1. The Site
The main purpose of the Site is to present the services and products of the Company and provide users with detailed information.
2. Data processed
Data provided voluntarily by the user. The Company may collect the following personal data provided voluntarily by the user:
- name of the user
- his/her email address
- other information provided by the user through the contact form.
3. Browsing data
The browsing data includes all data collected automatically through the Site and relate, for example, to the types of actions performed on the Site by users and how they use the Site. Furthermore, we can automatically record the IP address (meaning the univocal address that identifies the user’s device on the internet), which is automatically identified by our server. Browsing data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning, and they are deleted immediately after they are processed. These data could also be used to establish responsibility in case of any computer-related crimes against the Site or to protect our rights.
4. Purpose and legal basis of the processing
|A. The Company processes the user’s personal data to provide the service and/or product requested by the user, to respond to or satisfy a user’s request, including assistance services, events or promotions for which the user has chosen to register.||A. The Company processes the data for these purposes to execute a contract and/or pre-contractual procedures adopted following the request of the user.|
|B. The Company processes the user’s personal data to send the user promotional information regarding services and/or products of the Company, to send invitations to events of the Company and/or third parties and to carry out market surveys using automated tools (e.g. via email) and non-automated tools (paper mail, telephone calls by an operator) without prejudice to the possibility for the user to oppose the sending of such communications at any time.||B. The Company processes the data for these purposes only with the prior consent of the user given at the time of the collection of personal data for said purposes.|
|D. The Company processes the user’s personal data to fulfil obligations deriving from the law, regulations or EU legislation.||D. The Company processes the data for these purposes to fulfil a legal obligation.|
5. Nature of the conferment of data and consequences of refusal
The conferment of data for the purposes set out in point 3. A is necessary and a refusal by the user implies the impossibility for the Company to perform its contractual obligations and provide the user with the functionalities, services and the information requested as specified above. The conferment of data for the purposes referred to in paragraph 3.D is automatic and implicit in Internet transmission protocols.
6. Recipients of the data
Third parties in compliance with a legal obligation or to protect the rights of the Company. The users’ personal data can be communicated to institutions, law enforcement agencies, judicial, administrative, or regulatory bodies, in the context of a legal or administrative procedure, or in order to fulfil a legal obligation or protect our rights, including in court of law.
Third parties in the case of corporate operations. The users’ personal data can be communicated in case of events such as mergers, sale of companies (or of a business branch) or other extraordinary operations by which the Company may need to share information with potential buyers or counterparties and the related consultants.
7. Transfer abroad
8. Data retention
We retain the users’ personal data only for the time strictly necessary to provide the services or to achieve the purposes for which the data were collected and in compliance with legal obligations. After this period, personal data are deleted.
After this period, the data are deleted or rendered anonymous.
9. Data security
The Company undertakes to protect the security of the users’ personal data and complies with the security provisions of the applicable law in order to avoid any loss, illegitimate or illegal use of the data and unauthorized access to the same. In addition, information systems and computer programs are configured in such a way as to minimize the use of personal and identifying data, which are used only when necessary for the specific purposes from time to time pursued as indicated in this policy. The Company uses multiple advanced security technologies and procedures to promote the protection of the users’ personal data. For example, personal data are stored on secure servers located in places with controlled access. Users can help the Company to update and maintain their personal data by communicating any changes, such as for instance their e-mail address.
10. Privacy rights
The Company has designated Merea S.a.S. di De Micheli Cesare & C., with registered office at Corso Argentina n. 24 (27029 Vigevano, Pavia) in the person of Mr. Cesare DE Micheli as DPO of the Company.