In fulfilment of the obligations set forth by the current privacy regulation, (General Data Protection Regulation No. 679/2016, GDPR art. 13), this website respects and protects visitor and user confidentiality, implementing every possible and proportionate effort to avoid violating user rights.
Legal basis of data processing
This website processes data based on consent. Providing data and therefore providing Consent for collecting and processing data is optional, the User can deny consent, and can withdraw previously granted consent at any time. However, denying consent may make it impossible to provide some services and may compromise navigation on the website. As of May 25 2018 (the data of entry into force of the GDPR), this website also processes data based on the legitimate interests of the data controller. The consent can be required also to send promotional material (which is collected on the site, but then handled externally).
Collected data and purposes
Like all websites, this one uses log files that store information collected automatically during user visits. The collected information may be:
- Internet protocol (IP) address;
- Type of browser and parameters of the device used to connect to the website;
- Name of the internet service provider (ISP);
- Date and time of the visit;
- Visitor entry (referral) and exit web page;
- Number of clicks, if any;
- Name, surname, mobile number, email;
- Company name
- Industrial data for the test
The above information is processed automatically and collected exclusively in aggregate form in order to monitor correct website operation, and for safety reasons (as of May 25 2018 this information may also be processed based on the legitimate interests of the data controller).
For safety purposes (anti-spam filters, firewalls, virus detection), automatically recorded data may also include personal data such as IP address, which could be used, in compliance with the relative laws in force, to block attempts to damage the website or harm other users, or in any case block harmful activities that represent crimes. This data is never used for user identification or profiling, but only for the purpose of protecting the website and its users (as of May 25 2018 this information is also processed based on the legitimate interests of the data controller).
Received data is used exclusively to provide the following services delivered by the website:
- Responses to requests for information-contacts
- Responses to requests for information-free test
The data collected from the website during its operation is used exclusively for the stated purposes and stored for the amount of time necessary to perform the specified activities or, if the case, until there is a request for deletion.
Communicating data to other subjects
The data picked up by the website will never be given to third parties, for no reason whatsoever, unless there is a legitimate request from the legal authorities or state agencies as required by law only. Employees and/or collaborators appointed to perform the activities required to fulfil the processing purposes may have access to the personal data being processed. These include the Web Hosting website manager and therefore subject to the same obligations as the Controller. The Data controller is required, on request, to provide the data subjects with the list of the aforementioned subjects.
Place of processing
The data collected by the website is processed at the web Hosting data centre. The web hosting is in charge of data processing, processing the data on the behalf of the controller and is located in the European Economic Area and operates in compliance with European standards.
This website processes user data in a legitimate and correct manner, implementing due safety measures aimed at preventing unauthorised access, disclosure, modification or unauthorised destruction of the data. Processing is carried out with electronic and/or telematic tools, with organisational and logic methods strictly connected to the stated purposes. In addition to the controller, in some cases, categories of staff involved in the organisation of the website (administrative, sales, marketing, legal, system administrator staff) may have access to the data, i.e. external subjects (such as the providers of third party technical services, postal couriers, hosting providers, IT companies, communication agencies).
Pursuant to European Regulation 679/2016 (GDPR) and the national standard, the User may, according to the methods and limits set forth in the standard in force, exercise the following rights:
- request confirmation of the existence of personal data concerning him/her (right to access);
- know the origin;
- receive intelligible notification;
- have information on the logic, the methods and the purposes of processing;
- ask for the update, rectification, integration, erasure, anonymisation, blocking of data that has been processed unlawfully, including data whose retention is unnecessary for the purposes for which it has been collected;
- in cases of consent-based processing, to receive at the sole cost of the media, one’s data given to the controller, in a structured form that is intelligible by a data processor and in a format that is commonly used by electronic devices;
- the right to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects that concern the data subject or that significantly affects the data subject in the same way
- the right to file a complaint with the Italian Data Protection Authority;
- as well as, more generally, to exercise all of the rights that apply based on current provisions of the law (GDPR art 15 to 22),
Requests are addressed to the Data Controller.
If the data has been processed based on the legitimate interests of the data controller, the rights of the data subjects are nevertheless upheld (with the exception of the right of transfer, which is not established by law), particularly the right to oppose processing, which can be exercised by sending a request to the data controller.
Pursuant to the laws in force, the data controller is: