use of cookies.
Therefore, when you visit the Site, a small amount of information is placed on your device as small text files called "cookies", which are saved in the User's web browser directory. There are different types of cookies, but basically the main purpose of a cookie is to make the Site work more efficiently and to enable certain functionalities.
For more information on the cookies used by this website, you can view the cookie policy at the following link: Cookie Policy.

Purpose of processing

Depending on the type of processing to be carried out, the Data Controller uses the data collected and/or provided by the User for the following purposes:
1) to respond to any communications, requests for information and/or services from users by sending a message using the addresses and/or contact forms on the site;
2) managing and controlling risks, preventing possible fraud, insolvency or default; preventing and managing possible litigation, taking legal action if necessary.

Legal basis for processing

With reference to the purposes set out in the preceding paragraph, the legal basis for these is:
1) the need to execute a contract to which the data subject is party or pre-contractual measures taken at the data subject's request;
2) the need to pursue the legitimate interest of the data controller (in particular with regard to the prevention of fraud and insolvency).

Data recipients

The personal data processed by the Controller are not disseminated, i.e. they are not made known to unspecified persons, in any possible form, including making them available or simply consulting them.
They may, on the other hand, be disclosed to workers employed by the Controller as they work under the Controller's authority. On the basis of the roles and work tasks performed, these workers have been authorised to process personal data, taking into account their respective competences and in accordance with the instructions given to them by the Controller.
The Owner has engaged third-party service providers in connection with the operation of the website, such as hosting service providers, IT maintenance service providers, as well as service providers that enable the integration of other functions into the website that the user may use at his or her discretion.
These service providers, designated as data processors, are only provided with the personal data necessary to provide the corresponding services and are not permitted to use or disclose the personal data of data subjects for other purposes without the prior consent of the data subject.
Lastly, the data may be communicated to the subjects entitled to access them by virtue of provisions of the law, regulations, EU rules.

Data Transfer

Under no circumstances does the data controller transfer personal data to third countries or international organisations.

Data Retention
The Data Controller stores and processes personal data for the time necessary to fulfil the stated purposes. Thereafter, personal data will be stored and not further processed, for the time stipulated by current civil and tax law provisions.
- In the event of any litigation, the data collected will be retained for the duration of the litigation, until the time limit for appeals is exhausted.

It should also be added that, in the event that a user provides the Data Controller with personal data that is not requested or is not necessary for the performance of the service requested or for the provision of a service that is strictly connected to it, Faro Futuro S.R.L. cannot be considered the owner of this data, and will delete it as soon as possible.

Rights of the data subject

With regard to the data subject to processing as set out in this information notice, the data subject is entitled at any time to
- to request from the Controller access to your personal data and information relating to them (Art. 15 of the GDPR); rectification of inaccurate data or integration of incomplete data (Art. 16 of the GDPR); deletion of personal data relating to you (if one of the conditions set out in Art. 17(1) of the GDPR occurs and in compliance with the exceptions set out in paragraph 3 of the same article); restriction of the processing of your personal data (if one of the cases set out in Art. 18(1) of the GDPR occurs);
- request and obtain from the Controller - in cases where the legal basis of the processing is a contract or consent, and the processing is carried out by automated means - your personal data in a structured, machine-readable format, also for the purpose of communicating such data to another data controller (so-called right to personal data portability - Article 20 of the GDPR);
- object at any time to the processing of your personal data in the event of special situations concerning you (Article 21 of the GDPR).

The appropriate application is submitted by contacting the Holder by PEC at farofuturo@legalmail.it, e-mail at info@farofuturo.it or registered letter with return receipt to the address Bari (BA) Via Massaua n. 18.
If the data subject considers that his or her data is being processed in breach of the provisions of the Regulation, he or she may lodge a complaint with a supervisory authority (Autorità Garante per la protezione dei dati personali - www.garanteprivacy.it), as provided for in Art. 77 of the GDPR, or take appropriate legal action (Art. 79 of the GDPR).

Refusal to provide data

In the event that the Data Subject does not provide the data identified as necessary for the performance of the service requested, the Data Controller will not be able to carry out the processing linked to the management of the aforesaid service, nor the fulfilments that depend on it.

Automated decision-making processes

The Controller does not carry out processing operations consisting of automated decision-making processes on the data of natural persons.