This website processes data based on user consent. By using or browsing this website, visitors and users explicitly approve this privacy policy and consent to the processing of their personal data in accordance with the methods and purposes described below, including any disclosure to third parties if necessary to provide a service.

Providing data and, therefore, consent to the collection and processing of data is optional. The user may refuse consent and may revoke consent already given at any time by sending an email to: info@itacaporto.com.

However, refusing consent may result in the inability to provide certain services, and the browsing experience on the site may be compromised.

As of May 25, 2018 (the effective date of the GDPR), this website may process some data based on the legitimate interests of the data controller.

Like all websites, this site uses log files in which information is automatically collected during user visits. The data collected may include:

– IP address;
– Browser type and parameters of the device used to connect to the site;
– Name of the Internet Service Provider (ISP);
– Date and time of visit;
– Referring and exit web pages;
– Country of origin;
– Possibly the number of clicks.

The data and information collected are used for the following purposes:

– Exclusively in aggregated and anonymous form, to verify the proper functioning of the site. None of this information is related to the physical user of the site and does not allow for identification in any way (as of May 25, 2018, such data is processed based on the legitimate interests of the data controller);
– For security purposes (antispam filters, firewalls, virus detection), automatically recorded data may include personal data such as the IP address, which could be used — in compliance with applicable laws — to block attempts to damage the site or harm other users, or otherwise harmful or criminal activities. These data are never used to identify or profile the user, nor are they combined with other data or provided to third parties, but are used solely to protect the site and its users (processed on the basis of the data controller’s legitimate interest as of May 25, 2018);
– To communicate data to third parties that perform functions necessary or instrumental to the operation of the service, such as managing comments on the site.

If the site allows users to post comments, or in the case of specific services requested by the user (e.g. via the Contact section), the site automatically detects and records some personal identifying data, including the email address and nickname. These data are voluntarily provided by the user at the time of requesting the service and are processed based on consent. By posting a comment or other information, the user expressly accepts this privacy policy and, in particular, consents that the content entered may be publicly visible to other visitors.

The data received will be used exclusively to provide the requested service and only for the time necessary to provide it.

Any information that users choose to make public through the tools and services made available on the site is provided knowingly and voluntarily, exempting this site from any liability regarding any violations of the law. It is the user’s responsibility to ensure they have permission to share personal data of third parties or content protected by national and international regulations.

If comments are managed through an external service, please refer to the privacy policies of that service.

The data collected by the site during its operation are used solely for the purposes stated above and are retained only for the time strictly necessary to carry out the specified activities. In any case, personal data collected by the site will never be disclosed to third parties for any reason, unless it is a legitimate request by judicial authorities and only in cases provided by law. However, data may be shared with third parties if necessary to provide a specific service requested by the user (e.g. comment management), or for security or site optimization checks.

Pursuant to European Regulation 679/2016 (GDPR) and Article 7 of Legislative Decree No. 196 of June 30, 2003, the User may, within the procedures and limits provided by current legislation, exercise the following rights:

– Object, in whole or in part, for legitimate reasons, to the processing of their personal data for the purpose of sending advertising materials, direct sales, market research, or commercial communications;
– Request confirmation of the existence of personal data concerning them (right of access);
– Know the origin of the data;
– Receive intelligible communication of such data;
– Obtain information about the logic, methods, and purposes of processing;
– Request the updating, correction, integration, deletion, anonymization, or blocking of data processed in violation of the law, including data no longer necessary for the purposes for which it was collected;
– In cases where processing is based on consent, receive their data provided to the controller, at the cost of any technical support only, in a structured, machine-readable format commonly used by electronic devices;
– File a complaint with the Supervisory Authority (Italian Data Protection Authority – link to the Garante page);
– More generally, exercise all rights recognized by current legislation.

If data is processed based on legitimate interest, the rights of the data subjects are still guaranteed (except for the right to data portability, which is not applicable in such cases), particularly the right to object to processing, which can be exercised by sending a request to the Data Controller.

All requests must be addressed to the Data Controller.

Data Controller