Privacy Policy

Information provided pursuant to Reg.EU 2016/679 (GDPR), Art.13

Introduction

Emilcotoni Spa considers personal data as a primary asset to be protected, adopting procedures and behaviors aimed to ensure their security and confidentiality. Transparency to data subjects is therefore a primary objective, pursued trough effective communication tools. Emilcotoni Spa takes appropriate measures to provide any information relating to processing to the data subject in a concise, transparent, intelligible and easily accessible form.              

In this regard, this privacy policy, produced in accordance with the requirements set out in Reg. EU 2016/679 “General Data Protection Regulation”, contains specific information referring to the following areas:

  1. data processing related to this website;
  2. data processing related to contractual agreement with customers and suppliers.

General information
We inform data subject (Art.4, c.1 del GDPR) about the following general items:

  • personal data are processed lawfully, fairly and in a transparent manner, according to principles of GDPR, Art.5;
  • specific security measures are implemented to prevent the data from being lost, used unlawfully and/or inappropriately, and accessed without authorisation.

Data Controller, Data Protection Officer and data subject’s rights

  • the Data Controller is Emilcotoni Spa and its subsidiaries and/or affiliated companies (hereinafter “Emilcotoni Spa”, “Group”, “we”, “us”, “our”), in the person of the legal representatives, to whom it is possible to apply to exercise all the rights provided for by article 15-22 of the GDPR (right of access, right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object, right to oppose automated individual decision making, including profiling), as well as revoke a previously granted consent; in case of failure to reply to their requests, the data subject can lodge a complaint with a supervisory authority (GDPR – Art.13, paragraph 2, letter d).

Contact Data
Emilcotoni Spa
Tel: 0523-606913 – Email: amministrazione@emilcotoni.it

1) DATA PROCESSING RELATED TO THIS WEBSITE
1.1 Navigation Data
The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols. Such information is not collected in order to relate it to identified data subjects, however it might allow user identification after being processed and matched with data held by third parties. This data category includes IP addresses and/or the domain names of the computers used by any user connecting with this web site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user’s operating system and computer environment.

Purposes and lawfulness of processing

(GDPR-Art.13, c.1, lett.c)

These data are only used to extract anonymous statistical information on website use as well as to check its functioning. The data might be used to establish liability in case computer crimes are committed against the website (Controller legitimate interest).

Scope of communication

(GDPR-Art.13, c.1, lett.e,f)

The data may only be processed by internal personnel, duly authorized and instructed in the processing (GDPR-Art.29) or by the Processor of the web platform (appointed Data Processor, Art.28 GDPR) and will not be disclosed to other parties, disseminated or transferred to non-EU 

Data retention

(GDPR-Art.13, c.2, lett.a)

Data are usually kept for short periods of time, with the exception of any extensions connected to investigations.

Data provision

(GDPR-Art.13, c.2, lett.f)

The data are not provided by the data subject but automatically acquired by the site’s technological systems.

1.2 Cookies

What are cookies: Cookies are short fragments of text (letters and / or numbers) that allow the web server to store on the client (the browser) information to be reused during the same visit to the site (session cookies) or later , even after days (persistent cookies). Cookies are stored, according to user preferences, by the single browser on the specific device used (computer, tablet, smartphone). Similar technologies, such as, for example, web beacons, transparent GIFs and all forms of local storage introduced with HTML5, can be used to gather information on user behavior and use of services. In the continuation of this information we will refer to cookies and all similar technologies simply by using the term “cookies”.

Possible types of first-party cookies and how to manage preferences

CATEGORY AIM MANAGEMENT
Technical and session cookies Ensure normal navigation and use of the site Through the main browsers you can:
  • Block by default the reception of all (or some) types of cookies
  • View the analytical list of the cookies used
  • Remove all or some of the installed cookies

For information on setting individual browsers see specific paragraph. It should be noted that blocking or deleting cookies could compromise the navigability of the site.

Analytics Collect information on the number of visitors and on the pages viewed

The site may contain links to third-party sites and third-party cookies; for more information, we invite you to view the privacy policy of any linked sites.

Management of preferences through the main browsers The user can decide whether or not to accept cookies using the settings of their browser (we point out that, by default, almost all web browsers are set to automatically accept cookies). The setting can be modified and defined specifically for different websites and web applications. In addition, the best browsers allow you to define different settings for cookies “owners” and those of “third parties”. Usually, cookies are set up from the “Preferences”, “Tools” or “Options” menu.

Below are links to the guides for managing cookies from the main browsers:

Further information

1.3 Request a quotation

The page allows the interested party to request a quote for a transport service. The applicant’s identification and contact data are requested.

Purposes and lawfulness of processing

(GDPR-Art.13, c.1, lett.c)

Identification and contact data are requested  to send the quotation to the interested party. The request is subject to acceptance of specific, free and informed consent (GDPR-Art.6, c.1, lett.a) documented through a special check-box (GDPR-Art.7, c.1).

Scope of communication

(GDPR-Art.13, c.1, lett.e,f)

The data may only be processed by internal personnel, duly authorized and instructed in the processing (GDPR-Art.29) and will not be disclosed to other parties, disseminated or transferred to non-EU countries.

Data retention

(GDPR-Art.13, c.2, lett.a)

Personal data is processed for no longer than is necessary to achieve the purposes for which it has been collected.

Data provision

(GDPR-Art.13, c.2, lett.f)

The provision of data relating to the mandatory fields is necessary to obtain an answer, while the optional fields are aimed at providing the staff with other useful elements to facilitate contact.

