This information is prepared pursuant to art. 13 of EU Regulation 679/2016 (hereinafter, for brevity “EU Regulation”) regarding the protection of individuals with regard to the processing of personal data.
The complete information for the services of the site www.spm-polish.com is shown below.
This page describes how to manage the site “www.spm-polish.com” with reference to the processing of personal data of users who consult it and those who interact with the related web services provided by the Data Controller, accessible electronically. starting from the address “www.spm-polish.com”, corresponding to the home page of the official website of the Data Controller.
This information is provided only for the “www.spm-polish.com” site and not for other websites that may be consulted by the user via links.
The information is also inspired by Recommendation no. 2/2001 that the European authorities for the protection of personal data, gathered in the Group established by art. 29 of the directive n. 95/46 / EC, adopted on 17 May 2001 to identify some minimum requirements for the collection of personal data online, and, in particular, the methods, timing and nature of the information that the data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection.
Following consultation of this site, data relating to identified or identifiable persons may be processed.
HOLDER OF THE PROCESSING
The holder of the processing of personal data relating to users is the Company SPM Mold Polishing System srl, in the person of its legal representative based in 31015 Conegliano (TV), via Luigi Manzoni, 66, PEC email@example.com.
PLACE OF THE PROCESSING
The processing related to any web services on this site take place at the headquarters of the Data Controller and are only handled by staff from the Office in charge of the processing.
The treatments connected to the e-mail service take place at the same headquarters as the Data Controller and are only handled by the staff of the offices in charge of the processing.
LEGAL BASIS OF THE PROCESSING
The Data Controller processes the personal data relating to the user with his implicit consent, when he completes the forms on the site or sends an email containing a specific request. The use of the data communicated by the user is therefore to be considered necessary to fulfill / respond to his requests. The Data Controller may possibly process the data relating to the user also to respond to its own legitimate interest to satisfy market surveys, statistics and for promotional activities, by sending information and / or direct advertising material through the use of both modalities traditional contact details (paper mail addresses, calls with operator), both via e-mail – newsletter and sms (always with operator and in a non-automated manner).
TYPE OF DATA PROCESSED
The data processed will be common personal data such as names, surnames, telephone numbers, email addresses and similar, in addition to cookies and usage data related to navigation within the site.
Any personal data provided by the user are used for purposes related to the execution of the service or provision requested, then contact the User, for statistical purposes and Registration and authentication.
Personal data may also be processed with your specific consent for the following purposes:
- a)send promotional and marketing communications, including the sending of newsletters and market research, through automated tools (sms, email, fax) and not (paper mail, telephone with operator) by the Data Controller.
It should be noted that the Data Controller collects a single consent for the marketing purposes described here, pursuant to the General Provision of the Guarantor for the Protection of Personal Data “Guidelines on promotional activities and the fight against spam” of 4 July 2013; if, in any case, you wish to oppose the processing of your data for marketing purposes carried out with the means indicated here, as well as revoke the consent given, you can do so at any time by contacting the Data Controller at the addresses indicated in this statement, without prejudice to the lawfulness of the processing. based on the consent given before the revocation.
- b)communicate the data of the interested party for marketing purposes to any Group companies.
The legal basis of the processing for the purposes referred to in letters a) and b) refers to the expression of consent by the interested party to the processing of their personal data (Article 6 (1) (a) of the Regulation).
The provision of your Personal Data for the purposes referred to in letters a) and b) is optional; there is no consequence in case of your refusal.
METHOD OF PROCESSING AND DATA STORAGE PERIOD
Personal data are processed with computer and paper tools and are processed for the time strictly necessary for the fulfillment of the purposes for which they were collected, in compliance with the statute of limitations or the various terms that may be established by law for its conservation or, for a more time, in case it is necessary to keep them for the protection of the rights of the owner. Unless otherwise specific requirements, the data communicated in the context of a request for a quote / contact are processed for a maximum period of 5 years and then deleted.
In any case, the further conservation provided for by the applicable legislation, including that provided for by art. 2946 cod. civ.
