Privacy Policy
PRIVACY POLICY
Information document pursuant to and for the purposes of Article 13 of Regulation (EU) 2016/679 (GDPR)
WHY THIS INFORMATION?
In accordance with Regulation (EU) 2016/679 (hereinafter "GDPR"), this page describes the methods of processing personal data. This is a notice that is provided pursuant to art. 13 GDPR. The notice is not to be considered valid for other third-party websites, which may be consulted via links on this website, for which no responsibility is assumed.
Processable personal data
Personal data : any information relating to an identified or identifiable natural person (' data subject '); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (C26, C27, C30 GDPR).
Contractor/user data.
Browsing data
The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes the IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment.
Data communicated voluntarily
The optional, explicit and voluntary sending of messages to the contact addresses indicated on this site and/or the completion of data collection forms entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data entered.
Information about the processing of personal data carried out through Social Media platforms
Regarding the processing of personal data carried out by the managers of the Social Media platforms used by the Data Controller, please refer to the information provided by them through their respective privacy policies. The Data Controller processes the personal data provided by users through the pages of the dedicated Social Media platforms, to manage interactions with users (comments, public posts, etc.) and in compliance with current legislation.
Specific information
Specific information may be present on the pages of the Site in relation to particular services or processing of the data provided.
Cookies and other tracking systems. What are they? What are they for?
For Cookies and other tracking systems, see the cookies policy reported in the footer of the site and at the following link .
1. WHO IS THE DATA CONTROLLER? HOW TO CONTACT HIM?
The Data Controller is MCA EMMECIA SpA , with registered office in Via Indipendenza 131, 20821 Meda (MB), in the person of the Chief Executive Officer. The contact email of the Data Controller is:privacy@emmecia.it
3. PURPOSE OF THE PROCESSING, LEGAL BASIS, DATA RETENTION PERIOD AND NATURE OF THE PROVISION
|
PURPOSE OF THE PROCESSING |
LEGAL BASIS |
RETENTION PERIOD |
NATURE OF THE PROVISION |
|
A) Browsing this website. The data necessary for the use of web services are also processed for the purpose of: •obtain statistical information on the use of services (most visited pages, number of visitors per time slot or day, geographical areas of origin, etc.); •check the correct functioning of the services offered. The data will be used to ascertain responsibility in the event of hypothetical computer crimes against the site. |
The processing is necessary for the pursuit of the legitimate interest of the data controller or third parties, provided that the interests or fundamental rights and freedoms of the data subject which require the protection of personal data do not prevail, taking into account the reasonable expectations of the data subject and the activities strictly necessary for the functioning of the site and navigation itself. (Art. 6, par. 1 letter f and recital 47 of the GDPR). For profiling cookies, processing is based on consent to the processing of personal data (art. 6 par. 1 lett. ae C42, C43 of the GDPR). Consent is given through the banner and the site's cookie policy. |
The storage of browsing data will last for the duration of the browsing session and in any case will not persist for more than seven days (except in the event of the need to ascertain crimes by the Judicial Authority). |
Providing data is necessary for browsing the website. |
|
B) Use of cookies and similar technologies. See the cookies policy in the footer of the site. |
For cookies and similar non-technical technologies, the processing is based on consent to the processing of personal data (art. 6 par. 1 lett. ae C42, C43 of the GDPR). Consent is given through the banner and the site's cookie policy. |
See the cookies policy in the footer of the site. |
See the cookies policy in the footer of the site. |
|
C) Any processing of personal data through collection with specific forms, to carry out further processing of personal data, with respect to what is necessary to allow sole navigation on the site. In addition to navigation, contact/service management is provided for the following purposes (please refer to the specific information): • Sending contact requests; • Response to contact requests sent by the interested party. |
The processing is necessary for the execution of pre-contractual measures adopted at the request of the same (art. 6 par. 1 lett B and C44 of the GDPR). |
Maximum 12 months. |
The transfer is necessary. Failure to provide the necessary data will make it impossible to obtain the services provided on the basis of the forms, in the specific reference area. |
|
D) Management of your requests and requests of other interested parties, pursuant to art. 15 et seq. of the GDPR (rights of the interested party). |
The processing is necessary for compliance with a legal obligation to which the data controller is subject (C45) (Art. 6 par. 1 lett. c) of the GDPR). |
5 years from the closure of the request, barring disputes. |
The provision of personal data is mandatory, as it is essential to be able to fulfill legal obligations. |
4. TO WHOM WILL THE PERSONAL DATA BE COMMUNICATED? DATA RECIPIENTS
Personal data will be communicated, also based on the purposes set out in specific areas, to subjects who will process the data as independent Data Controllers, or Data Processors (art. 28 GDPR) and processed by natural persons (art. 29 GDPR) who act under the authority of the Data Controller and the Processors on the basis of specific instructions provided in order to the purposes and methods of processing, for specific purposes based on the reference area. The data will be communicated to recipients belonging to the following categories:
- Entities that provide services for the management of the site and communication networks, including electronic mail (including Group companies, affiliates, subsidiaries);
- Site Host;
- Competent authorities for compliance with legal obligations and/or provisions of public bodies, upon request;
- In the case of purposes envisaged following the compilation of data collections (forms) in specific areas of the site (please refer to the specific information for the area) to:
- subjects that provide services for the management of the information system, studies or companies in the context of assistance and consultancy relationships. The list of Data Processors is constantly updated and available by writing to the addresses indicated above.
5. WILL THE DATA BE TRANSFERRED TO NON-EEA COUNTRIES?
Personal data will not be transferred to non-EEA countries. In particular, it is specified that the data will be stored for hosting, management, development and maintenance services of the site.
6. IS THERE AN AUTOMATED PROCESS?
Personal data will be subjected to traditional manual, electronic and automated processing. It is specified that no fully automated decision-making processes are carried out.
7. WHAT ARE YOUR RIGHTS? HOW CAN YOU EXERCISE THEM?
You may exercise your rights as expressed in articles 15 et seq. of the GDPR by contacting the Data Controller at the addresses listed above. You have the right, at any time, to request access to your personal data (art.15), rectification (art.16), erasure (art.17), and restriction of processing (art.18). The Data Controller shall communicate (art. 19) to each of the recipients to whom the personal data have been transmitted any rectifications or erasures or limitations of processing carried out pursuant to article 16, article 17, paragraph 1, and article 18. The Data Controller shall communicate these recipients to the interested party if the interested party requests it. Furthermore, in the cases provided for the forms in specific areas, you have the right to the portability of your data (art.20) and in this case they will be provided to you in a structured, commonly used and machine-readable format. You have the right to object (art.21), at any time, to the processing of data based on legitimate interest.
In the event that you believe that the processing of your personal data by the Data Controller violates the provisions of Regulation (EU) 2016/679, you have the right to lodge a complaint with the Privacy Guarantor ( https://www.garanteprivacy.it/ ), or to take appropriate legal action.
8. CHANGES TO THE INFORMATION NOTICE
The Owner reserves the right to modify, update, add or remove parts of this information. In order to facilitate the verification and modification of the text, the information will contain the date of update.
Updated: October 20, 2023