Within the meaning of (i) Art. 13 of the Legislative Decree of June 30th 2003, n. 196 (“Privacy Code”), (ii) EU Regulation 2016/679 on the ‘protection of natural persons with regard to the processing of personal data, and on the free circulation of such data’, the “GDPR”, art.13 and 14, and of (iii) the General Provision of the Italian Data Protection Authority of May 8th 2014, SARTEL DI RAVASIO ALBERTO & C. S.n.C. as a Data Controller within the meaning of art. 4 of the GDPR (“Company” or “Controller”), wish to inform you, as a Data Subject (“Data subject” or “User”) about of the type of data acquired and used, of the purposes followed and of the processing operations carried out during the visit to the website https://www.sartel.it/ (hereinafter called “Website”) and following the interaction of Users with the services and features of the Website.
This document is valid only for the present official “Website” of SARTEL DI RAVASIO ALBERTO & C. S.n.c. and not for other external websites possibly visited by the user during the network browsing.
A) Data Controller
The Data controller is SARTEL DI RAVASIO ALBERTO & C. S.n.c. headquartered in Via XXV Aprile, 24/20 – 24050, Grassobbio (BG) – ITALY, E-mail: firstname.lastname@example.org
B) Type of Data processed
Our website collects the users’ data in two different ways.
Voluntary Data Submission
The website may collect other data in case of voluntary use of services by the User, such as communication services (contact forms), which will be exclusively used to provide the service required and for which a specific statement has been prepared on the relative page of the website.
Automatically collected data
The computer systems and software procedures used for this “Website” collect in the normal course some personal data whose transmission is implicit in the use of the Internet communication protocols.
This information is not collected in order to be associated with identified data subjects, but for their very nature they may be able to identify the users through processing and association with data held by third parties.
Also, during the browsing, the following information of the users may be collected and stored in the server log files (hosting) of the website. These shall include, but not be limited to the following: Internet protocol address (IP), browser, parameters of the device used to connect to the website, name of the internet service provider (ISP), date and time of visit, webpage of origin (referral) and exit of the user, number of clicks.
These data are used for statistical and analytic purposes, exclusively in aggregated form. The IP address is only used for security purposes and is not cross-checked with other data. Specifically, the site makes use of the following services:
Cookies are small portions of data that allow us to compare new and past visitors and to understand how users navigate the site, and generally allow for a better experience of using the site itself. Cookies do not record any personal information about a user and any identifiable data will not be stored. Cookies can be stored permanently on your computer and have a variable duration (so-called persistent cookies), but they can also fade with the browser close or have a limited duration (so-called session cookies). Cookies can be installed from the sites you are visiting (so-called first-party cookies) or they can be installed from other websites (i.e. third-party cookies).
The site makes use of the following categories of cookies:
These cookies are necessary to browse through our website and use its features, such as access to the different restricted areas of the website. Without these cookies some of the necessary services will not be available.
Cookies allow to remember the choices made by the user (such as name, language or region of origin) and provide advanced customised experiences. These cookies may also be used to remember the modifications made to the text size and font as well as other customisable parts of the website. Also, they may be used to provide services required (such as watch a video). The information collected by this kind of cookies may be anonymous in order to avoid the monitoring of the browsing activity on other websites. By visiting our website, the User accepts that these cookies are installed on his or her device.
It can prevent Google from detecting a cookie that is generated due to and related to the use of the site and processing of that data by downloading and installing this plugin for the browser: https://tools.google.com/dlpage/gaoptout?hl=en.
Third party Cookies
The services contained in this section allow the controller to monitor and analyse the traffic data and serve to keep track of the user’s behaviour.
- By clicking on the button “OK” on the banner containing the short statement that appears when you access the website;
- By continuing your browsing through another area of the website or selecting an element of the same page.
How to modify cookie settings
Please verify that your computer/smartphone settings shall accept or reject cookies. You can set your browser in order to be warned before accepting cookies, or you can configure it to refuse them automatically – even if in this way you won’t have access to all the features of the website. You have to be sure that all the browsers you use, if you use a computer in different locations, is configured on the basis of your cookie preferences.
