PRIVACY POLICY

PRIVACY POLICY STATEMENT

Pursuant to Legislative Decree No. 196, 30th June 2003 and of the European Regulation 27/4/2016 n. 679

Pursuant to Legislative Decree No. 196, 30th June 2003 (“Personal Data Protection Code”) and of the European Regulation 27/4/2016 n. 679, the processing of your personal data will be based on principles of correctness, lawfulness, minimization, proportionality, necessity, transparency and protection of the privacy and rights of each user.

This privacy policy applies exclusively to online activities of this website and is effective for the visitors/users of this website. It does not apply to the information collected through different channels by the website. The purpose of this policy statement is to provide the maximum transparency concerning the information collected by the website and the use of it.

The provision of your personal data by filling in the forms available on the website (for example in the “Contact” section) allows us to comply with the requirements and to be able to fulfil at the best your requests. Should you not intend to allow the processing of your data for the aforementioned purposes, we could not proceed with processing your request and provide you with the counselling and/or feedback required.

It is also possible to subscribe to our newsletter to receive e-mails, with informative, commercial and direct sales contents concerning products and services offered by the Company. In this case, the provision of data is optional. The consent expressed upon subscription to the newsletter is revocable at any time by interacting with the special cancellation feature present in the communications. In the event of technical problems, you can send an e-mail message.

This website lawfully and accurately processes users data, by adopting the appropriate security measures in order to prevent any unauthorized access, disclosure, change or unauthorized destruction of data. The processing is carried out via IT and/or telematics tools, according to organisational modalities and logics strictly related to the specified purposes. In addition to the Controller, in some cases, data may be accessed by some categories of employees involved in the organization and maintenance of the site (administrative, commercial, marketing personnel, lawyers and system administrators) or external individuals (such as third parties technical services suppliers, hosting providers, IT companies, communication agencies).



Data Subject Rights

In your capacity as data subject in the data processing, you will be entitled to exercise, at any time, your rights towards the process controller in accordance with the provisions of Articles 7 of Legislative Decree n. 196, 30th June 2003 and 15 of the European Regulation 679/2016, which we summarise in short hereinafter:

  1. The data subject has the right to be informed on and have conformation about the possible existence of any personal data concerning himself/herself, either recorded or not, and on their intelligible communication.
  2. The data subject has the right to obtain information on:
    • The origin of personal data;
    • The purposes and modalities of the data processing;
    • The type of logic applied in case the processing is carried out via electronic tools;
    • The identification details of the Controller and the possible Processors;
    • The individuals or categories of individuals to whom personal data may be communicated or they may learn about in their capacity as appointed representative within the territory of the State or outside the territory of the State, the Processors or Processing Officers.
  3. The data subject has the right to obtain:
    • The updating, the rectification or, when concerned, the integration of data;
    • The cancellation, conversion into anonymous form or block of the data processed in breach of law, including those for which data retention is not required relating to the purposes for which data have been collected or subsequently processed;
    • The certification stating that the procedures referred to in point 3) have been disclosed, also as regards their content, to those who have received communication or dissemination of the data, except when this compliance proves to be impossible or requires an evident excessive use of means compared to the protected right.
  4. The data subject has the right to object, in whole or in part, to:
    • The personal data processing regarding the data subject, for lawful reasons, albeit relevant to the purposes of the collection, subject to the possible consequences upon the non-execution of the service required;
    • The personal data processing regarding the data subject, for the purposes of sending advertising or direct sale material or carrying out market or commercial communication surveys.

The above-mentioned rights may be exercised by sending a normal request to the controller or processor, also by way of a processing officer, who shall promptly reply to it.



Data Controller

The data processing controller in accordance with the applicable law is Ecef Srl, with registered office in Peschiera Borromeo, Via G. Di Vittorio n. 33/24, e-mail info@ecef.it



Data Processor

The web hosting used which process data on behalf of Ecef Srl are named Data Processors, they are located within the European Economic Area and act in accordance with European standards.

Third parties which process data on behalf of the data Controller are named Data Processors.



Place of Data Processing

Processing connected to the web services provided by this website, with web hosting at Data Center site within the European Union (Supplier code 00272), are carried out at the premises of the Controller Company and are managed by Ecef Srl employees, collaborators or partners tasked with processing, or by any possible person in charge of occasional maintenance operations.

