Directive 2002/58/EC – concerning the “processing of personal data and the protection of privacy in the electronic communications sector
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
The data controller
Following consultation of this site, personal data relating to identified or identifiable persons (hereinafter also referred to as “Data”) may be processed. The Data Controller Fadpro Srl, with registered office in Via Lambruschini 4C, Building 26/A – 20156 Milan, email: email@example.com. The Company has appointed a Data Protection Officer, who can be reached at the following email address: firstname.lastname@example.org.
THE TYPES OF DATA PROCESSED
The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the following:
IP addresses of the devices used by users;
date and time the request was received;
the addresses in URI / URL (Uniform Resource Identifier / Locator) notation of the requested resources;
the numerical code indicating the status of the response given by the server (successful, error, etc.);
the size in bytes of the response;
URI address/URL of the page of origin (referrer);
Browser recognition string (user agent).
This data does not persist for more than 15 days. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site. Except for the latter hypothesis, the data are anonymized to obtain aggregate statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing.
DATA PROVIDED VOLUNTARILY BY THE USER
Cookies are small text files containing a certain amount of information exchanged between a website and the user’s terminal (usually the browser). They are mainly used for the purpose of making websites work and operate more efficiently, as well as in order to provide information to the owners of the website itself. Cookies can be both session and persistent. Session cookies remain stored in the terminal for a short period of time and are deleted as soon as the user closes the browser. Their use is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow the safe and efficient exploration of the site. Persistent cookies, on the other hand, remain stored in the user’s terminal until a predetermined deadline. These, not being deleted directly when the browser is closed, allow you to remember the choices made by the user on its site as well as to collect information about the pages of the site visited by the user, the frequency with which the site is visited and to identify the navigation path of users, in order to improve the experience on this site. Cookies, session or persistent, can finally be first-party or third-party depending on whether the person who installs cookies on the user’s terminal is the same operator of the site that the user is visiting (we will then talk about first-party cookies) or a different subject (we will then talk about third-party cookies).
This site uses both first-party and third-party cookies as it uses the features of Google Analytics services, offered by Google Inc., as indicated below.
|COOKIE NAME||DEFAULT EXPIRATION||GUY||COOKIE DESCRIPTION|
|__Secure-3PSIDCC||6 months||Persistent||Used for advertising purposes by Google|
|SID||2 years||Persistent||Store the preferences necessary for the third-party service of Youtube|
|SIDCC||1 year||Persistent||Provides information about how the end user uses the website and any advertisements that the user may have seen before visiting the website|
|__Secure-3PAPISID||2 years||Persistent||Used for advertising purposes by Google|
|SAPISID||2 years||Persistent||Allows Google to collect user information for videos posted on YouTube.|
|APISID||2 years||Persistent||Store the preferences necessary for the third-party service of Youtube|
In addition to the cookies in the table, this site can also use additional session cookies, or those cookies that are not stored permanently on the user’s computer and disappear when the browser is closed. Their use is strictly limited. Among the profiling cookies, the Data Controller adopts a CRM system to improve the proposal for involving users of the site.
Normally browsers allow the control of most cookies through the settings of the browser itself. However, please note that the total or partial disabling of so-called technical cookies may compromise the use of the site’s features. In any case, if the user does not wish to receive any type of cookies on his computer, neither from this site nor from others, he can raise the level of privacy protection by changing the security settings of his browser:
Mozilla Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
Google Chrome: https://support.google.com/chrome/answer/95647?hl=it
Internet Explorer: http://windows.microsoft.com/it-it/windows-vista/block-or-allow-cookies
Safari 6/7 Mavericks https://support.apple.com/kb/PH17191?viewlocale=it_IT&locale=it_IT
Safari 8 Yosemite: https://support.apple.com/kb/PH19214?viewlocale=it_IT&locale=it_IT
Safari your iPhone, iPad, or iPod touch: https://support.apple.com/it-it/HT201265
By visiting the website you may receive cookies from sites operated by other organizations (“third parties”). The Data Controller does not control cookies or other tracking technologies of these websites to which this Policy does not apply. The management of personal data collected by third parties is governed by the relevant information available on their respective websites:
For any personal data freely provided by the user through the services offered on the website, the Data Controller is entitled to process the data as the processing is necessary to perform the pre-contractual measures requested by the user himself (Article 6, paragraph 1, letter b) of the GDPR) or is legitimized because the user has given consent to a specific activity (Article 6, par. 1, lett. a) of the GDPR). Furthermore, the Data Controller may process the user’s data where required by a legal obligation to which the Data Controller is subject, such as the request for information on online activities by the competent authorities (Article 6, paragraph 1, letter c) of the GDPR). More information on the legal bases of the processing activities will be reported in the specific information.
