This page includes the descriptions of the management methods for the aforementioned Websites (hereafter referred to as “Sites” and/or individually as “Site”) with specific reference to the processing of personal data by visitors who view the Websites (hereafter referred to as "Users" or "User" when referring to a single individual).
Personal data is “any information pertaining to a natural person that is or can be identified (“Data Subject”); natural persons are identifiable if they can be identified directly or indirectly, with particular reference to identifying elements such as name, identification number, location data, online ID or one or more elements that are characteristics of their physical, physiological, genetic, psychological, economical, cultural or social identity”.
Processing means “any operation or set of operations performed with or without the help of automated processes and applied to personal data or set of personal data, such as collection, recording, organisation, structuring, storage, adaptation or modification, extraction, consultation, use, communication by means of transmission, dissemination or any other type of distribution, comparison or interconnection, limitation, deletion and destruction”.
The sites of the COMPANY may contain links to websites of third parties, to be useful to the User: the COMPANY does not control nor is responsible in any way for these sites, their content and/or the processing of Personal Data that these sites apply and/or perform.
CONTACT DETAILS AND DATA CONTROLLER
The data Controller is the COMPANY as defined in the header above. If the COMPANY has assigned a Data Protection Officer, contact data are found in the header.
PURPOSE OF PROCESSING AND PROCESSED PERSONAL DATA
The Data will be subject to processing by the COMPANY, according to the limits set out by the applicable legislation, for the following purposes:
- allow performing operations that are strictly associated with and instrumental in managing our relationship with you, such as answering queries received via our contact modules; recording and processing your requests for technical support; recording and processing your applications as suppliers of the COMPANY; allowing access to reserved sections of the Site (such as those of the Customer Area or the Supplier Area) and provide support to recover login data for your account; ensuring the finalisation of sales agreements for goods and/or services, managing and fulfilling orders; ensuring delivery of purchased products and checking the trend of relationships (Supply of services);
- allow proper performance of contractual obligations taken by the COMPANY toward the User and vice versa (Contractual obligations);
- to allow the fulfilment of obligations provided for by laws, regulations and EU standards, or instructions given by authorities empowered to do so by law and supervisory and control bodies, as well as to allow the execution of any accounting and fiscal obligations (Legal Obligations);
- obtain information necessary to identify anomalies, fraudulent activities and/or violations in the use of the Site (Security);
- performing commercial information activities via e-mail, if you are using a service on the Site or are proceeding or have proceeded to purchase goods or services from the COMPANY, by means of emails about the same type of products and/or services (Soft Spam).
- providing information about our products and/or services as well as promotional and commercial activities, market research and marketing by means of automatic systems without the input of an operator (e.g. emails), as well as through traditional contact methods, such as by post; measuring your satisfaction by means of questionnaires, surveys or focus groups (Marketing);
Personal Data processed by means of the Site fall within the following categories.
- Personal data, contact data and any other particular category of Personal Data
Depending on the services required by the User, the COMPANY may request information, such as: Supplier code assigned by the COMPANY, Company name, Name of the inquirer, Company role of the inquirer, Country, Telephone, Fax, Company e-mail, etc.
Further data may be collected during the management of each relationship through the Site or can comprise data the User decides to provide to the COMPANY by means of the Contact Us area of the Site.
Some sections of the Site contain free-text fields that can be used to provide information to the COMPANY that may contain Personal Data. Since these are free-text fields, you may choose to provide us (even inadvertently) with special categories of Personal Data such as Data that revealing political opinions, religious or philosophical beliefs or trade union membership , as well as genetic Data, biometric Data for the identification in a univocal manner of an individual, data relating to health or sexual life or sexual orientation.
The COMPANY asks you not to disclose any of these Data types. Since providing this information is totally optional, if you decide to do so, the COMPANY can choose whether to proceed with processing of entered data belonging to the special categories listed above, or to process that information only with your explicit authorisation and in compliance with current regulations.
- Personal Data of other people
As mentioned in the previous paragraph, since any type of message can be entered in the free-text fields of the Site, they may indeed contain Personal Data of other people involved. In all cases in which you decide to share such Data with the Company, you will be considered as independent Controller and, as such, you will have to take on all legal obligations and responsibilities. Therefore, in this regard, the User grants the COMPANY the widest indemnity with respect to any dispute, claim, request for compensation for damage caused by processing, etc. by persons whose Personal Data have been forwarded by you in violation of applicable data protection regulations. Since, in such a case, the Company would not collect this information directly from the data subjects (but, indirectly, from you), you guarantee that such specific processing may be based on the consent of such data subjects or on another appropriate legal basis that legitimises the processing of the concerned information.
