Information notice pursuant to Art. 13 of the Regulation (EU) 2016/679 (“GDPR”)
DATA CONTROLLER, pursuant to art. 4 and art. 24 of the Regulation (EU) 2016/679 is UniFor S.p.A., as represented by legal representative, with registered offices in Turate (Co), Via Isonzo 1, 22078. You can contact the Controller at any time at the following contact e-mail firstname.lastname@example.org.
PROCESSED PERSONAL DATA
Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (such as name, last name, date of birth, address, e-mail, telephone number).
During their ordinary course of operation, the IT systems and software procedures required to run this website acquire certain Personal Data, whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified Data Subjects but, by its very nature, it could enable identification of the users through the processing and matching of data held by third parties. This data category includes IP addresses or domain names of computers used by the users who visit the site, as well as the URI addresses (Uniform Resource Identifier) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in reply, the numerical code indicating the status of the reply from the server (done, error, etc.) and other parameters related to the operating system and the IT environment of the user.
Data provided voluntarily by the user
The optional and voluntary disclosure of personal data (e.g.: sending of e-mails to the e-mail addresses indicated on this website and/or the completion of a data collection form on this website) entails the collection and processing of the voluntary disclosed user’s data, necessary to reply to the request (e.g.: e-mail address of the sender, necessary to answer to requests), as well as other personal data included in the e-mail message (such as name, last name, address, telephone number, e-mail address, etc.).
|Purposes||Legal basis||Data Retention Period|
Navigation of this website / obtaining anonymous statistical information on the use of the website and services / control of website’s correct functioning
Request of contacts or information
Controller’s legitimate interest:
Duration of the browsing session, (except for any need to ascertain criminal offenses by the judicial authorities)
|In the event the data subject compiles form for data collection in specific areas for the purpose of direct Marketing: subject to consent and until his objection for direct marketing activities of the Controller, market research, direct sales, surveys of satisfaction, sending of newsletters and promotional material, commercial and advertising material or events and initiatives, by the Controller via automatic means of e-mail, fax, SMS or other type of messages, as well as by telephone via operator, including automated and paper mail and other information material.
The Controller may use systems to send newsletters and promotional communications based on reports to compare and possibly improve the results of communications. Thanks to the reports, the Controller will be able to know, for example, the number of readers, openings, unique "clickers" and clicks; devices and operating systems for reading communication; the detail on the activity of individual users; the detail of the e-mails sent, e-mails delivered or not, of those forwarded. All these data are useful for the purpose of comparing, and possibly improving, the results of communications.
|Art. 6 par. 1 let. a) GDPR
|Until data subject’s withdrawal |
|Communication of data to the Molteni Group companies (controlling, controlled, connected and affiliated) for direct marketing purposes||Art. 6 par. 1 let. a) GDPR
|Until data subject’s withdrawal|
PERSONAL DATA RECIPIENTS
Your personal data may be communicated to recipients in charge of processing activities as processor (art. 28 Reg. UE 2016/679) under the authority of the Controller and the Processor (art. 29 Reg. UE 2016/679) or as independent data controller, for the above described purposes. Notably, the personal data will be communicated: - upon consent, to companies of the Molteni Group; - service providers for the management of the information system and the telecommunications networks (including e-mail, newsletter management service and website management service) of the Controller; - professionals, firms or consultancy companies; - competent authorities for the fulfilment of obligations of law and/or regulations of public bodies, upon request. The above-mentioned subjects will act as data processors or may carry out their processing activities as independent data controllers. The list of data processors is constantly updated and available at Controller’s headquarters and above-mentioned contacts.
TRANSFER OF DATA TO THIRD COUNTRIES AND/OR AN INTERNATIONAL ENTITY AND WARRANTIES
The personal data provided may be transferred abroad in or outside the European Union, within the limits and according to the conditions set forth by art. 44 et seq. of EU Regulation 2016/679, in order to comply with the purposes related to the transfer itself. In this case, the data subject may obtain a copy of the conditions underlying the transfer by contacting the Controller.
NATURE OF DATA PROVISION Except for what specified for navigation data which are necessary in order to allow navigation of the website, users are free to provide their personal data by filling in the form for the collection of data on the website or by writing to the e-mail addresses specified herein. Their refusal may result in the impossibility of obtaining the information or services requested and provided via this website. It is understood that the provision of data for the purposes of let. B) and C) is voluntary and their refusal may result in the impossibility to process these for those purposes, the refusal will not compromise the use for purpose of let. A).
DATA SUBJECT’S RIGHTS | COMPLAINT TO SUPERVISORY AUTHORITYYou may exercise your rights pursuant to art. 15 et seq. of the Regulation EU 2016/679 by writing to the Controller’s at email@example.com. You have the right, at any time, to request the Controller to access your personal data and receive the information concerning their processing. You have the right to rectify, erase your personal data or limit their processing. Where appropriate, you have the right to object, at any time, to the processing of your data, including profiling, and you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
In order not to receive any more direct automated marketing communications (e.g.: e-mail, SMS) it will be sufficient to write at any time an e-mail to the address firstname.lastname@example.org with subject "cancellation from automated" or use the automatic cancellation systems provided for e-mail only. In order not to receive any more traditional direct marketing communications (calls with operator and paper mail) it will be sufficient to write at any time an e-mail to the address email@example.com with subject "cancellation from traditional".
You have the right to the portability of your personal data; in such case the Controller shall provide you with your personal data in a structured, commonly used and machine-readable format.
Without prejudice to any other administrative or judicial remedy, if you consider that the processing of your personal data infringes the Regulation (EU) 2016/679, you have the right to lodge a complaint with the Data Protection Authority (https://www.garanteprivacy.it/) pursuant to art. 77 Regulation (EU) 2016/679 or to file to the competent courts (art. 79 Regulation (EU) 2016/679).
Last update: October 24th 2019
DATA CONTROLLER – UNIFOR S.P.A.