This information is provided, in compliance with Articles 13 and 14 of EU Regulation 679/2016 (hereinafter: “Regulation”), to the users (hereinafter: “Users” or “User”) of the website in desktop and mobile version, (hereinafter: “Site”) owned by Realitycs S.r.l, Owner of the Processing of Personal Data (hereinafter: “Owner”), with registered office in Via Fabio Filzi, 25, 20125 Milan and aims to describe how the Site is managed with reference to the processing of personal data, as well as to allow the Users of the Site to know the purposes and methods of processing of personal data by the Owner in case of their provision. Pursuant to Art. 13 of EU Regulation no. 2016/679 (GDPR).
The services offered by Holder are intended for people over the age of 18. Should the Controller become aware of the processing of data of minors under 18 years of age without valid parental or legal guardian consent, it reserves the right to unilaterally discontinue the use of the service offered as well as delete the data acquired.
Principles applicable to the Processing of Personal Data
The Data Controller, in accordance with and for the purposes of the Regulations, announces that the aforementioned legislation provides for the protection of individuals with respect to the processing of personal data, and that such processing will be based on the principles of fairness, lawfulness, transparency and protection of confidentiality and fundamental rights.
Object of Treatment
The Holder processes personal identification data (e.g., first name, last name, social security number, company and professional user information, ID card, address, telephone, email, bank and payment references, multimedia materials), hereinafter “personal data” or also “data,” disclosed when concluding contracts for the Holder’s services and/or through digital methods (e.g., information request forms).
Data may be freely provided or collected independently and/or automatically by the owner. The data requested by the owner (manually, digitally, and automatically) are often mandatory in order to ensure the proper functioning of the service requested/offered, or to proceed with responses to inquiries and any communications. Mandatory data in a form/form is marked with an asterisk symbol (*) where necessary and possible.
In cases where optional data are to be filled in, it is possible to refrain from providing them without any consequence on the availability of the service or its operation.
Informational, promotional and profiling activities
In order to enable the User to obtain industry information such as news and trivia, as well as advertising information, the User may subscribe to the Informational, Promotional and Profiling Activities service to receive informational, promotional and marketing communications based, in some cases, on the activity performed on the Site.
The Owner may carry out activities to analyze the interests, habits and choices of Users, also in order to be able to send them personalized promotional material about the services offered.
You can unsubscribe from the above communications at any time by making a request to the references listed on this page.
The data subject assumes responsibility for third-party data obtained, published or shared and guarantees that he or she has the right to communicate or disseminate them, releasing the owner from any liability to third parties.
Legal Basis of Treatment
The Controller processes the data of the data subject if any of the following conditions exist:
- The data subject has given consent for one or more specific purposes
- In some jurisdictions, the Data Controller may be authorized to process personal data without the need for the data subject’s consent or another of the legal bases specified below, as long as the data subject does not object to such processing. However, this does not apply if the processing of personal data is regulated by European data protection legislation.
- Processing is necessary for the performance of a contract and/or the execution of pre-contractual measures
- The processing is necessary to fulfill a legal obligation to which the owner is subject
- Processing is necessary for the performance of a task in the public interest or the exercise of public authority vested in the controller
- Processing is necessary for the pursuit of the legitimate interest of the Owner or third parties.
However, it is always possible to ask the controller to clarify the concrete legal basis of each processing and in particular to specify whether the processing is based on law, required by a contract or necessary to conclude a contract.
Methods of Processing and Retention of Personal Data
The Data Controller ensures that personal data are processed in full compliance with the Regulations and regulations in force in Italy, using manual, computer or telematic systems. Processing may also be carried out through automated tools designed to store, manage and transmit the data.
The data collected and processed will be protected with physical and logical methods to minimize the risks of unauthorized access, dissemination, loss and destruction of data, in accordance with Articles 25 and 32 of the Regulations.
Data processing will last no longer than necessary to fulfill the purposes for which it was collected, such as storing search criteria, notifying and contacting professionals.
Users who have made a request through the forms on the site may be contacted by Realitycs S.r.l. to follow up on the requests made and be made aware of the opportunities offered by Realitycs S.r.l.’s solutions, products, data and services.
Pursuant to Art. 7 paragraph 3 of the Regulations, the data subject has the right to obtain withdrawal of consent to processing at any time. To request deletion of their personal data, the data subject may send a request to the email address firstname.lastname@example.org
If a request for deletion is not received by the Controller, the personal data will be retained for a period not exceeding 10 (ten) years, starting from the date of the last access to the Site.
Place of Processing
Data are processed and stored at the owner’s operational offices (on paper and/or electronic media) and in any other place where the parties involved in the processing are located (e.g., on servers located within the European Union).
The data subject has the right to obtain information regarding the legal basis for the transfer of data outside the European Union or to an international organization under public international law or consisting of two or more countries, such as the UN, as well as regarding the security measures taken by the data controller to protect the data.
Should any of the transfers just described take place, the data subject may refer to the respective sections of this document and/or request information from the owner by contacting him/her at the contact details given within this document.
Recipients of Personal Data
Personal data collected may be processed by individuals or categories of individuals acting as Data Processors pursuant to Art. 28 of the Regulations or who are authorized to process data under Art. 29 of the Regulations.
