pursuant to art. 13 of EU Reg. 2016/679 (GDPR), IES s.r.l. intends to inform users on how it treats personal data collected while browsing its website
Who is the data controller?
The data controller is IES s.r.l., with headquarters in Milan, via Rosolino Pilo n. 19/B, e-mail: firstname.lastname@example.org. The Company has appointed a Data Protection Officer or Responsabile della Protezione dei dati (DPO or RPD) who can be contacted for any doubt about policies and practices issued email@example.com.
What data do we collect?
What are the purposes of the processing and how long the data are processed?
|Purpose||Legal basis||Data storage period|
|A) In order to offer services of assistance. More generally, the services chosen by the user on the platform in order to meet the requests advanced by the user through the form.||The processing and provision of personal data is based on the need to perform the contract and the need to fulfil the legal obligations arising from it.||Personal data are kept for the period necessary to pursue the illustrated purposes.
In particular, personal data will be processed for a period of time equal to the minimum required for the fulfillment of legal obligations,
unless it is necessary to keep them further in order to defend or assert a right or to fulfil any further legal obligations or orders from the Authorities.
|B) In order to allow easy navigation on the site and receive a response to any possible user’s requests.||The processing of personal data is based on a legitimate interest (with regard to navigation data and cookies), on the need to comply with pre-contractual measures regarding user requests.|
|C) In order to fulfill legal obligations or any requests from public bodies or judicial authorities||The processing of personal data is necessary in order to perform legal obligations to which the Data Controller is subject.|
The provision of personal data is necessary for the pursuit of the above-mentioned purposes. Any refusal to treatment would make it impossible to provide the requested services.
How is the data processed?
The processing of personal data is carried out using paper and / or computerized methods in compliance with the principles of lawfulness, correctness, transparency, adequacy, relevance and necessity. Adequate security measures are taken to prevent data loss, illicit or incorrect use and unauthorized access.
To which subjects will the data be communicated?
We might disclose some of your personal data to other subjects including:
The subjects who in the context of providing the services necessary for the pursuit of the aforementioned purposes should process the data subject’s personal data on behalf of IES s.r.l. will be appointed as Data Processor pursuant to art. 28 GDPR.
Where your data will be processed?
The personal data of users may be stored or transferred outside the European Economic Area for the purposes described in this statement, limited to the performance of specific processing activities.
When user’s personal data are stored or transferred outside the European Economic Area, the transfer will be regulated in compliance with the prevision of Title V of GDPR, in particular through suppliers who declare to respect the principles established by the GDPR and the so-called Privacy Shield (the regulatory framework defined by the United States and the European Commission).
IES s.r.l, however, for each transfer ensures the adoption of adequate guarantees (such as the signing of standard contractual clauses approved by the EU Commission) with the foreign company that receives the data. Therefore, in any case, a level of data protection corresponding to that established in European legislation, will be guaranteed.
What are your data protection’s rights?
At any time, the interested party can exercise the rights established in Articles 15 ss. of the GDPR which are:
If you would like to exercise any of these rights, please contact Us at our email: firstname.lastname@example.org.
In this regard, the limitations to the rights of the interested party provided for in articles 2undecies and 2duodecies of the Privacy Code as amended by Legislative Decree 101/2018, must be considered. These limitations concern: anti-money laundering, support for victims of extortion, control of the financial and monetary markets, defensive investigations and exercise of rights in court and for reasons for justice, protection of the whistleblower.
This does not affect the right to lodge a complaint with the Italian Data Protection Authority for the protection of personal data pursuant to art. 77 of the GDPR.
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.