INFORMATION EX ART. 13 EU 2016/679 REGULATION (GDPR) FOR DATA PROCESSED THROUGH THE WEBSITE
La società Avvale S.p.A. con sede in Milano (MI), Via Melzi D’Eril 34, P. IVA: IT04113150967 (hereinafter, "Owner"), as the data controller, informs you pursuant to art. 13 EU Regulation no. 2016/679 (hereinafter, "GDPR") that the data you provide and those that will be provided in the future or otherwise acquired, will be processed by the Owner, in accordance with the provisions of current legislation and in compliance with the obligation of confidentiality.
EMAIL MESSAGE SENDING AND FORM COMPILATION – “CONTACTS” SECTION
The optional and free sending of email to the addresses indicated on this website or the completion of the dedicated form in the “contacts” section entails the acquisition of the sender’s address, necessary to reply to requests, as well as any other personal data included in the form and in the body of the message.
No data deriving from the email or messaging service of “contacts” is disseminated; data collected through the form or by sending email, are managed exclusively by employees and / or collaborators of the Owner, duly authorized for processing.
The user is completely free to provide the personal data indicated in “contacts” with our company to request the sending of informative documentation, newsletters or other communications.
Failure to provide such data may make it impossible to obtain what is requested.
Personal data are processed by automated tools only for the time strictly necessary to achieve the purposes for which it was collected.
Security measures are implemented to prevent loss of data, offense or incorrect use and unauthorized access.
GENERAL INFORMATION ON PERSONAL DATA PROCESSING OF CUSTOMERS AND SUPPLIERS
1. Processed data disposition. Lookcast srl will process both personal and fiscal data of customers and suppliers, as well as the economic data necessary for the performance of the contractual relationships.
2. Purpose of the processing. Personal data are processed for the following Service Purposes (art. 6 lett. B) and c) GDPR):
The Owner can collect the following information: name, gender, place and date of birth, nationality, tax identification number, contact details such as address, telephone number, email, for:
- close contracts for the services provided by the Owner (management of subscriptions, activities relating to sales and after-sales services, management of user attendance in promotions or other contractual initiatives promoted through the Website);
- ulfill pre-contractual, contractual and fiscal obligations deriving from existing relationships with the user (eg. managing payments);
- fulfill pre-contractual, contractual and fiscal obligations deriving from existing relationships with the user (eg. managing payments);
- fulfill the obligations provided for by the law, by a regulation, by EU legislation or by a directive of the Authority (such as anti-money laundering). The legal foundation for this processing are the legal obligation, the pre-contractual and contractual purposes and the legitimate interest that can be the updating of services already know by the Owner, promotion of new offered services, sending communications aimed to advertising new products having similar characteristics to already covered by the contract that.
3. Processing methods. The processing of personal data is carried out by the operations indicated in the art. 4 n. 2) GDPR especially: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data are processed both on paper and electronic and / or automated.
4. Transfer of personal data. Personal data is managed through Softlayer cloud services with IBM data center located in Dallas (USA). The Privacy Policy, respecting the standards set by the European Regulation, can be consulted at the following link: https://www.ibm.com/privacy/us/en/ and here: https://www.ibm.com/privacy/details/us/en/
The Azure cloud service is used too.
The relative Privacy Policy is available at the following link: https://privacy.microsoft.com/it-it/privacystatement (the extra-EU data transfer takes place in compliance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses envisaged by the European Commission).
5. Personal data storage length. In compliance with the principles of lawfulness, limitation of purposes and minimization of data, pursuant to art. 5 GDPR, the period of storage of personal data is established for a time not exceeding the achievement of the purposes for which they are collected and processed, in compliance with the times prescribed by law and for related civil requirements. Personal data will be stored in our archives as follows: administrative data will be stored for 10 years (also pursuant to Article 2220 of the Civil Code); technical documentation and customer / supplier contracts for 5 years; data collected for marketing purposes for 2 years.
6. Obligation or right to provide data and effect of any refusal. The provision of data for the purposes referred in art. 2 is mandatory. In their absence, we will not be able to guarantee the contractual services.
7. Communication and dissemination. Your data may be given available for the purposes referred in art. 2.A) and 2.B):
- to employees and collaborators of the Owner in their role of authorized to data processing;
- to third-party companies or others (for example: credit institutions, professional offices, consultants, insurance companies for providing insurance services, etc.) that carry out activities in outsourcing on behalf of the Owner, in their role as external managers of the processing.
Without the need for express approval (ex-art. 6 letter b) and c) GDPR), the Owner may communicate your data for the purposes referred in art. 2.A) to the public subjects addressed by law, to the Judiciary Authority, as well as to all those subjects to whom communication is obligatory for institutional purposes. They will processing the data in their role as independent data controllers. The updated list of external data processors is stored at the owner’s offices. Your information will not be disseminated.
