Privacy Policy

This document explains, clearly and simply, how personal data is collected, managed and stored, pursuant to Law 675/96 and Legislative Decree no 196 of 30 June 2003 and in line with the new EU Regulation2016/679 (GDPR).

The controller of the Data Processing is:
paffer assicurazioni e consulenze sas legale rappresentante paolo affer
via Rubens, 24,
20148 Milano
p.iva 05610700964

Email address for correspondence: info@paffer.it

How your data are processed

We explain below which data are collected and processed based on the purposes of processing. The means of processing used will also be specified. All sensitive data provided will be used directly or sent to the principal Insurance Companies for the issue of policies, quotes or for the purposes of correspondence relating to the contracts.

Management of addresses and contact requests

Data collected: personal data freely provided by the user
Methods and instruments: manual processing of data via email client
Data retention period: time necessary to manage the contract

Management of travel agency data

Data collected: data input at registration stage, agency name, province, name and surname of agent, email address
Methods and instruments: automatic processing by system for the finalization of policies and the sending thereof to the address provided during the registration stage
Data retention period: until deletion or deletion request

Management of travelers’ data

Data collected: data input by travel agencies or directly by the end user, name, surname, date of birth, data related to the trip, email address
Methods and instruments: automatic processing by system for the finalization of policies and the ending thereof to the address provided during the registration stage. Data are sent to the principal Insurance Companies for the issue of policies.
Data retention period: until deletion or request for deletion.

Security and infrastructure

We constantly update our technical infrastructure in order to ensure appropriate security for the data in our possession and to provide secure, confidential channels of communication. Below you will find a summary of all of the measures and policies implemented in order to maintain security over access to the data and over utilization of communication platforms (including the web site):

activation of SSL certificate for the web site
use of virtual servers hosted by GDPR compliant European web farm
cloud based GDPR compliant work tools
daily backup with weekly rotation of databases and data on web sites
the PCs used are not connected to a shared data network, use encrypted data, are equipped with personal passwords and have antivirus systems with automatic update mechanisms
our premises are not open to the public. They have advanced security systems, an alarm system and indoor and outdoor video surveillance system with necessary authorisation

Right to be forgotten

At any time, you may request the total or partial erasure of the data in our possession. In many cases, you will be able to do this yourself using available online procedures. In any case, you can send your erasure request to: info@paffer.it

Use of cookies on the web site

Like almost all sites, our site uses cookies. Details of the cookies used can be found on the “cookies policy” page. The decision whether to allow cookies and the choice of which cookies to allow is made the first time you visit our site by means of a notice that appears on the site. You can always change the cookie settings for the site via the cookies policy page or via the settings of our own browser.

Further information and useful links

Privacy Authority (http://www.garanteprivacy.it/)
GDPR (https://it.wikipedia.org/wiki/Regolamento_generale_sulla_protezione_dei_dati)
Italian Data Protection Code (https://it.wikipedia.org/wiki/Codice_in_materia_di_protezione_dei_dati_personali)

Latest update: 23 maggio 2018