- Searching and hiring personnel
- Navigation data and cookies
Information technology systems and software procedures used to operate the Site acquire some Personal Data during their normal operation, whose transmission is implicit in using Internet communication protocols. This information is not collected by the COMPANY to be associated with identified Data Subjects, but it may, by its very nature, allow identifying users through processing or association with Data held by third parties.
This category of Data includes IP addresses or domain names of computers used by Users connecting with the Site, the URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to send the request to the server, the size of the file received in reply, the numerical code indicating the status of the reply given by the server (successful, error, etc.) and other parameters about the operating system and software environment of the User.
This Data is used only for anonymous statistical information about use of the Site, to check its proper operation and to identify any unusual activity and/or abuses.
- Data processed during the interaction with social networks
In addition to filling out the forms on the Site, you can also request certain services and provide your Personal Data through your Facebook, Google and LinkedIn profile. In these cases, Facebook, Google and LinkedIn will automatically send your Personal Data to the COMPANY and there will be no need for you to fill out any other form.
LEGAL BASIS FOR PROCESSING, COMPULSORY/OPTIONAL NATURE OF PROVISION OF PERSONAL DATA AND CONSEQUENCES IN THE EVENT OF NO ANSWER
Data preceded by an asterisk (*) within the Site are considered by the COMPANY to be necessary and indispensable to fulfil the relevant purposes. The following are the legal bases used by the COMPANY to process your Personal Data, according to the purposes listed under the previous Section (“Purpose of processing and processed Personal Data”).
Provision of Personal Data and their processing for the purposes associated with the Supply of Services and other Contractual obligations is strictly functional to perform the required service and to properly perform the contractual relationship signed with you, respectively; therefore they are a necessary condition to establish the contractual relationship. Consequently, failure to provide Personal Data required for this purpose, or the provision of wrong data, will make it impossible for the COMPANY to perform the Service and the contractual relationship and will entitle the COMPANY to refuse to perform them or to stop their performance.
The provision of Personal Data and their processing for the purposes of the Legal Obligations is required by the COMPANY to meet the relevant legal obligations. When you provide Personal Data to the COMPANY, it needs to process it in compliance with applicable laws that may include storing them or communicating them to pertinent authorities for compliance with taxation, customs or other obligations.
Provision of Personal Data and their processing for the purposes of Security, is based on the commitment of the COMPANY to identify and prevent illegal behaviours and to ascertain responsibility in the event of any cybercrime against the Site or third parties, therefore they are a necessary condition to navigate the Site. Consequently, failure to provide Personal Data required for this purpose will make it impossible for the COMPANY to provide access to the Site.
RECIPIENTS AND TRANSFER OF PERSONAL DATA
Personal Data will be provided to personnel of the COMPANY employed to develop and manage the Site, who is authorised to process them in order to fulfil the previously described purposes and who is committed to confidentiality or has received a suitable legal confidentiality obligation.
Personal Data processed for the previously described purposes can be shared, used and transferred among the companies of the SACMI Group for internal accounting and administrative purposes, having registered headquarters both within and outside countries of the European Union and/or the European Economic Area (given the international reach of Sacmi). In this case, the COMPANY ensures that Data will be processed by these subjects in compliance with applicable regulations. Therefore transfers are made by means of suitable guarantees, such as adequacy decisions, Standard Contractual Clauses approved by the European Commission or other suitable guarantees. More information is available by writing to the email address: firstname.lastname@example.org.
Personal Data will be supplied to third parties, called Processors, since they process Data on behalf of the COMPANY (e.g. companies managing and fulfilling sales orders, companies with whom it is necessary to interact to provide Services, such as hosting providers, providers of emailing services, providers of services enabling interaction with social networks for targeting activities or other companies tasked with technical maintenance, including maintenance of network equipment and electronic communication networks, software developers, companies providing the payment technological platform and gateway for product orders in the sector of e-payments, payment service providers and e-payment service providers). Personal Data that is strictly required to perform commercial operations or required Services may be shared with third parties with whom the COMPANIES has agreements for services that are functional to its operations (such as product delivery companies, auditing firms, people, firms or professional offices that provide support and consultancy services in the fields of administration, law, taxation, financial services and debt collection services, for the purpose of providing these Services).
Finally, Personal Data will be communicated, upon request, to the relevant authorities (e.g. in the event of frauds and/or abuses when using the Site), to financial offices or to other Public Institutions according to the provisions of current regulations.
The Data shall not be circulated ("circulation" meaning making unspecified subjects aware of the Data).
