• Home page
  • Know more
  • More
    • Home page
    • Know more
  • Home page
  • Know more

Privacy Policy

 Privacy Policy

Circular letter on personal data processing performed by the website: www.restlessminiatures.com,in compliance with art. 13 of the European General Data Protection Regulation (GDPR – 2016/679)

Vittorio Marco Iotti, as data controller, notify to data subjects the following information on data processing.

This circular letter is referred to and is valid only for this website (www.restlessminiatures.com) and not for other external websites surfed by the user through links available in www.restlessminiatures.com. The data controller isn’t responsible of processing performed by third part websites. Please take a look to data processing policy when you visit a third part website.


DATA CONTROLLER

The data controller is Vittorio Marco Iotti- ,  - ITALY e Vat number: IT0, which avails of its own processing managers or those of external processing companies.


PURPOSES OF PROCESSING, LEGAL BASIS AND RETENTION TIME


We process personal data only with a proper legal basis established by law. In the following list you can found all the information concerning the purposes of processing, the types of personal data processed, the legal basis and the data retention time.

 

 

A. Browsing the Website and Ensuring Cyber Security


To enable browsing on the website and to ensure proper functionality and cyber security for both the website and its users, browsing data is processed. This is done under the legitimate interest of the data controller to promote their business, maintain website accessibility, and defend against potential cyber attacks. The browsing data is retained only for the necessary duration to achieve these purposes. For specific information regarding cookies retention, please refer to the website's Cookie Policy.


B. Statistical and Analytical Purposes


Browsing data is processed for statistical and analytical purposes to improve and enhance the website and user experience. This processing is based on the legitimate interest of the data controller to make data-driven improvements. The information used to generate statistics is kept in a disaggregated form for the necessary period to produce anonymous and aggregated indicators.


C. Managing Commercial and Information Requests


When managing commercial and information requests received through contact forms or other communication means on the website, identification data and contact details are processed. This is based on the legitimate interest of the data controller to handle communications and fulfill specific requests, or to perform a contract or manage pre-contractual requests from data subjects. The data is processed only as long as necessary to manage the request. Following this, the data will either be deleted or further processed if a commercial agreement is established.


D. User Sign In and Login


For user sign in and login to the website's personal area, identification data, contact details, and other required information are processed. This processing is necessary to perform a contract with the data subject or manage pre-contractual requests. The data controller retains this personal data until the user cancels their account.


E. Sending Newsletters and Commercial Communications


To send newsletters and other commercial communications, contact details are processed based on the explicit consent of the data subject. The e-mail address is kept until the consent is revoked by the user, either through an unsubscription request or by using the unsubscription link in communications. After the unsubscription request, newsletter sending will be discontinued.


F. Promotional Activities and Market Research


For promotional activities, sending advertisement materials, and conducting market research, identification data, contact details, browsing data, and data related to purchasing and browsing habits are processed. This is based on the explicit consent of the data subject and the legitimate interest of the data controller for communications sent with Soft Spam modalities. Data is processed for marketing purposes until consent is revoked. If the recipient is already a business partner, the retention period aligns with business and administrative management policies (10 years post business relationship), though data subjects can exercise their rights to stop further processing at any time.


G. Managing Communication Through Social Networks


Identification data, social profile data, and data communicated during interactions with the controller via social networks are processed to manage communications and fulfill specific requests. This processing is based on the legitimate interest of the data controller and is necessary to perform a contract or manage pre-contractual requests. The data is retained only for the duration necessary to respond to the request and manage communications, in accordance with the policies of the respective social network. Afterward, the data is deleted or repurposed for other objectives, such as establishing a business relationship, with appropriate data processing information provided.     



TYPES OF PERSONAL DATA PROCESSED


A- Surfing data  


Systems and software procedures responsible for the functioning of this website acquire, during their normal operation, several personal data which transmission is implicit in the use of Internet communication protocols.

Those information is notcollected to be associated with the purpose to identify data subjects, but them might allow users to be identified through further processing and association with other data held by data controller or third parties.

This categoryof data includes:

  • IP addresses or domain names of computers utilized by users connecting to the site;  
  • the URI (Uniform Resource Identifier) addresses of the requested resources;
  • the time of request;  
  • the method used in submitting the request to the server;
  • the size of file obtained in response;
  • the numeric code indicating the status of response given by the server (good result, error, etc.),
  • other parameters relating to the operating system and the user's IT environment.  

This data are processed only to obtain anonymous statistical information on the use of the site and to check its proper functioning, and are deleted after processing. The data could be used to ascertain responsibility in case of hypothetical cybercrimes that might damage the website or other users during the browsing session.

