Privacy Policy

Web Policy (contact page)


PRIVACY POLICY

PURSUANT TO ARTICLES 13 AND 14 OF REGULATION (EU) 2016/679 (“GDPR”)

AND SUBSEQUENT NATIONAL ADAPTATION RULES

 

This document (“Policy”) is intended to provide information about the processing of data, as specified below, that you will provide or will otherwise be available at our facility, and that will be processed by our facility and/or other subjects identified for the purposes indicated below. In particular, the Policy is provided pursuant to Regulation (EU) no. 679/2016 (“GDPR”) and subsequent national adaptation rules (hereinafter jointly with the GDPR referred to as “Applicable Regulations”). Specific policies may be provided on the pages of the website in relation to particular services or processing of data given by the data subject, and specific consents may be collected (where necessary).

 

1.   Identity and contact details of the Data Controller

The data controller, pursuant to articles 4 and 24 of EU Reg. 2016/679, is Enzo Varani, with registered office in Via Savini, 53 - 64100 Teramo (TE), VAT Number 01692890674, Phone +39 0871 453700, e-mail: info@rotofilmspa.it, in the person of the pro-tempore legal representative (hereinafter “Data Controller”).

 

2.   Contact details of the Data Protection Officer (“DPO”)

The Data Controller does not carry out any activity involving the designation of the Data Protection Officer.

 

3.   Purpose and legal basis of the processing

The Personal Data collected will be processed for the purposes and in accordance with the legal basis set out below:

Purposes

Legal basis of the processing

point 3, letter a): to manage your contractual relationship or to implement pre-contractual measures (such as, for example, the request for information or the request for a quote); to allow navigation on this website and the technical management of connections to the website; to manage any contact requests by the data subject, to respond to such requests as well as to assistance requests and to meet the needs of customers and users. In such case, you are free to provide your Personal Data; however, failure to do so will not allow to establish the aforementioned relationship and satisfy your request, and may result in the impossibility to use all the services provided by the website.

The processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, to provide a service or to respond to requests from the data subject, and it is necessary for compliance with a legal obligation to which the data controller is subject.

 

4.   Categories of personal data processed

Within the limits of the purposes and methods described in this Policy, information that can be considered as “Personal Data” may be processed, which includes your personal details and your contact details (such as, for example, mobile phone number, e-mail address, IP address, cookies, etc.).

Full details on each type of data collected are provided in the dedicated sections of this privacy policy or by means of specific information texts displayed before the data collection. The use of Cookies (or other tracking tools) by this website or third party service providers used by this website, unless otherwise specified, is intended to provide the service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy.

 

4.1  Navigation data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected to be associated with identified data subjects; however, due to its very nature, it may allow to identify users through processing and association with data held by third parties. This category of data includes IP addresses or domain names of computers used by the users who connect to the website, URI (Uniform Resource Identifier) addresses of the resources requested, the date and time of the request, the method used to submit the request, the size of the response file, the numerical code identifying the status of the response given by the server, and other parameters related to the User’s computer environment and operating system. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the website as well as checking its correct functioning, and it is deleted immediately after processing. The data could be used exclusively by the Judicial Authority to ascertain responsibility in case of hypothetical computer crimes against the website.

 

4.2  Data provided voluntarily by the User

The optional, explicit and voluntary sending of e-mails to the addresses listed on this website, or the completion of forms, involves the subsequent acquisition of the sender's address, necessary to respond to requests, as well as of any other personal data voluntarily entered by the User. The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this website and guarantees that they have the right to communicate or disclose it, releasing the Data Controller from any liability towards third parties.

 

4.3  Redirect via Social plug-ins

The so-called social plug-ins may be used while browsing the website. Social plug-ins are special tools that allow to incorporate social network features directly within the website (e.g., the Facebook “like” function). All the website social plug-ins are marked with the logo of the respective social network platform.

When you visit a page on the website and interact with the plug-in (e.g. by clicking the “like” button) or you leave a comment, the corresponding information is transmitted from the browser directly to the social network platform (in this case Facebook), which stores it. For information on the purposes, type and methods of collection, processing, use and retention of personal data by the social network platform, as well as for how to exercise your rights, please see the privacy policy of the relevant social network.


5.     Recipients and categories of recipients

Personal data will not be disseminated, i.e. it will not be given to unspecified subjects. It may instead be communicated to well-defined subjects, in full compliance with the legal requirements, for purposes strictly related to those previously specified. Access to your personal data is restricted to subjects authorised by the Data Controller. The communication to the identified recipients, only if involved and functional, is related to the achievement of the purposes referred to in point 3 above; therefore, the personal data collected and processed may be:

  1. Used anonymously for statistical purposes;
  2. Made available to the Data Controller's collaborators, as Data Processors or persons authorised to process personal data;
  3. Communicated to third parties, natural or legal, public administrations, professionals, law enforcement authorities, government agencies, regulatory bodies, courts, or other public authorities authorised by law;
  4. Entities providing services for the management of the information system and communication networks including e-mail, newsletters, and website management;
  5. Studies or companies in the field of assistance and consulting relationships;
  6. If necessary, transferred to another Data Controller in accordance with the provisions of the GDPR, also with regard to the right to data portability.