STORAGE OF PERSONAL DATA
Personal Data processed for the purposes of Supply of Services and Contractual Obligations will be stored by the COMPANY for the time that is strictly required to perform the requested Service and to properly fulfill our contractual relationship with you. The COMPANY will keep active your authentication credentials for the Site Services until you decide to unsubscribe from those Services. In any case, since this Personal Data is processed to provide Services and to allow the contractual relationship to be fulfilled, the COMPANY may store them for a longer period, in particular as necessary in order to protect the interests of the COMPANY from any liability pertaining to the Services. Data will be deleted at the end of this period.
Your requests and the Data contained within them collected by means of the Contact Us area of the Site will be kept only for the time required to allow the COMPANY to identify proper fulfillment of the request. After this period, Data that allows identification, even if indirectly, of a natural person (such as name, surname, email) will be made anonymous and will be stored, in aggregate form, for statistical purposes.
Personal Data processed for the purpose of Legal Obligations will be stored by the COMPANY for the period set out by specific legal applications or by applicable regulations.
Personal data processed for the purpose of Security will not last more than 6 months, except when it is used to ascertain responsibility for any cybercrime against the Site or third parties (e.g. to protect from legal actions by providing this data to the relevant Authorities).
Personal Data processed for the purpose of Soft Spam will be stored by the COMPANY until you will request to stop their processing by means of the link in the footer of each Soft Spam email sent.
Personal Data processed for the purpose of Marketing will be stored by the COMPANY until you withdraw your authorisation to do so. After withdrawing your authorisation, the COMPANY will no longer use your Personal Data for this purpose, but will still be able to store them, particularly when necessary to protect the interests of the COMPANY against any liability based on this processing.
YOUR RIGHTS AS DATA SUBJECTS
As Data subjects, you have the right, exercisable at any time, to:
- request access to your Personal Data (and/or a copy of this Personal Data) as well as to further information on the processing in progress;
- ask to correct or update your Personal Data processed by the COMPANY, when incomplete or not up to date;
- request your Personal Data to be deleted from the COMPANY databases, when you believe processing to be unnecessary or illegal;
- request that processing of your Personal Data by the COMPANY is limited when you believe that your Personal Data are not correct, necessary or illegally processed or when you opposed their processing.
- exercise your right to Data portability, i.e. obtaining a copy of Personal Data managed by the COMPANY and pertaining to you in a structured, commonly used and machine-readable format, or to request it to be transferred to a different Controller;
- oppose processing of your Personal Data, using a legal basis for your particular situation which you believe would prevent the COMPANY from processing your Personal Data;
- withdraw your authorisation for Marketing and Profiling purposes or oppose processing for Soft Spam purposes. Remember that the authorisation given for Marketing communications covers not only communications sent by means of automatic systems without operator intervention (such as emails or SMS) but also traditional contact methods such as the phone or postal service. You can always withdraw authorisation to processing also separately, for example deciding to receive these communications only by means of automatic systems such as email or SMS but not through the postal service or phone and vice versa
The COMPANY wishes to inform you that Personal Data you supply can be modified at any moment, by means of the relevant sections within the Site or by writing to the email address: email@example.com.
Other rights can be exercised by writing to the email address: firstname.lastname@example.org.
For Marketing purposes, you can ask to withdraw or cease sending the relevant commercial communications at any moment by writing to the email address email@example.com, when communications are received by means of computer tools, follow the procedure described in the footer of the communications (by means of the “Delete” button).
You can also stop receiving Soft Spam by means of the relevant link in the footer of every received email (by means of the “Delete” button).
The COMPANY wishes to inform you that you always have the right to complain to the relevant Control Authority (e.g. the Authority of the Country of your usual residence by writing to the email address: firstname.lastname@example.org which in Italy is The Italian Data Protection Authority), if you believe that treatment of your Data is contrary to actually applicable regulations pertaining to the protection of personal data.
LIST OF SECTIONS
- Definitions, types and regulation application
- Types of cookies used by the Site
- List of cookies used by the Site
- How to manage or delete cookies
a) Definitions, types and regulation application
Cookies are small text files sent by the websites visited by the user and recorded on the user's computer or mobile device and retransmitted to the same websites on the subsequent visit. Cookies allow a website to remember the user's actions and preferences (such as login details, language chosen, font size, other display settings, etc.) avoiding the need to indicate them again when the user returns to the website or browses through its web pages.
For further information on cookies and their general functions, the User can visit the information Website allaboutcookies.org.
Cookies may be those set directly by the website or web server that the user is visiting or those of the website whose address was typed by the user and displayed in the URL window (so-called "first-party” cookies).
While browsing a website, users may also receive on their devices cookies from websites or web servers other than the one they are visiting (so-called "third-party" cookies). Third-party cookies are relevant in cases when the user visits a website and a third party, with respect to the manager of the website visited, sets a third-party cookie using said website.
