GENERATION INFORMATION ABOUT THE DATA PROCESSING CARRIED OUT BY YOUR COMPANY TO BE PUBLISHED ON YOUR WEBSITE
INFORMATION ON PROCESSING AND PROTECTING YOUR PERSONAL DATA
pursuant to Art. 12 GDPR Reg. (EU) no. 20167679 of 27 April 2016 regarding the protection of natural persons as regards the processing of personal data and free circulation
We at SIBILIA SRL seriously take the protection of your personal data into consideration. When we process personal data, the security of the data and their protection are an important aspect for us, which we take into account in our corporate processes. We process your personal data based on the applicable personal data protection law, and more specifically the General Data Protection Regulation (“GDPR“).
Who is responsible for processing your personal data, and how can you reach our in-house personal data protection contact person?
Pursuant to Arts. 4, paragraph 7, and 24 of the GDPR, the Data Controller of the personal data of the candidate is the company SIBILIA SRL, with registered office in CASTELLETTO SOPRA TICINO, Via Della Stazione n. 1. which can be contacted in writing at the email address: firstname.lastname@example.org or by post to the aforestated address of the registered office, or by phone by ringing the number 0331 972529
Why do we process your personal data and what right do we have to do so?
We process your personal data when it is necessary in order to execute a contract that you are about to sign with us, of which you are a party, or when precontractural measures or activities are executed (Art. 6, paragraph 1b GDPR), or:
- If you contact us or send us requests or information regarding our services or products, or send us email or faxes, or make requests by phone to our assigned employees, collaborators or consultants to provide service or supply information.
- If you enable one of our services or purchase one of our products, or sign a contract for services or products that we directly or indirectly supply through commercial partners or consultants.
- If complaints regarding services or products arise, when it is necessary to set technical or legal consultants in motion to protect the rights and interests of our company.
- To fulfil the HSE regulation on preventing and protecting risks of accident and professional disease, machinery safety which purely by way of example is Italian Legislative Decree 81/2008 and 152/2006 on the subject of environmental protection and pollution prevention.
- To fulfil the regulations contained in Italian Legislative Decree 231/01 on the subject of administrative liability of companies for crimes.
- To fulfil fiscal and tax obligations, and accounting processing obligations and the preparation of the financial statements of our company.
- To fulfil labour law regulations if you are our collaborator or employee.
- To fulfil the rules regulating the operation of enterprises and companies or the requests of Public Bodies or public servants that operate according to the regulations of public law or the Authority’s order.
- To send you informative technical circular letters in connection with the services supplied, in this case turning to the contact data provided by the customer.
- We also process data collected during execution of the existing contractual relationships in order to identify and correct any errors or malfunctioning in the supply of the activities or services that we provide or of the products that we supply.
What type of personal data do you collect through the website, by email or on printed forms, and for what purpose?
If you navigate on the website, these are the personal data that we process:
- a) Navigation data – This is information NOT collected to be associated with you, but because of their very nature might allow who, like you, navigates on this website through processing and associations. IP addresses, for example, fall under this category. These data are used only in order to obtain anonymous statistical information regarding use of the web site and to check that it operates correctly, and are deleted immediately after processing. The only use that we can make of them relates to the ascertainment of liability in the case of hypothetical cyber crimes to the detriment of the same website. For more information: SEE OUR COOKIES POLICY
- b) Data voluntarily provided by the user – The optional, express and voluntary sending of electronic mail to the addresses shown on this website, and filling in contact forms (also in the case of e-commerce activities), entails acquisition of the sender’s address, which is necessary for replying to the requests, and any other personal data entered by the user (e.g. name, surname, etc.). These data may be used for the following purposes:
1) to answer your specific requests;
2) management of the services supplied also online;
3) pre-contractual disclosures and other activities necessary upon the conclusion or when executing contracts of which you are the interested party.
These data are never used to identify or to profile the user, but only for the purpose of protecting the website and its users; said information will be processed based on the legitimate interests of the data controller.
Your personal data will be processed following the principles of honesty, lawfulness and transparency in order to allow you to navigate on the website and to follow up your requests, using only automated tools.
Providing data is optional, but necessary in order to execute services and, in particular, to allow you to navigate. Failure to consent to using data for promotional or profiling purposes does not affect navigation. Its only consequence will be the impossibility of the Data Controller to send you newsletters or to provide you with proposals more in line with your buying preferences.
The Data Controller can process, only for the purposes specified, only common data such as navigation data, personal data, electronic and phone references.