The website could also automatically process data through setting cookies in user’s browser. Cookies are small strings of textset during the browsing in the website and, according to their purposes and the values set up, they allow the site and/or third parties to collect information related to the user, usually anonymously. The use of this electronic tool is analytically described through the Cookie Policy of the website.

   

Processing  for statistical and analytical purposes


The Data Controller may process information about Users' use of the website. This information, processed where possible in anonymized and/or aggregated format, will be necessary to detect statistics on the interaction of Users with the website in order to evaluate interventions to improve, enhance or revise the functionality to optimize, make the user experience more pleasant and meaningful, as well as to evaluate more overall the impact of the tool.

The results of the processing will not constitute personal data, as they will be expressed in aggregate terms and for the Holder's internal use only. The data, including personal data, on which such processing will be based is intended for internal use only and accessible only to the site operators charged with extrapolating the reports.


 B- Contact form


Through contact forms available on the website, you can submit specific requests to the data controller.

It’s required to submit personal identification data and contact details as well as other information to allow data controller to manage the request.

Data collected will be exclusively processed to answer to the submitted requests and would be further kept and processed only if a relationship will take place between data subject and data controller.

 

C- Sign in and login to personal area


Your information submitted through the sign in form of personal area are required to create the your account.

All data sent and collected through your personal area will be processed to answer your specific requests (for ex. to recover sign-in credentials, to provide information concerning data controller's activities, to manage business relations, etc.), as well as to simplify business relations with you.

The login might be required to use e-commerce functions, if available on the website.


D- Newsletter and data processing to pursue marketing purposes


Data controller may carry out promotional activities about his business to users and customers by sending e-mails or other communications containing commercial and marketing information. This processing will be performed in compliance with regulations on data protection and within the ethical limits, without causing damage to the rights and freedoms of the data subjects. To pursue the purpose of providing newsletter service or other direct and indirect marketing activities, the data processing is subject to your prior consent, provided checking the related tick during data submission.

Promotional communications may also be delivered to data subjects using Soft Spam modalities, without the specific consent of recipients. These communications will mandatory have the following features:

  • the activity consists in sending e-mails to recipients which already have entertained commercial relationship with data controller and the e-mail addresses have been communicated to manage or within the business relations.
  • the contents will concern products or services related to those whom the recipient has already purchased.

However, data subject has the faculty to exercise his rights, opposing or limiting the processing activities. Those rights may be exercised when personal data are collected or whenever a message with marketing purposes will be delivered from data controller.


 E and F- Management of communication through social networks

The Data Controller manages part of its online communication through public profiles on social networks.

Comments left under shared posts/content and any other interaction will follow the regulations and policies of the social platform (the latter could configure itself as autonomous Data Controller of these processing, so please refer to the privacy policies of the individual social network).

The private correspondence held with the data subjects (through the messaging/chat tools made available by the social itself) will be processed in compliance with the rules of the social platform with the purpose of managing communication and providing answers to the data subject's requests.

The information related to the data subject may also be processed outside the social network in pre-contractual and, subsequently, contractual contexts in case of establishment of a relationship with the data subject.

The  data controller has public profiles on the following social network: Facebook, Instagram

Trasmission of PERSONAL TO THIRD PARTIES

Your personal data may be transmitted only to the following third parts:

   

  • Companies which provide IT systems and website management and development services (as e-commerce and secure payment infrastructure, web development consultants, etc.);

 

  • Companies and professional offices which provide business assistance and consultancy (IT technologies, accounting, etc.);

 

  • Companies which provide technical or consultancy services concerning market research, marketing and business promotion;

 

  • Public institutions, for the fulfillment of legal obligations related to commercial relationship, to investigate on crime or cyber-attacks delivered or suspected to our systems or to other visitors, or to manage disputes.

Further information related to the third parties who may process your personal data are available by submitting a specific request to the data controller.


PROVISION OF DATA AND CONSEQUENCES OF REFUSAL TO REPLY


The communication of your personal data is mandatory when the process is necessary to browse in the website, to carry out commercial and information requests received through contact forms or personal area, to provide the services and to perform a contract with customers. the denial to submit those data will affect our capability to carry out your requests.

In the other cases, such as for marketing purposes, the transmission of data it’s optional and, when needed, subject to your explicit consent.


RIGHTS OF DATA SUBJECTS


We inform you about the existence of your rights to accessto your personal data, to rectifyand/or cancelthe same, restrict the process performed on your data, objectto processing activities and to request data portability(Articles 15 to 22 of the EU Regulations 2016/679 GDPR);

Any information request or complaint to the Data Controller can be presented by contacting the e-mail address: info@restlessminiatures.com


If the data processing has his foundation on your explicit consent (art. 6, § 1, lect. a), you have the right to revoke this consent whenever you want, without to prejudice the lawfulness of previous processing activities.


