Informativa Privacy
Users Section
The undersigned Company Idroinox Impianti s.r.l. (VAT no. 02659530345), in the person of its pro-tempore legal representative, with registered office in Via F. Santi, 9, Sorbolo (PR), owner of the Website https://www.idroinox.com/ (hereinafter, the “Website“), in its capacity as data controller of the personal data of the users of the Website (hereinafter, the “Users“) hereby provides the privacy policy pursuant to Article 13 of EU Regulation 2016/679 of April 27, 2016 (hereinafter, the “Regulation“, or the “Applicable Legislation“).
This Website and any services provided via the Website are reserved for individuals who have reached the age of eighteen. The Data Controller therefore does not collect any personal data relating to persons aged under 18. Upon the Users’ request, the Data Controller shall promptly delete all personal data collected involuntarily and relating to persons aged under 18.
The Data Controller pays the utmost consideration to its Users’ right to privacy and protection of personal data. For any information in relation to this privacy policy, Users may contact the Data Controller at any time as follows:
- By sending a registered letter with return receipt to the Data Controller’s registered office in Via F. Santi, 9, Sorbolo (PR);
- By sending an email to the following e-mail addresses: PEC idroinoximpiantisrl@pec.it ; e-mail information@idroinox.it
Category of data processing:.
The data that will be processed are the following:
- all personal data whose transmission is implicit in the use of Internet communication protocols, which the computer systems and software procedures used to operate the Website acquire during their ordinary operation: IP addresses or domain names of the computers used by Users, URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the User’s operating system and computer environment;
- personal data identifying the User that may have been voluntarily disclosed in the ‘contact us’ section (e.g. name, surname, e-mail address, IP address, log files, etc.);
2. Purpose of processing
The Users’ personal data will be legitimately processed by the Data Controller pursuant to article 6 of the Regulation for the following processing purposes:
- provision of the service, i.e. to enable the browsing of the Website by the User. The User’s data collected by the Controller for this purpose include all data used for the sole purpose of obtaining anonymous statistical information on the Website use and to allow the same to operate properly. Without prejudice to the other provisions of this privacy policy, under no circumstances will the Data Controller make the Users’ personal data accessible to other Users and/or third parties.
- fulfilling the User’s request: the Users’ personal data are collected and processed by the Controller for the sole purpose of fulfilling their request. The User’s data collected by the Controller for this purpose include: name, surname, e-mail address and any further User data that may be voluntarily disclosed in the ‘contacts’ No other processing shall be carried out by the Controller in relation to the Users’ personal data. Without prejudice to the other provisions of this privacy policy, under no circumstances will the Data Controller make the Users’ personal data accessible to other Users and/or third parties.
In any case, the Data Controller will gladly help to clarify the specific legal basis that applies to the data processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary in order to enter into a contract.
The provision of personal data for the processing purposes indicated above is optional but necessary, since failure to provide the same will make it impossible for the Users to submit their request to the Controller.
Personal data that are necessary for the pursuit of the processing purposes described in this point 2. are indicated with an asterisk in the request form.
3. Data processing methods and retention period
The Data Controller shall process the Users’ personal data using manual and IT tools, with logics strictly related to the purposes and, in any case, in such a way as to ensure the data security and confidentiality.
The personal data of the Website Users will be stored for the time strictly necessary to carry out the primary purposes described in paragraph 2 above, or in any case as necessary for the protection in civil law of the interests of both the Users and the Data Controller.
4. Scope of data communication and disclosure
Users’ personal data may be disclosed to the persons in charge of managing the Website and the requests from the Users. Such persons, who have been formally instructed by the Data Controller pursuant to art. 29 of the Regulation, will process the User’s data exclusively for the purposes indicated in this notice and in compliance with the provisions of Applicable Law.
Third parties who may process personal data on behalf of the Data Controller as “External Data Processors”, including for example providers of IT and logistic services functional to the operations of the Website, providers of outsourced services or cloud computing, professionals and consultants, may also have access to the Users’ personal data.
Users have the right to obtain a list of any data processors appointed by the Data Controller, by submitting a request to the Data Controller as per what indicated in paragraph 6 of this document.
5.Transfer of data
Data collected in connection with the above-mentioned purposes are not transferred to countries outside the EU. However, the Controller reserves the possibility to use cloud services, in which case, the service providers will be selected among those that provide adequate guarantees, as set out in Article 46 of EU Regulation 2016/679.
6. Rights of the parties concerned
Users may exercise the rights granted to them under the Applicable Law by contacting the Data Controller as follows:
- By sending a registered letter with return receipt to the Data Controller’s registered office in Via F. Santi, 9, Sorbolo (PR);
- By sending an email to the following e-mail addresses: PEC idroinoximpiantisrl@pec.it ; e-mail information@idroinox.it
Moreover, Users have the right to:
- access the personal data to know (“reactive transparency”) the processing purposes, the categories of personal data collected, the data recipients, namely if recipients in third countries or international organisations, the envisaged retention period (art. 15);
- obtain the correction (art. 16 of the GDPR);
- obtain the erasure of their personal data, if these are no longer required for the purpose for which they were collected and if there are no further legal requirements for retention (art. 17 GDPR);
- request the restriction of processing (art. 18 of the GDPR);
- request data portability (art. 20 of the GDPR);
- object to processing for reasons ascribable to your one’s specific situation (art. 21 GDPR). In this case, we shall refrain from further processing your data, unless the existence of legitimate legal grounds for proceeding with processing is demonstrated (e.g. for defending one’s rights before the courts).
- avoid being subject to automated decision-making processes, including profiling (art. 22).
- withdraw consent at any time without prejudice to the lawfulness of the processing based on consent given prior to the withdrawal;
Finally, the interested party shall have the right to submit a complaint to the Data Protection Authority pursuant to art. 13 par. 2 lett. d) of the above-mentioned Regulation as well as pursuant to art 77 of the Regulation.
The Supervisory Authority is the Italian Data Protection Authority, located in Piazza Venezia 11, 00186 – Rome (https://www.garanteprivacy.it/web/garante-privacy-en/home_en).
For anything not provided for in this information notice, please refer to Regulation (EU) 2016/679 to Legislative Decree 196/03 as amended by Legislative Decree 101/2018 as amended, as well as any other measure issued by the Italian Data Protection Authority (“Garante”).
The Owner is not responsible for updating all links displayed in this Policy, therefore whenever a link is not working and/or updated, Users acknowledge and accept they should always refer to the document and/or section of the Websites referred to by that link. In the event of non-acceptance of the changes made to this privacy policy, the User shall cease using https://www.idroinox.com/ and may request the Data Controller to remove his/her Personal Data. Unless otherwise specified, the previous privacy policy shall continue to apply to the Personal Data collected up to that point.