Dear Customer, Pursuant to art. 13 of EU Regulation 2016/679 and as regards the personal data which MIPA S.r.l. (hereinafter, the “Company” or “Data Controller”) will acquire, we would like to inform you of the following.
The Data controller is MIPA S.r.l. having registered office in Via Cantina 325 – 41017 Casoni di Ravarino (MO) – Italy, e-mail: firstname.lastname@example.org represented by its interim legal representative.
Purposes of data treatment.
1: The treatment of your Personal Data will be carried out by the Data Controller to allow you to send requests for information or contact us directly through the phone numbers of the Controller and the e-mail addresses on the site;
The treatment of your Personal Data is therefore based on a request by the user of information and/or pre-contractual or contractual activities involving the Controller, therefore complying with the provisions of EU Reg. art 6 paragraph 1 lett. b.
In order to allow the Data Controller to carry out the processing activities for the above purposes, it will be necessary to provide the Personal Data marked with the symbol “*”. In absence of even one of the marked data, it will not be possible for us to treat your Personal Data and, consequently, you will not be allowed to complete your request for which Personal Data is required.
2: The treatment of your Personal Data will be carried out by the Data Controller to allow you to receive commercial information, advertising, event communications, exhibitions, new products and direct marketing by MIPA S.r.l. and related companies; The treatment of your Personal Data is therefore based on a user request of explicit consent are provided for by the aforementioned EU Reg. (art 6 paragraph 1 lett. a) Any refusal to consent does not prevent or make impossible the treatment referred to in the previous point. The right to withdraw or give consent can be exercised at any time.
3: The treatment of your Personal Data will be carried out by the Data Controller to allow you to receive the Company’s Newsletter;
The data requested on the site
The Personal Data that will be required for the pursuit of the aforementioned purposes will be those indicated in the contact form, that is: name, company, city, postcode, country, e-mail address, telephone number.
The e-mail address is necessary for the purpose of sending the newsletter
For contact information requests and for commercial requests the mandatory data are indicated with * therefore the lack of such data does make it impossible to provide the requested service.
Data related to site navigation
The computer systems and software procedures used to operate this website require acquisition, during normal operation, of some personal data, whose transmission is implicit in and required by the use of Internet communication protocols.
This information is not collected for the purpose of associating it to an identified user. However, due to its nature, this information might, if further processed and correlated with other data held by third parties, be used to identify users.
This category of data includes the IP addresses and/or domain names of the sites users/visitors’ computers, URI (Uniform Resource Identifiers) of the requested resources, the time of request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply from the server (error in transmission, no error and so on) and other parameters regarding operating system and computer environment.
This data is used only to obtain anonymous statistical information about the site and to make sure the site is operating and performing as intended, and they are deleted immediately after processing.
The data could also be used to identify people involved and potentially responsible in case any cyber crime is committed against the Site.
Communication of data.
There are third parties who perform part of the treatment and/or activities connected and instrumental to them on behalf of the Data Controller. These persons have been appointed as data processors (which means, in accordance with Article 4, paragraph 8, of the Rules of Procedure, ” the natural or legal person, public authority, service or other body that treats Personal Data on behalf of the Data Controller” (hereinafter “Data Processor”);
Individuals, employees and/or collaborators of the Data Controller, who have been entrusted with specific and/or further treatment of your Personal Data. These individuals have been given specific instructions on the safety and correct use of Personal Data and are defined, in accordance with Article 4 in point 10) of the Rules, as “persons authorized to process Personal Data under the direct authority by the Data Controller or Data Processor” (hereinafter the “Authorized Persons “).
If required by law or to prevent or suppress the commission of a crime, your Personal Data may be disclosed to public bodies or judicial authorities without them being defined as Recipients. In fact, pursuant to Article 4 of point 9) of the Rules of Procedure, “public authorities who may receive communication of Personal Data in a specific investigation in accordance with Union or Member State law are not considered Recipients”.
Data treatment modalities.
The treatment will be carried out in an automated and/or manual form, in compliance with the provisions of art. 32 of EU Regulation 679/2016 concerning security measures, by persons specifically authorized and in compliance with the provisions of Article 29 of the Regulation.
Your personal data will not be disclosed
Data profiling and/or automated decision-making processes.
Your personal data are not subject to profiling and/or automated decision-making processes.
Data transfer abroad.
Personal Data will be processed by the Data Controller within the territory of the European Union.
If for technical and/or operational reasons it is necessary to make use of subjects located outside the European Union, we will inform you from now on that these subjects will be appointed as Data Processors pursuant to and for the purposes of article 28 of the Regulation and the transfer of your Personal Data to these subjects, limited to the performance of specific treatment activities, will be regulated in accordance with the provisions of Chapter V of the Rules. All necessary precautions will therefore be taken to ensure the fullest protection of your Personal Data, executing this transfer basing on the following criteria: (a) adequacy of the recipient’s country as expressed by the European Commission; (b) guarantees expressed by the recipient third party pursuant to Article 46 of the Rules; (c) adoption of the so-called corporate binding rules.In any case you can request more details from the Data Controller if your Personal Data have been processed outside the European Union requesting evidence of the specific guarantees adopted.
Data storage time.
Personal Data will be processed by the Data Controller only for the time necessary to fulfil the purpose set out in point 1 of this Statement. In particular, your Personal Data will be processed for a period of time equal to the minimum time necessary, as indicated in Recital 39 of the Rules, without prejudice to a further retention period that may be imposed by law as also provided for by Recital 65 of the Regulation.
With regard to the treatment performed to achieve the purposes set out in point 2 and 3 of this Statement, the Data Controller may lawfully process your Personal Data until you communicate, in one of the ways provided for in this Statement, your wish to revoke the consent to one or all the purposes for which you have been asked it. The possible revocation of the consent will in fact require the Data Controller to cease the processing of your Personal Data for these purposes.
Rights of the concerned party
The Regulation confers to the subjects whose personal data are being treated specific rights, among which the right to:
(a) obtain confirmation about whether treatment of personal data regarding him/her is in progress and to obtain access thereto (art. 15 of the Regulation);
(b) obtain the correction of inaccurate personal data (art. 16 of the Regulation);
(c) obtain the deletion of any personal data concerning him, in accordance with the right to be forgotten (art. 17 of the Regulation);
(d) obtain the limitation on the processing by the Data Controller (art. 18 of the Regulation);
(e) obtain their personal data in a structured, legible and comprehensible manner, as well as obtain that such data are transmitted to another data controller without impediments (art. 20 of the Regulation);
(f) oppose the treatment of personal data (art. 21 of the Regulation).
Right to adhere to a supervisory authority.
You have the right to appeal to the supervisory authority (Privacy Authority) at any time, if you believe that the processing of your data is being carried out in an unorthodox manner.
You may revoke the consent given to the Data Controller at any time, without such revocation affecting the processing performed until that moment by the Data Controller. You can exercise your rights with a written request sent to the Company, to the postal address of the registered office or to the e-mail address – MIPA S.r.l. having registered office in Via Cantina 325 – 41017 Casoni di Ravarino MO – Italy, e-mail: email@example.com
This information may change over time, also depending on the entry into force of new sector regulations, the updating or provision of new services or technological innovations, and for this reason we invite you to periodically consult this page. – Version: May 25, 2018.