In order to facilitate the detection of your requests about your rights, we suggest specifying in the e-mail subject the following statement: “Request to exercise a data subject right”.


Within the communication it’s important to clarify your identity, the type of your relationship with the Data Controller, the right you’re asking to exercise and all the further information useful to identify the data or the processing involved in your requests. 


You can also use the form provided by the Italian Supervisory Authority available at the following link: https://www.garanteprivacy.it/home/modulistica-e-servizi-online

You are entitled to file your complaints with the Italian control authority at the Supervisory Authority address for the protection of personal data, by sending a certified e-mail to the address protocollo@pec.gpdp.itor a registered letter addressed to: Piazza Venezia 11, 00187 Roma (Italy), or with the control authority of another EU member country.  



This circular letter was updated on 


25/07/2024

Cookie Policy

This extensive circular letter on personal data processing describes how the website: www.restlessminiatures.com uses cookies and tracking technologies for the personal data processing of identified or identifiable users who browse in the site.


The circular contains all the elements provided by Art. 13 of the EU Regulation 2016/679 and is laid out in compliance with the General Provision of the Supervisory Authority dated 10.6.2021 (n° 231).


DATA Controller


The data controller is Vittorio Marco Iotti- ,  - ITALY e Vat number: IT0, which avails of its own processing managers or those of external processing companies.

Further information about the data processing activities performed through the website are available consulting the Privacy Policy.

The cookies or pixel trackers set by the website during the browsing session may be different depending on which browser SW is in use, cookies already stored, cache or accounts logged-in on third party websites or search engines. Cookies and tracker reported are detect in absence of these interferences.


What are cookies and their purposes


Cookies are small text files which the sites visited by the user set directly to user’s browser, where they are stored to be then retransmitted to the sites themselves during the next visits (so-called first-party cookies). 


When surfing a site, the user may also receive on his cookies of different sites or web servers (so-called third-party cookies); this occurs because the web site visited may contain digital elements and contents, such as images, maps, sounds, specific links to web pages of other domains that reside on different services other than those on which the page requested is found. In other words, these are cookies that are set by a website different from the one actually visited.


The duration of the cookies may be limited to a single surfing session on the browser (so-called session cookies), and in this case automatically deleted when the visitor closes the browser; or they may also have a pre-set expiry and, in this case, will remain memorized and active in the user’s browser up to the given expiry date, continuing to gather and transmit information during the various browsing sessions on the browser (so-called long termor permanent cookies).


Cookies are used for different functions. Some are necessary to allow you to browse on the website and use its features (so-called technical cookies).  


Others are used to obtain statistical information, whether or not in aggregate form, on the users which surf in the website and on how the website is used (so-called analytical cookies). This cookie may be sent by the website even without the user specific consent, if the information collected are necessary to create aggregate statistics related to a single website or to a group of websites belonging to a single data controller (first-party analytical cookies). For what concerns third-party-analytical cookies, them must be collected in a shape in which the IP address of users is at least partially disguised, in order to preserve data confidentiality.


Lastly, they are used to track a consumer profile of the user and allow him/her to view customized advertisements on the same website or in third parties ones, which may be interesting and in line with the user’s taste, consumption and browsing habits (so-called profiling cookies).

The website will submit this kind of cookie only after the user explicit consent provision, consent which have to be recorded through a cookie management system which has to give the user the possibility to choose whether or not to receive profiling cookies.

To learn more in detail about these different categories of cookies, please continue reading this circular. Discover how they work and their purposes, and freely choose whether to consent or block their usage (opt-in).


Technical cookies

Technical cookies are tools set on user’s browser to allow functions, to optimize site’s pages loading, to keep the login status during the browsing session or to protect both users and webserver by cyber-attack (such as, for instance, DOS attack or Cross-site request forgery – CSRF). In the following table we report the list of technical cookies sent during the browsing on our website, with info on tools origin, expiring time, functions and links to the privacy policy of cookie’s provider (if available).