In addition to the owner, they will be able to access the data in charge / specifically appointed employees as well as the data processors, including those appointed. The updated list of these subjects may be requested from the Data Controller.
In case of data processing for the purposes referred to in letters a) and b) that precede the retention period of the same, it will be two current years from their communication.
Security and quality of personal data
The Data Controller undertakes to protect the security of the user’s personal data and complies with the security provisions provided for by the applicable legislation in order to avoid data loss, illegitimate or illegal use of data and unauthorized access to the same, with particular reference to the Technical Regulations regarding minimum security measures. Furthermore, the information systems and computer programs used by the Data Controller are configured in such a way as to minimize the use of personal and identification data; these data are processed only for the achievement of the specific purposes pursued from time to time. The Data Controller uses multiple advanced security technologies and procedures to promote the protection of users’ personal data. The user can help the Company to update and keep their personal data correct by communicating any changes relating to their address, their qualification, contact information, etc.
DATA PROVIDED BY THE USER
The optional, explicit and voluntary sending of personal data – also by e-mail – to the addresses indicated on this site entails the subsequent and necessary acquisition of the sender’s address – as well as any other data included in the message and / or in the forms – to in order to respond to user requests.
The user is free to provide the personal data requested in the forms and failure to provide them may make it impossible to obtain what is requested.
No data is communicated or disseminated, except to perform the service or performance requested.
The user is free to provide their personal data contained in the request forms or otherwise indicated in contacts, for example, to request the sending of the newsletter, information or promotional material, to make complaints, or other communications. Failure to provide them may make it impossible to obtain what is required.
The user’s personal data may be disclosed to:
- all subjects whose right of access to such data is recognized by virtue of regulatory provisions;
- to collaborators and employees, as part of their duties;
- to all those natural and / or legal persons, public and / or private when the communication is necessary or functional to the performance of our business and in the manner and for the purposes illustrated above.
Technical cookies are necessary for the proper functioning of a website and to allow user navigation; without them, the user may not be able to view the pages correctly or use some services.
Profiling cookies have the task of creating user profiles in order to send advertising messages in line with the preferences expressed by the user while browsing.
Cookies can also be classified as:
“session” cookies, which are deleted immediately when the browser is closed;
“persistent” cookies, which remain in the browser for a certain period of time. They are used, for example, to recognize the device that connects to a site, facilitating authentication operations for the user;
“own” cookies, generated and managed directly by the manager of the website on which the user is browsing;
“third party” cookies, generated and managed by parties other than the manager of the website on which the user is browsing.
Cookies used on the site
The Site uses the following types of cookies:
1) own, session and persistent cookies, necessary to allow navigation on the Site, for internal security and system administration purposes; In the absence of these cookies, the site or some portions of it may not work properly. Therefore, they are always used, regardless of the preferences expressed by the user, for purposes related to the execution of computer authentication, the monitoring of sessions, the storage of specific technical information regarding users who access this site. The prior consent of the user is not required for the installation of these cookies, as these cookies are strictly necessary for the provision of the service; in this regard, therefore, the legal basis that legitimizes the processing is the need to use this technology towards the user to make the site more effective, enable certain features and make it easier to navigate. However, the obligation for the Data Controller to provide this information pursuant to the GDPR and the aforementioned Authority Provision remains unaffected.
2) third-party, session and persistent cookies, necessary to allow for example the user to use multimedia elements present on the Site, such as images and videos or used by the Site to include the buttons of some social networks in its pages (Facebook, Twitter and Google+). By selecting one of these buttons, the user can publish the contents of the web page of the site he is visiting on his personal page of the relevant social network
Purpose of processing and purposes of cookies for marketing analysis
In addition to technical cookies, “profiling” cookies may also be used on this site, aimed at creating profiles relating to the tastes, choices and propensities expressed by the user while browsing and subsequently used to send him advertising messages in line with his preferences. Due to the particular invasiveness that such devices may have in the user’s private sphere, it is expected that the user himself is adequately informed and gives his consent. Given that the site www.spm-polish.com does not carry out profiling-marketing activities through cookies, in any case the legal basis that would legitimize the processing is the manifestation of the consent that the user can express both by continuing to browse the site. either by setting the browser.