Below you can find the procedure to follow to manage cookies with these browsers:
Microsoft Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
Below are the purposes of the processing of data collected by our website:
– Statistical purposes (analysis)
Collection of data and information exclusively in aggregated form in order to verify the correct functioning of the website. None of this information are related to the natural person-user, and do not allow his or her identification. No explicit consent is required.
Collection of data and information in order to ensure the safety of the website (antispam filters, firewall, virus detection) and of the User and to prevent or discover fraud or abuse against the website. Data are automatically stored and may also include personal data (IP address) that could be used to block any attempt of damage to the website itself or other users, or harmful activities or constituting a crime. These data are never used to identify or profile the user and are erased periodically. No explicit consent is required.
– Secondary activities
Provide data to third parties to allow them to carry out technical and logistical activities or different activities on behalf of the Company. Suppliers have access only to the personal data required to carry out their tasks, and are engaged not to use data for other purposes and are obliged to process personal data in accordance with the present law.
D) Legal basis
E) Nature of consent to data processing
Consent to collect and process data is optional. You can refuse to give consent or withdraw a previously given consent at any moment (using the banner placed at the bottom of the page or the cookie browsing settings). However, refusal of consent may prevent from providing some services and the browsing experience through the website may be compromised.
F) Location of data processing
Processing related to the web services of this website are carried out in the abovementioned headquarters of the Company and are developed by highly qualified technical staff of the Office in charge of the processing, or by people that are occasionally in charge of maintenance.
G) Communication of personal data
The Company may ask third parties to carry out specifically required services. These third parties are only given the necessary information to complete the relative functions; your personal data are processed by these third parties for the same purposes for which they were collected.
Within the organisation of the Company your personal data are only accessible to the persons concerned with respect to their role and as persons in charge of the processing, to answer your questions or send you the information required.
Your personal data will not be given to third parties for marketing and/or non-profit making purposes and will not be disseminated in any way.
H) Modalities to process data
Your personal data are processed by automated means for the strictly necessary time to achieve the purposes for which they were collected. Specific security measures are applied to prevent from losing data, illicit or incorrect use or unauthorised access.
I) Data retention period
The data collected from the website during operation are stored for the necessary time to carry out the abovementioned activities. After that time, data will be erased or stored anonymously, unless there will be further purposes for their retention.Data (IP addresses) used for the website security (block an attempt to damage the website) are stored for twelve months.
Cookies may be stored for different periods of time depending on the purpose for which they are treated by the company, or by third-party companies, in accordance with the Privacy regulations time-to-time applicable. Temporary session cookies are active for the duration of the session, persistent cookies have a period of validity up to twenty-four months, while for third-party cookies the retention period is indicated by third parties on their websites , accessible through the dedicated links in the table and/or by consulting the sites http://www.youronlinechoices.com/ and http://www.allaboutcookies.org/.
J) Transfer of personal data to non-EU Countries
The website could share some of the data collected with services located outside the European Union area. In particular with Google, Facebook and Microsoft (LinkedIn) through social plugin and the Google Analytics service. Transfer may be authorised on the basis of specific decision of the European Union and of the Data Protection Supervisor, for which further consent is not required. The abovementioned companies guarantee their accession to the Privacy Shield. In this case, the Data Controller ensures that the transfer of non-EU data will be carried out in accordance with the applicable legal provisions under art. 46 and following of the GDPR.
K) Data subjects’ rights
Within terms and conditions provided by the present law, acting as a Data subject, you may exercise the following rights:
- ask for confirmation of the presence of your personal data (right to access);
- know their origin;
- receive an intelligible communication;
- receive information about the processing logic, modalities and purposes;
- ask for update, rectification, integration, erasure, transformation into anonymous form, withdrawal to grant consent of data processed infringing rules of law, including data that are no longer necessary in relation to the purposes for which they were collected;
- if processing is based upon consent, receive to the actual cost of the eventual support, data that have been given to Data Controller, in a structured, commonly used and machine-readable format;
- right to lodge a complaint to the Italian Data Protection Authority;
- and, more in general, exercise all the rights provided by the present law.