WEBSITE PRIVACY POLICY

pursuant to Article 13 of the GDPR – General Data Protection Regulation EU 2016/679

Version updated on 29/01/2025 

This policy statement describes how the website is managed in relation to the processing of personal data of visitors who access it. This information is provided pursuant to Article 13 of EU Regulation 2016/679 (on the protection of natural persons with regard to the processing of personal data – GDPR) to those who interact with the web services of RAPHAEL S.R.L., accessible from the website www.casaraphael.com.

This information applies exclusively to the above-mentioned website and not to other sites that may be consulted by the visitor using the links on the site.

DATA CONTROLLER

The data controller is RAPHAEL S.R.L., with head office in Piazza de Giovanni, 4 – 38050 Roncegno (TN)

Contacts:

• Email: info@casaraphael.com
• PEC [certified address]: casaraphael@pec.it
• Telephone +39 0461/772000.

DATA PROTECTION OFFICER

The designated Data Protection Officer (DPO) , pursuant to Art. 37 of Reg. EU 2016/679, is Giovanni Poletto, at Studio Gadler S.r.l. – Via Graberi 12/A – 38057 Pergine Valsugana (TN)

Contacts:

•   Email: dpo@studiogadler.it
•   Telephone: +39 0461-512522.

NAVIGATION DATA

The computer systems and software procedures used to operate this site acquire, in the course of their normal operation, certain personal data, the transmission of which is implicit in the use of Internet communication protocols.

This category of data includes: the IP addresses or domain names of the computers and terminals used by users; the URI/URL (Uniform Resource Identifier/Locator) notation addresses of the resources requested; the time of the request; the method used in submitting the request to the server; the size of the file obtained in response; the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the user’s operating system and computer environment.

These data, necessary for the use of web services, are also processed for the purpose of:

–     to obtain statistical information on the use of the services (pages most visited, number of visitors per time slot or per day, geographical areas of origin, etc.);

–     to check the proper functioning of the services offered.

Information on the processing of personal data through social media platforms 

With regard to the processing of personal data by the managers of the social media platforms used by RAPHAEL S.R.L., please refer to the respective privacy policies provided by each manager. RAPHAEL S.R.L. processes the personal data provided by users through its specific social media pages, exclusively to manage interactions with users (comments, public posts, etc.) and for corporate and promotional purposes, in compliance with the regulations in force.

 See cookie policy

DATA PROVIDED VOLUNTARILY BY THE USER

The user is free to provide personal data. Therefore, we remind you that the explicit and voluntary sending of electronic mail to the contact addresses indicated on this site (as well as the completion and forwarding of any forms present), entails the subsequent acquisition of the sender’s address, which is necessary in order to reply to requests, as well as any other personal data included in the message. This data will be processed exclusively for the purpose of processing the submitted request.

Specific summary information will be progressively reported or displayed on the pages of the site set up for these particular on-demand services.

LEGAL BASIS FOR PROCESSING

Personal data are processed for the sole purpose of providing the requested service and on the basis of the legitimate interest of the data controller.

FURTHER PROCESSING PURPOSES: NEWSLETTER

Subject to explicit subscription to the service, the Data Controller may also process data for promotional purposes by means of automated contact methods (email, and/or other mass messaging tools, etc.) and traditional contact methods (e.g. telephone call with operator) or for market research and statistical surveys. By signing up, you declare that you are aware that your information will be transferred to Mailchimp for processing. 

Click for <more information>

LEGAL BASIS FOR PROCESSING

The legal basis for sending electronic, commercial communications and the newsletter is explicit consent, pursuant to Article 6(1)(a) of the General Data Protection Regulation. 

With regard to the purpose of direct marketing, it should be pointed out that, by virtue of Article 6(1)(f) of the Regulation, the Data Controller may nonetheless carry out this activity on the basis of its own legitimate interest, irrespective of consent and in any case until an objection to such Processing, as further explained in Recital 47 of the Regulation, where it is ‘considered a legitimate interest to process personal data for direct marketing purposes‘. The User may also easily object to further e-mail newsletters by clicking on the appropriate link to revoke consent, which is present in each promotional email and newsletter.

UNSUBSCRIBING FROM MARKETING SERVICES

You may unsubscribe from our marketing services at any time, pursuant to Art. 7(3) GDPR, via the unsubscribe link in these communications.

Full privacy policy: 

PROCESSING METHODS AND DATA RETENTION PERIODS

Personal data are processed by automated means for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent loss of data, unlawful or incorrect use, and unauthorised access.

COMMUNICATION OF DATA

The Data Controller may communicate the data to supervisory bodies, judicial authorities and other entities to which communication is obligatory by law, in order to fulfil the purposes provided for by the legislation in force. The data in question will not be disseminated in any case.

The personal data collected will also be processed by Data Controller’s authorised personnel, who work in accordance with specific instructions given regarding the purposes and methods of processing. Furthermore, the data may be processed by persons designated as data processors, pursuant to Article 28 of the Regulation, who operate under the control and directions of the Data Controller.

MINORS 

This site and the Data Controller’s services are not intended for persons under 18 years of age [minors] and the Data Controller does not intentionally collect personal information from minors. In the event that information on minors is unintentionally recorded, the Data Controller will delete it in a timely manner at the request of users.

TRANSFER OF PERSONAL DATA

The data collected will not be transferred to non-European countries. The Data Controller will have the right to move the location of its computer archives to other non-European countries, guaranteeing from the outset that the transfer of data outside the EU will only be made to states that are able to offer a level of protection adequate to the standards laid down by the relevant legislation, in compliance with Art. 45, 46 and 49 of Reg. EU 2016/679.

CHANGES TO THIS POLICY

We reserve the right to change this Policy at any time and to publish changes without specific notification to website users.