1 – General Information Regarding This Site

1.1. This section contains information about the processing of user data and visitors connecting to the website owned by Dorin Bobeica, accessible at the address: (the “Site”), to describe the management methods of the Site in reference to the processing of the personal data of users who consult it and/or use its services, and to allow them to know the purposes and methods of processing their personal data.

1.2. This information is also provided in accordance with Article 13 of the EU Reg. 2016/679 (GDPR – General Data Protection Regulation), regarding the protection of individuals with respect to the processing of personal data and the free movement of such data, for individuals interacting with the Site, accessible at the corresponding address of the homepage:

1.3. This privacy policy and the information contained herein apply only to the Site and not to other websites that may be accessed by the user through links contained therein, and it conforms to Recommendation no. 2/2001 on minimum requirements for online data collection in the European Union, adopted on May 17, 2001, by the Article 29 Working Group.

1.4. This privacy policy and the information contained therein aim to provide guidance on the types of data processed, the processing methods, data storage times, the nature of the information, and any other relevant aspect that the data controller must disclose to users connecting to the pages of, regardless of the purposes of the connection itself, according to Italian and European legislation.

1.5. Using the Site implies the release of information that constitutes personal data by the user. Please note that, according to applicable regulations, “processing” of personal data means any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, communication through transmission, dissemination or any other form of making available, alignment or interconnection, restriction, erasure or destruction.

1.6. Before communicating any personal data, users are therefore invited to carefully read this privacy policy, as it contains important information on the protection of personal data and the security measures adopted to ensure confidentiality in full compliance with the GDPR and the applicable national data protection law.

1.7. The Site is intended for users over the age of 14, in accordance with Art. 8, par. 1 GDPR and Art. 2-quinquies of the Privacy Code. By connecting to the Site and providing their data, the interested party, or the subject to whom the data refers, declares to be over 14 years old.

2 – Data Controller

2.1. The data controller is the natural or legal person, public authority, agency or another body that, alone or jointly with others, determines the purposes and means of the processing of personal data. This subject is also required to identify and implement appropriate technical and organizational measures to ensure a level of data security adequate to the risk generated by the processing operations carried out.

2.2. In relation to this Site, in light of the applicable regulations, the data controller is the natural person Dorin Bobeica, operating as a freelancer, with the registered office in Via Giuseppe Verdi 3 – 31046 Oderzo (TV) – VAT no. 05301230263, who for any clarification or exercise of the user’s rights can be contacted at the following email address:

3 – Data Processor

3.1. The data processor is a natural or legal person, public authority, agency or another body that processes personal data on behalf of the data controller.

3.2. Under Article 28 of the GDPR, the controller may appoint one or more data processors for the Site from among those who may have access to the personal data of the interested parties, such as third-party service providers like, for example, connectivity providers, hosting, IT companies, and the software provider responsible for the newsletter sending service.

3.3. The list of all data processors is kept at the aforementioned headquarters of the data controller and is available upon request from the Site’s users.


4 – Data Processing Location

4.1. The processing related to the web services of the Site takes place on servers located within the European Union owned and/or available to the Data Controller and/or third-party companies appointed as data processing managers under art. 28 of the GDPR. These third parties, on behalf of the owner, provide specific processing services, or related, instrumental, or support activities. Among these data processing managers is the web hosting service provider of the Site, which is located within the European Union and acts in accordance with the provisions of the GDPR. 4.2. If necessary, the data related to the web services of the Site can be processed by data processing managers – each for their specific area of expertise – or by persons appointed by them under art. 4 no. 10, GDPR, for this purpose, at their respective locations.

