This policy describes the management methods of website and the personal user data processing that consult it, as well as the processing of the personal data of those who, as customers or to any other Rhouse Srl title provide their personal data, for the purposes and additional terms and conditions of this information, or in relation to which Rhouse srl carries out personal data processing operations.

This information is provided pursuant to art. 13 of Regulation (EU) no. 2016/679, as well as art. 13 of Legislative Decree no. 196 of 30 June 2003 (the so-called Code regarding personal data protection).


  1. Data Controller

The Data Controller is Rhouse Srl., c.f. and VAT number 16866061001, with registered office in Via dei Chiavari 36 (00186) Rome, tel. 06 83511399, e-mail: [email protected] and the data processor, appointed by the Data Controller, is Rhouse Srl.


  1. Place and methods of data processing

The treatments connected to the web services of this site, as well as the treatments that are carried out by Rhouse srl for any other reason pursuant to this information, take place at the headquarters of the Data Controller and are handled by internal technical staff appropriately appointed, in charge of the treatment, pursuant to the GDPR, and / or by personnel external to the organization of the Data Controller, subject to suitable appointment, always in writing, as Data Processor, pursuant to art. 28 of the GDPR.

The data is processed exclusively in electronic form, using IT tools and supports designed to ensure the security and confidentiality of the data. The same will be kept in a form that allows the identification of the user only for the time strictly necessary to achieve the purposes for which the data were originally collected and, in any case, within the limits of the law. Specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorized access, in compliance with GDPR rules.

In order to ensure that personal data are always accurate, updated, complete and relevant, we invite interested parties to report any changes made to the following e-mail address: [email protected].


  1. Purpose of the treatment

Personal data are processed by the Data Controller for the following purposes:

  1. a) within the limits and for the sole purpose of providing the services accessible through the Site, as well as to allow users to know and deepen the services offered by the Owner;
  2. b) manage and process, in relation to what is indicated in the previous point, the questions and requests for interactions with Roscioli and the subjects related to the organization of the Owner;
  3. c) manage the registration and authentication of those who are authorized to access the restricted areas of the Site;
  4. d) subject to the express consent of the interested user, for sending – also by e-mail via automated systems – communications containing information relating to the Data Controller and the activities organized by the Data Controller

The performance of the activities in letters a), b) and c) listed above does not require the consent of the interested party, since these are services or performances required, in most cases, in execution of requests made directly by the interested party pursuant to art . 6, c. 1 of the GDPR.

The processing of personal data for the purpose under d) requires the consent of the interested party pursuant to art. 6, paragraph 1, lett. a) of the GDPR.


  1. Provision of data and consequences in case of failure to provide it

The provision of personal data for the aforementioned purposes is optional and, failure to provide it will result, as a sole consequence, in the impossibility for the Data Controller to manage and process the requests of the interested party or to send the above indicated communications.


  1. Types of data processed
  2. i) Navigation data

The computer systems and software procedures used to operate this Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

These information will not be collected in order to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and will be deleted immediately after being processed. The data could be used to ascertain responsibility in the event of hypothetical cybernetic crimes against the Site.

This category also includes data processed through the use of cookies, i.e. small files sent from your internet server and recordable on the hard drive of the user’s computer. Cookies are used in order to prevent the customer from receiving the same information repeatedly or in the wrong language and to adapt the content and presentation of the site to the type of browser of the customer.

  1. ii) Data provided voluntarily by the user or collected from third parties

The optional, explicit and voluntary sending of an e-mail address as well as the related message to the addresses indicated on the Site, as well as the sending of messages through the published collection forms, entails the subsequent acquisition of the sender’s address and any other personal data entered, necessary to respond to requests.

Specific summary information may be reported or displayed, from time to time and where strictly necessary, on the pages of the Site prepared for particular services on request.

In addition to the foregoing, any further personal data provided to the Data Controller or otherwise collected by the Data Controller from third parties, will be processed by the Data Controller in accordance with this information and within the limits established by the GDPR.


  1. Recipients and Categories of Recipients

No data will be disclosed or transferred to third parties unless with the consent of the interested party. Where the communication to third party suppliers or partners of Roscioli should be necessary for organizational, administrative or support needs to the services provided, it will be the Data Controller’s responsibility to appoint them as data processors pursuant to the GDPR.

It is understood that the personal data of the interested parties may be freely disclosed to third parties, such as police forces, whenever this is permitted by law or required by an order or provision of a competent authority.


  1. Data retention period

Personal data will be kept for the time strictly necessary to achieve the purposes for which they are collected and processed. Once the processing has been exhausted, or in the event of the exercise of the right to object to processing or revocation of the given consent, the owner will still be entitled to further retain personal data, whole or in part, for purposes permitted by GDPR.


  1. Links to other websites

The Data Controller does not control nor has the ability to supervise neither the content nor the policies for the processing of personal data, websites and third-party services accessible through the links contained within the Site. Roscioli, therefore, cannot in any case be held responsible for the treatments carried out through or in relation to such third party sites.

Users are therefore invited to pay close attention in this regard, by viewing the conditions of use and the privacy policies published on the portals visited.


  1. Rights of interested parties

9.1 Rights of access, cancellation, limitation and portability

The interested parties are entitled to the rights referred in Articles. from 15 to 20 of the GDPR. Each interested party may:

  1. a) obtain confirmation, as to whether or not, personal data concerning the party is being processed;
  2. b) if processing is in progress, obtain access to personal data and information relating to the processing and request a copy of personal data;
  3. c) obtain the correction of inaccurate personal data and the integration of incomplete personal data;
  4. d) obtain, due to conditions provided by art. 17 of the GDPR, the deletion of personal data concerning him;
  5. e) obtain, in the cases provided for by art. 18 of the GDPR, the limitation of processing;
  6. f) receive personal data concerning him in a structured format, commonly used and readable by an automatic device and request their transmission to another owner, if technically feasible.

9.2 Right to object

Each interested party has the right to object at any time to the processing of his personal data carried out for the pursuit of a legitimate interest of the Data Controllers. In case of opposition, your personal data will no longer be processed, provided that there are no legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the data subject or for the assessment, exercise or defense of rights in court.

9.3 Right to withdraw consent

In the event that consent is required for personal data processing, each interested party may also revoke the consent already given at any time, without prejudice to the lawfulness of the processing, based on the consent given before the revocation.

Consent can be revoked by writing an email to [email protected].

9.4 Right to lodge a complaint with the Guarantor

Furthermore, each interested party may lodge a complaint with the Guarantor for the Protection of Personal Data, in the event that he/she believes that the rights he/she holds under the GDPR have been violated, according to the methods indicated on the Guarantor’s website accessible at:


  1. Updates

This Privacy Policy will be subject to updates. The Data Controller therefore invites interested parties who intend to know the methods of processing their personal data, to periodically visit this page.