NOTICE FOR WEBSITE
This page describes the methods for management of the web site, with reference to processing of the personal data of users who consult the site.
This notice is provided to people interacting with the company’s web services under art. 13 of European Regulation 2016/679.
The notice applies only to this web site, and not to any other web sites the user may consult via links.
Third parties are informed that use of this notice, or any part of it, on other web sites, with reference to which it is definitely not pertinent and/or is incorrect and/or inconsistent, may result in charging of large fines by the personal data protection authority.
The notice identifies a number of minimum requirements for on-line personal data collection, and particularly the methods, timing and nature of the information which data controllers must provide to users when they connect to web pages, whatever the purpose of the connection.
THE “DATA CONTROLLER”
Consultation of this site may result in processing of data on persons who are identified or identifiable. The “data controller” is GranitiFiandre S.p.A., in the person of its acting legal representative.
Data Protection Officer: Dott. Stefano Luconi
DATA PROCESSING LOCATION
Data processing connected with this web site’s web services takes place in the company’s offices, where it is performed solely by the technical staff of the data processing office, or any persons that may be appointed by this office to perform occasional maintenance operations.
No data deriving from the web service shall be disclosed or disseminated.
Personal data supplied by users submitting requests for information (bulletins, Cd-roms, catalogues, price lists, answers to questions, various documents, etc.) shall be used solely for the purpose of providing the requested service.
TYPES OF DATA PROCESSED
The information systems and software procedures for operation of this web site acquire a number of items of personal data in the course of their ordinary operation, the transmission of which is implicit in use of Internet communication protocols.
This information is not collected in order to be associated with identified data subjects, but may by its very nature permit identification of users through processing and association with data held by third parties.
This category of data includes the IP addresses or domain names of computers used by users connecting to the site, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in reply, the numerical code indicating the state of the server’s response (successful completion, error, etc.) and other parameters on the user’s operating and IT environment.
These data are used solely to collect anonymous statistical information on site use and check that the site is functioning properly, and are deleted immediately after processing. The data may be used to ascertain responsibility in the event of hypothetical cybercrime attacks on the site, but apart from this case, data on web contacts will not be kept for more than seven days.
Data supplied voluntarily by the user
Optional, explicit, voluntary sending of e-mail to the addresses shown on this web site will result in subsequent acquisition of the sender’s e-mail address, necessary in order to respond to the request, and any other personal data that may be included in the text of the e-mail.
Specific brief notices will appear or be displayed on the pages of the web site used to supply specific services on request.
OPTIONAL NATURE OF DATA CONFERRAL
Apart from the browsing data specified, users are free to decide whether or not to supply their personal data.
Failure to confer personal data may make it impossible to obtain the requested service or information.
Personal data are processed using automated tools only for the amount of time strictly necessary to achieve the purposes for which the data were collected.
Specific security measures are implemented to prevent data loss, unlawful or incorrect use and unauthorised access.
TRANSFERS TO OTHER COUNTRIES
Transfers of personal data to a country outside the European Union or to an international organisation will take place on the basis of a decision of the Commission confirming adequate data protection or, in the case of the transfers identified in articles 46, 47 or 49, paragraph, of the European Regulation, on the basis of appropriate and opportune guarantees.
DATA SUBJECTS' RIGHTS
The subjects of the personal data are entitled to request access to their data at any time and to request correction, erasure or limitation of processing of the data, and are entitled to object to processing of the data and to demand data portability; they are, moreover, entitled to file a complaint with the controlling authority.
Requests may be submitted to the Data Controller.
NOTICE TO CUSTOMERS AND SUPPLIERS ISSUED BY GRANITIFIANDRE S.P.A UNDER ART. 13 OF EUROPEAN REGULATION 2016/679
This notice is prepared in accordance with art. 13 of European Regulation 2016/679 (hereafter also referred to simply as the European Regulation), which introduced significant changes to personal data protection legislation.
This notice therefore updates and replaces any previous versions which may have been issued in the past.
This having been stated, please note that:
1) as a result of the establishment of business relations, and in the course thereof, our company will collect and process your personal data;
2) we hereby specify the following definitions, taken from the above-mentioned European Regulation:
Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
Processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Under article 13 of European Regulation 2016/679,we therefore inform you that the collection and processing of your personal data shall be performed by the undersigned company in compliance with the following:
- purposes: data will be processed for the correct fulfilment of accounting, fiscal, commercial, and technical obligations and for all the company’s activities of all kinds pertaining to the existing relationship;
- advertising purposes: your data may, with your specific, explicit consent, also be used to send advertising material and communications by post, e-mail, fax, text message and similar means; after expressing consent, you may in any case object to the processing of your data for this purpose at any time, at no expense;
- methods: your data will be processed by print media and methods and in electronic/IT/telematic form, in full compliance with the law, on the basis of principle of lawfulness and correctness and in such a way as to protect your confidentiality;
- optional conferral: data conferral is optional and not obligatory;
- consequences of refusal: refusal to provide your data or objection to any form of data processing may, however, make it impossible to continue any business relations or other relationship with our company; denial of use of data for sending advertising material and communications, on the other hand, will have no impact on our present or future relationship;
- parties or categories of parties (recipients) to whom the data may be disclosed or disseminated: your data may be disclosed to third parties only in fulfilment of legal or contractual obligations. Your data will in no case be disseminated;
- persons authorised for the processing: your data will be processed exclusively by the company’s authorised administrative and sales staff;
- automated decision-making processes (such as profiling): no automated decision-making processes are performed;
- data subject’s rights: you enjoy all the rights guaranteed you under the European Regulation, such as the right to request access to your personal data and to have it corrected or erased, the right to limit its processing, the right to object to is processing, and the right to data portability. You are also entitled to file a complaint with the controlling authority;
- transfers to other countries: any transfers of personal data to a country outside the European Union or to an international organisation will take place on the basis of a decision of the Commission regarding the adequacy of data protection or, in the case of transfers under articles 46, 47 or 49, paragraph two, of the European Regulation, on the basis of appropriate and opportune guarantees;
- data retention period: the data will be stored for only as long as is strictly necessary to respond to the data subject’s requests, or on the basis of the requirements of current legislation or contractual clauses;
- data controller: the data controller is GranitiFiandre S.p.A.of Castellarano (RE), Via Radici Nord n. 112, in the person of its acting legal representative.
This notice may be integrated, orally or in writing, with addition information to further satisfy your requirements for information on “Privacy” and in response to the evolution of the regulations.