5 – Types of Data Processed and Data Processing Methods

5.1. It should be noted that, according to applicable regulations, “personal data” means any information concerning an identified or identifiable natural person, particularly referring to an identifier such as a name, an identification number, location data, an online identifier or one or more elements of their physical, physiological, mental, economic, cultural, or social identity. 5.2. The personal data collected by the Site includes: A) Browsing Data The Site’s computer systems collect some Personal Data whose transmission is implicit in the use of Internet communication protocols. These are pieces of information not collected to be associated with you, but which, by their very nature, could allow users to be identified through processing and association with data held by third parties. Among these are IP addresses or domain names of the devices used by users connecting to the Site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numeric code indicating the status of the server’s response (successful, error, etc.), and other parameters related to your operating system and computer environment. This data is used to obtain anonymous statistical information on the use of the Site and to check its correct operation; to allow the proper functioning of the various functionalities you requested, for security reasons, and to ascertain liability in the event of hypothetical computer crimes against the Site or third parties. B) Voluntarily Provided Data Apart from what is specified above for browsing data necessary for computer and telematic protocols, the provision of personal data by Site users is free and optional, although functional to the provision of certain services. Consequently, failure to provide data could compromise or make the delivery of the service impossible. Specifically, through the Site, you can voluntarily provide personal data, such as name, surname, date and place of birth, residence address, tax code and VAT number, company name, headquarters address, landline and/or mobile phone number, email address, PEC address, bank and payment references, other data, by filling in the “Contact us” form on the Site or by creating a Customer account on the Site for purchasing products offered on the Site or in the case of joining the newsletter sending service by filling in the appropriate form or by sending, always optional and voluntary, emails containing contact requests, quotation requests, spontaneous applications by sending CVs or by sending any kind of communication to the addresses or contact details indicated on the Site. Sending these communications will result in the acquisition of your email address, necessary to respond to your requests, and any other personal data you have transmitted. The data provided by users who voluntarily interact with the Site is used solely to execute the requested service and is communicated to third parties only if this is strictly necessary for the execution of the same service or required by law. C) Sharing Content via Social Networks If the Site user decides to share content via social networks, such as Facebook, LinkedIN, or YouTube, the Site may access some information from their account if the user has activated data sharing with third-party applications. Users are informed that they can deactivate data sharing with third-party applications by accessing their account settings. For more information on the logic and methods of data collection by social networks, users are invited to read the privacy notices provided by the entities that provide these services. D) Cookies and Similar Technologies i) Types of Cookies The Site uses cookies designed to make the user’s browsing experience easier and more intuitive. They are small text strings used to store some information that may concern the user, their preferences, or the device used to access the Internet. Cookies are used to offer a personalized browsing experience, storing the user’s previous choices and adjusting the Site’s operation to their expectations. A cookie consists of a reduced set of data transferred to the user’s browser from a web server and can only be read by the server that made the transfer. It is not executable code and does not transmit viruses. Cookies might record personal information, and any data allowing the identification of the data subject can be stored. If the user wishes, they can delete all or some cookies by following the instructions provided. The various types of cookies


6 – Purpose of the processing, legal basis, and retention period

6.1 All personal data provided by users through the Site will be processed for purposes related to the reasons for which they were collected and, in particular: A) Execution of a contract aimed at the supply/sale of products and/or services offered on the Site or fulfillment of pre-contractual information obligations; B) For research/statistical analysis purposes on aggregated or anonymous data, without the possibility of identifying the user, aimed at measuring the operation of the Site, measuring traffic, and assessing usability and interest; C) For marketing purposes; specifically, the owner may process your contact details for marketing and advertising communication purposes, aimed at informing you about the products and services offered or promotional sales initiatives, made through automated contact methods (email, newsletter, SMS, and other mass messaging tools, push notifications, etc.) and traditional contact methods (e.g., telephone call with an operator) or for market research and statistical surveys, where you provide specific consent. 6.2. It is noted that, apart from what is specified for browsing data, the user is free to provide personal data to send communications to the addresses indicated on the Site, to request information or for the purposes of sending commercial communications. D) For purposes related to fulfilling a legal obligation to which Dorin Bobeica is subject; E) For purposes necessary to ascertain, exercise, or defend a right in court or whenever judicial authorities exercise their judicial functions; 6.3 The legal basis for processing personal data for the purposes referred to in the previous point 6.1 lett. A) is the provision of a service or response to a request that does not require consent under the applicable legislation. The purpose referred to in the aforementioned point 6.1 lett. B) does not involve the processing of personal data. The legal basis for the processing of personal data for marketing purposes and sending commercial and informational communications referred to in the aforementioned point 6.1 lett. C) is the user’s consent (interested party), expressed when concluding a contract between Dorin Bobeica and the user or when filling in the dedicated form on the Site. The purposes referred to in point 6.1 lett. D) and E) represent legitimate processing of personal data under the applicable legislation because, once personal data is provided, the processing is truly necessary to fulfill a legal obligation to which the owner is subject or to exercise their right to defense in court. We point out that if you are already a customer, we may send you commercial communications related to services and products of the Owner similar to those you have already used, unless you object. 6.4. The storage of the information referred to in art. 5.1 will be carried out for the period strictly necessary to achieve the purposes indicated above and in any case not beyond the termination of these purposes, except in the case where it is necessary to keep them due to a legal obligation. The data may also be stored for the time necessary by the owner or any designated managers to ascertain, exercise, or defend their right in court, within the prescription periods of any civil or criminal actions that could be brought against them. 6.5. In the case of processing personal data based on the user’s consent, the owner may keep the personal data until the said consent is revoked.

7 – Mandatory or optional nature of providing data and Consent

7.1. It is noted that, considering the processing purposes as illustrated above, providing your personal data for the purposes referred to in the previous art. 6.1, points A), B), D), E) is mandatory. Any failure, partial or inaccurate provision, and/or express refusal to process will result in the inability for the owner to follow up on your requests, process your purchase order, fulfill contractual obligations undertaken to supply products and/or services or a legal obligation to which the owner is subject or requests from the competent Authorities. 7.2. The legal basis for processing personal data for marketing purposes referred to in art. 6.1, point C) above is, however, consent. Providing data for these purposes is optional, so you can decide not to give your consent or revoke it at any time. Failure to consent to processing has no consequences on contractual relationships but only results in the inability to receive the other services illustrated above.

