NOTICE FOR WEBSITE
This page describes the methods for management of the web site www.granitifiandre.it, with reference to processing of the personal data of users who consult the site.
This notice is provided to people interacting with the company’s web services under art. 13 of European Regulation 2016/679.
The notice applies only to this web site, and not to any other web sites the user may consult via links.
Third parties are informed that use of this notice, or any part of it, on other web sites, with reference to which it is definitely not pertinent and/or is incorrect and/or inconsistent, may result in charging of large fines by the personal data protection authority.
The notice identifies a number of minimum requirements for on-line personal data collection, and particularly the methods, timing and nature of the information which data controllers must provide to users when they connect to web pages, whatever the purpose of the connection.
THE “DATA CONTROLLER”
Consultation of this site may result in processing of data on persons who are identified or identifiable. The “data controller” is GranitiFiandre S.p.A., in the person of its acting legal representative.
Data Protection Officer: Dott. Stefano Luconi
DATA PROCESSING LOCATION
Data processing connected with this web site’s web services takes place in the company’s offices, where it is performed solely by the technical staff of the data processing office, or any persons that may be appointed by this office to perform occasional maintenance operations.
No data deriving from the web service shall be disclosed or disseminated.
Personal data supplied by users submitting requests for information (bulletins, Cd-roms, catalogues, price lists, answers to questions, various documents, etc.) shall be used solely for the purpose of providing the requested service.
TYPES OF DATA PROCESSED
The information systems and software procedures for operation of this web site acquire a number of items of personal data in the course of their ordinary operation, the transmission of which is implicit in use of Internet communication protocols.
This information is not collected in order to be associated with identified data subjects, but may by its very nature permit identification of users through processing and association with data held by third parties.
This category of data includes the IP addresses or domain names of computers used by users connecting to the site, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in reply, the numerical code indicating the state of the server’s response (successful completion, error, etc.) and other parameters on the user’s operating and IT environment.
These data are used solely to collect anonymous statistical information on site use and check that the site is functioning properly, and are deleted immediately after processing. The data may be used to ascertain responsibility in the event of hypothetical cybercrime attacks on the site, but apart from this case, data on web contacts will not be kept for more than seven days.
Data supplied voluntarily by the user
Optional, explicit, voluntary sending of e-mail to the addresses shown on this web site will result in subsequent acquisition of the sender’s e-mail address, necessary in order to respond to the request, and any other personal data that may be included in the text of the e-mail.
Specific brief notices will appear or be displayed on the pages of the web site used to supply specific services on request.
OPTIONAL NATURE OF DATA CONFERRAL
Apart from the browsing data specified, users are free to decide whether or not to supply their personal data.
Failure to confer personal data may make it impossible to obtain the requested service or information.
Personal data are processed using automated tools only for the amount of time strictly necessary to achieve the purposes for which the data were collected.
Specific security measures are implemented to prevent data loss, unlawful or incorrect use and unauthorised access.
TRANSFERS TO OTHER COUNTRIES
Transfers of personal data to a country outside the European Union or to an international organisation will take place on the basis of a decision of the Commission confirming adequate data protection or, in the case of the transfers identified in articles 46, 47 or 49, paragraph, of the European Regulation, on the basis of appropriate and opportune guarantees.
DATA SUBJECTS' RIGHTS
The subjects of the personal data are entitled to request access to their data at any time and to request correction, erasure or limitation of processing of the data, and are entitled to object to processing of the data and to demand data portability; they are, moreover, entitled to file a complaint with the controlling authority.
Requests may be submitted to the Data Controller.
NOTICE TO CUSTOMERS AND SUPPLIERS ISSUED BY GRANITIFIANDRE S.P.A UNDER ART. 13 OF EUROPEAN REGULATION 2016/679
This notice is prepared in accordance with art. 13 of European Regulation 2016/679 (hereafter also referred to simply as the European Regulation), which introduced significant changes to personal data protection legislation.
This notice therefore updates and replaces any previous versions which may have been issued in the past.
This having been stated, please note that:
1) as a result of the establishment of business relations, and in the course thereof, our company will collect and process your personal data;
2) we hereby specify the following definitions, taken from the above-mentioned European Regulation:
Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
Processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Under article 13 of European Regulation 2016/679,we therefore inform you that the collection and processing of your personal data shall be performed by the undersigned company in compliance with the following:
This notice may be integrated, orally or in writing, with addition information to further satisfy your requirements for information on “Privacy” and in response to the evolution of the regulations.
Date: 17/01/2019 The data controller