DATA PROTECTION OFFICER (DPO)
DPO can be contacted at: firstname.lastname@example.org
Elica S.p.A., as Data Controller, pursuant to article 13 of the GDPR (“GDPR”), provides you with information regarding the processing of personal data (hereinafter referred to as "Data") collected following your browsing on this website (hereinafter referred to as "Web Site").
PERSONAL DATA PROCESSED, PURPOSES AND LEGAL BASIS OF DATA PROCESSING
1. Data processed for Web Site operation purposes
The computer systems and software procedures used to operate the Web Site during standard operation, acquire some browsing data whose transmission is intrinsic in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, yet it could lead to the identification of Web Site users, through processing and association with data held by the Company or by third parties.
This category of Data includes IP addresses or the domain names of the computers used by the users who connect to the Website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the response file, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment.
Browsing data may be processed to:
enable and monitor Web Site proper operation, as well as to carry out maintenance activities;
obtain anonymous statistical information on the use of the Web Site;
ascertain possible liability in the event of hypothetical computer crimes to the detriment of the Web Site and, therefore, to exercise and/or defend the Company's rights in a Court of Law.
Pursuant to art. 122, para. 1 of Legislative Decree 196/2003 ("Privacy Code"), the processing of the information mentioned herein, does not require any consent by the users. For the aforementioned purposes, the legal basis of data processing is the legitimate interest of the data Controller, as pursuant to Art. 6, par.1, lett. f), GDPR.
2. Data provided directly by the user or by third parties
In order to use certain Web Site services it may be necessary to provide some Data, for which reference shall be made to the specific information pursuant to Article 13 of the GDPR provided at the time of collection. Such data may be enriched with data collected from the user's browsing history on the Web Site.
4. Direction to external links from the website
The Web Site may use links to other web pages relating to Elica, for which reference shall be made to the specific information provided at the time of collection. The Web Site may also contain links to the web pages of other data controllers unrelated to Elica. For the latter, please refer to the specific information provided by the respective data controllers.
PROVISION OF DATA
With the exception of browsing data, which is necessary to carry out computer and telematic protocols, the provision of Data by users is free and optional. However, failure to provide such Data will make it impossible to follow up on requests sent or that the user intends to send.
Data may be communicated to independent data controllers and processed by subjects designated by the Company as data processors, which provide the Controller with services related to the purposes of underlying document, such as but not limited to: the company in charge of the maintenance/management of the Company's website and of the electronic and/or telematic tools used by the latter.
SUBJECTS AUTHORIZED TO DATA PROCESSING
Data may be processed by the employees of the company, who have been expressly authorised to do so and who have received adequate operating instructions.
TRANSFER OF PERSONAL DATA TO EXTRA- EUROPEAN UNION COUNTRIES
Data shall not be transferred to third countries and/or international organizations which are not within the European Union.
RIGHTS OF THE DATA SUBJECT - COMPLAINT TO THE SUPERVISORY AUTHORITY
In exercise of their rights, the data subject may contact the Data Controller by sending a written communication to the address indicated above or by sending an email to: email@example.com.
The data subject may exercise the rights in Articles 15-22 of GDPR towards the data Controller and, in particular, may request access to their own Data, as well as cancellation, amendment of inaccurate Data, integration of incomplete Data, limitation of data processing in the cases provided for by Article 18 GDPR , where applicable.
Should data subjects intend to exercise their rights, then the Company may ask them to identify before handling their request.
The data subject is entitled to oppose to the processing of their Data at any time, in a simple manner and free of charge, for reasons concerning a specific situation in the case of legitimate interest of the Data Controller.
Lastly, the data subject is entitled to lodge a complaint with the competent supervisory authority in the Member State where he or she normally resides or works, or in the State where the alleged violation occurred.