PORINI S.r.l. with headquarters in Lomazzo (CO) in Via Cavour n°2, C.F. 03919230155 / P.IVA 01257760130 (hereinafter, “Owner”), as owner of the treatment, informs you pursuant to Article 13 EU Regulation No. 2016/679 (hereinafter, “GDPR”) that your data will be processed in the following ways and for the following purposes.
B) DATA TREATMENT
1) Treatment object
The Data Controller processes personal, identification and non-sensitive data (by way of example but not limited to, name, surname, company name, address, telephone, e-mail – hereinafter, “personal data” or also “data”) communicated by you when you register on the Data Controller’s website www.porini.it (hereinafter, “Site”), when you fill in contact forms through the Site, when you request clarifications or support online.
2) Purpose of treatment
A) without your express consent art. 6 lett. b), e) GDPR), for the following purposes:
– To respond to specific requests for information addressed to the Owner via the contact form;
Legal basis: Performance of a service.
B) Only after your specific and distinct consent (art. 7 GDPR), for the following marketing purposes:
– Sending you, via e-mail, newsletters and information on the activities of the Owner.
Legal basis: Consent (optional and revocable at any time).
3) Treatment modalities
The processing of your personal data is carried out by means of the operations indicated in art. 4 Privacy Code and art. 4 n. 2) GDPR and precisely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subject to both paper and electronic and/or automated processing.
4) Storage time of processed data
The Data Controller will process personal data for the time necessary to fulfill the above purposes.
5) Treatment of navigation data
Computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the communication protocols of the Internet.
This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment.
These data are used only to obtain anonymous statistical information on the use of the site and to check its correct functioning. The data could also be used to ascertain responsibility in case of hypothetical computer crimes against the site.
6) Security measures
The Data Controller has adopted a variety of security measures to protect your data against the risk of loss, misuse or alteration. In particular: it has adopted the measures referred to in articles 32-34 Privacy Code and art. 32 GDPR; it uses data encryption technology and protected data transmission protocols.
7) Data access
Your data may be made accessible for the purposes of art. 2:
– to employees and collaborators of the Data Controller, in their capacity as persons in charge and/or internal data processors;
– to third party companies or other subjects who carry out activities in outsourcing on behalf of the owner, in their capacity as data processors.
8) Data communication
Without your express consent (ex art. 24 lett. a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Owner may communicate your data to supervisory bodies, judicial authorities and to all other subjects to whom the communication is mandatory by law for the fulfillment of the above purposes.
9) Data Transfer
The management and storage of personal data will take place in Europe, on servers located in Italy of the owner and / or third party companies in charge and duly appointed as data processors.
10) Nature of data conferment and consequences of refusal to answer
The conferment of data for the purposes referred to in art. 2A is mandatory as necessary to respond to requests for information.
Instead, for the purposes of art. 2B the acceptance is optional. You may therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in this case, you will not be able to receive newsletters and communications of events offered by the Owner. However, you will continue to be entitled to the Services referred to in art. 2A.
11) Rights of the interested party
In accordance with the provisions of Chapter III, Section I, GDPR, you may exercise the rights set forth therein and in particular:
Right of access – Obtain confirmation as to whether or not personal data concerning you are being processed and, if so, receive information relating, in particular, to: the purposes of the processing, categories of personal data processed and the period of storage, recipients to whom the data may be disclosed (Article 15, GDPR);
Right to rectification – To obtain, without undue delay, the rectification of inaccurate personal data concerning you and the integration of incomplete personal data (Article 16, GDPR);
Right to erasure – Obtain, without undue delay, the erasure of personal data concerning you, in the cases provided for in the GDPR (Article 17, GDPR);
Right to restriction – To obtain from the Data Controller the restriction of processing, in the cases provided for by the GDPR (Article 18, GDPR);
Right to portability – To receive in a structured, commonly used and machine-readable format the personal data concerning you provided to the Data Controller, as well as to obtain that the same be transmitted to another data controller without hindrance, in the cases provided for by the GDPR (Article 20, GDPR);
Right to object – To object to the processing of personal data concerning you, unless there are legitimate reasons for the Data Controllers to continue the processing (Article 21, GDPR);
Right to complain to the supervisory authority – To complain to the Guarantor Authority for the protection of personal data, Piazza di Montecitorio n. 121, 00186 Rome (RM).
12) How to exercise your rights
You may exercise your rights at any time by sending
– a registered letter with return receipt to PORINI S.r.l. Via Cavour n°2, 22074 Lomazzo (CO);
– an e-mail to the address: firstname.lastname@example.org.
This Site and the Owner’s Services are not intended for children under the age of 18, and the Owner does not knowingly collect personal information from children. In the event that information about minors is unintentionally recorded, the Owner will delete it in a timely manner upon user request.
14) Changes to this Policy
Last updated on May 25, 2018.