 

__cf_bm

  • Origin: Third Party - .vimeo.com
  • Function: Cookie used to verify if the user is a human or a bot, in order to defend the website systems from DOS attacks.
  • Expiring: 1 Day
  • Privacy Policy: Vimeo Cookie Policy


_cfuvid

  • Origin: First Party
  • Function: Cookie used by Cloudflare WAF (web application firewall) to distinguish if users share the same IP address.
  • Expiring: End of browsing session


vuid

  • Origin: Third Party - .vimeo.com
  • Function: This cookie sets a unique session identifier to keep track of the user during the browsing session.
  • Expiring: 730 Days
  • Privacy Policy: Vimeo Cookie Policy


_scc_session

  • Origin: First Party
  • Function: Cookie used to enable security control for the use of cookies.
  • Expiring: 30 minutes


dps_site_id

  • Origin: First Party
  • Function: Cookie used by GoDaddy to optimize the speed and performance of the website.
  • Expiring: End of browsing session
  • Privacy Policy: GoDaddy Privacy Policy


cookie_warning_dismissed

  • Origin: First Party
  • Function: Cookie used to verify that the notice about the use of cookies has been accepted.
  • Expiring: 60 Days


cookie_terms_accepted

  • Origin: First Party
  • Function: Cookie used to verify acceptance of optional cookies.
  • Expiring: 60 Days


info_c2

  • Origin: First Party
  • Function: Cookie used by GoDaddy aimed at maintaining the browsing session.
  • Expiring: 14 Days
  • Privacy Policy: GoDaddy Privacy Policy


auth_c2

  • Origin: First Party
  • Function: Cookie used by GoDaddy aimed at maintaining the browsing session.
  • Expiring: 14 Days
  • Privacy Policy: GoDaddy Privacy Policy


N.B.: The expiring time of cookies which expire in less than a day it’s indicated as “End of browsing session”.


ANALYTICAL COOKIES

Analytical cookies are necessary to collect information and statistical data on browsing and website usage habits in order to evaluate, improve, optimize and customize the browsing experience. Without the use of this type of tool for the website owner and other web service providers would be hard to collect feedback and data useful to improve his own services. However, those cookies aren’t used to create a profile of users browsing habits with the purpose to cast advertising campaigns or other marketing targeted operations, because data collected are usually encrypted, anonymized and/or aggregated. In the following table we report the list of analytical cookies sent during the browsing on our website, with info on tools origin, expiring time, functions and the link to the privacy policy of cookie’s provider (if available).


 

player

  • Origin: Third Party - .vimeo.com
  • Function: This cookie is used by Vimeo to collect analytical data concerning the usage of the video player tool embedded in the website.
  • Expiring: 365 Days
  • Privacy Policy: Vimeo Cookie Policy


_tccl_visitor

  • Origin: First Party
  • Function: Cookie used by GoDaddy to create anonymous site usage statistics.
  • Expiring: 365 Days
  • Privacy Policy: GoDaddy Privacy Policy


_tccl_visit

  • Origin: First Party
  • Function: Cookie used by GoDaddy to create anonymous site usage statistics.
  • Expiring: 30 minutes
  • Privacy Policy: GoDaddy Privacy Policy


ga*

  • Origin: First Party
  • Function: The cookie is used by Google Analytics to identify a user with a unique ID, in an anonymous way. It is useful to gather statistics regarding the site.
  • Expiring: 730 Days
  • Privacy Policy: Google Privacy Policy


_ga

  • Origin: First Party
  • Function: The cookie is used by Google Analytics to identify a user with a unique ID, in an anonymous way. It is useful to gather statistics regarding the site.
  • Expiring: 730 Days
  • Privacy Policy: Google Privacy Policy


N.B.: The expiring time of cookies which expire in less than a day it’s indicated as “End of browsing session”.


PROFILING COOKIES

Profiling cookies have generally the purpose to track user’s browsing behaviours in order to create a profile related to different parameters and to include users in smooth categories to customize adverts, search engine results and to cast advertising campaigns or other marketing targeted operations. The website doesn’t use profiling cookies.


social buttons and widgets


Social buttons are particular icon, displayed on the website depicting the icons of social networks (example, Facebook and Twitter) or other utility services which allow users to browse and interact with a click directly with social/service platforms.

The social buttons displayed on the site are links to the website owner account on social networks depicted. By using these buttons aren’t usually installed first or third-party cookies. Here below are listed the social buttons available on the website, with links to each privacy policy:

Facebook, Instagram

Widgets are spaces where through a graphic interface the user can interact with an application/service, a software or another web site. The usage of these interfaces is subject to the terms and conditions of use of the service provider, concerning personal data too. The website doesn’t use widgets.


Pixel tracker


Pixel trackers are useful tools and technologies to deliver engaging and interlinked experiences, composed single pixel image files sent by the website during pages loading and subsequently read to collect information about site use, useful to the website owner and/or other providers for different purposes.

