Privacy policy

PRIVACY POLICY updated to EU Reg. 2016/679 (European Regulation on the protection of personal data)

1. Introduction

Contec srl cares for the user’s privacy and undertakes to respect it. This privacy policy (“Privacy Policy”) describes the processing of personal data carried out by Contec srl through the website https://www.contec-italy.eu/ and the commitments undertaken in this direction by the Company.

Contec srl may process your personal data when you visit the Site and use the services and features on the Site. In the sections of the Site where the user’s personal data are collected, a specific information notice is normally published as prescribed by art. 13/15 of the EU Reg. 2016/679.

Where required by EU Reg. 2016/679 the user’s consent will be required before proceeding to the processing of his personal data. If the user provides personal data of third parties, he must ensure that the communication of data to Contec srl and subsequent processing for the purposes specified in the applicable privacy policy is in compliance with EU Regulation 2016/679 and applicable legislation.

2) Identification details of the data controller and data processor.

Data controller:

Contec srl

viale dell’Industria e dell’Artigianato 26 / c

35010 – Carmignano di Brenta (PD)

Data Processor:

Mr. Simone Martini can be contacted by e-mail at the following address: s.martini@contec-italy.eu

3) Type of data processed

The visit and consultation of the Site do not generally involve collection and processing of personal data of the user except for navigation data and cookies as specified below. In addition to the so-called “navigation data” (see below), personal data voluntarily provided by the user may be processed when the latter interacts with the functionalities of the Site or requests to use the services offered on the Site.

4) Purposes and methods of data processing

Contec srl can process the user’s common personal data for the following purposes: use by users of services, features present on the Site and sending of newsletters.

Furthermore, with the further and specific optional consent of the user, Contec srl may process personal data for marketing purposes, that is to send to the user promotional material and / or commercial communications pertaining to the services of the Company, at the addresses indicated, both through traditional methods and / or means of contact (such as paper mail, telephone calls with an operator, etc.) and automated (such as internet communications, faxes, e-mails, text messages, applications for mobile devices such as smartphones and tablets, accounts of social networks – eg via Facebook or Twitter -, calls with an automatic operator, etc.).

Personal data is processed both in paper and electronic form and entered into the company information system in full compliance with EU Reg. 2016/679, including security and confidentiality profiles and based on principles of correctness and lawfulness of processing. In compliance with EU Reg. 2016/679 the data is kept and stored for the time strictly necessary to carry out the aforementioned purposes, except for the right to object to processing freely exercisable by the user.

COOKIES:

This site uses technical cookies that allow the site to function properly. It also carries third-party cookies as per the extensive information you can read by clicking here .

5) Mode and time of storage of personal data

Personal data is stored and processed through IT systems owned by Contec srl and managed by Contec srl. The data is processed exclusively by specifically authorized personnel, including personnel responsible for carrying out extraordinary maintenance operations.

STORAGE TIME:

In compliance with the EU Regulation 2016/679, data are kept and kept for the time strictly necessary to carry out the aforementioned purposes, except for the right to object to processing freely exercisable by the user.

6) Nature of providing personal data

The optional, explicit and voluntary sending of personal data – also by e-mail – to the addresses indicated on this site entails the subsequent and necessary acquisition of the sender’s address – as well as any other data included in the message – in order to respond to requests .

The provision of some personal data by the user is required to allow the Company to manage communications, requests received by the user or to recontact the user himself to comply with his request. This type of data is marked with the asterisk symbol [*] and in this case the conferment is obligatory to allow the Company to follow up the request which, in default, cannot be processed. On the contrary, the collection of other data not marked with an asterisk is optional: failure to provide it will not entail any consequences for the user.

The provision of personal data by the user for marketing purposes, as specified in the section “Purposes and methods of processing” is optional and the refusal to grant them will have no consequence. The consent given for marketing purposes is intended to be extended to sending communications through automated and traditional methods and / or contact means, as illustrated above.