No data resulting from the web service are either communicated or disseminated to third parties.

The personal data provided by users who access the service are used only to carry out the service itself or the performance requested and are communicated to third parties only if this is necessary for this purpose.



Termination of Data Processing

In case of termination of processing operations, for any reason, in compliance with the provisions of Articles 16 Legislative Decree 196/03 and 17 of the European Regulation 679/20016, the data shall be:

  • destroyed, after the data retention obligations have expired under Article 2220 c.c., articles 19 and 22 of Presidential Decree n. 600/1973 or any other specific regulations;
  • transferred to another data controller, provided that their processing is in accordance with the purposes for which the data are collected;
  • retained exclusively for personal purposes and not intended for a systematic communication or dissemination;
  • retained or transferred to another controller, for historical, statistical purposes, in compliance with the law, the Community regulations, and the code of professional ethics and good conduct signed pursuant to article 12 Decree Law 196/2003 and 40 European Regulation 679/2016.


Log Files

The website uses log files. Therefore, automated collection of information is retained during the users visits to the website. The retained information may include:

  • Internet Protocol (IP) address;
  • type of browser and device parameters used to connect to the site;
  • name of the Internet Service Provider (ISP);
  • date and time of the visit;
  • web page of origin of the visitor (referral) and exit;
  • number of clicks.

The above information is processed in an automated form and collected in an exclusively aggregated form in order to check the correct operation of the site; and, for security reasons, in accordance with the related laws in force, in order to block attempts to damage the site itself or to other users, or otherwise prejudicial activities or constituting a crime. Such data are never used for the identification or profiling of the user, but solely for the purposes of protection of the site and its users (starting from 25th May 2018, such information will be processed according to the legitimate interests of the data controller).

The data collected by the site during its operation are used exclusively for the purposes indicated above and retained for the time strictly necessary to perform the activities specified. In any case, the data collected from the site will never be provided to third parties, for any reason, unless it is a legitimate request by the judicial authority and only in the cases provided for by law.



Cookies

The Site uses only technical cookies (session, persistent, third-party) and non-profiling cookies.

By using the site, the visitor expressly agrees on the use of cookies.



What are cookies?

Cookies are small text files that are stored in the device used by the user (computer, tablet, smartphone …), when he visits a website, to improve the experience.



What are cookies used for?

Cookies are used to store information on the browser and used again during the same visit to the site (session cookies) or in some other time, after some days (persistent cookies). Cookies are stored, according to the users preferences, by the individual browser on the specific device used.



Typologies of cookies

There are different typologies of cookies. Some cookies are necessary to enable the user to surf the net in a simpler way through automated procedures (i.e. login, language…); others have different purposes such as ensuring internal security, managing the system, performing statistical analyses, understanding which sections of the site are mostly liked by users and offering a customized visit of the site.

Cookies are classified as follows:

Session Cookies

Session Cookies are essential to be able to distinguish individually connected users, and they are useful to avoid that a required feature can be provided to the wrong user, as well as for security purposes to prevent cyber attacks on the site. Session cookies do not contain personal data and last only for the current session, i.e. until the browser is closed. No consent is required for them.

Functionality Cookies (or Persistent Cookies)

Functionality Cookies are strictly necessary for the use of the site, particularly they are connected to an explicit request of functionality by the user (such as login).

These cookies remain stored in the user device until a certain termination date (expressed in minutes, days or years since the creation/update of the cookie). No consent is required for them.

The aforementioned typologies of cookies are also defined as “Technical Cookies”.

Profiling Cookies
Targeting Cookies or Profiling Cookies are used to show contents that are more suitable for the user as regards his interests. They may be used to display targeted advertising, to post customized advertisements according to the user interests or to limit the number of times an advertisement is viewed by the user. Furthermore, they help measure the effectiveness of advertising campaigns on the site; the manager of the site may use such cookies to remember the sites visited by the users and to share this information with third parties, including agencies and advertisers that might use their cookies to collect information on the activities carried out by the users on the site.

Third-Party Cookies

This site also acts as an intermediary for Third-Party Cookies, used to provide additional services and functionalities to visitors and to improve the use of the site, such as keys for social networks (Facebook, Twitter, Linkedin …), or video (Youtube). This site has not any control over these cookies, entirely managed by third parties. As a result, the information on the use and the purposes of these, as well as on a possible disabling, is provided directly by third parties.

