INFORMATION FOR THE PROCESSING OF PERSONAL DATA OF THE SITE

This page describes how to manage the site in relation to the processing of personal data of users who consult it. Following consultation of this site, data relating to identified or identifiable persons may be processed.

The information is also inspired by the Recommendation n. 2/2001 that the European Authorities for the protection of personal data, gathered in the Group established by the art. 29 of the directive n. 95/46 / EC, adopted on 17 May 2001 to identify certain minimum requirements for the collection of personal data online, and, in particular, the methods, timing and nature of the information that the data controllers must provide to the users when they connect to web pages, regardless of the purpose of the link. This informative note: • analyzes how the site is managed with reference to the processing of personal data of users who consult it; • is made to those who interact with the services provided, via the internet, by the Data Controller, also in compliance with the regulations on the protection of individuals regarding the processing of personal data pursuant to art. 13 of EU Regulation 679/2016 (hereinafter referred to as “Regulation”). The information is valid only for this website and not for other websites that may be consulted via links.

1. HOLDER OF THE TREATMENT

The Data Controller is [Manifattura Tabacchi S.p.A], with registered office in [Via Versilia, 2 00187 Rome].

2. PURPOSE OF THE TREATMENT

Personal data provided by users will be used to allow navigation and access to services offered within the site. Registration is allowed to those who make explicit request, filling out the forms on the pages of the site to this service specifically dedicated, after reading the specific information and authorizing MT to the processing of their personal data. The refusal to provide data makes it impossible to obtain the provision of services offered by the site.

3. PROCESSING METHOD AND SAFETY MEASURES

Personal Data are processed using automated tools and not for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. The transmission of data provided voluntarily by the user by filling in the fields composing the questionnaire are managed with SSL technology that encrypts the information before it is exchanged via the Internet between the user’s computer and the central systems of the Data Controller, making them incomprehensible to authorized and in this way guaranteeing the confidentiality of the information transmitted. Within MT they can learn about your personal data, employees or external collaborators engaged in services, as well as internal and external structures that carry out consultancy and support tasks on behalf of MT. The processing of data is carried out by personnel directly reporting to the Data Controller and / or by natural or legal persons specifically identified as responsible or authorized for processing.

4. DATA COMMUNICATION

The data provided will in no case be disclosed to third parties, without prejudice to the communication: • to subjects to whom the right to access the data is recognized by legal provisions or by the orders of the authorities; • to subjects, including external and / or foreign, of which the Data Controller uses for the performance of instrumental and / or ancillary activities to manage the data collected and the provision of the services and benefits connected to them, including suppliers of software solutions, web applications and storage services also provided through Cloud Computing systems and used for this purpose. These subjects will use the data received as independent “owners”, unless they have been designated by MT responsible for the processing of their specific competence. The newsletter is sent by e-mail to those who explicitly request it, filling out the form on the site page to this dedicated service and authorizing the Data Controller to process their personal data. The data related to the registration to the services offered by the site (the “Services”) may also be disclosed to companies that allow the Owner to provide the services in question to the user. These companies: • may also have an extra-European headquarters; • they will never directly use the personal data communicated to them by the Data Controller; • they will not sell the personal data communicated to them by the Owner to third parties. The data will be communicated in strict compliance with the provisions of the regulations in force from time to time. By subscribing to the Site Services, the user acknowledges that it allows the Data Controller, by analyzing the data provided by the service provider, to obtain the following information: • number of times the newsletter has been opened; • click number on links contained in the newsletters; • no opening of the newsletter; • rebounding mail related to the newsletter on other mails; • unsubscribe; • complaints; • possible use of the newsletter contents via Facebook.

6. TYPES OF DATA PROCESSED

Navigation data The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified as navigators. This category of data includes IP addresses or domain names of the computers used by users connecting to this site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the web server (success, error, etc.) and other parameters relating to the operating system and the user’s computer environment. Data provided voluntarily by the user The optional, explicit and voluntary sending of electronic mail to the addresses indicated in the appropriate sections of this website entails the subsequent acquisition of some personal data and particular categories of personal data of the applicant, inserted in the forms necessary to respond to requests.

7. NATURE OF DATA CONFERENCE

If the user intends to interact with the Company through the site, the provision of data is optional, but it is a necessary and indispensable condition to provide the user with the requested information: failure to provide therefore implies the impossibility of guarantee an answer.

8. RIGHTS OF THE INTERESTED

Pursuant to the Regulations, the Data Subject has the right to access his / her data, in particular obtain confirmation of the existence of the data at any time and to know its content, origin, geographical location and to request a copy of it. The interested party also has the right to verify its accuracy or request its integration, updating, rectification, limitation of processing, cancellation, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose their treatment in any case. Furthermore, the data subject has the right to request data portability and to submit a complaint to the supervisory authority.

9. DATA CONSERVATION PERIOD

MT will process the data for the entire period of time in which the data subject who has subscribed to the services has not requested the cancellation.

10. MODALITIES OF EXERCISE OF RIGHTS

To exercise the rights referred to in paragraph 8, the interested party may contact the owner by sending an e-mail to info@mtdm.it. The deadline for responding to the user is thirty days, which can be extended up to three months in cases of complexity; in these cases, the Data Controller provides at least one interim communication to the interested party within a period of thirty days. The exercise of rights is, in principle, free; the Owner reserves the right to request a contribution in the event of manifestly unfounded or excessive (even repetitive) requests, also considering the indications that should be provided by the Privacy Guarantor.