7) Security and quality of personal data

Contec srl undertakes to protect the security of the user’s personal data and complies with the provisions on security provided for by the applicable legislation in order to avoid loss of data, unlawful or illegal use of the data and unauthorized access to the same, with particular reference to to the Technical Regulations regarding minimum security measures. Furthermore, the information systems and computer programs used by Contec srl are configured so as to minimize the use of personal and identification data; these data are processed only to achieve the specific purposes pursued from time to time. Contec srl uses multiple advanced security technologies and procedures to promote the protection of users’ personal data; for example, personal data is stored on secure servers located in places with protected and controlled access. The user can help Contec srl to update and maintain their personal data by communicating any change relating to the contact information.

8) Data communication and access area The user’s personal data may be communicated to:

– all the subjects to whom the right of access to such data is recognized pursuant to regulatory provisions;

– to our collaborators, employees, within the scope of their duties;

– to all those natural and / or legal persons, public and / or private when the communication is necessary or functional to the performance of our activity and in the ways and for the purposes described above.

No data is communicated or disseminated except to perform the service or provision requested.

9) Transfer of personal data to a third country

Your data is not transferred outside the European Union. In any case, it is understood that the Owner, if necessary, will have the right to transfer the data to the European Union and / or to countries outside the EU. In this case, the Data Controller now ensures that the extra-EU data transfer will be in compliance with the applicable legal provisions, stipulating, if necessary, agreements that guarantee an adequate level of protection and / or adopting the standard contractual clauses envisaged by the Commission Europea.Tuttavia, however, reserves the right to use cloud services, in which case, service providers will be selected among those who provide adequate guarantees, as required by art. 46 of the EU Reg. 2016/679.

10) Rights of the interested party

10.1 Article 15 (right of access), 16 (right of rectification) of the EU Reg. 2016/679

The interested party has the right to obtain from the controller the confirmation that the processing of personal data concerning him is being carried out and in this case, to obtain access to personal data and to the following information:

a) the purposes of the processing;

b) the categories of personal data in question;

c) the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if they are recipients of third countries or international organizations;

d) the period of storage of personal data provided or, if this is not possible, the criteria used to determine this period;

e) the existence of the data subject’s right to request the data controller to rectify or delete personal data or limit the processing of personal data concerning him or to oppose their processing;

f) the right to lodge a complaint with a supervisory authority;

h) the existence of an automated decision-making process, including profiling and, at least in such cases, significant information on the logic used, as well as the expected importance and consequences of such treatment for the data subject.

10.2 Right referred to in art. 17 of the EU Reg. 2016/679 – right to cancellation (“right to be forgotten”)

The interested party has the right to obtain from the data controller the cancellation of personal data concerning him without unjustified delay and the data controller has the obligation to cancel personal data without unjustified delay, if one of the following reasons exists:

a) personal data are no longer necessary with respect to the purposes for which they were collected or otherwise processed;

b) the data subject withdraws the consent on which the processing is based in accordance with Article 6, paragraph 1, letter a), or Article 9, paragraph 2, letter a), and if there is no other legal basis for the processing ;

c) the data subject opposes the processing pursuant to Article 21, paragraph 1, and there is no legitimate prevailing reason to proceed with the processing, or he opposes the processing pursuant to Article 21, paragraph 2;

d) personal data have been processed unlawfully;

e) personal data must be deleted in order to fulfill a legal obligation established by Union law or by the Member State to which the data controller is subject;

f) personal data was collected in relation to the offer of information society services pursuant to Article 8, paragraph 1 of EU Regulation 2016/679

10.3 Right referred to in art. 18 Right to limitation of treatment

The interested party has the right to obtain the treatment limitation from the data controller when one of the following hypotheses occurs:

a) the data subject disputes the accuracy of the personal data, for the period necessary for the data controller to verify the accuracy of such personal data;

b) the processing is unlawful and the data subject opposes the deletion of personal data and requests instead that its use be limited;

c) although the data controller no longer needs it for the purposes of processing, personal data is necessary for the data subject to ascertain, exercise or defend a right in court;

d) the data subject has opposed the processing pursuant to Article 21, paragraph 1, EU Reg 2016/679 pending verification regarding the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party.

10.4. Where applicable, it also has the rights set forth in Articles 19-21
of EU Regulation 2016/679 (right to data portability, right of opposition), as well as the right to complain to the Guarantor Authority.

11. Mode of exercise of rights

The interested party may at any time exercise his rights by sending an e-mail to s.martini@contec-italy.eu