Privacy and Cookie Policy

Information on personal data processing relating to website browsing

This policy, which refers exclusively to this website, does not extend to any of the links it may contain and is subject to change and update over time, based on any business needs and/or technical and/or regulatory changes.

  1. Definition of personal data, forms of processing and cookies
    Personal data are all data that can directly or indirectly identify a person (so-called “identification data”, e.g. first name, surname, residential address, telephone number, e-mail address, etc.), data that can reveal political, religious and philosophical beliefs, sexual life and habits, state of health, trade union membership, geographical or ethnic origin, genetic and biometric data (so-called “special data”), criminal convictions and offences. “Processing of personal data” refers to any operation or set of operations carried out with or without the help of automated means and involving personal data or sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Cookies are small text files stored by the website on your device during browsing in order to make it faster and easier.

  1. Data Processor

The Data Controller has appointed a Data Protection Officer who can be contacted at the following e-mail address: info@exitmusic.it.

  1. Purpose and objectives of the processing

This website only collects navigation data and, in case of any contact requests from you, personal identification data. All of this data will be processed to ensure that you can browse the website correctly, to allow you to access the information you are interested in, and to answer any requests you may have. Finally, the data will also be processed for our legitimate interest (e.g. in order to verify the correct functioning of the website, to detect possible liability and/or the commission of computer crimes to the detriment of the website itself).

  1. General principles of processing

The personal data that you provide us with will be processed, exclusively, for the purposes and in the manner allowed by law (principle of lawfulness), in compliance with ethical and moral values (principle of fairness), allowing you access, at any time, to information and communications relating to the processing of the same (principle of transparency). Furthermore, the data will be processed only for the purposes listed in this statement (purpose limitation) and guaranteeing adequate security and confidentiality (integrity and confidentiality); they will be adequate, relevant and limited to what is necessary in relation to the aforementioned purposes (data minimisation), accurate and, if necessary, updated (accuracy) and stored for a period of time not exceeding the achievement of the aforementioned purposes (storage limitation).

  1. Purpose of processing

By accessing this website, we inform you that the following personal data may be processed:
Browsing data: the computer systems and software procedures that regulate the functioning of this website acquire, during their normal operation, certain personal data transmitted automatically during web communication. Although this information is not collected for the purpose of being associated with specific Data Subjects, it could allow the identification of the users themselves following the cross-referencing of the aforementioned data with other information provided by third parties. This category of data is composed of: IP addresses, domain names of the users’ computers that connect to the site, URI (Uniform Resource Identifier) addresses of the resources requested, browsing times and duration on the site, connection mode to the server, size of the file obtained in feedback from the server, the numerical code indicating such feedback (successful, error, etc.), further parameters of the user’s operating and computer system. The aforementioned data are used only for anonymous statistical purposes relating to the use of the site. They may also be used to check the proper functioning of the website and, in any case, are deleted immediately after processing. In particular cases, they may also be used to detect possible liability and/or the perpetration of computer crimes to the detriment of the site itself.

Personal identification data provided by the user: while browsing the website, by filling in the specific form, you may enter your personal identification data (e.g. name, surname, date and place of birth, address of residence, tax code, VAT number, telephone numbers, e-mail addresses, etc.), in order to contact us. The optional sending of e-mails to the e-mail addresses given on our website implies the collection of your e-mail address, which is necessary in order to reply to any requests received.

Cookies are small text files stored by the website on your device (computer, tablet, smartphone etc.) in order to speed up your navigation on the website, remembering your actions and/or preferences.
F. Legal basis of the processing

Your personal data is processed on the basis of one or more of the following conditions, for the above-mentioned purposes:
 for the browsing data mentioned in point 1 of the preceding article, please note that:

 anonymised data, i.e. those from which it is not possible to identify, even indirectly, an individual, are not considered personal data and, therefore, the processing does not require a specific legal basis;

 for non-anonymised data, which are necessary for the operation of the website, you agree to their use through continued use and/or consultation of the website;
 data, that may be cross-referenced with data provided by third parties and may identify a specific person, are processed for the purpose of preventing and/or prosecuting the perpetration of computer crimes to the detriment of users and/or the website. Therefore, they are processed on the basis of legal obligation (given the need to comply with the obligation to implement the security measures provided for in the Regulation) and of the legitimate interest of the Data Controller, therefore, no consent is required;

