Information on the processing of personal data pursuant to art. 13 and 14 of EU Regulation 679/2016
We hereby inform you that, pursuant to art. 13 and 14 of EU Regulation 679/2016 (hereinafter ‘GDPR’), your data given to us through the use of the website www.technosurface.it (hereinafter, also just “Site”) will be treated as follows, in compliance with the principles of correctness, lawfulness, transparency and the protection of your privacy and your rights. This information provides the user (data subject) with any further information necessary to ensure correct and transparent processing, in relation to the specific context in which the personal data are collected and subsequently processed. This information is provided only for the Site and the subdomains related to it and not for third-party websites accessible through hypertext links (links) contained on the Site, for which the Data Controller is in no way responsible. For these treatments, independent information must be provided by the respective owners.
(who decides how and why your data are processed)
The Data Controller for the technosurface website is Techno Surface Sas di Bulli Elisabetta & C.
Via Giuseppe Missori 18 / A, 208551 Lissone (MB)
Phone: 392 4616856
VAT number: 09072590962
Purpose of the processing
(what is the purpose of the data processing)
monitor the technical operation and performance of the site, allow technical assistance and maintenance and, in general, the activities instrumental to ensure the proper functioning of the Site obtain anonymous statistical information on the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc …) provision of the services offered through the Site respond to requests sent by email or by filling in the online form send commercial and promotional communications by email.
Legal basis of the processing
The Data Controller processes your anonymous browsing data in order to monitor the technical functioning and performance of the site, to understand how to improve services and make them evolve. These data are necessary to ensure the provision of the site. The optional, explicit and voluntary sending of messages to the contact addresses, as well as the compilation and forwarding of the Contact Form on the Site, entail the acquisition of the sender’s contact data, necessary to reply, as well as all data personal data included in communications. The receipt of commercial and promotional communications on your e-mail box is based on consent. If you decide to subscribe to our newsletter, through the site or by filling out one of the contact forms on our Marketing channels, we inform you that you can revoke the registration at any time.
(Subjects to whom the data may be communicated)
In addition to the Data Controller, other parties involved in the organization (appointed personnel) or external parties (third party technical service providers, hosting providers) also appointed, if necessary, Data Processors by the Data Controller may have access to the Data. The updated list of Managers can always be requested from the Data Controller.
In no case will personal data be communicated, disseminated, sold or otherwise transferred to third parties for illegal purposes and, in any case, without providing suitable information to the interested parties and obtaining their consent, where required by law. This is without prejudice to any communication of data at the request of the judicial or public security authorities, in the manner and in the cases provided for by law.
Methods of processing
The treatment will be carried out using paper and / or IT tools, also by means of subjects authorized to do so, who operate under the direct authority and according to the instructions given by the Data Controller, with logic strictly related to the purposes indicated and, in any case, in order to guarantee the security and confidentiality of the data processed.
The processing operations are carried out in such a way as to guarantee the security of data and systems. Specific security measures are adopted in order to minimize the risk of destruction or loss, even accidental, of the data, of unauthorized access, of treatment that is not permitted or does not comply with the purposes indicated in this information. In particular, the Site uses the HTTPS protocol for server authentication and encryption of the communication channel. The security measures adopted, however, do not allow for the absolute exclusion of the risks of interception or compromise of personal data transmitted with telematic tools. It is therefore recommended to verify that the device used by the user is equipped with adequate software systems for the protection of the telematic transmission of data, both inbound and outbound (such as, for example, updated antivirus systems, firewalls and filters antispam). Data transfer abroad Personal data will not be transferred abroad, to countries or international organizations not belonging to the European Union that do not guarantee an adequate level of protection, recognized, pursuant to art. 45 GDPR, based on an adequacy decision of the EU Commission. In the event that it is necessary for the provision of the Site’s services, the transfer of personal data to countries or international organizations outside the EU, for which the Commission has not adopted any adequacy decision pursuant to art. 45 GDPR, will take place only in the presence of adequate guarantees provided by the recipient country or organization, pursuant to art. 46 GDPR and provided that the data subjects have enforceable rights and effective remedies. In the absence of an adequacy decision by the Commission, pursuant to art. 45 GDPR, or adequate guarantees, pursuant to art. 46 of the GDPR, including the binding corporate rules, the cross-border transfer will take place only if one of the conditions indicated in art. 49 GDPR.
