INFORMATION NOTICE ART. 13 REGULATION (EU) 2016/679

In compliance with art. 13 of Regulation (EU) 2016/679 (hereinafter referred to as the “Regulation” or “GDPR”), this page describes the means of processing of personal data of users who open this website (hereinafter referred to as the “Website”).

The information here provided do not concern other websites, pages or online services which could be accessed through links on this website.

1.     DATA CONTROLLER

The Data Controller of the Personal Data is S.I.P.A. S.p.A., with its registered office in Via della Liberazione n. 1, San Giuliano Milanese 20098 (MI), Italy, (hereinafter referred to as the “Data Controller).

2.     TYPOLOGY OF DATA PROCESSED AND PURPOSES OF PROCESSING

Navigation Data

IT systems and the software installed for the functioning of this Website collect, in the course of their normal use, some personal data which transmission is implicit in the usage of internet communication protocols.

In this category of data are comprised the IP addresses, domain name system, Uniform Resource Identifier/Locator of the requested resources, the hour of the request, the method used to submit the request to the server, the size of file obtained as reply, the numbering code which indicates the status of the reply given by the server (success, error, ect.) and other information relating to the operating system and the IT environment of the user.

Such data are processed to ensure the navigation on the Website and the usage of services possibly provided through de Website.

The same data are processed also in view to obtaining statistical information regarding the usage of the services (most visited pages, number of visitors for time slot or day slot, geographical area of the request ect.) and enhance the use of the services.

Data provided by the user

The optional and voluntary sending of messages to the contact addresses of the company and the filling of forms and their subsequent submission entail the processing of contact data of the sender and all data contained in the message, which are essential in order for the Controller to reply.

Cookies and other tracking systems

The Website uses cookies to enhance the user navigation experience. In order to obtain additional information regarding the types of cookies that are used and how to disable them, please read the dedicated section.

3.     LEGAL BASIS OF THE PROCESSING

Navigation data collected through the Website are processed by the Controller according to art. 6 paragraph 1 letter b) of the Regulation EU 2016/679, to enable the navigation on the Website and according to art. 6 paragraph 6, letter f) on the basis of the legitimate interest of the Controller to obtain statistical information regarding the use of the Website (most visited pages, number of visitors for time slot or day slot, geographical area of the request ect.) and enhance user experience.

Data provided on a voluntary basis by sending messages to the contact addresses of the company will be processed by S.I.P.A. according to art. 6 paragraph 1, letter b) of the Regulation UE 2016/679 to reply to the request of the user.

4.     RECIPIENTS OR CATEGORIES OF RECIPIENTS OF PERSONAL DATA

Personal Data will be processed by the individuals expressly authorized by the Controller, who pertain to the business units such as IT, Marketing and any other company unit which acts on the basis of the Controller’s instructions regarding purposes and means of processing.

Personal data, if necessary for the mentioned purposes, could be communicated to third parties such as providers of goods and services, including ICT services, hosting providers, IT companies, commercial partners and public authorities.

5.     TRANSFER OF PERSONAL DATA TOWARDS THIRD COUNTRIES OR INTERNATIONAL ORGANISATIONS

Personal data will not be transferred outside of the European Union or to International Organizations.

6.     DATA RETENTION PERIOD

The Controller shall process personal data collected to allow navigation on the website until the end of the connexion session, and for the time necessary to comply with the legal obligation and/or to defend or exercise a right in court.

Personal data provided on a voluntary basis by the user through sending messages to the contract addresses of the company shall be retained by the Controller for the time strictly necessary to reply to such messages and for the additional time to comply with legal obligations and/or to defend a right in court.

7.     NATURE OF THE COMMUNICATION OF PERSONAL DATA AND CONSEQUENCES OF THE FAILURE TO COMMUNICATE DATA

Communication of personal data provided by the user on a voluntary basis through messages to contact addresses of the company is an essential requirement to allow the Controller to reply to the user’s requests. If data is not provided, the Controller could not be in the position to reply to the user.

8.     RIGHTS OF THE USERS

The Controller makes sure that the user can exercise at any time his rights provided by the Regulation (UE) 2016/679 by writing to the address privacy@bindidessert.it

More in detail, the user has the right, at any time, to:

-        Know if the Controller stores/processes personal data relating to him, and if so have access to them and obtain a copy of such data (right of access, article 15 of GDPR);

-        Obtain the rectification of data, if they are incorrect, or supplement them (right of rectification, article 16 of GDPR);

-        Obtain the erasure of such data under the conditions set forth by the GDPR (right of erasure, article 17 of the GDPR);

-        Request to the Controller to restrict the processing only to certain categories of personal data, if any of the conditions set forth by the GDPR is met (right of restriction of the processing, article 18 of the GDPR);

-        Request and receive personal data concerning him in a structured format, or to have such data transmitted to another controller (right to data portability, article 20 of the GDPR);

-        Object at any time to the processing of personal data (right to object, article 21 of the GDPR).

Notwithstanding any other administrative and judicial right of action, after having contacted the Controller, the user has the right to lodge a complaint to the competent administrative authority if he/she considers that the processing of personal data regarding him/her is in contrast with the provisions of the Regulation (UE) 2016/679 as provided by art. 16 letter f. The Italian administrative authority can be contacted at garante@gpdp.it or through the website www.dpdp.it.