That said, the Data Controller also points out that it is possible to change, at any time, the installation preferences of individual cookies, as well as disable their use on the browser, even if this could prevent the user entity to access some parts of the site. Each browser has specific cookie management methods to which the user’s attention is directed.
As indicated in par. 4.1 letter e) of the aforementioned Provision of the Guarantor, the continuation of navigation through access to another area of the site or the selection of an element of the same (for example, an image or a link) involves the provision of consent to its use of this specific type of cookie.
Failure by the User to provide certain Personal Data may prevent this Application from providing its services.
How to change your cookie settings
Most browsers allow you to delete cookies from your computer’s hard drive, block the acceptance of cookies or receive a warning before a cookie is stored. However, if the user blocks or deletes a cookie, it may be impossible to restore the previously specified preferences or custom settings and our ability to customize the user experience will be limited.
Can “cookies” be avoided?
Certainly. Each user, if desired, can deactivate them.
Each browser has its own way to limit or disable cookies.
In any case, for those who really don’t want to know about “cookies”, the simplest thing to do is to use the “incognito” mode.
The ability to activate incognito browsing is included in major browsers such as Chrome, Firefox and Internet Explorer. By activating this mode you can surf the Internet without leaving traces on the device in use.
If there is any part of this information that is unclear to you, or you simply want to have clarifications on what you have read, you will want to send an email communication to the Data Controller.
Given the objective complexity of identifying the technologies based on Cookies, the User is invited to contact the Owner should he wish to receive any further information on the use of the Cookies themselves through the Company’s website.
– Requests must be sent by email to the address indicated above.
RIGHTS OF THE INTERESTED PARTIES
Rights of the interested party
Art. 15 (right of access), 16 (right of rectification) of EU Reg. 2016/679
The interested party has the right to obtain from the data controller confirmation as to whether or not personal data concerning him is being processed and, in this case, to obtain access to personal data and the following information:
- a) the purposes of the processing;
- b) the categories of personal data in question;
- c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if they are recipients of third countries or international organizations;
- d) the retention period of the personal data envisaged or, if this is not possible, the criteria used to determine this period;
- e) the existence of the right of the interested party to ask the data controller to correct or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;
- f) the right to lodge a complaint with a supervisory authority;
- h) the existence of an automated decision-making process, including profiling and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the data subject.
Right pursuant to art. 17 of EU Reg. 2016/679 – right to cancellation (“right to be forgotten”)
The data subject has the right to obtain from the data controller the cancellation of personal data concerning him without undue delay and the data controller is obliged to cancel the personal data without undue delay, if one of the following reasons exists:
- a) the personal data are no longer necessary with respect to the purposes for which they were collected or otherwise processed;
- b) the interested party revokes the consent on which the processing is based in accordance with Article 6, paragraph 1, letter a), or Article 9, paragraph 2, letter a), and if there is no other legal basis for the processing;
- c) the interested party opposes the processing pursuant to Article 21, paragraph 1, and there is no legitimate overriding reason to proceed with the processing, or opposes the processing pursuant to Article 21, paragraph 2;
- d) the personal data have been unlawfully processed;
- e) personal data must be deleted to fulfill a legal obligation under Union law or the law of the Member State to which the data controller is subject;
- f) the personal data have been collected in relation to the offer of information society services referred to in Article 8, paragraph 1 of EU Reg. 2016/679
Right referred to in art. 18 Right to limitation of treatment
The interested party has the right to obtain from the data controller the limitation of the processing when one of the following hypotheses occurs:
- a) the data subject disputes the accuracy of the personal data, for the period necessary for the data controller to verify the accuracy of such personal data;
- b) the processing is unlawful and the interested party opposes the cancellation of personal data and requests instead that its use be limited;
- c) although the data controller no longer needs them for processing purposes, the personal data are necessary for the data subject to ascertain, exercise or defend a right in court;
- d) the interested party opposed the processing pursuant to Article 21, paragraph 1, EU Reg. 2016/679 pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party.