 regarding the identification data provided by the user, the processing is legally based on the need to implement your explicit requests to receive a service directly available through the website. Therefore, providing data is strictly necessary and connected to a pre-contractual and/or contractual phase, i.e. in order to meet your specific request. If you do not wish to provide the aforementioned data, it will not be possible to provide the service or to answer your questions. In any case, you may at any time exercise your rights under letter M below. In the event that you withdraw your consent, your data will no longer be processed after your withdrawal, specifying, however, that the withdrawal of consent has no retroactive effects;

 regarding cookies, two types of cookies are used: those necessary for the functioning of the website and those necessary for saving preferences, optimising navigation and for statistical purposes (Google Analytics with IP anonymisation/masking; Facebook Pixel). As for the former, by using and/or consulting this website, you consent to their use. As for the second category, however, you are free not to give consent and to disable them.

Finally, if you are under sixteen years of age, the consent of your parent or the holder of parental responsibility will always be required for the processing of your data.

  1. Processing modalities

We inform you that all your data will be processed by the Data Controller using digital tools (computerised and telematic), taking all the appropriate technical and organisational measures to guarantee the security, integrity and protection of the personal data you wish to provide us with.

  1. Data storage period

The data mentioned in the preceding article will always be processed for the time necessary to fulfil the purposes for which they were collected. Specifically, navigation data will be kept for 30 days from the end of your browsing session on the website; contact data (identification data, e-mail address, etc.) will be kept for 24 months from your request; cookies, on the other hand, will be saved on your electronic device until you decide to delete them. This is always without prejudice to cases in which the data is necessary for the establishment, exercise or defence of the Controller’s rights, including in court, which may justify their storage until the purpose is achieved.

  1. Access to data and disclosure to third parties

Your data will be accessible, for the purposes set out above, to employees and collaborators of the Data Controller, as Data Processors and Persons in charge of the processing, within their respective functions and in compliance with the instructions they have received from the Data Controller, exclusively for the purposes mentioned in this information notice and in compliance with the current legislation. The data may also be made accessible to professionals and third-party companies (for example: credit institutions, professional firms, consultants, insurance companies for the provision of insurance services, etc.), which perform outsourcing activities on behalf of the Data Controller, as external data processors, always in compliance with the purposes of the processing itself.

The list of Data Processors is available at the Data Controller’s office.

  1. Profiling and Dissemination

Your browsing data is not subject to dissemination or to any fully automated decision-making process. No profiling processes are carried out on this data.

  1. Rights of the data subject

We inform you that you have the right to:

  1. access your personal data, in order to know and obtain notifications relating to the methods and purposes of their processing;
  2. ask for the updating, completion and/or correction of your data;
  3. delete your data: if they are no longer necessary, if they are no longer used for the purposes for which they were collected or processed, if you decide to withdraw the consent previously given and there is no other legitimate reason to continue processing, if it is necessary to comply with an obligation imposed by a law of a Member State of the European Union;
    d. ask for the restriction of processing concerning you, in cases of: I) dispute on the accuracy of the personal data, for the period necessary to perform the verification; II) in case of unlawful processing and refusal to delete, with a concurrent request for restriction; III) if the Data Controller no longer needs the data, but the same are necessary to the Data Subject in order to exercise or defend a right; IV) in the event of refusal to process the data and to verify the possibility that the Data Controller’s legitimate reasons prevail over those of the Data Subject;
    e. request the transfer (portability) of your personal data (in a structured, commonly used and machine-readable format) to another Data Controller of your choice;
  4. refuse the processing of Your data for reasons of legitimate interest, for marketing purposes or for historical, scientific and statistical processing;
  5. withdraw your consent, when provided, bearing in mind that the aforesaid withdrawal shall not affect the lawfulness of the processing based on the consent given before the same
  6. lodge a complaint with the Supervisory Authority (Data Protection Supervisor), following the procedures and indications published on the Authority’s official website www.garanteprivacy.it.
  7. How to exercise your rights

You may exercise your rights by sending a request by registered letter with acknowledgement of receipt to the Data Controller’s address, or by e-mail to info@exitmusic.it