Version 1.0 (July, the 6th 2015)
1. PURPOSE AND METHODS OF DATA USE
- Data is processed for purposes related, or necessary, to provide access to the aforementioned site and, in particular:
- to provide a service (including, but not limited to, to provide the User with access to this website). To this end, data may be disclosed to third parties whose collaboration with the SACA can and/ or will be used to achieve the aforesaid aims;
- to comply with legal obligations;
- data will also be used for internal management and general operational purposes related to the products and services offered by the SACA.
- If explicit and optional consent is provided, the data will be used for marketing and/or promotional purposes, which includes print or electronic advertising material regarding services and/or products offered by the SACA. For further information and details, see Article 5.
- Data will be processed legally and correctly, and used only for the purposes outlined in the preceding paragraphs; for further details see also Article 5. Data will be treated securely and confidentially, and may be processed using manual and automated tools suitable for recording, managing and transmitting such data. The data will be stored for the time prescribed by law.
2. NATURE OF DATA PROVISION AND CONSEQUENCES OF A REFUSAL
- Consent to the processing of personal data for the purposes of Article 1, paragraph 1, section A B and C is required only for the purposes specified herein. For example, a refusal to the use of data may prevent the use of the website with full functionality (cookies) or to receive advertising materials (Article 1, paragraph 2). The User will be informed of the consequences of a refusal depending on the circumstances of each individual case, without prejudice to what is stipulated in this policy.
- Consent to the processing of personal data for the purposes of Article 1, paragraph 2, is optional. Failure to provide data has no prejudicial consequences for the User, unless otherwise indicated prior to consent being provided by the User (e.g. refusal to provide the requested personal data may prohibit access to certain services such as the "newsletter").
3. DATA CONTROLLER
As a result of use of the website and its services, personal information concerning identified, or identifiable people, may be collected and processed. The "data controller" responsible for the protection of this personal data is SACA Società Cooperativa a.r.l - VAT IT00632770376 - Reg. Impr. Bo n.20030 - R.E.A.n.213640 – Address: Via del Sostegno n° 2 ZIP: 40131 Bologna - Italy, phone 051 63.49.400 – fax 051 63.49.469 – email firstname.lastname@example.org.
4. PLACE WHERE DATA IS PROCESSED
The processing of data involved in the provision of services relating to this website is carried out at the headquarters of SACA and, subject to explicit exceptions, is only handled by its technical personnel who are involved in data processing. The website is hosted by Infracom Italia SpA, No. 12 Piazzale Europa, Verona (ZIP code 37135); Infracom is responsible for ensuring compliance with relevant legislation. Data collected via the website, or otherwise arising from the provision of services through the website, may be disclosed to key partners whose collaboration is necessary for the provision of services required by Users/visitors/customers. The SACA will, in any event, ensure compliance with the legislation in force.
5. CATEGORIES OF PROCESSED DATA/ SPECIFIC PROCESSINGS
Different types of personal data may be processed and treated differently, depending on the services rendered. The specific treatment for each type of data can be found in this article.
5.1 Navigation data
The information systems and software procedures used to operate this web site acquire personal data as part of their standard functioning. Such information is not collected in order to relate it to identifiable data subjects, however, it may allow User identification after being processed and matched with data held by third parties.
This data category includes the: IP addresses or names of computer domains used by visitors who access the website; URI (Uniform Resource Identifier) addresses of the requested resources; time of request; method used to submit the request to the server; size of the file obtained in response; numerical code indicating the status of the response from the server; and other details relating to the operating system and the information environment of Users. This data is used only to obtain anonymous statistical information about the website and check its correct functioning, and is deleted immediately after processing. This data may also be used to ascertain responsibility in the case of possible computer crimes against the website. Excepting this, data on web contacts is not stored for more than seven days. As for cookies, please refer to paragraph 5.3.
5.2.1 Data supplied voluntarily by the User (messages, login to restricted area, WeTransfer service)
The voluntary and explicit submission of personal data, and/or sending of emails, to the contact addresses on this website will entail the subsequent acquisition of the sender’s address, in order for us to reply, and of any other personal data entered in any request form, or otherwise supplied by the site User for
- send request trough forms in the contact page or similar (i.e. by email)
- requesting access credentials,
- book tickets for bus lines.
5.2.2 Data supplied voluntarily by the User (advertising materials)
Users can voluntarily provide personal information to SACA to receive print or electronic advertising material. Each message includes a notice that its recipient can object, on request and without formalities, to such processing of personal data. Data subject can request Data Controller to erase or anonymize his/her personal information.
What is a cookie?: Cookies are made up of information stored by the browser when you visit a website using a PC, smartphone or tablet. Each cookie contains several pieces of data (e.g. the name of the server from which it originates, a numeric identifier, etc.). Cookies can remain in the system for the duration of a session (until the closing of the browser), or for long periods, and may contain a unique identifier.
