OUR PERSONAL DATA PROCESSING POLICY
OFFICINA MECCANICA MINGAZZINI SRL values the protection of your personal data and therefore adopts transparency policies, restrictions, as well as adequate protection and security standards for the personal data processed, in compliance with Italian and European legislation, and the provisions of the Italian Data Protection Authority.
WHO PROCESSES MY PERSONAL DATA?
The Data Controller is OFFICINA MECCANICA MINGAZZINI SRL (hereinafter referred to in short as MINGAZZINI SRL), with registered office in 29/A, VIA PINI – VAT no. IT00149570343 Certified Electronic Mail email@example.com – Telephone: 0521 1880611, that, for the purposes of personal data processing, may use personnel, professionals and organisations designated, appointed and trained under its authority, within the limits and for the purposes specified in the information notice
The Data processors:
If the third-party statistical and analytical services that are implemented in the website collect user personal data, this data can be processed by third parties operating as data processors. If, for example, Google Analytics (GA), Attribution, Optimize, Tag Manager or Data Studio are used, Google operates as the processor of the data managed by the service. For further information, please refer to https://policies.google.com/technologies/partner-sites?hl=it “How Google uses information from sites or apps that use our services.”
WHAT DATA DOES THE WEBSITE COLLECT AND HOW LONG IS IT STORED?
The navigation data of an anonymous and statistical nature that is necessary to ensure the Website’s proper functioning and that, for security reasons, is collected automatically, solely for the purpose of obtaining anonymous statistical information on the use of the Site (including, by way of example, navigation times, geographical data and other parameters relating to the user’s operating system and IT environment, as well as the type of browser and the parameters of the device used to connect to the website, and the ISP -Internet service provider- name). This information, which in itself does not identify the user, could, however, also through processing and/or association with other data held by the provider or by third parties, allow the identity of the user to be traced. For security purposes (anti-spam filters, firewalls, virus detection), automatically recorded data may also include personal data such as the IP address, which could be used, in compliance with the applicable laws in force, to block attempts to damage the website itself, or to cause damage to other users, or in any case any harmful activities or offences. This data is never used for user identification or profiling, but only to protect the site and its users.
The personal identification data collected: the Website collects IP addresses directly, i.e. a unique identification code. A dynamic IP address that does not identify a natural person, but allows identifiability through the intersection with further information possibly held by third parties, such as the provider that, in fact, collects sufficient data in its logs to identify it.
Navigation data of an anonymous and statistical nature that is necessary to ensure the proper functioning of the Website and that is automatically collected solely for the purpose of obtaining anonymous statistical information on the use of the Site (including, by way of example, IP addresses, navigation times, geographical data and other parameters relating to the user’s operating system and IT environment).
This information, which in itself does not identify the user, could, however, also through processing and/or association with other data held by the provider or by third parties, allow the identity of the user to be traced.
The navigation data is not, nor will in any case be used by the Controller to carry out unwanted activities of User identification and profiling through association processes.
DATA PROVIDED VOLUNTARILY BY THE USER
FOR WHAT PURPOSES AND HOW LONG IS THE DATA PROVIDED VOLUNTARILY BY THE USER PROCESSED?
Personal and non-personal data collected to guarantee the proper functioning of the website and for security reasons: the website collects and processes various information about the User (such as an ID associated with the User for statistical purposes) in an automated and aggregated way, in order to check the website for proper functioning, and for security reasons; in particular, the data collected for security reasons may include date and time of visit, webpage of the visitor’s origin (referral) and exit, and possibly the number of clicks.
The data collected here, depending on the specific purposes, can be retained for up to 10 (ten) years. Each contact form has its specific indications. If their processing is no longer necessary, they can be deleted. Deletion can also be requested by the data subject.
WHAT SAFETY MEASURES DO WE TAKE TO GUARANTEE YOUR PERSONAL DATA PROTECTION?
Processing is carried out so as to guarantee the security of data and systems. Specific security measures are adopted to minimise the risk, even accidental, of data destruction or loss, unauthorised access, unpermitted or non-compliant processing with respect to the purposes indicated in this information notice, such as the HTTPS protocol to guarantee the integrity of the personal data collected and processed.
The security measures adopted by the Site, as appropriate as they are, do not allow for the absolute exclusion of the risks of intercepting or compromising the personal data transmitted via telematic means.
It is therefore recommended to check that the device in use is equipped with adequate software systems for the protection of telematically transmitted incoming and outgoing data (e.g. updated antivirus systems, firewalls and antispam filters).
Your personal data will NEVER be disclosed or communicated to unauthorised third parties, who may only access statistical data, namely anonymous or otherwise unsuitable to identify you, that will not be transferred abroad to non-EU countries not providing adequate levels of protection.
If, to provide the services of the Site, it is necessary to transfer data to countries outside the EU that do not ensure adequate levels of protection, this will take place only based on specific contractual agreements, containing safeguard clauses for personal data protection, in accordance with applicable law and regulations.
Personal data is not transferred abroad to countries outside the European Union that do not ensure adequate levels of protection.
WHERE IS YOUR PERSONAL DATA PROCESSED AND STORED?
Your data is processed at the Controller’s premises and archived in Storage devices located in the Structure. It may also be stored in the web hosting data centre, which is
responsible for processing data on behalf of the Controller, is located in the European Economic Area and acts in accordance with European standards.
WHAT ARE YOUR RIGHTS AS THE DATA SUBJECT AND HOW CAN YOU EXERCISE THEM?
As the data subject in the processing, you are entitled by law to the following rights: the right to transparency with regard to the processing methods; the right to receive specific information about your processed data, access to your personal data held, data rectification or deletion; the right to limit the processing of your personal data and receive “notifications” of the events referred to in the previous points; the right to the “portability” of personal data, to object to the processing for specific and documented reasons, to file a complaint to a supervisory authority and to be informed by the Data Controller about the existence of any data breaches concerning you.
All your rights as a Data subject can always be exercised free of charge and freely through a request to be sent via e-mail to firstname.lastname@example.org as specified below.
The exercise of the aforementioned rights and, in particular, the access to and the update and deletion of the personal data provided, must be specifically requested; the request does not provide for specific formats or standards, but must be clear and specific.
To exercise your rights, you can avail yourself of natural persons, bodies, associations or organisations by conferring, for this purpose, written proxy, and also, be assisted by a trusted person.
To become aware of one’s rights, lodge a complaint/report/appeal and always be up to date on the legislation concerning the protection of individuals with regard to the processing of personal data, the Data subject can contact the Guarantor for the protection of personal data, consulting the website http://www.garanteprivacy.it/.
LIMITS TO THE DATA CONTROLLER’S LIABILITY
The Data Controller is not in any way responsible for damage of any nature directly or indirectly caused by accessing its website, by the inability or impossibility to access it as well as by relying on or using the information contained therein. Please note that some browsers (obsolete, less known, etc.) could cause compatibility problems, and the related pages or various elements that compose them, their features and other contents may not be correctly displayed and/or executed.
The Data Controller shall not be held liable for the contents published and the services offered on third party web sites which our Site may refer to, or for how these subjects, to be considered autonomous controllers, can process your data. We therefore ask you to familiarise yourself with their privacy policies.
MODIFICATIONS AND UPDATES
This information notice may be modified or updated, in whole or in part, also in consideration of the evolution of personal data protection legislation, with a view to immediately informing Users of any change occurred with respect to the time of publication.