Privacy policy

1. Data Controller

Milhouz ... as data controller (with registered office in ... .., Tel. ...., VAT number ...., email address ....), will process personal data mainly with computerized and telematic methods, for the purposes set out in Regulation (EU) 2016/679 (GDPR).

2. Categories of data

You can visit our site anonymously. Full details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific information texts displayed before the data is collected. Personal data may be freely provided by the Data Subject or, in the case of technical needs, collected automatically during the use of the site.

In cases where the data is considered optional, the Data Subject is free to refrain from disclosing such data, without this having any consequence on the availability of the service or its operation. Any use of cookies – or other tracking tools – by the site or by third-party service providers used by the site, unless otherwise specified, is intended to provide the service requested by the Data Subject, in addition to the additional purposes described in this document and in the Cookie Policy. The Data Subject assumes the responsibilities for personal data shared through the website and guarantees that he/she has the right to disclose or disseminate such data, releasing the Data Controller from any liability towards third parties.

In particular, the subject of the processing may be your personal data such as:

• Data collected automatically. During their normal operation, the computer systems and applications used to operate this website detect data (the transmission of which is implicit in the use of Internet communication protocols) that may be associated with identifiable users. The data collected includes IP addresses or domain names of the computers used to connect to the website, URI (Uniform Resource Identifier) addresses of the requested resources, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the server response status (successful, error etc.) and other parameters pertaining to the user's operating system and IT environment, name of the internet service provider (ISP), date and time of the visit, the web page of origin of the visitor (referral) and exit.
• Data provided voluntarily by the user. The voluntary and explicit sending of emails to the addresses indicated in the different access channels of this site does not imply a request for consent and involves the acquisition of the address and data of the sender, necessary to respond to requests, as well as any other personal data included. Such data is voluntarily provided by the user at the time of requesting provision of the service. By adding a comment or other information, the user expressly accepts the privacy policy. Specific summary information will be reported or displayed on the pages of the site prepared for particular services on request (form). The user must therefore explicitly consent to the use of the data reported in these forms in order to send the request.
• Cookies. The site uses cookies. The data collected through cookies can be used to access parts of the site or for statistical purposes or to make the browsing experience more pleasant and more efficient in the future, trying to evaluate the behavior of users and to modify the proposition of content offer according to their behavior. For more information, a specific cookie policy is available.

3. Source of personal data

The personal data held by the Data Controller is collected directly from the data subject.

4. Purpose of data processing and legal basis

The Data Controller processes the Data Subject's personal data for the following purposes:

- collection of site statistics: the services contained in this section allow the Data Controller to monitor and analyse traffic data and are used to keep track of the Data Subject's behaviour. Google Analytics is a web analysis service provided by Google Inc. ("Google"). Google uses the Personal Data collected for the purpose of tracking and examining the use of this site, compiling reports and sharing them with other services developed by Google. Google may use Personal Data to contextualize and customize ads on its own advertising network. Google also makes available the browser add-on for deactivating Google Analytics.

• contact with the Data Subject (contact forms). The Data Subject, by filling in the contact forms on the site with his/her own data, consents to their use in order to respond to requests for information, quotes, or anything else indicated in the form header.

The processing takes place on the following legal bases:

• for automatically collected data, the legal basis is the legitimate interest of the Data Controller and the purpose is to guarantee and improve the web browsing experience.
• for data provided voluntarily by the user, the legal basis is consent and, for sending emails to our addresses, the purpose is to be able to send responses to specific requests made by the user; for forms, the purpose is indicated in the specific information.
• for cookies: see the specific cookies policy.

5. Data recipients

No data is communicated or disseminated, except in the cases expressly provided for by law. The mandatory data provided will not be disseminated in any way and can only be communicated or made accessible, exclusively for the purposes illustrated, to other companies that deal with the maintenance of computer systems, as well as to subjects who deal with specific phases of the processing, as autonomous Data Controllers, including external ones, of the processing regularly designated by the Data Controller whose names and relative qualifications are available at the request of the interested parties, as well as to subjects to whom the right to access the data is recognized by provisions of law and secondary legislation.

The Company may also disclose your personal data to third parties:

• where required by EU or Member State legislation; 
• in the event of legal proceedings; 
• in response to a request from law enforcement based on legitimate grounds; 
• to protect the rights, privacy, security or property of the Company and, to the extent permitted by law, to investigate, prevent or take action regarding unlawful activities.

6. Transfer of data to third countries

The data collected, voluntarily provided by users, are not subject to transfer to third countries outside the European Economic Area.

7. Retention period

Based on the principle of retention limitation (Article 5, GDPR), verification of the obsolescence of the data stored in relation to the purposes for which they were collected is carried out periodically.

In particular:

Data collected automatically are processed for the time strictly necessary, for the sole purpose of obtaining statistical information on the use of the site and to check its regular operation, also for security purposes or based on the deadlines set by law. Data provided voluntarily by the user will be kept for a period of time not exceeding the achievement of the purposes for which they are processed or based on the deadlines provided for by law.  At the end of the retention period, personal data will be deleted. Therefore, upon expiry of this term, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.

8. Rights of the Data Subject

The data subject always has the right to request the Data Controller for access to their data, the correction or deletion, the limititation of the processing or the possibility to opose to the processing, request data portability, revoke consent to the processing of data asserting these and other rights provided by the GDPR through a simple communication to the Data Controller. The data subject can also lodge a complaint with a supervisory authority.

9. Compulsory or optional provision of data

The provision of data is voluntary but mandatory to allow the correct provision of the service.

10. Data processing methods

The personal data provided will be processed in compliance with the aforementioned legislation and the confidentiality obligations by which the Data Controller is bound. The data will be processed both with IT tools and on paper and on any other type of suitable support (e.g. cloud systems, digital storage and conservation systems, ...), in compliance with adequate technical and organizational security measures provided by the GDPR.

11. Final notes and update methods

The information is provided only for this website and not for other websites that may be consulted by the user through links contained in this site. The information may undergo changes due to the introduction of new rules in this regard, therefore the user is invited to periodically check this page to be always updated on the latest legislative news. Earlier versions of this policy may always be requested from the Data Controller.