Information could also be communicated whenever such communication may be necessary to comply with requests from the Judicial or Public Security Authorities. Under no circumstances will the collected data be disseminated.

 

The list of the Data Processors is available at the headquarters of the Data Controller.

 

6.   Transfer of data abroad

The data will not be transferred outside the European Union.

 

7.   Data retention period (criteria for determination)

Here below you can find a table which specifies the retention times (i.e. the criteria for determination) of Personal Data:

 

Purposes                                                                          Retention times

point 3, letter a): contract management                            For the entire duration of the relationship and for the subsequent 10 years (ordinary prescription).


In addition, the Data Controller may be obliged to retain the Personal Data for a longer period in compliance with a legal obligation or by order of an authority.

 

8.   Methods of data processing

Personal Data will be processed through manual, computerised or telematic instruments, suitable to guarantee its security and confidentiality, by personnel duly instructed to comply with the Applicable Regulations. There is no automated decision-making process. In some cases, in addition to the Data Controller, the Data may also be accessed by other subjects involved in the organisation of this website (administrative, sales, marketing, legal staff, system administrators) or external subjects (such as third party technical service providers, couriers, hosting providers, IT companies, communication agencies), which are appointed, if necessary, as Data Processors by the Data Controller.

Should it be necessary to contact you for any needs concerning the management of your position, you may be contacted via e-mail, sms, instant messaging systems, through any equivalent electronic means or by paper mail or operator call at any of the contact details provided. If you prefer to be contacted only at one or some of these contact details, you may make an express written request to the Data Controller without formality.

 

8.1  Legal Defence

The User's Personal Data may be used by the Data Controller in legal proceedings or in the preparatory stages for their possible initiation in order to defend themselves against abuse in the use of this website or related services by the User. The User declares to be aware that the Data Controller may be obliged to disclose the Data by order of public authorities.

 

8.2  Specific policies

Upon request by the User, in addition to the information contained in this privacy policy, the website may provide the User with additional and contextual policies regarding specific services, or the collection and processing of Personal Data.

 

8.3  System Log and Maintenance

For operational and maintenance needs, this website and any third party services used may collect system logs, i.e. files which record

interactions and which may also contain Personal Data, such as the User’s IP address.

 

8.4  Information not contained in this policy

Further information in relation to the processing of Personal Data may be requested at any time by the Data Controller using the contact details.

8.5  Response to “Do Not Track” requests

This website does not support “Do Not Track” requests. To find out whether any third party services used support them, please consult their privacy policies.


8.6  Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users on this page and, if possible, by sending a notification to Users through one of the contact details of which the Data Controller is in possession. Therefore, we kindly ask you to consult this page regularly and refer to the last modification date at the bottom. Should the changes involve treatments whose legal basis is the consent, the Data Controller will again collect the User's consent, if necessary.

 

9.   User’s rights

We inform you that you can exercise the rights recognised by the Applicable Regulations including, by way of example:

  1. The right to access your Personal Data and to know the origin, the purposes of the processing, the data of the subjects to whom it is communicated, the data retention period or the criteria used to determine it (art. 15);
  2. The right to rectification (art. 16);
  3. The right to erasure (“the right to be forgotten”), if the data is no longer necessary, incomplete, incorrect or collected in

violation of the law (art. 17);

  1. The right to restrict the processing to a part of your personal data (art. 18);
  2. To the extent technically possible, the right to receive in a structured format or to transmit to you or to third parties that you indicated, information about you (so-called “portability”) or the information you voluntarily provided (art. 20);
  3. The right to object to the processing of your personal data based on legitimate interest (art. 21);
  4. As well as the right to withdraw your consent at any time, if this constitutes the basis for the processing (the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal).

 

The aforesaid rights may be exercised by means of a written request addressed without formality to the Data Controller using the contact details specified in point 1.

 

The Data Controller must do so without delay and, in any case, no later than one month after receiving the request. The deadline may be extended by two months, if necessary, taking into account the complexity and number of requests received by the Data Controller. In such cases, the Data Controller will inform you within one month of receiving your request, specifying the reasons for the extension.

 

Should you deem the response to your requests unsatisfactory, we remind you that you may contact and lodge a complaint with the Italian Data Protection Authority (http://www.garanteprivacy.it/) as explained in the Applicable Regulations.

 

The Data Controller

Corropoli, 3th May 2021

ILTUO COMMENTO

INVIA UN MESSAGGIO

 
 
 
 
 
 
I have read the Privacy Policy
 
 

* Campi obbligatori