- Personal Data collected by the Application
The Data Controller collects the following types of Personal Data:
- Data and contents automatically acquired during the use of the AppIication:
Technical data: the computer systems and software procedures used to operate this Application may acquire, during normal operation, some Personal Data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified Users, but by their very nature, could, through processing and association with Data held by third parties, allow the identification of Users. This category includes IP addresses, or domain names used by Users who connect to the Application, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained, etc..
- Personal data collected through cookies or similar technologies:
The use of session cookies (which are not permanently stored on the User’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable the safe and efficient exploration of the Application.
The session cookies used in this Application avoid the use of other computer techniques potentially prejudicial to the confidentiality of Users’ browsing and do not allow the acquisition of Personal Data identifying the User.
- Final purpose
The Personal Data collected may be used for the performance of contractual and pre-contractual obligations and for legal obligations.
- Treatment modalities
The processing of Personal Data is carried out using computerized and/or telematic tools, with organizational methods and logics strictly related to the purposes indicated.
In some cases, the Personal Data may also be accessed by parties involved in the organization of the Data Controller (such as, for example, personnel management staff, sales staff, system administrators, etc.) or external parties (such as IT companies, service providers, postal couriers, hosting providers, etc.). Such subjects may be appointed as Data Processors by the Data Controller, as well as access the Personal Data of the Users whenever necessary and will be contractually obliged to keep the Personal Data confidential.
The updated list of Data Processors can be requested by email at firstname.lastname@example.org.
- Legal basis for the treatment
The processing of Personal Data relating to the User is based on the following legal bases:
- the consent given by the User for one or more specific purposes;
- the processing is necessary for the execution of a contract with the User and/or the execution of pre-contractual measures.
- the processing is necessary to fulfil a legal obligation to which the Controller is subject
- the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller
- the processing is necessary for the pursuit of the legitimate interest of the Controller or third parties
- the treatment is necessary for the pursuit of a vital interest of the Owner or of third parties.
However, it is always possible to ask the Owner to clarify the legal basis of each processing at email@example.com.
Personal Data are processed at the headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For further information, please contact the Data Controller at the following email address firstname.lastname@example.org or at the following postal address via sempione 94 Vergiate (Varese).
- Security measures
The Processing is carried out in a manner and with instruments suitable to guarantee the security and confidentiality of Personal Data, as the Data Controller has adopted appropriate technical and organisational measures that guarantee, and allow to demonstrate, that the Processing is carried out in compliance with the reference legislation.
- Data Retention Period
Personal Data will be kept for the period of time necessary to fulfill the purposes for which it was collected.
In particular, Personal Data will be kept for the entire duration of the contractual relationship, for the performance of the obligations inherent and consequent to the same, for compliance with applicable legal and regulatory obligations, as well as for its own or third party defensive purposes.
If the processing of Personal Data is based on the User’s consent, the Data Controller may retain the Personal Data until the withdrawal of consent.
Personal Data may be retained for a longer period if necessary to comply with a legal obligation or by order of an authority.
All Personal Data will be deleted or retained in a form that does not allow the identification of the User within 30 days after the end of the retention period. Upon expiry of this period, the right of access, deletion, rectification and portability of Personal Data may no longer be exercised.
- Automated decision-making processes
All Personal Data collected will not be subject to any automated decision making process, including profiling, that may produce legal effects for the person or significantly affect the person.
- User Rights
Users may exercise certain rights with regard to Personal Data processed by the Owner. In particular, the User has the right to:
- revoke consent at any time;
- oppose the processing of his/her Personal Data;
- access their Personal Data;
- verify and request correction;
- obtain the limitation of the processing;
to obtain the cancellation of their Personal Data;
to receive your Personal Data or have it transferred to another data controller;
to lodge a complaint with the supervisory authority for the protection of Personal Data and/or take legal action.
To exercise their rights, Users may address a request to the contact details of the Data Controller indicated in this document. Requests are made free of charge and processed by the Owner as soon as possible, in any case within 30 days.
- Owner of the Treatment
The Data Controller is Fabio Malvestiti as legal representative of Tecnos Lamiere s.r.l. P.I. 02505950127, domiciled in Via francesco Somma 34 Cuggiono (Milan), Tax Code MLVFBA64H 11B300M, e-mail address email@example.com
Mr. Denis Meneghetti, domiciled at Via Francesco Somma 34 Cuggiono (Milan), tax code MNGDNS75P15C743A, has been appointed D.P.O.