pursuant to Art. 13 of Regulation (EU) 2016/679 (General Data Protection Regulation), hereinafter “GDPR”.
This Policy is of a general nature and applies to all data processing envisaged by the web application or application for mobile devices (hereinafter “Application”): please refer to the specific policies on individual processing operations, together with the relative consent where required.
The company S.EL.ME.C. SRL, represented by its legal representative pro tempore, with registered office at Via Padre Ugolino Frasca 41, Chieti, Italy, VAT Number 00671870699, in the capacity of data controller (hereinafter “Controller”), hereby informs you, pursuant to Regulation (EU) No 2016/679 (hereinafter “GDPR - General Data Protection Regulation”), that your data will be processed according to the methods and for the purposes specified below, having regard to the following definitions:
a.Processing: Processing is any operation or set of operations which is performed on personal data, whether or not by automated means, such as collecting, recording, organising, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transmitting, disseminating or otherwise making available, aligning, combining, restricting, erasing or destroying;
b.Personal Data: any information relating to an identified or identifiable natural person ('the Data Subject'). An identifiable person is someone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online ID or one or more factors specific to their physical, physiological, genetic, mental, economic, cultural or social identity;
c.Data Controller: the natural or legal person, public authority, service or any other organisational entity which, alone or jointly with others, determines the purposes and means of processing Personal Data;
d.Data Subject: the natural person (‘User’) using the application;
e.Application: the hardware or software tool through which the User’s Personal Data is collected. In other words, a website, an application for mobile devices or a software accessible using a browser;
f.Form: the interface of an application that allows the client user to input and send to the web server one or more items of freely typed data. Also known as a “webform”.
The company S.EL.ME.C. SRL, represented by its legal representative pro tempore, with registered office at Via Padre Ugolino Frasca 41, Chieti, Italy, VAT Number 00671870699, certified e-mail: firstname.lastname@example.org, Tel. +39 0871 565 668, Fax +39 0871 552 041.
Data Protection Officer (DPO): NOT APPLICABLE to the present case UNDER ART. 37 GDPR.
The web Application in question does not collect technical cookies or profiling cookies.
Cookies are set through this web Application (so-called third-party cookies).
a.Purpose: not applicable
This Application does not collect technical cookies or profiling cookies.
Personal Data Collected: Personal Data on the User is not collected.
Nature of data provision and consequences of refusal under Art. 13, par. 2, lett. e): The provision of data for the present purpose is mandatory. However, the Application does not collect data on the User.
Consent: for implementation of this purpose, explicit consent is not required as it is understood as expressed through input of the contact data.
Personal Data Retention Period under Art. 13, par. 2 lett. a):
data concerning the User is not collected and, for this reason, no Personal Data is stored.
Legal basis for processing: not applicable.
Data Recipients: not applicable.
b.Purpose: Statistics and marketing
The services indicated in this section enable the Data Controller to monitor and analyse traffic data and permit tracking of Users’ behaviour by setting of third-party cookies in order to send advertisements for products and services, including direct marketing conducted using the results of analysis or through profiling which makes it possible to process their data and consumer habits by fully or partially automated means, for the purpose of offering them the best deals in line with their personal requirements.
Personal Data collected: usage data and user preferences.
Nature of data provision and consequences of refusal under Art. 13, par. 2, lett. e): The provision of data for the present purpose is optional and shall not affect handling of your requests or fulfilment of contracts or other services offered by the Controller.
Consent: for implementation of this purpose, explicit consent is required and is expressed using a specific Form present in the Application.
Personal Data Retention Period under Art. 13, par. 2 lett. a): Data is processed for the time necessary for provision of the service requested by the User, or for the purposes described in this document, and, in any case, no longer than 14 months from collection.
Legal Basis for Processing: consent under Art. 6, par. 1, lett. a): Regulation (EU) 2016/679.
Data Recipients: Internal company personnel charged with managing the Application and managing direct marketing campaigns or promotional activities. Third-party data analysis companies. A list of the recipients is available at the Data Controller’s headquarters.
Processing is performed using IT and/or telematic tools and according to organisational methods and logics strictly related to the specified purposes.
You may withdraw your consent at any time, and withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal, in accordance with the provisions of Art. 7, par. 3, of Reg. (EU) No 2016/679.
