This information notice is provided for the website www.salchimetalcoat.com (“Website”) owned and managed by Salchi Metalcoat S.r.l., in accordance with Art. 13 of EU Regulation 2016/679, General Data Protection Regulation (“GDPR”) and applies to all users interacting with the pages of the Website.
This policy is provided exclusively for this Website, and not for any other site that a user might connect to via hyperlink, which is in fact beyond the control of Salchi Metalcoat S.r.l..
1 – DATA CONTROLLER
The Data Controller is Salchi Metalcoat S.r.l. having registered offices in Viale dell’Industria 3a – 3b, 20875 Burago di Molgora (MB) – Italy, email: email@example.com (“Controller”).
2 – TYPE OF PERSONAL DATA COLLECTED
The IT systems and software procedures utilised to run this Website collect certain user-derived personal data as part of their normal functioning; the transmission of such data is implicit in internet communication protocols.
These data are not collected to be associated with identified data subjects, but, by their very nature, they might make users identifiable after being processed and matched with data held by third parties. This data category includes IP addresses or domain names of the computers used to connect to the Website, URI (Uniform Resource Identifier) addresses of the requested resources, the time of such requests, the method used to submit the request to the server, the size of the returned file, the numerical code of the server response status (completed, error, etc.) and other parameters related to the user’s operating system and IT environment.
Data Voluntarily Submitted by the user
The user’s personal data currently collected through the online form on the Website are: first name/surname, email address, subject matter of the request sent to the Controller.
3 – PROCESSING PURPOSES AND LEGAL BASIS
Controller will process your personal data:
- on the basis of pre-contractual and/or contractual obligations, for managing and replying to any requests for information and/or service submitted by users of the Website using the contact form and any subsequent communication (if so requested by the user);
- for complying with statutory and/or regulatory requirements (of both Italian and EU legislation);
on the basis of a legitimate interest of the Controller, for collecting anonymous statistical data on use of the Website and for monitoring its proper functioning; for the legal defence of a right or interest before any competent authority or entity.
4 – OPTIONAL AND REQUIRED DATA SUBMISSION
It is mandatory to provide personal data for the purposes listed in paragraph above. Their processing is required so Controller can respond to requests for information, provide technical assistance and comply with legal obligations. Any refusal to provide the requested data will make it impossible for Controller to respond.
5 – DATA PROCESSING METHODS AND SECURITY MEASURES
Data will mainly be processed using electronic or, in any case, automated (manual, IT, and/or online) tools, using methods and resources that assure the security and confidentiality of the data. Moreover, all technical, IT, organisational, and security-protocol measures will be taken to ensure appropriate data protection as required by law.
6 – RECIPIENTS OF PERSONAL DATA
Personal data shall be processed by Controller and may be disclosed to its employees and/or to other contractual parties as well as to the following entities:
- to all those parties (including the Public Authorities) having access to the personal data according to law or administrative provisions;
- to all those public and/or private parties, individuals and/or legal entities should the communication be necessary or otherwise required for the correct fulfilment of contractual or legal obligations;
- companies, consultants or professionals that may be in charge of the set-up, maintenance, updating and, in general, the management of the hardware and software of the Website;
- legal and tax professionals and consultants providing their services to the Company;
that will process the personal data in their quality as autonomous data controller or data processors on behalf of the Company, as the case may be.
In addition, Controller’s employees and staff, as well as Controller’s shareholders and directors, may have access to the data as “authorized persons”.
7 – PERIOD OF DATA RETENTION
The Controller informs users that personal data will be stored as long as necessary to provide the requested information and/or services and to pursue the above purposes and, subsequently, for the maximum time provided for by applicable law provisions regarding , in particular, statutory or time limitation periods (also with respect to administrative and tax purposes) and, in general, for the exercise/defence of Controller’s rights in relation to claims raised by public authorities, public entities and private subjects.
8 – DATA SUBJECT’S RIGHTS
Pursuant to GDPR data subject has the right to (i) access the data and specific information on the processing, such as, for example, the purposes, the categories of data being processed, the existence of the other rights indicated below and to request a copy of the data, (ii) rectify the data, (iii) delete data without undue delay in the cases provided for by the same GDPR, such as in the case of opposition to processing and where there is no overriding legitimate interest in the processing by the Controller (this right does not apply if the processing is necessary for the fulfilment of a legal obligation or for the exercise and defence of a right in court), (iv) to request the limitation of the processing, (v) to oppose at any time, for reasons concerning your particular situation, the processing based on a legitimate interest of the Controller, (vi) to receive the data in a structured, commonly used and readable format (portability) and to transmit them to another Data Controller in the cases provided for by GDPR (vii) to revoke, at any time, any previous consent given.
In addition, if data subject considers that the processing of the data infringes the provisions of the GDPR, to lodge a complaint with the competent Supervisory Authority in the Member State where he or she habitually resides or works or in the State where the alleged infringement occurred.
To exercise the above rights, you may contact the Controller by sending a communication by postal mail to the above address or by email to firstname.lastname@example.org.
Amendments and updates will be communicated to the user through their publication on the home page of the Website and will be applicable and binding from the moment of their publication.
Controller therefore invites users to periodically visit the present page for being informed of any change or update.
Last updated [23/6/2021]