1.4 Data provided voluntarily by users
Sending e-mail messages to the addresses mentioned on this website, which is done on the basis of a freely chosen, explicit, and voluntary option, entails acquisition of the sender’s address, which is necessary in order to reply to any request, as well as of such additional personal data as is contained in the message(s).

2) DATA PROCESSING CONNECTED TO THE RELATIONSHIPS WITH CUSTOMERS AND SUPPLIERS

2.1 Object of the processing
Emilcotoni Spa processes personal identifying data of customers / suppliers (for example, name, surname, company name, personal / fiscal data, address, telephone, e-mail, bank and payment details) and its operative contacts (name surname and data contact information) acquired and used for managing the services provided by the company.

2.2 Purposes and legal basis of the processing
Data are processed to:

  • manage contractual / professional agreements, as well as manage the necessary communications connected to them;
  • fulfill the obligations established by law, by a regulation, by the community legislation or by an order of the Authority;
  • exercise a legitimate interest of the Controller (for example: the right of defense in court, the protection of credit positions; the ordinary internal operating, management and accounting needs).

Failure to provide the aforementioned data will make it impossible to establish the relationship with the Controller. The aforementioned purposes represent, pursuant to Article 6, commi b, c, f, suitable legal bases for the lawfulness of the processing. If it is intended to carry out treatments for different purposes, it will be required a specific consent from the data subjects.

2.3 Methods of the processing
The processing of personal data is carried out by means of the operations indicated in Art. 4 n. 2) GDPR and exactly as: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data. Personal data are subjected to both paper and electronic and / or automated processing. The Data Controller will process personal data for the time necessary to fulfill the purposes for which it was collected and related legal obligations.

2.4 Scope of the processing
The data are processed by internal regularly authorized subjects and instructed pursuant to Article 29 of the GDPR. It is also possible to request the scope of communication of personal data, obtaining precise indications on any external subjects operating as managers or independent data controllers (consultants, technicians, banks, transporters, etc.). We wish to make you aware of personal data may be the subject of intercompany communication between Group companies.

3) POLICY UPDATING

It should be noted that this information may be subject to periodic review, also in relation to the relevant legislation and jurisprudence. In the event of significant changes, appropriate evidence will be given in the home-page of the site for a suitable time. In any case, the interested party is invited to periodically consult the present policy.

PRIVACY POLICY ABOUT CUSTOMER AND SUPPLIER DATA PROCESSING

According to Article 13 of Reg. EU 2016/679 “General Data Protection Regulation” (hereafter GDPR)

Emilcotoni Spa considers personal data as a primary asset to be protected, adopting procedures and behaviors aimed to ensure their security and confidentiality. Transparency to data subjects is therefore a primary objective, pursued trough effective communication tools.

The company informs data subjects of the following general profiles, valid for all areas of processing:

  • all data processing activities are carried out in compliance with current regulations on privacy (Reg.Ue 2016/679 “GDPR” and D.Lgs.196 / 2003, as amended and integrated by Legislative Decree 101/18);
  • all the data processed in a lawful, correct and transparent manner, in compliance with the general principles established by Art.5 of the GDPR;
  • specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access, pursuant to Article 32 of the GDPR.

Object of the processing The company processes personal identifying data of customers / suppliers (for example, name, surname, company name, personal / fiscal data, address, telephone, e-mail, bank and payment details) and its operative contacts (name surname and data contact information) acquired and used for managing the services provided by the company.

Purpose and legal basis of processing Data are processed for:

  • conclude contractual / professional relationships;
  • fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships, as well as manage the necessary communications connected to them;
  • fulfill the obligations established by law, by a regulation, by the community legislation or by an order of the Authority
  • exercise a legitimate interest of the Controller (for example: the right of defense in court, the protection of credit positions, the ordinary internal needs of an operational, managerial and accounting nature).

Failure to provide the aforementioned data will make it impossible to establish the relationship with the Controller. The aforementioned purposes represent, pursuant to Article 6, commi b, c, f, suitable legal bases for the lawfulness of the processing. If it is intended to carry out treatments for different purposes, a specific consent will be required from the interested parties.

Methods of the processing The processing of personal data is carried out by means of the operations indicated in Art. 4 n. 2) GDPR and exactly as: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data. Personal data are subjected to both paper and electronic processing. The Data Controller will process personal data for the time necessary to fulfill the purposes for which it was collected and related legal obligations.

Scope of processing The data are processed by internal subjects regularly authorized and instructed pursuant to Article 29 of the GDPR. It is also possible to request the scope of communication of personal data, obtaining precise indications on any external subjects (consultants, technicians, banks, transporters, etc.). The data can be the subject of intercompany communication between the companies of the Group.

 Data controller and contacts

The Data Controller is the undersigned company, which can be contacted for any information regarding privacy or to exercise the rights listed below, at the following addresses:

Emilcotoni Spa
Viale dell’Industria, 12
Mob: 0523-606913
Email: amministrazione@emilcotoni.it

Rights of the data subjects

  • the right to request the presence and access to personal data (Art.15 “Right of access”)
  • the right to obtain the correction / integration of incorrect or incomplete data (Art.16 “Right of rectification”)
  • the right to obtain, if there are justified reasons, the cancellation of data (Art.17 “Right to cancel”)
  • the right to obtain the processing limitation (Art.18 “Right to limitation”)
  • the right to receive data in a structured format (Art.20 “Right to portability)
  • the right to oppose the processing and automated decision-making processes, including profiling (Art.21, 22)
  • the right to revoke a previously granted consent;
  • right to present, in case of non-reply, a complaint to the Data Protection Authority.