There are also various types of cookies, depending on their characteristics and functions, which remain on the user’s computer for different periods of time: session cookies, which are automatically deleted when the browser is closed; persistent cookies, which remain on your device until a predetermined expiration time.
- first-party analytical cookies, used to collect information, in aggregate form, about the number of users and how they use the website;
- third-party analytical cookies, when tools are used to reduce the identification power of cookies and the third party does not cross-reference the collected information with other information that it already has;
- browsing or session cookies, used for authentication and access to a service;
- functionality cookies, which allow the user to navigate based on a number of selected criteria (e.g. language, products selected for purchase) in order to improve the service provided.
On the other hand, for profiling cookies, i.e. those aimed at creating profiles referred to users and used to send advertising messages in line with the preferences expressed by the latter when browsing the web, the user's prior consent is required. User consent is also required for third-party analytical cookies when tools are not used to reduce the identification power of cookies and the third party cross-references the collected information with other information that it already has.
b) Types of cookies used by the Site
The Site uses the following types of cookies:
- browsing technical or session cookies, strictly necessary for the operation of the Site or to allow the User to take advantage of the contents and Services requested;
- functionality cookies, used to activate specific functionalities of the Site and to configure the Site according to the User's choices (e.g. language) in order to improve the browsing experience. Please note that by disabling browsing, session and/or functionality cookies, the Site may be unavailable or certain Services or functions of the Site may be unavailable or not work properly and users may be forced to modify or manually enter certain information or preferences each time they visit the Site;
- analytical cookies, which allow the COMPANY to understand how the site is used by users and to track the website incoming and outgoing traffic. It is hereby specified that the COMPANY uses the Google Analytics service (provided by Google Inc. or “Google”) complying with the following conditions: measures taken to decrease the identification power of these cookies by masking parts of the IP (as described in the following link: https://support.google.com/analytics/answer/2763052?hl=en); the COMPANY has accepted the data protection amendment with Google Inc. by which the latter refers to its commitment to use such cookies exclusively for the provision of the service, to store them separately and not to “enhance” them or “cross-check” them with other information it has. Furthermore, it is reminded that an add-on can always be installed on the browser to disable Google Analytics (https://tools.google.com/dlpage/gaoptout?hl=en).
- profiling cookies used in order to comply with the preferences set by the User through the use of the Site and to send advertising messages in line with these preferences.
With regards to third-party cookies
, third parties typically act as autonomous data controllers with respect to the cookies they provide (and use the data they collect for their purposes and according to their own terms) or operate as Data Processors (i.e. they process Personal Data on behalf of the COMPANY). For further information on how these third parties may use your information, please refer to their personal data processing policies (privacy policies and consent forms), which are provided, where possible, for each cookie in the list accessible from the cookie banner or from the "Cookie settings" link in the footer of the Site.
c) List of cookies used by the Site
The cookies used by the Site can be viewed by the User by accessing, at any time, the list of cookies, including third-party cookies, accessible from the cookie banner through the "Cookie Settings" button or from the "Cookie Settings" link located in the footer of the Site.
Social button and widgets
It is also possible to find social buttons/widgets on our Websites or specific "buttons" that depict the social network icons (for example, Facebook, Twitter, YouTube, Google Plus, etc.). These "buttons" allow the Users who are navigating the Websites to reach and interact with social networks directly with one "click". By clicking on Social buttons/widgets, the social network obtains data relating to the User visit. Aside from these cases where the User can share his or her own navigation data spontaneously with preselected social networks with one click, the COMPANY does not share any User navigation information or data obtained through the Websites with social networks that are accessible through Social buttons/widgets. For further information, refer to the privacy policies of the specific social networks that may be accessed through our Websites using the social buttons.
You Tube e Google Plus
d) How to manage or delete cookies
Most Internet browsers are initially set to accept cookies automatically. The User may modify these settings in order to block cookies or be warned every time cookies are sent to the navigation device. Furthermore, at the end of each navigation session, the User may delete the cookies that were collected from his or her device. There are various methods to manage cookies. Please refer to the specific instructions for the browser in use. If the User uses various devices to visit and access Websites (for example, computer, smartphone, tablet, etc.), then the User is responsible for ensuring that each browser of each device is set to reflect his or her expressed preferences regarding cookies. For more information on managing cookies, please refer to the page http://www.allaboutcookies.org/manage-cookies/
Select the following links to access specific instructions for managing cookies through some of the main navigation programs.
Microsoft Windows Explorer
If the User does not use any of the aforementioned browsers then the User may, in any case, select "cookies" in the relevant section of the guide to see where the cookies folder is located.
You can also manage your choices about third-party cookies by means of online platforms such as AdChoice.