What are they used for?: Cookies are used for different purposes, depending on their type: some are strictly necessary for the correct function of the website (technical cookies), whereas others optimise performance in order to provide the User with a better experience while they are visiting the website. In addition, cookies allow website usage statistics to be obtained, such as cookies analytics; others are for the purpose of displaying advertisements (in some cases advertisements are targeted based on cookie profiling).
How can you disable them?: You can disable cookies either through your browser settings (paragraph 5.3.3. "How to disable cookies?"), or through the mechanisms made available by a third party (paragraph 5.3.2 "Specific types of cookies used on the site").
5.3.1 General types of cookies used on the website
Technical cookies (first party): these are essential for the proper operation of this.
Analytics cookies (third party): are used for aggregate analysis of visits to the site, by means of a third party service.
5.3.2 Specific types of cookies used on the website
First party cookies: only technical cookies are used and only for the following purposes:
- storing User’s cookie consent (duration: 12 months);
- Set the current store (duration: session);
- managing each session, including login to the restricted area, and making the website work properly (duration: session);
- grant the proper functioning of the booking phases (duration: session);
- storing language preferences (duration: session);
Analytics cookies (third party): they are used for aggregate analysis of visits to the site (masking each IP address), by means of a third party service (“Google Analytics”), provided by Google Inc.. For further information about the aforementioned cookies and, where possible, disabling them, see:
The following services do not require nor install cookies when using this website:
5.3.3 How to disable cookies?
Control via browser: The browsers commonly used (e.g. Internet Explorer, Firefox, Chrome, Safari) accept cookies by default, but this can be changed by the User at any time. This applies to both PCs and mobile devices like tablets and smartphones, and it is a function generally and widely supported.
Therefore, cookies can easily be disabled or turned off by accessing the browser’s options or preferences, and usually third-party cookies can also be blocked. As a general rule, these options will only have an impact on that browser and on that device, unless there are active options to synchronize the preferences on different devices. Specific instructions can be found on the Options page or Help page of the browser itself. Disabling technical cookies, however, may affect the full and/ or optimised functioning of different sites.
Normally, browsers used today:
- Offer the "Do not track" option, which is supported by some websites (but not all). Thus, these websites are no longer able to collect certain navigation data;
- Offer the option of anonymous surfing or incognito mode: in this way, data will not be collected in the browser and browsing history will not be saved, but the navigation data may still be acquired by the operator of the website that was visited;
- Allow the deletion of cookies stored in whole or in part, but after visiting a website again they are usually installed, where such possibility is not blocked.
Below are links to the support pages for the most popular browser (with instructions on how to disable cookies on these browsers):
Third-party cookies: these may be disabled either using the methods described above, or by referring to each third party (following the links listed in the previous paragraph).
On-line tools: in order to opt-out of a large number of businesses please visite the following website: http://www.youronlinechoices.com/.
The SACA newsletter is sent by email to those who request it explicitly, by filling out the form on this website, and thereby authorising SACA to the processing of personal data for the abovementioned purpose.
Consent: The provision of data is required only in order to receive the newsletter. Refusal to provide this data prohibits the use of the newsletter service; there are no other consequences.
Purpose: The personal information provided by Users is used only to send the newsletter, and will not be disclosed to third parties.
Method of processing: The data collected is processed by computer. Appropriate security measures are taken to prevent data loss, illicit and improper use, or unauthorised access.
Service cancellation: Users that no longer wish to receive the newsletters can simply select the cancellation link, which is at the end of each email, or send a request to email@example.com. Cancellation is managed in an automated manner, and it is possible that additional newsletters may be forwarded. You may receive further newsletters, if the scheduled newsletter despatch occurs prior to receipt of the cancellation request. SACA is available to provide any clarification.
7. RIGHTS OF DATA SUBJECTS
The subjects to whom the personal data refers (“Data subjects”) are entitled to receive, at any time, confirmation of the existence or non-existence of the data, information on its content and origin, and to verify the accuracy of the data, or request data integration, update or correction (Article 7 of the Legislative Decree no. 196, 30 June 2003).
Requests should be addressed:
Article 7 – Privacy Code
- A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.
- A data subject shall have the right to be informed:
- of the source of the personal data;
- of the purposes and methods of the processing;
- of the logic applied to the processing, if the latter is carried out with the help of electronic means;
- of the identification data concerning data controller, data processors and the representative designated as per Section 5(2);
- of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State's territory, data processor(s) or person(s) in charge of the processing.
- A data subject shall have the right to obtain:
- updating, rectification or, where interested therein, integration of the data;
- erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
- certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
- A data subject shall have the right to object, in whole or in part:
- on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
- to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.