11. COMPLAINTS TO THE DATA PROTECTION SUPERVISOR

The interested party has the possibility to propose a complaint to the Privacy Authority, which can be contacted at the web site http://www.garanteprivacy.it.

COOKIES

This site uses cookies and similar technologies to ensure correct operation and improve the user’s browsing experience.

WHAT ARE COOKIES

Cookies are short text files that the sites visited by the user send to his terminal (usually the browser), where they are stored before being re-transmitted to the same sites at the next visit of the same user. The use of cookies allows us to improve the usability of the site and in some cases, it may be necessary to guarantee certain features of persistence of information within work sessions.

DEFINITIONS OF TYPES OF COOKIES

Pursuant to current legislation, information is provided on the types of cookies that can be used or used by the site and, where required, consent is given to the use of cookies in the context of the browsing session. Technical cookies. These cookies are used for the sole purpose of “transmitting a communication over an electronic communications network, or to the extent strictly necessary to provide this service”. They are not used for other purposes and are installed directly by the owner or operator of the website. For the installation of these cookies, the prior consent of users is not required, while the obligation to provide information remains unchanged. Technical cookies are divided into: 1. Navigation or session cookies: guarantee the normal navigation and use of the website. Possible examples of the use of these cookies by Internet sites are: – allowing users to access secure areas of a website without having to continuously log in; – remember any actions performed by the user (for example, completing a form) when returning to the previous page of a website session; 2.Cookie analytics: used by the operator of a website to collect information, in aggregate form, on the number of users and how they visit the site. The use of these cookies by a website allows gathering technical information, for example relating to: – the last page visited; – the number of pages visited; – the opening of an e-mail; – which parts of a website are clicked; – the time spent between one click and another;
3. Functionality cookies: allow the user to navigate according to a series of selected criteria in order to improve the service rendered to the same. For example, these cookies allow a website to: – remember the preferences selected by the user during previous visits – remember the answers to the questions posed by the site so that they are not re-presented to the user; – determine if a service has already been proposed to the user; – provide information that allows the operation of optional services. Profiling cookies Profiling cookies are used to create profiles related to the user in order to send advertising messages in line with the preferences expressed by the user in the context of surfing the net. The user must be adequately informed about the use of these cookies is called to express their consent to their use. Third-party cookies: Third-party cookies are cookies used by parties other than the website operator, for example, social network plug-in cookies (Linkedin, Facebook, Twitter, Google+, etc.). The “analytics” cookies of third parties, although not technical cookies, can be assimilated, if used for the purposes of site optimization directly by the owner of the site, which can collect information in aggregate form on the number of users and how they visit the site. These cookies are sent from third-party domains external to the site. Under these conditions, for analytics cookies managed by third-party services, the same rules apply, in terms of information and consent, provided for technical cookies.

WHICH COOKIES ARE USED BY THE SITE

This site does not use profiling cookies or third-party cookies except as indicated in the following paragraph. The site uses Google Analytics, a web analysis service provided by Google Inc. Google Analytics uses “cookies” that are recorded on the user’s computer to analyze how users use the site. The information generated by the cookie on the use of the website by the user is transmitted and recorded on Google’s servers and will be managed in accordance with the privacy of Google. For more information, please refer to the privacy policy of Google Analytics, which you can consult at the following link: privacy policy. The Company uses this information, always in anonymous and aggregate form, for the sole purpose of understanding the use of its website by users, without doing any profiling of the same users for any purpose, particularly advertising or similar.

DURATION OF COOKIES

The duration of a cookie is linked to several factors including the type of use for which they are created; cookies can be persistent, thus survive the browsing session, others may be provided with an “expiration date”, others are deactivated when the browser is closed. The cookies used by the site are cookies whose duration is limited to the user’s browsing session and are automatically deactivated when the browser is closed or log out from the reserved area.

COOKIE MANAGEMENT

Users can configure their browser to accept or reject cookies. The total or partial disabling of cookies, especially technical cookies, can compromise the correct functionality of the site in areas that use it for the maintenance of session status and navigation in areas reserved for registered users. In some cases, depending on the browser used, it may be possible to discriminate the types of cookies to be activated. For more information on the management of cookies, see the websites of the most popular browsers. In particular: Internet Explorer Menu: Tools / Internet Options Tab “Privacy”, then “Sites”: in Address of the Website enter the complete address (URL) of the website whose privacy parameters you want to customize: To authorize registration of the cookies of the website in question on your computer, click Authorize; to prevent the registration of cookies from the website in question on your computer, click on Block. Safari Preferences: Privacy Tab and Configure Chrome cookies Click on the settings icon, which is located on the browser toolbar: Parameters; Click on View Advanced Parameters. In the “Privacy” section, click on Content parameters. In the “Cookies” section you can change the following parameters: Delete cookies, Block cookies by default, authorize cookies by default, Define the exceptions for cookies of some websites or domains. Firefox 5 Click on Tools and then on Options. Privacy tab: in the History settings section select “use custom settings”. Select the “accept cookies” box to accept or reject all the cookies of the websites listed therein and then click on the “exceptions” to exclude the individual websites from the aforementioned acceptance or rejection, again with regard to the installation of cookies on his terminal. Opera Preferences> Advanced> Cookies The cookie preferences allow you to control the way in which Opera manages cookies s. By default, all cookies are accepted.