In addition, for some services, the data may be disclosed to companies that collaborate or use the services of the Owner, with the sole purpose of providing the services requested by the User. In these cases, the companies are autonomous owners, so the Owner is not responsible for their data processing. The Owner is also not responsible for the content and compliance with data protection regulations by sites not operated by the Owner.
Forms filled out on the site by users convey personal data in accordance with the best security measures available to the Owner to a contact management system (commonly referred to as CRM – Customer Relationships Management) named Zoho on servers located in the European Union. For more information about Zoho Corporation Pvt’s data security and processing policies, please view the following page sited and owned and operated by that third party company: https://www.zoho.com/it/crm/data-security.html
Outside of the above-mentioned cases, personal data will not be communicated except to subjects, entities and Authorities to which communication is obligatory under provisions of law or regulation.
Transfer of Data to a Third Country or International Organization
The personal data collected through the Site may be transferred outside the national territory, only and exclusively for the purpose of performing the services requested through the Site, to provide the most appropriate responses to the requests made, to improve the services requested and in compliance with the specific provisions of the Regulations. Any transfer of data will be done in compliance with current regulations and the GDPR.
Navigation Data Collection
The computer systems and the technical and software procedures underlying the operation of the Site acquire, in the course of their normal operation, some personal data whose transmission is implicit in the access and operation mechanisms and protocols in use on the Internet.
Each time the User connects to the Site and each time he or she retrieves or requests content, access data is stored at the appropriate systems in the form of tabular or linear data files. Included in this category of data are, for example, the domain names of the computers used by users connecting to the Site, the request from the User’s browser, in the form of addresses in URI (Uniform Resource Identifier) notation, the date and time of the request to the server, the method used in submitting the request to the server, the amount of data transmitted, the numerical code indicating the status of the response given by the server and other parameters relating to the User’s operating system and computer environment.
This data may be used by the Data Controller for the sole purpose of obtaining anonymous statistical information on the use of the Site in order to identify Users’ favorite pages and thus provide increasingly appropriate content and to monitor its proper functioning. At the request of the Authority, the data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site and/or its Users.
Browsing data is analyzed with the help of the external service Google Analytics (GA4) in an aggregate manner, without resorting to the storage of IP address, on servers located within the territory of the European Union, with settings in accordance with the Italian and GDPR regulatory provisions.
About Cookies, Search Engines, and Location Data
Information about proposals entered on the Site will be visible in searches made in the internal search engine and may be made available to third-party search engines as the Site allows its content to be indexed by third-party engines.
In case the page related to the ad has already been removed from the Site, it is possible that the cached copy will remain in the search results for a few days. The search results are not managed by the Site, but the user can report the removal of the page and prompt the update of the cache copy directly to the search engine itself.
When using the Site with the location tracking feature enabled, the Site may collect and process information about the User’s current location. This data is processed anonymously, in a format that does not personally identify the User, and used for the sole purpose of facilitating the use of certain location-based features of the Site. Location services can be enabled or disabled by the User at any time by accessing their device settings.
Google Maps Widget (Google LLC)
Google Maps is a map display service operated by Google LLC that allows this Application to integrate such content within its pages. The widget does not involve data transmission.
Rights of the Interested Party
Failure to provide authorization for the processing of personal data will result in the inability to provide the requested services, process requests and respond to messages.
Below are the user’s rights.
- Confirmation of the existence or non-existence of personal data concerning him/her, even if not yet registered, in a concise, transparent, intelligible and easily accessible form, in simple and clear language;
- Of the origin of personal data;
- Of the purposes and methods of processing;
- Of the legitimate interests pursued by the Owner or third parties;
- Of any recipients or categories of recipients of personal data;
- Of whether the owner intends to transfer personal data to a third country or international organization;
- Of the retention period of personal data;
- of the logic applied, as well as the importance and expected consequences of such processing for the data subject, in the case of processing carried out with the aid of electronic tools as part of an automated collection and/or profiling process;
- of the identification details of the Owner, Managers, Designated Representative (if any) and Data Protection Officer (so-called DPO);
- Of the subjects and categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representative in the territory of the State, as managers or appointees;
- The possibility of filing a complaint with a regulatory authority;
- updating, rectification or, when interested, integration of data;
- the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
- Limitation to processing;
- The portability of personal data concerning him/her to another Data Controller;
- revocation of treatment;
- A statement that the operations referred to in paras. (a) and (b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except where this proves impossible or involves the use of means manifestly disproportionate to the right protected;
- opposition, in whole or in part, for legitimate reasons, to the processing of personal data concerning him/her, even if relevant to the purpose of collection.
Data Controller and Data Protection Officer.
In order to exercise the rights in the preceding paragraph, the Data Subject maỳ contact the Data Controller and/or the Data Protection Officer at any time for any communications regarding the processing of his or her Personal Data, or to find out the updated list of any Data Processors appointed by the Companỳ, by sending communication to the contacts below:
The Data Controller:
Via Fabio Filzi 25, 20124 Milan
Tax code 06780840481
Phone: (+39) 057 7890782
Contact email: email@example.com
The Data Protection Officer (so-called DPO):
Lawyer Valerio Lubello
Contact email: firstname.lastname@example.org
This policy may be subject to change. If substantial changes are made to Immobiliare.it’s use of data relating to the User, Immobiliare.it will notifỳ the User by posting them as prominently as possible on its pages.