Privacy Policy and information pursuant
to art. 13 of EU Regulation 2016/679

Nature of data provision

The personal data requested are collected by Ravenna Civitas Cruise Port Srl and processed on IT supports, in order to satisfy requests for contact and information. The provision of data is mandatory as it is necessary for the performance of the requested services.

Data controller

Ravenna Civitas Cruise Port Srl, with headquarters in Ravenna, Viale Sergio Cavina n. 19, P. Iva 02699270399 is the Data Controller pursuant to and by effect of EU Reg. 2016/679.

Responsible for processing and data protection

The personal data of Users may be disclosed to third parties who may process personal data on behalf of the Data Controller as “External Data Processors”, such as, by way of example, IT service providers functional to the company’s operations, suppliers of outsourcing or cloud computing services, professionals and consultants.

Users have the right to obtain a list of any data processors appointed by the Data Controller, by making a request to the Data Controller in the manner indicated below.

Purpose of the treatment

The data provided will be retained by the Data Controller for the following purposes and in compliance with EU Regulation 2016/679 (GDPR):

  1. install technical and analytics cookies on the user’s device;
  2. make the data available to third parties for purposes instrumental to what is strictly necessary to implement the services requested by the interested party or to implement legal provisions;
  3. use the data provided for personnel selection purposes;
  4. manage user data to provide feedback;
  5. execute requests to exercise the rights of the data subject;
  6. ensure correct and lawful processing of data, safeguarding confidentiality, also by applying suitable security measures.

The forms to be filled in provide data that are strictly necessary to adhere to what is of interest and the failure to provide which does not allow the request to be processed, but also data for optional provision. Mandatory data are generally marked with an asterisk.

All treatments carried out within this site will be carried out with electronic or telematic tools, with logics related to the purposes for which the data were collected and in compliance with current safety standards, for the specified purposes.

Data Recipients

For purposes related to the provision of the service to which the interested party has subscribed, the data will be made available to third parties, who will act as data processors, and who provide services instrumental to satisfying the user’s request (for example, consultants of labour, banking institutions, professionals in the administrative/accounting field) or to whom the communication of data is necessary to comply with laws or regulations or community legislation (for example, public bodies). They may also be made available to law enforcement agencies (e.g.: prevention and repression of crimes, including computer crimes), the judiciary, authorities and public bodies competent for individual matters for their institutional activities or in case of asserting or defending their own rights in court. The list of names of these third parties can be requested directly from the Data Controller in the ways specified in this privacy policy.

Personal data will be made available to persons expressly authorized by the Data Controller – and appointed for this purpose in charge of processing – who carry out processing activities essential for the pursuit of the aforementioned purposes; the categories of persons in charge are specified from time to time in the information. In general, these are the people in charge of providing specific services, administration, management of information services, relations with actual and potential associates.

The data provided will not be transmitted outside the Community territory.

Storage period

Based on the purposes identified, the following data retention periods are defined:

  1. installation of technical cookies and analytics on the user’s device: as per the cookie policy (attach the cookie policy link. a) storage of user preferences regarding cookies ???? day
  2. make the data available to third parties for purposes instrumental to what is strictly necessary to execute the services requested by the interested party or to implement legal provisions: up to the request for cancellation by the user or for the periods identified by the legal regulations;
  3. execute requests to exercise the rights of the interested party: up to 10 years from collection.

The retention times of personal data are documented in our records of processing activities.

 

Rights of the interested party

The following rights of the interested party are guaranteed:

– Right to access data (Article 15 of EU Reg. 2016/679)

– Right of rectification (Article 16 of EU Reg. 2016/679)

– Right to cancellation (Article 17 of EU Reg. 2016/679)

– Right of limitation (Art. 18 EU Reg. 2016/679)

– Right to data portability (Art. 20 EU Reg. 2016/679)

– Right to object (Article 21 of EU Reg. 2016/679)

The interested party, if the acquisition of data by the owner took place following the release of consent, has the right to withdraw consent at any time.

Furthermore, if the interested party considers one or more of his rights violated, he can lodge a complaint with the Privacy Guarantor Authority.
It should also be noted that automated decision-making processes are not used by the Data Controller.

All the above rights can be exercised, at any time and without charge, by writing to accounting@rccp.it.

Personal data security

The security standards used by the Data Controller to make your personal information private and confidential, including “firewalls” and data transmission via SSL (Secure Socket Layer), are the highest in the state of the art. Furthermore, specific techniques are used to protect this data from unauthorized access by third parties. In any case, the minimum security measures indicated by the Privacy Code and subsequent amendments are guaranteed.

You can check if you are operating in safe mode in several ways:

  • receiving a warning message from your browser;
  • checking that the address of the page where you are is preceded by the acronym Https;
  • checking the symbol that appears at the bottom, left or right, of your browser window: if you see an entire key or a closed padlock, it means that SSL is active.

In any case, the Data Controller adopts suitable and preventive security measures aimed at safeguarding the confidentiality, integrity, completeness and availability of personal data. As established by the regulatory provisions governing the security of personal data, technical, logistic and organizational measures are developed which aim to prevent damage, loss, even accidental, alteration, improper and unauthorized use of data. Similar preventive security measures are adopted by third parties (data processors) who are entrusted with data processing operations on our behalf and towards whom the Data Controller has dictated rules of conduct and instructions of security procedures to be followed, supervising the correct implementation of the same by the managers.

The Owner is not responsible for untruthful information sent directly by the user (example: correctness of the e-mail address or postal address or other personal data), as well as for information concerning him and which has been provided by a subject third, even fraudulently.

Navigation dat

The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified users, but which by their very nature could, through processing and association with data held by third parties, allow the users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) ​​notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given byserver (successful, error or similar) and other parameters relating to the user’s operating system and IT environment. These data are used only to obtain anonymous statistical information on the use of the site and to check its correct functioning and are canceled immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site.