8 – Categories of Recipients

8.1. The personal data of Site users may be shared, for the purposes specified in the previous point 6.1, with: A) entities necessary for the provision of services offered by the Site, including, for example, email sending, site maintenance and analysis, and other external subjects, each within their specific competence. These entities have been delegated specific tasks by the Data Controller for the period necessary to achieve the purposes for which the data was collected. They act, when necessary, as data processing managers for Dorin Bobeica; examples of these entities include system administrators, technical service providers, hosting providers, IT companies, communication agencies, etc., who are appointed, when necessary or appropriate, as external managers of data processing. B) individuals authorized by Dorin Bobeica to process personal data who have committed to confidentiality or have an appropriate legal obligation of confidentiality (e.g., employees and collaborators), based on the roles and tasks assigned to them; C) judicial or supervisory authorities, administrations, public institutions and agencies in the performance of their duties, when required by law. 8.2. In any case, no data from the Site’s web services, unless in an anonymous and aggregated form, is disseminated.

9 – Transfers

9.1. Your personal data will not be transferred to third countries outside the European Union.

10 – Copyright

10.1. All texts, graphic components, any sound files, videos, images, animations, and in general all information contained on the Site are owned by Dorin Bobeica and are protected by international copyright laws and other laws protecting intellectual property. 10.2. None of the content mentioned above may be copied, modified, or resold, in whole or in part, for profit or any kind of gain. 10.3. Icons, trademarks, and names of third parties and products present on the Site’s pages are the property of their respective owners and are protected under copyright, patent, and intellectual property laws.

11 – Appointment of the D.P.O.

11.1. The DPO is a professional with specialized knowledge of data protection regulations and practices, who must be mandatorily appointed by the Data Controller or data processor in cases specified by Art. 37 of the EU Reg. 2016/679. 11.2. The DPO, pursuant to Art. 39 of EU Reg. 2016/679, is tasked with, among other things: a) informing and advising the data controller, processor, and employees about obligations from this regulation and other data protection provisions of the Union or Member States; b) monitoring compliance with the regulation and policies of the data controller/processor, including responsibility assignment, awareness-raising, and training of staff involved in processing operations, and related control activities; c) providing an opinion on the data protection impact assessment and overseeing its performance pursuant to Article 35 of the EU Reg. 2016/679; d) cooperating with the supervisory authority; e) acting as a contact point for the supervisory authority for issues related to processing. 11.3. The Data Controller, not falling under the situations described in Art. 37 of the GDPR, nor those outlined by various interpretations of the Guarantor Authority, did not deem it necessary to appoint a Data Protection Officer.

12 – Rights of the data subject

12.1. Dorin Bobeica wishes to inform the user that, in accordance with the provisions of the GDPR, the user, as a data subject, may exercise the following rights: a) right of access – to obtain confirmation as to whether or not personal data concerning him/her are being processed and, if so, to receive information, in particular, relating to: purpose of the processing, categories of personal data processed and retention period, recipients to whom these may be communicated (Article 15, GDPR); b) right to rectification – to obtain, without undue delay, the rectification of inaccurate personal data concerning him/her and the integration of incomplete personal data (Article 16, GDPR); c) right to erasure – to obtain, without undue delay, the erasure of personal data concerning him/her, in cases provided for by the GDPR (Article 17, GDPR); d) right to restriction – to obtain from the Data Controller the restriction of processing, in cases provided for by the GDPR (Article 18, GDPR); e) right to data portability – to receive, in a structured, commonly used and machine-readable format, the personal data concerning him/her provided to the Data Controller, and to have them transferred to another controller without hindrance, in cases provided for by the GDPR (Article 20, GDPR); f) right to object – to object to the processing of personal data concerning him/her unless there are legitimate reasons for the Controller to continue processing (Article 21, GDPR); g) right to withdraw consent given at any time, without affecting the lawfulness of processing based on consent before its withdrawal; h) right to lodge a complaint with the Data Protection Authority or another supervisory authority (Article 77, GDPR). 12.2. Requests can be addressed to the data controller, without formality or, alternatively, using the model provided by the Data Protection Authority, or by sending an email to:

13 – Personal data security measures adopted

13.1. This Site processes user data in a lawful manner and in compliance with the GDPR as well as current Italian legislation (Legislative Decree no. 196/2003 and subsequent amendments or additions), adopting appropriate security measures for mapped risk profiles, aimed at preventing breaches of personal data, in the form of unauthorized access, disclosure, alteration, or unauthorized destruction of data. The processing is carried out using computer and/or electronic tools, with organizational methods and logic strictly related to the purposes stated in the previous art. 6. 13.2. In addition to the owner, categories of individuals authorized to process personal data may have access to the processed data involved in the organization and management of the site (administrative, commercial, marketing staff, lawyers, system administrators, etc.) or external subjects entrusted with providing services on behalf of the owner (such as technical service providers, hosting providers, IT companies, communication agencies) who are appointed, when necessary or appropriate, external data processors. 13.3. The list of external data processors on behalf of the owner, as well as the list of persons authorized to process data under the direct authority of the owner, will be kept up to date and can be requested at any time by writing to the address:

14 – Changes to this document

14.1. Dorin Bobeica reserves the right to modify or simply update the content of this document, in whole or in part, also due to changes in applicable legislation. We therefore invite you to regularly visit this section of the Site to be aware of the most recent version of the privacy policy and to be always informed about the data collected and how it is used.