The purposes of the Data Controller for the use of the website:
present and promote the commercial activities of Fadpro Srl;
present the research activities of Fadpro Srl.
Apart from that specified for navigation data, the user is free to provide his personal data. However, failure to provide such data may make it impossible to obtain what has been requested.
It is not mandatory to acquire the user’s consent to the use of only technical or third-party or analytical cookies assimilated to technical cookies. Their deactivation and / or refusal to their operation will make it impossible to navigate correctly on the Site and / or the impossibility to use the services, pages, features or content available therein. For all other types of cookies (e.g. marketing and profiling) the Data Controller will request specific consent.
The processing of personal data governed by art. 9 (Processing of special categories of personal data) of the Regulation
Personal data are also processed with the aid of automated tools. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. The Data Controller has adopted all the appropriate security measures required by law and inspired by the main international standards, has also adopted additional security measures to minimize the risks relating to the confidentiality, availability and integrity of personal data collected and processed.
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. The data collected for statistical analysis purposes are anonymized. In any case, the processing responds to the principle of data minimization and limitation of storage and the data will be processed for the period strictly necessary. More information on the retention time of personal data will be reported in the specific information.
Sharing, communication and dissemination of data
The data collected through the site will not be disclosed. The data collected may be transferred or communicated for activities strictly connected and instrumental to the operation of the service to persons qualified as Data Processors pursuant to art. 4.8 and art. 28 of the GDPR (professionals, consulting and service companies, hardware and software assistance companies, companies with technical and organizational tasks of the Site) and by persons authorized to process pursuant to art. 29, which operate under the direct authority of the Data Controller (employees and collaborators in various capacities), who are instructed in this sense.
The data provided by users who request dispatch of informative material (brochures, informative material, etc.) are used only to perform the service or provision requested and are communicated to third parties only if this is necessary for that purpose. Outside of these cases, personal data will not be disclosed except for contractual or legal provisions, or unless specific consent is requested from the interested party.
In this sense, personal data may be transmitted to third parties, but only and exclusively if:
- a) there is explicit consent to share the data with third parties;
- b) there is a need to share information with third parties in order to provide the requested service;
- c) this is necessary to fulfill requests from the Judicial or Public Security Authorities.
More information on the subjects to whom the Data Controller may communicate such personal data can be found in the specific information.
Transfer of personal data to countries outside the European Union
The Data Controller uses Cloud services offered by some suppliers, suitably qualified as Data Processors, operating in Europe or countries for which there are adequacy decisions by the European Commission and / or the Guarantor.
With regard to the export of personal data to the United States, prior to any transfer and in light of the circumstances of the same, it will be assessed on a case-by-case basis whether the level of data protection and related security measures are adequate and effective.
In the absence of an adequacy decision or adequate guarantees pursuant to art. 46 of the GDPR or binding corporate rules pursuant to art. 48 of the GDPR, the transfer will take place only with the explicit, specific and informed consent of the interested party pursuant to art. 49 of the GDPR on the possible risks deriving from the transfer of personal data (absence of adequate protection adequate safeguards aimed at protecting data).
Rights of the interested parties
The legislation on the protection of personal data expressly provides for some rights for the subjects to whom the data refer (so-called interested party). In particular, pursuant to articles 15-22 of Regulation (EU) 2016/679, each interested party has the right to obtain confirmation of the existence or not of data concerning him, to obtain an indication of the origin and purposes and methods of processing, updating, rectification, integration of data as well as their cancellation if processed in violation of the law or if there is one of the reasons specified in Article 17 of Regulation (EU) 2016/679, to request data portability and to have recourse to a supervisory authority.
The Data Controller periodically checks its privacy and security policy and, if necessary, will be reviewed in relation to regulatory, organizational or technological changes. In case of modification of the policies, the new version will be published on this page of the site.
Questions, complaints and suggestions and exercise of rights
Anyone interested in more information, to contribute with their suggestions or make complaints or disputes regarding privacy policies, on the way in which personal data are processed, as well as to assert their rights under the legislation on the protection of personal data, can contact the Data Controller by writing to Fadpro Srl, with registered office in Via Lambruschini 4C, Building 26/A – 20156 Milan, email: email@example.com. The Company has appointed a Data Protection Officer, who can be reached at the following email address: firstname.lastname@example.org.