Treatment of personal data
Information on the processing of data pursuant to Art. 13 of European Regulation 679/2016
In compliance with current data protection legislation (European Regulation 679/2016 and subsequent amendments and additions), ENTSORGAFIN SPA provides users of its website with the following information on the processing of data provided by users.
It should be noted that the information is not valid for other websites that may be consulted via links on the owner’s domain websites, which are not to be considered in any way responsible for the websites of third parties.
2. Data controller
The Data Controller is ENTSORGAFIN SPA S.P. per Castelnuovo Scrivia n. 7/9 – 15057 Tortona (AL)
Any requests for information and/or clarification can be sent to firstname.lastname@example.org or using the above address.
3. Types of data processed
Personal and identification data
Personal data: any information relating to a natural person, identified or identifiable, even indirectly, by reference to any other information, including a personal identification number; Identification data: personal data that allow the direct identification of the person concerned (such as, for example, name, surname, e-mail address, address, telephone number, etc.).
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or the domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check that it is functioning correctly.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site or the filling in of forms for downloading our material in pdf format, entails the subsequent acquisition of the sender’s address, which is necessary to reply to any requests, as well as any other personal data entered.
Specific information may be presented on the pages of the Site in relation to particular services or processing of Data provided by the User or the Data Subject.
4. Purpose of processing
Data of a personal nature voluntarily provided will be processed for the following purposes until you object:
- navigation on this website: the computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols (IP addresses or domain names of computers and terminals used by users, the URI/URL addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server such as “successful, error, etc.”) and other parameters relating to the user’s operating system and computer environment;
- The User’s Personal Data may be processed in additional ways and for additional purposes related to system maintenance;
- any request for contact, with the sending of information requested by you; in fact, the user can contact the Company using the telephone numbers and e-mail addresses located in the “Contacts” section where the user can find the references of the office. The receipt of spontaneous communications from users necessarily entails for the Data Controller the acquisition of the user’s e-mail address and/or name. The purpose of this collection is related to the provision of information about the services provided;
- exercising or defending a right in court, including as a result of abusive use of the site and related services by the user, and handling litigation in the event of disputes;
- compliance with the obligations provided for by laws and regulations or imposed by the Authorities, also in relation to the ascertainment of responsibility in the event of the commission of crimes to the detriment of or through this website. The User’s Personal Data may be used for the defence by the Data Controller in legal proceedings or in the preparatory stages of any such proceedings, against abuses in the use of the same or related services by the User.
The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
5. Legal basis of processing
Processing is carried out on the basis of the existence of the legitimate interest of the Controller:
- in ensuring the functionality of the website and its usability to visitors;
- insofar as there is a relevant and appropriate relationship between the data subject and the controller motivated by the fact that the processing operations referred to above are determined by the user’s request for contact or subscription to services;
- establishment, exercise or defence of a legal claim;
- legal obligations incumbent on the Controller: as regards cooperation with the Authorities and compliance with the legal provisions imposing obligations on the Controller;
- implementation of pre-contractual measures taken at the request of the data subject.
6. Processing methods – Storage
The processing is carried out with the aid of paper/computer tools with methods and instruments designed to ensure maximum security and confidentiality, and does not involve the use of automated decision-making processes. Data processing is carried out by authorised persons acting under the responsibility of the Data Controller and by persons acting as Data Processors or Autonomous Data Controllers. The data will be kept for a period not exceeding the purposes for which the data were collected and subsequently processed and to meet your data recovery needs. Data provided voluntarily by the user will be retained until the customer revokes consent. Storage in relation to requests by the Authorities, as well as in relation to requirements connected with the exercise of the right of defence in the event of disputes, is excepted.
7. Scope of communication and dissemination
No data is disseminated.
Your data may be disclosed to third parties in the following categories:
- subjects that provide services for the management of the information system used and telecommunications networks, including e-mail, newsletters and website management;
- competent authorities for the fulfilment of legal obligations and/or provisions of public bodies, upon request. The subjects belonging to the above categories act as Data Processors, or operate completely independently as separate Data Controllers. The list of Data Processors is constantly updated and available at the Data Controller’s offices.
- We may have to share some of the data we collect with hosting services located outside the European Union. The transfer is authorised on the basis of specific decisions of the European Commission, or on the basis of the standard contractual clauses of the individual services.
8. Nature of data provision and refusal
With regard to navigation on this site, the provision of data is linked to the user’s willingness to navigate the site after having read the information contained in the banner on the homepage. Please note that in order to avoid the installation of cookies, it is necessary not to close the aforementioned site by clicking on the “I understand” button, or by using the specific functions offered by the browser used for navigation.
9. Rights of the persons concerned
You may assert your rights by contacting the Data Controller by sending an e-mail to email@example.com or by using the address given in Point 2.
The above-mentioned rights are as follows: the right to access your data and information concerning you; the right to rectify inaccurate data or to supplement incomplete data; the right to cancel personal data concerning you (in the cases provided for by law); the right to limit the processing of your personal data (again, in the cases provided for by law); the right to data portability; the right to object to the processing of your personal data in the event of special situations concerning you;
Furthermore, the Controller shall stop the processing when it receives a communication from the data subject withdrawing the consent previously given if the consent constitutes the legal basis for the processing.
If you contact the holder, please provide your e-mail address, name, address and/or telephone number, so that the request can be handled correctly.
Complaint to the supervisory authority the data subject has the right to lodge a complaint with the Supervisory Authority in the event that his requests for information addressed to the Controller have not led to a satisfactory response.
The reference authority is the Garante per la Protezione dei dati personali, which can be reached at the following address: firstname.lastname@example.org
Update July 2021