2016/679 (GDPR) (European regulation on personal data protection)
Sipol S.p.a. is committed to respecting the privacy of every User visiting the Website and uses its Services.
The Policy does not apply to third party sites which may grant active or passive access through links on the website of the owner.
The processing of personal data of Users is in full compliance with General Data Protection Regulations (EU) 2016/679 (GDPR).
1. Identity and contact details of the Data Controller
Data Controlling is governed by Sipol S.p.a. – Via Leonardo da Vinci, 5 – 27036 Mortara (PV) – VAT number 01842120188 C.F. 01669490037 – email: firstname.lastname@example.org .
2. Categories of personal data processed
The Data Controller may process the following categories of Users personal data:
- Data voluntarily communicated by the User: identification and contact data (mainly name, surname, company, telephone contacts and e-mail address) entered voluntarily by the User in case of completion of a data request form; the optional, explicit and voluntary supply of messages to the owner’s contact addresses, as well as the completion and submission of any forms on the site, entail the acquisition of the sender’s contact details, which will need answering, as well as any personal data included in the communications; if necessary, specific information will be published on web pages prepared for the provision of different services and different purposes.
- Browsing data: during normal operation the computer systems and software procedures used to operate this site acquire some personal data which may be transmitted during the use of Internet communication protocols.
This category includes IP addresses or domain names of User’s computers and terminals, addresses in URI / URL notation (Uniform Resource Identifier / Locator) of the requested resources, time of request, method used to submit the request to the server, file size obtained in response, numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters related to the operating system and the User’s computer environment.
This data, which is necessary when using web services, is also processed for the purpose of:
- obtaining statistical information on the use of services (most visited pages, number of visitors per hour or day, geographical areas of origin, etc.).
- check the correct functioning of the services offered.
- in the case of hypothetical computer crime against the site, such data could be used to ascertain responsibility in agreement with judicial authorities.
- Sharing data via Social Network: the website includes plugins and/or pushbuttons which enable the sharing of contents on Social Networks (Facebook, Linkedin).
3. Purposes and legal bases for the processing of personal data
The Owner processes User data to allow browsing the site and to respond to any request o9n behalf of the User.
Any further processing will only take place only on the basis of obligations established by law and on the basis of legitimate interest. For any other processing purpose, explicit consent is given by the User to the Data Controller.
SIPOL S.P.A. will only collect and processes personal data of Users for the following purposes:
- purposes strictly connected and instrumental to administrative and accounting management;
- purposes related to legal and fiscal obligations under laws, regulations, community regulations, as well as provisions issued by Authorities and by supervisory and governing bodies;
- allow the Users to browse the site;
- respond to requests from Users sent via site;
- allow Users to use the services on site;
- improve the presentation, features and functionality of the Website.
For the purposes referred to in letters a) to f), the legal grounds identified are art. 6. par.1 lett. b) GDPR for necessary processing in order to execute pre-contractual / contractual measures and specific requests on behalf of the user – art. 6. paragraph 1 letter c) of the GDPR for necessary processing in order to fulfill legal obligations – Article 6. paragraph 1 letter. f) GDPR for the pursuit of legitimate interests.
4. Data storage times
Any personal data processed by SIPOL S.P.A. on the basis of the User’s consent, will be stored for the time strictly necessary to achieve the purposes for which it was originally collected and, in any case, will no longer be processed as a result of revocation of given consent.
If any personal data processing should instead, take place in fulfilment of legal, fiscal or judicial obligations, such data may be stored up to a maximum of ten (10) years.
Browsing data will not persist for more than seven days (except for any need to ascertain criminal offense by judicial authorities).
5. Providing data
Apart from the specified browsing data, the user is free to provide any personal data, however, failing to do so, such data may make it impossible to obtain the requested data.
6. Processing methods
All personal data will be processed through the aid of paper and computerized tools.
The Data Controller has adopted all the appropriate technical, organizational measures to guarantee high level security in order to minimize any risks inherent to confidentiality, availability and integrity of personal data collected and processed, on the basis of articles .24, 25 and 32 of the GDPR.
7. Recipients of personal data – Communication and disclosure of personal data
Personal data processed will be communicated to well-defined individuals. On the basis of the roles and tasks performed, internal and external personnel is entitled to treatment within the limits of their powers and in accordance with the instructions given to them by the Owner. Such data can be communicated to legitimate subjects such as: IT equipment maintenance companies, professional firms/companies providing accounting, tax offices, free-lance/occasional workers, agents and individuals whose law provisions or EU regulations recognize the right to access data.
The web hosting service is located in EU.
8. Transferring personal data abroad
Management and storage of personal data relating to the management of the website takes place on servers located within the European Union; if for any technical and / or operational reasons it should become necessary to make use of subjects located outside the European Union, or should it become necessary to transfer some of the collected data to technical systems and services managed in Cloud and located outside the area of the European Union, processing will be regulated in accordance with the provisions of Chapter V of Regulation (EU) no. 2016/679 and authorized on the basis of the European Union’s specific decisions. All necessary measures will then be taken in order to guarantee the most complete protection of personal data by basing this transfer:
- on adequacy decisions of third country recipients expressed by the European Commission;
- on adequate guarantees expressed by a third party recipient pursuant to art. 46 of the Regulation;
- on the adoption of binding corporate rules, so-called Corporate binding rules.
9. Processing of personal data of those under age
The use of the Site and the Services is reserved only for Users over 18 years of age. Sipol S.p.a. it does not process personal data of those under age.
10. Rights of the interested party
The Data Controller is freely contactable for any request relating to this policy by writing to: email@example.com.
The user may, at any time, exercise the rights referred to in Articles. 15/16/17/18/20/21/22 of Regulation (EU) no. 2016/679.
The aforementioned rights may be exercised by sending a specific request to the Data Controller through the contact channels indicated in this information sheet.
With reference to Article 7 of the GDPR, the interested party may revoke consent given at any time by informing the Data Controller.
Please refer to the appropriate section found on the company website.
12. Social Media Policy
Please refer to the appropriate section found on the company website.
13. Links to third-party sites
Sipol S.p.a. will under no any circumstances be held responsible for processing carried out through or in relation to such third-party sites.
Users are therefore invited to pay the utmost attention on the conditions of use and privacy and cookie policies published on the various sites/portals/social networks visited.
14. Changes and updates
This Policy is updated and applicable as from 06/04/2021.
Any further modification will be communicated to Users with the means and time deemed most appropriate by the Owner, in particular through the publication on the Site.