Right referred to in Article 20 Right to data portability
The interested party has the right to receive in a structured format, commonly used and readable by an automatic device, the personal data concerning him provided to a data controller and has the right to transmit such data to another data controller without impediments from part of the data controller
Revocation of consent to treatment
The interested party has the right to withdraw consent to the processing of your personal data by sending an email to the Data Controller with the following text: << withdrawal of consent to the processing of all my personal data >>. At the end of this operation, your personal data will be removed from the archives as soon as possible.
If you would like more information on the processing of your personal data, or exercise the rights you own, you can also send a communication via email to the Data Controller at firstname.lastname@example.org. Before we can provide you, or change any information, you may need to verify your identity and answer some questions. An answer will be provided as soon as possible.
CLAIM GUARANTEE PRIVACY
The interested party has the possibility to lodge a complaint with the Privacy Authority, which can be contacted at the website http://www.garanteprivacy.it/.
DEFINITIONS and FURTHER INFORMATION ON THE TREATMENT
In order to facilitate the understanding of this Information, the following definitions are reported (Article 4 of the EU Regulation):
– “processing”: any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data such as the collection, registration, organization, structuring, storage, ” adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction;
– “personal data”: any information concerning an identified or identifiable natural person (“Interested”); the natural person is considered identifiable who can be identified, directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online identifier or one or more characteristic elements of his physical identity, physiological, genetic, psychic, economic, cultural or social;
– the cc.dd. particular categories of personal data: personal data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data relating to the health or sexual life or sexual orientation of the person. In particular:
– “genetic data”: personal data relating to the inherited or acquired genetic characteristics of a person that provide unique information on the physiology or health of that natural person, and which result in particular from the analysis of a biological sample of the natural person in question;
– “biometric data”: personal data obtained from a specific technical treatment relating to the physical, physiological or behavioral characteristics of a natural person that allow or confirm the unique identification, such as facial image or fingerprint data;
– “data relating to health”: personal data relating to the physical or mental health of a natural person, including the provision of health care services, which reveal information relating to his state of health.
– “data controller”: the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of the processing of personal data;
– “data processor”: the natural or legal person, public authority, service or other body that processes personal data on behalf of the Data Controller;
“Usage Data”: Information collected automatically through the website www.spm-polish.com including: IP addresses or domain names of the computers used by the User who connects to the site, addresses in URI notation ( Uniform Resource Identifier), the time of the request, the method used to forward the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page) and the details of the itinerary followed within the Application, with particular reference the sequence of the pages consulted, the parameters relating to the operating system and the IT environment of the User.
“User”: The individual who uses the site who, unless otherwise specified, coincides with the Data Subject.
“Interested”: The natural person to whom the Personal Data refers.
The hardware or software tool through which the Personal Data of Users are collected and processed.
The Service provided by the Application as defined in the relative terms (if available) on this site / application.
European Union (or EU)
Unless otherwise specified, any reference to the European Union contained in this document is intended to be extended to all current member states of the European Union and the European Economic Area.
Defense in court
The User’s Personal Data may be used by the Owner in court or in the preparatory stages for its eventual establishment for the defense against abuse in the use of this Application or related Services by the User.
The User declares to be aware that the Owner may be obliged to disclose the Data by order of the public authorities.
At the request of the User, in addition to the information contained in this privacy and cookies policy, this Application may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.
System log and maintenance
For needs related to operation and maintenance, this Application and any third-party services used by it may collect system logs, which are files that record the interactions and which may also contain Personal Data, such as the User IP address.
If the changes affect treatments whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.
Information not contained in this policy
Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details and / or by sending an email to email@example.com.
This privacy statement is drawn up on the basis of multiple legislative systems, including articles. 13 and 14 of Regulation (EU) 2016/679.
Information updated on 25.05.2018
Signed by the data controller