– Website browsing disclosure
– Cookies disclosure
WEBSITE BROWSING AND COOKIES DISCLOSURE
This page describes how the website is managed in relation to the processing of personal data of users who access it. The processing is always based on principles of lawfulness and fairness in compliance with all current regulations; moreover, suitable data protection measures are used. This is a disclosure that is also provided pursuant to Art. 13 of Italian Legislative Decree 196/2003 and pursuant to Art. 13 of GDPR 679/2016 European Regulation on privacy, as well as pursuant to the provision concerning cookies no. 229 of 8 May 2014 to those who connect to the company website of SICIS (diary.sicis.com). The information is provided only for the website mentioned above and not for other websites that may be accessed by the user through special links.
The above-mentioned website is owned and operated by SICIS SRL SINGLE MEMBER COMPANY, which guarantees compliance with the regulation on the protection of personal data.
This Disclosure fully describes the practices we have adopted.
1) TYPES OF DATA PROCESSED, PURPOSE AND LEGAL BASIS OF THE PROCESSING
a) Browsing data
The computer systems and software procedures used to operate this website acquire, during its normal operation, some personal data that are then implicitly transmitted in the use of Internet communication protocols. This information is not collected in order to be associated with identified data subjects, but by its very nature it could, through processing and association with data held by third parties, allow users to be identified. This category includes IP addresses or domain names of the computers used by the website users who connect to the website, the URI (Uniform Resource Identifier) of requested resources, the time of request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (success, error, etc.) and other parametres typical of the user’s operating system and IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check its correct functioning, and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the website: apart for this possibility, the data on web contacts do not persist for more than seven days.
b) Data provided voluntarily by users/visitors
If, upon connecting to this website, users/visitors send their personal data to access certain services, such as the registration in a contact form, requests for services, information, estimates, the optional, explicit and voluntary sending of emails to addresses indicated on the website, this involves the acquisition by SICIS SRL of the sender’s address and/or any other personal data that will be processed solely to respond to the request, or to provide the service.
Personal data provided by users/visitors will be communicated to third parties only if the communication is necessary to comply with the requests of the users/visitors themselves.
Cookies are data created by a server that are stored in text files on the hard disk of your computer and allow the operation of this website, the use of a specific feature explicitly requested by the user or allow to improve the functioning of this website, like cookies that make browsing faster or show the contents of greatest interest to the user based on previous choices. Cookies may be permanent (so-called persistent cookies), but may also have a limited duration (so-called session cookies). This website uses both persistent and session cookies. The session ones are not stored permanently on your computer and disappear when the browser is closed. Persistent ones are used to customize browsing according to the tool used by the user (computer, tablet, smartphone) as well as third-party cookies that are used to analyse website accesses (e.g. Google Analytics) and to allow users to share the contents of the website through social networks (FB) or email (Add This). These cookies are stored permanently on your computer and have a variable duration.
Your Personal Data will be processed, with your consent where necessary, for the following purposes, where applicable:
a. allow the provision of the requested services (e.g.: contact request, estimate request, subscription to the Newsletter, request for information, request for sending documentation or permission to download it from the website, reporting abuse), as well as browsing the website;
b. find specific requests addressed to SICIS SRL;
c. carry out marketing activities, such as calculating statistics and market research, send you informative and promotional material concerning the activities, products and services of SICIS SRL. In compliance with the provision of the Italian Data Protection Authority “Guidelines on promotional activities and the fight against spam – 4 July 2013 ”, if you decide to give your consent to receive information concerning promotional activities, including market research, of the Data Controller, we inform you that such activities can be exercised, as required by current regulations, by means of paper mail, telephone contacts with operator (“traditional methods”), email, text message and use of social networks (“automated modes”). We also inform you that at any time you may decide to revoke the previously issued consent for traditional or automated methods by notifying the Data Controller without any formalities by writing to firstname.lastname@example.org. If, however, you wish to object to the processing of your data for marketing purposes carried out using the means indicated herein, you may do so at any time by contacting the Data Controller at email@example.com, without prejudice to the lawfulness of the processing based on the consent given prior to the revocation;
d. create user profiles, analysing preferences, habits, interests and choices expressed through the use of the website and the services offered, and, where appropriate, with the use of profiling cookies, in order to send you material and commercial communications and personalized promotions on the services offered by SICIS SRL (“Profiling”);
e. fulfil any obligations under applicable EU laws, regulations or legislation, or satisfy requests from the Authorities;
f. statistical purposes, without it being possible to trace your identity;
h. carry out direct marketing via email for products and services similar to those requested by you (including: material or documentation downloadable on the website).