Data categories and retention period
The data processed can be:
- a) Navigation data
Browsing data, collected automatically, exclusively for the purpose of obtaining aggregated and anonymized statistical information relating to the use of the Site (including, by way of example, IP addresses, browsing times, geographical data and other parameters relating to the system operational and IT environment of the user); however, such information could, also through processing and / or association with other data, held by the provider or by third parties, allow the identity of the user to be traced; the navigation data are not, nor will in any case be used by the Data Controller to perform user profiling activities, nor will they be disseminated or communicated to third parties;
- b) Cookies
- c) Data provided voluntarily by users / visitors
If by connecting to this site you decide, where applicable, to send your personal data (for example: name, surname, email address) to access certain services, or, to make requests via e-mail, the Data Controller will process such data to respond to the Your request, in accordance with this information. The data provided by the user may be acquired and stored by the Data Controller, in electronic form, for the purposes related to their collection through the Site and will not be used for profiling or direct marketing activities. The optional and voluntary sending of e-mail messages to the addresses indicated on the Site, in particular, involves the acquisition and consequent processing of the sender’s address and any other personal data present in the message, to the extent necessary to provide reply to the requests of the interested party.
- d) Data provided voluntarily by the user, by filling in the forms on our Marketing channels.
These data, subject to consent, will be used for sending commercial / promotional communications by e-mail. The data being processed will be kept for a period of time not exceeding that necessary to achieve the purposes for which they were collected or subsequently processed, for the time necessary to provide the requested service and to manage any disputes or until revocation. of consent where required.
Interested parties may exercise certain rights with reference to the Data processed by the Data Controller. In particular, you have the right to:
access your data: you have the right to obtain information on the data processed by the owner, on certain aspects of the processing and to receive a copy of the data processed. verify and request rectification: you can verify the correctness of your data and request its updating or correction. Obtain the cancellation or removal of your Personal Data: when certain conditions are met, you can request the cancellation of your Data by the Owner.
Revoke the consent at any time: you can revoke the consent to the processing of your Personal Data previously expressed.
object to the processing of your data: you can object to the processing of your data when it occurs on a legal basis other than consent. Obtain the limitation of processing: when certain conditions are met, you can request the limitation of the processing of your data. Obtain data portability: you have the right to receive your data in a structured format, commonly used and readable by an automatic device and, where technically feasible, to obtain its transfer without obstacles to another owner. This provision is applicable when the Data is processed with automated tools and the processing is based on consent, on a contract to which you are a party or on contractual measures connected to it. Submit a complaint: you can lodge a complaint with the competent personal data protection supervisory authority or act in court.
Details on the right to object
When Personal Data is processed in the public interest, in the exercise of public authority vested in the Data Controller or to pursue a legitimate interest of the Data Controller, you have the right to object to the processing for reasons related to your particular situation. Please note that, if your data are processed for direct marketing purposes, you can oppose the processing without providing any reasons.
How to exercise your rights
To exercise your rights, you can direct a request to the contact details of the Data Controller indicated in this document. Requests are filed free of charge and processed by the Data Controller as soon as possible, in any case within one month. The interested party may use, for the exercise of his rights, non-profit bodies, organizations or associations, whose statutory objectives are of public interest and which are active in the field of protection of the rights and freedoms of the interested parties with regard to to the protection of personal data, giving, for this purpose, a suitable mandate. The interested party may also be assisted by a trusted person. To find out about your rights, propose a complaint / report / appeal and always be updated on the legislation on the protection of individuals with regard to the processing of personal data, the interested party can contact the Guarantor Authority for the protection of personal data, by consulting the website at http://www.garanteprivacy.it/.