Collection and usage of personal data
Personal Data are data that can be used, directly or indirectly, to identify and describe some aspects of a person and what he/she through navigating in Internet - aggregata data are not considered Personal Data. LightPoint.info site ("Site" hereafter) collects and manage directly and through third party some personal data under current privacy legislation, European law is available at this link, and in particular according to the strict European General Data Protection Regulation (GDPR), available in English at this link. GDPR is compliant with several other laws about privacy on Internet, like German EUGH Cookie Law, European ECJ, CCPA - California Consumer Privacy Act, Federal Law of the Russian Federation of July 27 2006 No. 152-FZ and of Ukraine "On Personal Data".
Personal Data can be collected/managed by the following ways:
- Data from navigation on the Site by the user and stored in so called "cookie" (see next chapter for all details);
- Mandatory and additional data as inserted by the user into the registration module in the Site.
- Mandatory data are the minimum set of data used to identify the user registered in the forum and to fight spammers and hackers. Mandatory data include: first name, family name, gender (man, woman, company), email address, country of residence and IP address from which the user is connected for the registration to the site.
- Additional data are not mandatory for the registration but they allow a better knowledge among users of the Site (community) - the user that types additional data expresses his/her will to share those data with other users of the Site. These data include for example: personal interests, owned products, living location, etc. The purpose of these data is to promote personal information sharing among users of this Site.
- To protect each user privacy, some data, both mandatory and additional, are considered private (the exact list is shown in the registration module or accessing own profile "My Profile" - they are marked with a locker): these data are not accessible to other users (except the Site Administration that is not allowed to send them to anyone) and are not shared with any entity nor company. One of these private data is the email address that, unless on specific approval of the user for other Site purposes like receiving newsletters, may be only used by the services of the Site for important communication about the Site itself.
- The other, non private, data are shown on the Site to promote knowledge among site visitors and members.
- data collected automatically by the Site - on the user connection to the Site, the following data are collected by the Site: IP address of the user device, the time of connection, data on user device (e.g. browser type, screen resolution operating system) and the parts of the site that are being visited. These data are used for security (spam and hacking fighting, identifying multiple registrations by a same user - forbidden on the Site) and statistics/performance purposes.
- In case of an unregistered user posting a comment to the Site, only the username will be published and visible publicly, while the email address will be visible only to Site administrators.
These personal data are collected and stored for the above mentioned purposes with maximum security possible and with no time limits - unless the user requests their deletion through the Contact page in the Site.
Cookies
Cookies are short files that are sent and stored on the device of the user (PC, tablet, smartphone) through his/her browser when it connects to a web site and navigates in it. Cookies are related to the Site or to other sites and are used to collect and store user data while connected to provide the user some services (login/logout, user-relation services on the site, interactions with social networks, ads) and for statistics/performance purposes under current law, in particular aforementioned GDPR, ePrivacy Directive 2002/58/EC (also called "Cookie Law") and Article 22 of Law 34/2002 of the Information Society Services.
There are first party cookies, managed by the Site and used for its functionalities and services, some are necessary like temporary session cookies, mandatory for loggin in, cookies user choice, user preferences.
Other cookies are optionals and can be described as follows:
- persistent cookie from Google for Site's navigation statistics. The Site employs Google Analytics services to collect statistics of Site's usage to improve its services. Google policy about privacy is available at this link. Google keeps these tracking info for a maximum of 26 months. If a user accepts Personalization cookies (included in the "Accept all cookies"), Google Analytics will track that user specifically to provide personalized Ads together with Google Ads cookies, otherwise Google Analytics will collect anonymous/aggregated data.
- persistent cookies from Google and its partners to display Ads on the Site. The Site employs ads from Google AdSense. Google policy about partners is available at this link. This Site displays ads provided by the so called "common used list" of ad technology providers, whose list is available in English at this link. The user can choose to be offered Ads as a basic choice and, additionaly, Personalization of those Ads. In the latter case, information on the user and its site navigation will be collected, shared with Google Ads partners and used to provide such personalized ads (technically restrict-data-processing parameter will be disabled and personalizedAds will be enabled); in the case of Californian residents under CCPA, accepting personalized ads means not to require the "Do Not Sell My Personal Information” opt-out.
- cookies from YouTube (a Google company) only after the user clicks on a video preview to play it, for statistics and eventually personalized ads.
- persistent cookies from Amazon to display Amazon offer for the particular product(s) referenced on a page of the Site. The Site is affiliated with Amazon and thus can receive a commission when a purchase is made on Amazon through a link from the Site. This commissions are used for maintenance expenses of the Site. Amazon cookies have a default expiration time of 24 hours, extended to 90 days when the user adds a product to the Amazon cart during the 24 hours following a click on an Amazon banner on the Site.
At the first access to the Site, the user is presented with choices to accept cookies: all of them for full services or other options to enable just some of them, or none of the optional ones, with limited services. The user can change its mind in every moment through a link at the bottom of each Site page.
Cookies can remain on the user device also after the session is closed and can also be deleted by the user in the browser at any time. The Sites set a maximum validity of 1 year for user choice about cookies.
Cookies are explicitly managed how it has been described above, independently of the "Do Not Track" option that may set in the user browser.
Google Services
The Site uses Google Analytics to collect anonymous statistical information on usage of the site and retrieving the IP address from which the user connects with associated geo-localization, for statistical purposes. Cookies added by Google Analytics are governed by the privacy policies of Google Analytics. The user can disable cookies in its browser.
The Site uses Google AdSense to display commercial ads, that can be personalised by Google.
More information of these services and their privacy implications are available at this link.
User rights
Each registered user can modify all his/her registration form data at any time, except for the username that is the key to identify the user itself. Modification is possible through the page "My Profile" - press the button "Modify".
"My Profile" page shows also all personal data that are stored for the specific logged in user except for the password (the latter can be modified at any time by the user).
Each user can ask the deletion of his/her profile and all associated data from the Site; this can be done filling the Contact Form available online on the Site.
Data breach
This Site is committed to notice 'Data Breach' (violations of personal data), if they ever occur and as soon as they are intercepted or known by the Site administration, to the competent Authorities and to impacted users in the ways that Law prescribes. Nevertheless, this Site employs several ways to reduce these risks:
- access to the database where these data are stored is secured by strong password and protected by a firewall to prevent generic access from Internet.
- No economic data, like credit card numbers, is stored.
- Users password are stored with advanced encryption.
Responsible for Treatment
The management of personal data is performed in compliance with the law, in particular with European Union Directive 2009/136/CE, of Italian article 13 of decreto legislativo of June 30th 2003 n. 196 and of the European Union "General Data Protection Regulation (GPDR)" act.
Personal Data are processed inside the European Union and in particular in Italy.
The manager of personal data is Giuseppe Covino based in Turin, Italy. Each user may ask to be fully removed, with every information associated, from the site at any time through the Contact form in the "Info - Contact us" menu.