The legal basis of the processing of Personal Data for the purposes referred to in section a. and b. is Art. 6(1)(b) of the Regulation (“[…] necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”), since the processing is necessary for providing services or for responding to requests by the data subject. Providing Personal Data for these purposes is optional, but any failure to provide it would make it impossible to activate the services requested or to meet your requests.
The processing performed for the marketing purpose described in section c. is based on you giving your consent pursuant to Art. 6(1)(a) (“[…] the data subject has given consent to the processing of his or her personal data for one or more specific purposes”).
Any processing performed for the purpose of profiling described in section d. is based on your consent pursuant to Art. 6(1)(a) (“[…] the data subject has given consent to the processing of his or her personal data for one or more specific purposes”), which may be collected through specific checkboxes or the banner cookie, or on legitimate interest of SICIS SRL pursuant to Art. 6(1)(f) (“[…] processing is necessary for the purposes of the legitimate interests pursued by the controller”). Providing your Personal Data for these purposes is therefore entirely optional and does not affect the use of the services.
2) PROCESSING METHODS
The processing of your personal data is carried out by means of the operations specified in Art. 4 Privacy Code and Art. 4 no. 2 GDPR and more precisely: collection, recording, organization, storage, access, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of the data. Your personal data are subjected to both paper and/or automated processing.
3) LOCATION OF THE DATA PROCESSING
The data will be processed by the Data Controller at its registered office and operational offices. The processing connected to the web services takes place at the company headquarters of the Data Controller and/or at the headquarters of the website’s hosting and/or management company.
4) ACCESS AND COMMUNICATION OF THE DATA
Your data may be made accessible to:
• Persons authorized by SICIS SRL to the processing of Personal Data necessary to perform activities strictly related to the provision of services, whether they are committed to confidentiality or have an appropriate legal obligation of confidentiality. Employees and associates of the Data Controller or partner companies, in their capacity as external data processors of the personal data
• Persons, entities or authorities to whom it is mandatory to communicate your Personal Data in accordance with the provisions of law or orders of the authorities or, in the case of reports of abuse, to investigate complaints and identify the source of the messages received from users;
• To third-party companies or other persons (accountant of the Data Controller for preparing financial statements, relevant accounting firm, third-party companies for the activation of licences purchased through the Data Controller and to fulfil the obligations arising from a contract, lending institutions, consultants, insurance companies etc.) that perform outsourced activities on behalf of the Data Controller, in their capacity as external Data Supervisors.
The data may be communicated to companies contractually linked to the Data Controller and, where necessary, also to persons inside and outside the European Union, in compliance with and within the limits of the applicable legislation. The data may be disclosed to third parties belonging to: judicial authorities, insurance companies, persons to whom the disclosure is mandatory by law for the accomplishment of said purposes, freelancers, persons performing controls, audits and certifications on behalf of the Data Controller. These persons will process the data in their capacity as independent Data Controllers.
5) STORAGE PERIOD
Personal Data processed for purposes a. and b. will be stored for the time strictly necessary to achieve those same purposes. In any case, since this processing is performed to provide services, SICIS SRL will process the Personal Data up to the time allowed by Italian law to protect its interests (Art. 2946 of the Italian Civil Code).
Personal Data processed for purposes c. and d. will be processed until the revocation of your consent.
Personal Data processed for purpose e. will be kept until the time provided for by the specific obligation or applicable law.
