1. Data Controller
Following consultation of this website, data relating to identified or identifiable persons may be processed. The “data controller” is Yo Mayolika based in Cagliari, hereinafter referred to as the Foundation. The Data Controller ensures the security, confidentiality, and protection of the data in its possession, at all stages of the data processing procedure.

2. Place of Data Processing
Data processing related to the web services of this site takes place at the above-mentioned headquarters. All data is handled solely by personnel specifically appointed for data processing or by any persons responsible for occasional maintenance operations.

3. Types of Data Processed
Premise:
Personal data refers to any information that allows, directly or indirectly, the identification of a person, such as name and surname, telephone number, postal and email address, date of birth. This does not include data from which identity has been removed (anonymous data).

The Foundation does not collect or require users to provide so-called “special categories” of personal data—i.e., data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data uniquely identifying a natural person, or data concerning health, sex life, or sexual orientation. However, such data may be processed if included in the services provided and/or within the scope of a contract.
The personal data of the user is stored in physical, digital, and online archives located in countries where the GDPR is applicable (EU countries).
The user may choose not to provide their personal data. However, certain information is necessary to use some of the website’s features and the services provided by the Foundation, and to fulfil requested services.

Mandatory information: Mandatory fields are always marked with an asterisk on the site. Failure to provide such information may prevent the request from being processed or cause delays, as the Foundation may be unable to proceed with processing related to the service or contract requested.

We collect personal data in the following cases:

3.1 While browsing our website
The IT systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified individuals but, by its nature, could allow users to be identified through processing and association with data held by third parties.
This category of data includes IP addresses or domain names of the computers used by users who connect to the site, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the response file, the numeric code indicating the status of the server’s response (successful, error), and other parameters related to the user’s operating system and IT environment.
This data is used solely to obtain anonymous statistical information on site usage and to check its correct operation and is deleted immediately after processing. Data could also be used to determine liability in case of hypothetical cybercrimes against the site.

3.2 Data voluntarily provided by the user via forms or email
The voluntary, explicit, and optional sending of information via email to the addresses listed on this website results in the subsequent acquisition of the sender’s address—necessary to respond to the request—as well as any other personal data included in the message submitted by the visitor. Your contact data will be stored in accordance with this privacy policy. Specific summary information will be displayed on pages dedicated to particular services upon request.

3.3 Information collected or received from third parties
We may also collect or receive information about you from third parties, including our partners, social media services (in accordance with your settings on those services), and other external sources.

4. Data Processing Methods
The processing of personal data collected as outlined in section 3 is carried out through the operations defined in Article 4 of the Privacy Code (Legislative Decree 196/03 and subsequent amendments) and Article 4(2) of EU Regulation 679/2016, namely: collection, recording, organization, structuring, storage, adaptation and/or modification, extraction, consultation, use, communication by transmission, comparison or interconnection, restriction, erasure, or destruction.
These operations are carried out using IT, online, or paper-based tools and with appropriate security measures to guarantee the confidentiality and security of your personal data. The Data Controller processes the data for the purposes and within the timeframes described.

5. Purpose of Processing, Nature of the Data, Obligation to Provide It, Consequences, and Retention Times
The processing of the collected data is carried out for institutional purposes, related to or instrumental for our activities, and therefore for:

Allowing website navigation
To provide information about our services through site browsing and keep you updated on news or projects. The data processed includes that listed in section 3.1. Users may refuse to provide their browsing data by disabling cookies following the instructions provided by their browser. Disabling cookies may impair navigation and certain features.
We use this data for marketing strategy development and implementation, customer profiling, and site updates aligned with our purposes. Consent to cookie usage, requested upon site entry, also serves as a legal basis. Retention times are as defined by the cookie usage policy.

Responding to contact requests via web forms
The purpose is to respond to the inquiries received. Data processed includes: surname, name, phone number, email, service, and any information provided in the contact request. The legal basis for processing is the consent given through the form itself. We use this data solely to reply to the request and retain it for a few days or as long as necessary to respond.

6. Data Subjects’ Rights
Individuals to whom the personal data refers have the right at any time to obtain confirmation as to whether such data exists and to know its content and origin, verify its accuracy, or request its integration, updating, or correction (Art. 7 of Legislative Decree No. 196/2003).
Under the same article, users have the right to request the deletion, anonymization, or blocking of data processed in violation of the law, as well as to object, on legitimate grounds, to its processing.
Requests must be addressed via email to: yo-mayolika@gmail.com

7. Cookies
Cookies are text files that websites visited by users send to their devices, which are then retransmitted to the sites on subsequent visits. Cookies are divided into two main categories: “profiling cookies” and “technical cookies”.
You may refuse the use of cookies by adjusting your browser settings. Disabling cookies does not prevent site navigation but may affect the operation of third-party services used within the site.
More information on cookies used can be found in the site’s cookie policy.

8. Optional Nature of Data Provision
Aside from what is specified regarding browsing data, the user is free to provide personal data in the request forms or indicated contact channels to request informative material or other communications. Failure to provide such data may make it impossible to fulfill the request.