Are you required to provide us with your personal data when we request them with contact forms, or what happens if you don’t?
Providing personal data that our company requests is necessary for the execution of a contract of which you are a party or for the execution of pre-contractual measures taken upon your request concerning us, and it is therefore mandatory. Otherwise, we will be unable to execute said contract or will we find ourselves in such a position as to be unable to take measures upon your request. Moreover, these are data which we are legally required to request from you in order to fulfil rules of law to which we are subjected (fiscal, anti-money laundering, administrative, HSE, etc.).
Providing other personal data in addition to the data requested on the form is optional. We openly state when it is optional, and in that case nothing happens if you do not provide the additional data.
Do we transfer your personal data to particular categories of recipients in Italy or abroad?
Your data might be transferred to outside IT service providers that provide the server infrastructure, IT maintenance activities or full IT solutions (such as cloud services) and software solutions on our behalf. Your personal and accounting data might be transferred to outside payroll processing accounting services, and preparation and and auditing of accounts and financial statements or also for mere filing of the invoices.
In some circumstances arising due to requirements of the law or public authority in order to meeting disclosure obligations set by the law or imposed by the public authority, your personal data might be transferred to government agencies, courts, Environmental Protection Agencies, outside consultants and similar third parties, whether public bodies or other authorised third parties
Some contact data might be transferred to logistics companies if the processing is necessary to ship products or parcels by post or courier service.
For how long will we keep your data?
We undertake to keep your personal data as long as it is necessary for fulfilling the purpose for which they are collected. Furthermore, we keep personal data for 10 years if required by regulatory obligations. For example, invoices must be kept for 10 years. We also keep your data until the statutes of limitation expire in order to be able to enforce any existing legal claims.
What are my personal data protection rights, and how can I exercise them?
Based on Art. 15 GDPR, you have the right of access concerning the personal data that we keep. This means that you are entitled to receive confirmation from us that your personal data are or are not being processed and, in this case, request access to your personal data. The information relating to access includes, among others, the purpose for the processing, the categories of personal data in question and the recipients or categories of recipients to whom the personal data have been or will be disclosed. However, this is not an absolute right and the interests of other parties may limit your right of access.
You have the right to obtain a copy of the personal data being processed. Should you request additional copies, we can charge you a reasonable fee based on the administrative costs borne. The right of access can be limited in certain circumstances.
You have the right to obtain correction of your incorrect personal data based on Art. 16 GDPR. This means that you have the right to obtain correction of your inaccurate personal data concerning you. Bearing in mind the purposes of the processing, you can have the right to obtain integration of your incomplete personal data, also by providing a supplementary declaration.
You have the right to the deletion of your personal data based on Art. 17 GDPR. This means that in certain circumstances, you can have the right to obtain from us the deletion of the personal data concerning you and we can have the obligation to delete said personal data. The right to deletion of the data can be limited in certain circumstances.
You have the right to the obtain limitation of the processing of your personal data based on Art. 18 GDPR. This means that, in this case, the respective data will be earmarked and may be processed by us only for certain purposes (e.g. with your consent or to take legal action).
Based on Art. 20 GDPR, in certain circumstances you may have the right to receive the personal data concerning you, which you provided, in a structured format of common and legible use from an automatic device, and you may have the right to request that these data be sent to another data controller without any impediments on our part.
If there are personal data of yours that are processed only on the strength of your consent and not for other legitimate reasons, then you have the right to revoke said consent at any time with future effect. Said revocation will not jeopardise the lawfulness of the processing based on the consent before revocation.
If, however, you now deny your consent, it will no longer be possible to receive promotional information or have information about events in which you may be interested. If you want to think about it and possibly interrupt the sending of advertising material, newsletters, promotional phone calls at a later date, you must know that you always have the right, at any time, to block our direct marketing by sending an email with Re: NO-MARKETING to the following address: email@example.com
In order to exercise all of your privacy rights, it suffices that you send us an email with Re: the right that you intend to exercise, and you will be contacted as soon as possible by one of our privacy contacts in order to proceed in this manner. You also have the right to submit a complaint to the Data Protection Supervisory Authority (www.garanteprivacy.it) pursuant to the content of Art. 141 et seq. of Italian Legislative Decree 30-6-2003 no. 196 Personal Data Protection Code, stating the provisions for adapting the national law to (EU) regulation no. 2016/679 of 27 April 2016 of the European Parliament and Council relating to the protection of natural persons as regards the processing of personal data, and to the free circulation of said data, and which abrogates Directive 95/46/EC.