The tracker can use the information you submit for a different purposes, such as sending customized advertisement material, to analyze user behaviors or provide services within the site, such as access to social networks or areas comments, and other technical and security features. In most cases, the information collected are anonymized or pseudonymized. Although sometimes the personal data do not undergo such treatment, which means they can directly identify a specific user.


The use of this technology could slow down the browsing experience, and, above all, make less certain the confidentiality of user’s personal information.


The website uses the following tracker: 

 

Google Static

  • Origin: Google
  • Type: CDN
  • Function: Tool used to guarantee the proper functioning and distribution of contents related to Google Maps and other services provided by Google and implemented within the website.
  • Privacy Policy: Google Maps Documentation Policies


Vimeo

  • Origin: Vimeo
  • Type: Audio Video Player
  • Function: Tracker used to guarantee the proper functionality of the audio/video player embedded in the website (VIMEO).


Google Recaptcha

  • Origin: Google
  • Type: Technical
  • Function: Tracker used as part of the operation of Google's reCAPTCHA anti-bot/anti-DOS service.
  • Privacy Policy: Google Privacy Policy


Google Analytics

  • Origin: Google
  • Type: Website analytics
  • Function: This tracker collects information related to users' browsing modalities and habits in order to implement and customize offered services.
  • Privacy Policy: Google Privacy Policy


OPTIONAL SUBMISSION  


Many of the data submissions of the user done through cookies are optional. To see how to handle cookies, according to the browser used (Edge, internet Explorer, Mozilla, Safari, Chrome), you can browse to the website aboutcookies.orgto erase them, or for the same purpose you can use the tools integrated in the browser you’re using following those links:

Safari, Chrome, Firefox, Internet Explorer, Edge, Opera

Opera copy the following link in search bar: opera://settings/clearBrowserData


The user, managing the choice related to cookies, can make use of services provided by EDAAor similar services provided by other subjects. Through those tools, you can manage your preferences concerning the cookies matters for a wide part of tracking tools.

Google also allow to customize the preferences on advertisement linked to your Google Account by using the following tool: https://adssettings.google.com


Some tracking tools will be sent by the website only after your explicit consent provision. This consent, when necessary, will be provided by choosing the different option through a banner displayed during the first access on the website. After the consent provision, the user may changes his preferences in a page on the website dedicated to cookie management choices.


If you wouldn’t be tracked through cookies or other similar tracking technologies we suggest you to set the browser in “private mode” (which auto-delete browsing data stored in the browser during the session) or to delete periodically browser history, cache – partition where are stored files related to visited web pages, with the purpose to provide a faster loading of the same during following sessions – and cookies stored on the browser.  


PROCESSING METHOD AND RETENTION TIME  


The personal data are processed with automatized instruments, for the time strictly necessary to pursue the objectives explained earlier.  

Specific security measures are adopted to prevent the loss of the data, their illicit or incorrect use and unauthorised access.

For all the information related to the third-parties who may access your data and, generally, on the data process operations performed through the website a specific Privacy Policy is available on the website.


Data subjets rights


We inform you about the existence of your rights to accessto your personal data, to rectifyand/or cancelthe same, restrict the process performed on your data, objectto processing activities and to request data portability(Articles 15 to 22 of the EU Regulations 2016/679 GDPR);


Any information request or complaint to the Data Controller can be presented by contacting the e-mail address: info@restlessminiatures.com


If the data processing has his foundation on your explicit consent (art. 6, § 1, lect. a), you have the right to revoke this consent whenever you want, without to prejudice the lawfulness of previous processing activities.


In order to facilitate the detection of your requests about your rights, we suggest specifying in the e-mail subject the following statement: “Request to exercise a data subject right”.


Within the communication it’s important to clarify your identity, the type of your relationship with the Data Controller, the right you’re asking to exercise and all the further information useful to identify the data or the processing involved in your requests. 

You can also use the form provided by the Italian Supervisory Authority available at the following link: https://www.garanteprivacy.it/home/modulistica-e-servizi-online

You are entitled to file your complaints with the Italian control authority at the Supervisory Authority address for the protection of personal data, by sending a certified e-mail to the address protocollo@pec.gpdp.itor a registered letter addressed to: Piazza Venezia 11, 00187 Roma (Italy), or with the control authority of another EU member country.  


This circular was updated on 22/07/2024 

  • Home page
  • Know more
  • Privacy policy

Restless Miniatures

Copyright © 2024 Restless Miniatures -  All rights reserved. 

This website uses cookies.

 

We use cookies to analyze traffic on our website and optimize your site experience. By accepting our use of cookies, your data will be aggregated with those of all other users. For more information, please see our privacy policy.


RejectConsent