NAVIGATION DATA AND COOKIES POLICY
According with the measure of the Italian Data Protection Authority for personal data protection of 8 May 2014, containing “Individuazione delle modalità semplificate per l’informativa e l’acquisizione del consenso per l’uso dei cookie” (hereinafter, the “Cookie Measure”), the Owner informs the user as the following:
1. What are Cookies?
Cookies are small text strings that browsed websites by the user send to their terminal (usually the browser), where they are stored before being re-transmitted to the same websites when the same user visit again the pages. During navigation on a site, the user can also receive on his terminal cookies that are sent from different websites or web servers (so-called “third parties”), on which some elements may stored (for example, images, maps, sounds, specific links to pages of other domains) on the website that the user is visiting. Cookies usually are in users’ browsers in very large numbers and sometimes are stored for a long time, are used for different scopes: computer authentication, session monitoring, storing information on specific configurations regarding users accessing the server, etc.
2. What are the main Cookies type?
For the goal of this measure, two macro-categories are therefore identified: “technical” cookies and “profiling” cookies. The legislation also requires to identify the entity who installs cookies on the user’s terminal, based on whether it is the same site manager that the user is visiting (which can be referred as “publisher”) or a different site that installs cookies through the publisher (so-called “third parties”). First-party cookies are created and readable by the site that created them. Third-party cookies are created and readable by external domains to the site and whose data are stored in the third parts.
A. Essential technical Cookies
Technical cookies are necessary for the proper operation of the website (see article 122, paragraph 1 of the Codice Privacy). They are not used for other purposes and are usually installed directly from the website owner or manager.
Technical cookies can be divided into:
-
- session cookies: to guarantee the normal use of the website, making browsing faster and allowing, for example, to authenticate users to accessing to restricted areas. These cookies allow sites to recognize that you are a known user and to adapt accordingly;
- performance cookies: laddove utilizzati direttamente dal gestore del sito, sono utilizzati per effettuare l’analisi e il monitoraggio del traffico sul sito. Il loro scopo è raccogliere informazioni statistiche anonime sull’uso del sito, quali le pagine visitate, il tempo di permanenza sul sito, il flusso di pagine visitate, la provenienza geografica ecc. Nel caso specifico dei cookie di Google Analytics, è possibile disattivarne la ricezione installando il componente aggiuntivo per il proprio browser disponibile cliccando sul link sottostante. Componente aggiuntivo del browser per la disattivazione di Google Analytics: https://tools.google.com/dlpage/gaoptout
- functional cookies: allow user to browse the website based to selected criteria (for example, the language, the products selected for purchase) in order to improve the provided service.
Is not required the approval by the user to install these cookies.
B. Profiling cookies.
These are permanent cookies that allow you to create user profiles, in order to identify, anonymously or not, user preferences for different purposes such as: optimizing the user experience or for commercial and marketing purposes, to estimate the effectiveness of advertising campaigns, etc. Into account the invasiveness that profiling cookies (especially third-party that) may have within the private environment of users, European and Italian legislation provide that the user must be correctly informed about their use and agree to insert cookies on his device.
The art. 122 of the Privacy Code is referred to profiling cookies “l’archiviazione delle informazioni nell’apparecchio terminale di un contraente o di un utente o l’accesso a informazioni già archiviate sono consentiti unicamente a condizione che il contraente o l’utente abbia espresso il proprio consenso dopo essere stato informato con le modalità semplificate di cui all’articolo 13 Codice Privacy, comma 3″.
C. Third-party cookies without direct control.
This type of cookie is usually used if the website includes features provided by external sites. Among these, third-party cookies could be registered by:
-
- YouTube, Vimeo or other providers of video services;
- maps (like Google Maps, Bing Maps, etc.);
- sharing tools in social networks provided by Facebook, Twitter or others.
Our website doesn’t control the registration or the access to these cookies. To receive further information about the use of third parties cookies, see the privacy policy and cookies of these services. Advertisements on our site are provided by third-party organizations. Our advertising partners will provide advertisements deemed to be interesting for you, based on information collected after your visit to this website and others. In order to collect this data, our partners may need to place a cookie (a short text file) on your computer. For more information about this type of advertising based on user tastes, deriving from third-party cookies, you can visit the third-party sites to the links below.
At www.youronlinechoices.com you can find information on how behavioural advertising works and a lot of information about cookies and the needed steps to protect your privacy on internet.
3. Cookies applied in this website, their main features and how to deny the consent to each profiling cookies.
This website may send the following cookies to user, briefly described, for the following purposes:
1. First-party technical cookies that perform the content management system and perform activities that are strictly necessary for the website to function;
2. Main third-party cookies:
-
- Interactions with social networks and external platforms
These services allow interactions with social networks or other external platforms, directly from the Application pages. The interactions and information acquired by the Application are in any case subject to the User’s privacy settings relating to each social network.