In relation to the processing indicated in this Policy, you, as Data Subject, may, under the conditions set out by the GDPR, exercise the rights under Articles 15 to 21 of the GDPR and, in particular, the following rights:
•right of access – Article 15 GDPR: the right to obtain confirmation as to whether or not Personal Data concerning you is being processed, and, where that is the case, access to your Personal Data, including a copy of it;
•right to rectification – Article 16 GDPR: the right to obtain, without undue delay, the rectification of inaccurate Personal Data concerning you and/or the right to have incomplete Personal Data completed;
•right to erasure (‘right to be forgotten’) – Article 17 GDPR: the right to obtain the erasure of Personal Data concerning you without undue delay;
•right to restriction of processing – Article 18 GDPR: the right to obtain restriction of processing, where:
1. the Data Subject contests the accuracy of the Personal Data, for a period enabling the Controller to verify the accuracy of the Personal Data;
2. the processing is unlawful and the Data Subject opposes the erasure of the Personal Data and requests the restriction of its use instead;
3. the data is required by the Data Subject for the establishment, exercise or defence of legal claims;
4. the Data Subject has objected to processing pursuant to Article 21 GDPR, pending verification whether the legitimate grounds of the Controller override those of the Data Subject.
•right to data portability – Article 20 GDPR: the right to receive the Personal Data concerning you, which you have provided to the Controller, in a structured, commonly-used and machine-readable format, and the right to transmit that data to another controller without hindrance, where the processing is based on consent and is carried out using automated means. In addition, the right to have your Personal Data transmitted directly from the database to another Controller to another, where technically feasible;
•right to object – Article 21 GDPR: the right to object, at any time, on grounds relating to your particular situation, to processing of Personal Data concerning you which is based on either the lawfulness of legitimate interest or the performance of a task of public interest or the performance of a public duties, including profiling, unless compelling legitimate grounds exist for the Controller to continue the processing which override the interests, rights and freedoms of the Data Subject or for the establishment, exercise or defence of legal claims. In addition, the right to object, at any time, to processing of Personal Data concerning you for the purposes of direct marketing, including profiling, to the extent that it is related to such direct marketing.
The above-mentioned rights may be exercised by writing to the Data Controller at the e-mail addresses indicated above.
Exercise of your rights as Data Subject is free of charge pursuant to Article 12 GDPR. However, in the event of requests which are manifestly unfounded or excessive, in particular because of their repetitive character, the Data Controller may charge you a reasonable fee taking into account the administrative costs of dealing with your request or refuse to act on the request.
Without prejudice to any other administrative or judicial remedy, if the Data Subject considers that the data processing relating to him or her infringes the GDPR, he or she shall have the right to lodge a complaint with a supervisory authority in the Member State of his or her habitual residence, place of work or place of the alleged infringement. The supervisory authority shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.
In order to exercise the above-mentioned rights, the Data Subject must send written communication by registered letter, certified e-mail or e-mail to the Data Controller of the data under Art. 1 of this Policy.
communications and actions taken in exercise of the rights pursuant to Art. 9, above (Art.s 15 to 22 and Art. 34 GDPR), shall be provided free of charge. However, where requests from a Data Subject are manifestly unfounded or excessive or repetitive, the Controller may either a) charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested or b) refuse to act on the request. The Controller shall bear the burden of demonstrating the manifestly unfounded or excessive character of the request.
This Policy is drafted in compliance with the obligations set out in Regulation (EU) No 2016/679 and Italian Legislative Decree 196/2003 and subsequent modifications.
pursuant to Provision No 229/2014 issued by the Italian Data Protection Authority (Garante per la protezione dei dati personali).
A cookie is a small set of data sent by the web server to the User’s browser and stored by the browser on the User’s device (computer, tablet, mobile telephone or other) and may be read or subsequently retrieved by the said server. It permits the website to store certain information useful during a session or when the User accesses the portal at a later time.
Cookies are used for various reasons. In some areas of the website, cookies are essential and, without them, you would be unable to browse properly, for example. In other areas, they are used to gather information useful in providing appropriate services. In addition, some external (third-party) services may need to install particular cookies on the User’s browser in order to provide the relative services.
•Cookies for storing preferences
sthese cookies help the User to use the website properly. They are used, for example, to remember the language selected.
Some functions are performed using services of third parties, as indicated below. These services produce cookies that are linked to the services provided by third parties. The third party provides these services in exchange for information on the User’s visit to our website. Consequently, third-party suppliers of cookies must also adhere to the applicable regulations. Please refer, therefore, to the links to the third-party website pages where the User can find cookie consent forms and the relative policies. If the services are provided through indirect contact with third parties, the User must refer to the websites of the subjects acting as intermediaries between us and the said third parties:
Google Analytics (Google): Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the Personal Data collected to track and study the use of this Application, compile reports and share them with other services developed by Google. Google could use your Personal Data to contextualise and customise ads from its advertising network.
Most browsers accept cookies automatically, but it is possible to set the browser not to accept them, automatically or upon request. We advise against disabling cookies as this could compromise normal browsing, and some or all functions of some websites could become unavailable. If you do not wish your computer to receive and store cookies, you can alter your browser’s security settings.
Below are addresses of the relevant the web pages of the most popular browsers:
• Google Chrome
• Mozilla Firefox
• Apple Safari
• Microsoft Windows Explorer