Such data shall be processed in accordance with the criteria laid down in the European Regulation on the protection of personal data, Reg. 2016/679/EU, and all other national legislation, orders or authorisations from a competent authority. According to the legislation concerned, data must be processed in accordance with the principles of fairness, lawfulness, transparency and protection of your privacy and rights. This policy statement applies solely to data processed through the site www.ersel.it and not also to any other sites visited by links.
THE DATA CONTROLLER
Data regarding identified or identifiable persons may be processed following consultation of this site. The data controller is Ersel Sim S.p.A., in the person of its legal representative pro tempore, with its registered office at Piazza Solferino, 11 – 10121 Turin, Italy, tel. 0115520111, email: firstname.lastname@example.org.
PLACE OF PROCESSING OF THE DATA AND DISCLOSURE
Processing relating to this site's Web services shall take place at the Company's office, as indicated above, and shall be handled by the Company's personnel and/or disclosed to duly designated external processors responsible for maintenance and updating operations. No data relating to the Web service shall be disseminated. Personal data provided by users who submit requests for services or information shall only be used to provide the requested service or information and shall only be disclosed to duly designated third parties where necessary for this purpose.
TYPES OF DATA PROCESSED
In the course of their normal operation, the IT systems and software procedures responsible for the functioning of this website obtain personal data transmission of which is implicit in the use of Internet communication protocols. While such information is not collected to be associated with specifically identified data subjects, by its nature it could nonetheless be used to identify users through further processing and association with data held by third parties. This category of data includes the IP address or domain names of the computers used by the users who connect to the site, the addresses in URI (Uniform Resource Identifier) of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response provided by the server (success, error, etc.), and other parameters relating to the user's operating system and IT environment. These data are used by this site solely to derive anonymous statistical information concerning the use of the site and to ensure that the Site is functioning properly. The data could be used to establish responsibility in the event of a cybercrime against the site. Consent is not required to process such data, as limited to the purposes set out above.
Data voluntarily provided by the user
The optional, explicit and voluntary sending of e-mail to the addresses indicated on this site or the completion of the forms in the specific sections with mandatory and optional fields entails the subsequent acquisition of the sender's address and information necessary to respond to requests for services and/or information. Consent is not required to process such data, as limited to the purposes set out above.
Social networks used
OPTIONAL NATURE OF PROVISION OF DATA
Except as indicated for browsing data, the user is free to provide personal data to request services and/or information. Failure to provide such data shall render it impossible either to enter into the contract relating to the main purpose or, in some cases, to fulfil the request.
The personal data shall be processed by the data controller and duly designated data processors in fair pursuit of the purposes set out above, through the use of electronic systems and paper archives, subject to security measures suited to ensuring the privacy of the personal data and preventing undue access by unauthorised persons. The data controller shall make use of automated processes, including profiling, to achieve some of the purposes indicated. You shall be asked to provide your free, informed consent, where you are subject to such processing. You may refuse your consent for processing according to this method at any time.
TERMS OF PROCESSING
The Data Controller shall process the personal data not provided for contractual purposes for as long as is necessary to achieve the purposes set out above, and, in any event, for no more than two years from when the data are acquired for the purposes of the processing.
DATA SUBJECTS' RIGHTS
Pursuant to Articles 15 – 22 GDPR, the data subject has the right to request that the data controller grant access to, rectify, delete and restrict processing of his or her personal data, as well as the rights to object to the processing of his or her data and to request data portability. Such requests may be submitted by e-mail, fax or registered letter indicating in the subject line “request from the data subject” and specifying the right that the data subject wishes to exercise (erasure, rectification, portability, to be forgotten), along with a valid standard or certified e-mail address to which to send the reply. The data controller, or person engaged by the data controller, shall fulfil the request within 30 days of when it is received. If the response is complex, the time required could be extended by an additional 30 days, subject to timely notification of the data subject. If you wish to exercise your rights, you may lodge a complaint with the competent supervisory authority, in Italy the National Privacy Authority, located at Palazzo Monte Citorio 121, Rome.