-
- “Like” button and Facebook social widgets are interaction services of Facebook social network, provided by Facebook Inc. Personal data collected: Cookies and using data Place of processing: USA – Privacy Policy
-
- Tweet button and Twitter social widgets are interaction services of Twitter social network, provided by Twitter Inc. Personal data collected: Cookies and using data Place of processing: USA – Privacy Policy
-
“+1” button and Google+ social widgets are interaction services of Google+ social network, provided, by Google Inc. Personal data collected: Cookies and using data Place of processing: USA – Privacy Policy
- “ShareThis is a tool which allow users to share and suggest website content in the social networks, provided by Facebook Inc. Personal data collected: Cookies and using data Place of processing: USA – Privacy Policy
-
Statistics Services contained in this section allow the Data Controller to control and analyze traffic data and are used to keep track of User behaviour too.
Google Analytics (Google Inc.) -
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the Personal Data collected for tracking and examining the use of this Application, giving reports and sharing them with other services developed by Google. Google may use Personal Data to contextualize and personalize the advertising of its own network. Personal data collected: Cookies and usage data. Place of processing: USA – Privacy Policy e Opt Out.
-
Displaying content from external platforms These services allow to view content hosted on external platforms directly from the pages of this Application for interact with them.
-
Youtube Video Widget (Google) is a video content sharing service managed by Google Inc. that allows to this Application to integrate content provided by YouTube in the pages. Personal data collected: Cookies and usage data. Place of processing: USA – Privacy Policy
Registered visitors
We could analyze the online activities of registered visitors on our websites and online services through cookies and other tracking technologies. If you have chosen to receive communications from us, we can use cookies and other tracking technologies to personalize future communications according to your interests.
Furthermore, we could using cookies or other tracking technologies within the communications you receive from us (for example, to know if these have been read or opened or to detect what content you have interacted with and what links you have opened), in order to make future communications more responsive to your interests.
4. How manage cookies
To deny consent to use of one or more profiling cookies, you can:
-
-
access to listed links above;
-
otherwise, following the disable procedure provided by the main browsers.
-
Guide for manage cookies on main browser.
Google Chrome: https://support.google.com/chrome/answer/95647?hl=it
Mozilla Firefox: https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie
Windows Explorer: http://windows.microsoft.com/it-it/internet-explorer/delete-manage-cookies#ie=ie-11
Safari: https://support.apple.com/it-it/HT201265
Opera: http://help.opera.com/Windows/10.00/it/cookies.html
Per disattivare i Cookie Flash: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager02.html#118539
RIGHTS OF THE INTERESTED PARTY:
The interested party can always carry out the rights approved in the art. 15 GDPR:
- Access to personal data;
- Obtain the changing, the cancellation or the limitation of the processing of the interested party;
- Deny the processing;
- To data portability;
- Ove applicabili, ha altresì i diritti di cui agli artt. 16-21 GDPR (diritto all’oblio, diritto di limitazione di trattamento, diritto alla portabilità dei dati, diritto di opposizione).
- Lodge a complaint to the supervisory authority (“Garante per la Protezione dei Dati Personali” whose contact details are indicated on the website www.garanteprivacy.it).
Where applicable, the interested party also has the rights indicated in Articles 16-21 GDPR (oblivion, processing limitation, data portability, opposition).
How to exercise trights: You can at any time carry out the rights listed above sending:
- una raccomandata a.r. o una PEC alla società Avvale S.p.A. agli indirizzi sopra dettagliati;
- an e-mail to [email protected].
CONTACT DATA OF THE OWNER:
Il Titolare del Trattamento è Avvale S.p.A. i cui dati di contatto sono indicati nella intestazione della presente informativa.
CONTACT DATA OF THE DATA PROTECTION MANAGER:
The Data Protection Officer who can be contacted to carry out the rights listed above and / or for any clarifications regarding personal data protection, can be reached at the following e-mail address: [email protected]
Changes to this Policy
La Avvale S.p.A. è da sempre impegnata a rispettare i principi fondamentali della privacy e della protezione dei dati. Pertanto, le nostre informative privacy sono periodicamente riviste così da essere sempre aggiornate e conformi ai principi sulla protezione dei dati. Questa informativa potrà essere modificata in futuro al fine di tenere il passo con i nuovi sviluppi e, soprattutto, al fine di mantenere la conformità alla legislazione vigente (europea e nazionale). Eventuali modifiche che potremmo apportare alla nostra informativa saranno rese immediatamente note e pubblicate sul nostro sito istituzionale.
Last Update: May 2019