In particular, the site can make use of the following tools, which generate third-party cookies:

  1. Google Analytics

Google Analytics is an analysis tool provided by Google that collects anonymous browsing data (IP truncated to the last octet) through the use of cookies (performance cookies). These anonymous browsing data are aggregated in order to exclusively examine the use of the site by the users, fill out reports on activities on the site and providing other information, including the number of visitors and pages visited. Such cookies have been set by us anonymously, in order to reduce to a minimum the possibility of identifying the user by Google or other third parties.

Moreover, Google may transfer the information to third parties, should it be required by law or should the third parties process the information above on behalf of Google. Google shall not associate the IP address to any other data owned by Google. The data generated are processed and retained by Google as referred to in its own policy statement.
In accordance with a specific agreement with Google, Google is appointed Data Processor, and under this agreement it undertakes to process data in accordance with the Data Controller requests, that are made through the software settings.

  1. Youtube

Youtube is a platform owned by Google, for sharing videos, which uses cookies to collect user information and browsing devices. The data generated are processed and stored by Google as referred to in its own policy statement.

  1. Plugin Social Network

The site may incorporate plugins related to social networks, in order to allow easy sharing of content on them. When provided by the social network, these plugins set cookies, normally only if the user actually and voluntarily uses them. Please note that if the user navigates the site already logged into the social network, then it implies that the user has already consented to the use of cookies conveyed through the site at the time of registration to the social network.

The collection and use of information obtained through the plugins are governed by the respective privacy policies of the social networks.



Data transfers to non-EU countries

This site may share some of the data collected with services located outside the European Union area. Specifically with Google, Facebook, LinkedIn, through social plugins and the Google Analytics service. The transfer is authorized based on specific decisions of the European Union and the Italian personal data protection Authority; in particular the decision 1250/2016 (Privacy Shield) for which no further consent is required. The aforementioned companies guarantee their adherence to the Privacy Shield.

Should the user consider the processing as non-compliant, he shall report to the supervisory Authority, pursuant to article 77 of Regulations.



More information on third-party policy

For more information on the use of data and their processing by third parties, it is recommended to read the information on the specific pages. In particular, as regards social networks, the main ones are mentioned.

Google privacy policy
https://policies.google.com/privacy?hl=it

Types of cookies used by Google
https://policies.google.com/technologies/types?hl=it

Google cookie usage
https://policies.google.com/technologies/cookies?hl=it

Google Analytics data protection
https://support.google.com/analytics/answer/6004245

Google Analytics Cookie Usage on Websites (English)
https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

Facebook data regulations
https://www.facebook.com/policies/cookies/

Twitter privacy policy
https://twitter.com/privacy?lang=it

Linkedin cookie policy
https://www.linkedin.com/legal/cookie-policy



Cookies Management

Cookies are connected to the browser used and the majority of Internet browsers are initially set to accept cookies automatically. However, it is possible to check and delete individual cookies by changing the same browser settings. Disabling cookies may prevent the correct use of certain features of the site and / or limit the browsing experience of the user who disables them.

If you do not know the type and version of browser you are using, click on “Help” in the browser window to access all the necessary information.

If you know your browser, click on the one you are using to access the cookies management page.

Internet Explorer
http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies

Google Chrome
https://support.google.com/accounts/answer/61416?hl=it

Mozilla Firefox
http://support.mozilla.org/en-US/kb/Enabling%20and%20disabling%20cookies

Safari
https://support.apple.com/it-it/guide/safari/sfri11471/mac

Furthermore, if you want to disable the saving of Cookies by Google Analitycs, install on your Browser the following add-on:https://tools.google.com/dlpage/gaoptout?hl=it

If the user uses different devices to view and access sites (for example, computers, smartphones, tablets, etc.), he must make sure that each browser on each device is adjusted in order to reflect his own cookie preferences. To delete cookies from the Internet browser of his smartphone / tablet, he must refer to the user manual of the device.

For more information and details on cookies, please refer to:

www.garanteprivacy.it/cookie

www.aboutcookies.org

www.allaboutcookies.org



 

This policy was last updated on 23rd May 2018.