Personal Data processed for purposes f. and h. will be processed until your opposition to this processing.
Further information about the data retention period and the criteria used to determine this period can be requested by writing to the following address: firstname.lastname@example.org. In any case, SICIS SRL reserves the right to keep your Personal Data for the time allowed by Italian law to protect its interests (Art. 2947(1)(3) of the Italian Civil Code).
6) RIGHTS OF THE DATA SUBJECT
At any time, pursuant to Art. 7 of the Privacy Code and Articles 15-22 of the GDPR 2016/679, you may exercise the right to:
a) request confirmation of the existence or not of your personal data;
b) obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, where possible, the retention period;
c) obtain the correction and deletion of the data;
d) obtain the limitation of the processing;
e) obtain data portability, i.e. receive them from a Data Controller, in a structured format commonly used and readable by automatic device, and transmit them to another Data Controller without impediments;
f) oppose the processing at any time and also in the case of processing for direct marketing purposes;
g) oppose an automated decision-making process concerning individuals, including profiling.
You may exercise your rights at any time by sending:
– a registered letter with return receipt to SICIS SRL – administrative office at: Via Canala, 75/79 48123 Ravenna (RA)
– an email to the address email@example.com
7) SUBMITTING COMPLAINTS
Furthermore, you are entitled to lodge a complaint with the Italian Data Protection Authority, the independent administrative authority that ensures the implementation of the national and European legislation on the processing of personal data in the Italian legal system:
Italian Data Protection Authority
www.gpdp.it – www.garanteprivacy.it
8) IDENTITY OF THE DATA CONTROLLER
This website is managed by the Data Controller, identified in the person of the owner and legal representative of the company SICIS SRL with registered office: Via Borgonuovo, 29 – 20121 Milan (MI) – VAT number 01267680393 Tax ID number: 01611790401, email: firstname.lastname@example.org
The Data Controller guarantees the security, confidentiality and protection of the data they hold at every stage of processing.
The collected data are used in compliance with the current legislation on privacy (Italian Legislative Decree 196/2003 and GDPR 679/2016).
9) AUTOMATED DECISION-MAKING PROCESSES
The Data Controller does not perform processing that consists of automated decision-making processes.
Privacy disclaimer on cookies
Definition of cookies
Types of cookies
There are various types of cookies, depending on their characteristics and functions, and these can remain in the user’s computer for different periods of time:
• so-called session cookies, which are automatically deleted when the browser is closed;
• so-called persistent cookies, which remain on the user’s device until a pre-established expiration.
b) browsing or session cookies (for authentication),
c) functional cookies, which allow the user to browse according to a series of selected criteria (for example, language or products selected for purchase) in order to improve the service provided to the user.
• Conversely, for “profiling cookies”, i.e. those aimed at creating profiles relating to the user and used to send advertising messages in line with the preferences expressed by the user in the context of browsing the web, a prior consent of the user is required.
COOKIES can always be de-selected, and they can be authorized, blocked or deleted (fully or partially) through the specific functions of your browser: however, if all or some of the cookies are disabled, it is possible that the website will not be available or that some services or certain functions of the website will not be available or will not work properly and/or the user may be forced to change or manually enter certain information or preferences each time he visits the website.
11) INFORMATION NOT CONTAINED IN THIS POLICY
More information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact information.
13) DEFENCE IN COURT
The User’s Personal Data may be used for a defence by the Data Controller, in court or in the stages leading to its final establishment, from abuses in the data’s use or in the use of related services by the User. They can then be used for summons in court, judicial orders or other legal initiatives, in order to establish or exercise the rights granted to us by law.
The User declares to be aware that the Data Controller may be required to disclose the Data at the request of the public authorities.
14) LEGAL REFERENCES
This information is prepared in fulfilment of the obligations set forth in Italian Legislative Decree 196/2003 and the GDPR 679/16 Art. 10 of Directive no. 95/46/EC, as well as the provisions of Directive 2009/136/EC concerning Cookies.
This privacy disclosure only concerns this website.