Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ART. 13 OF REGULATION (EU) 2016/679 (GDPR)

www.uniters.com/it/en/

 

Last update date: 11/12/2023

 

With this document UNITERS SPA, owner of the site www.uniters.com/it/en/ hereinafter only the “ Site ”), intends to provide information on the methods of management of the Site itself in relation to the processing and protection of personal data (“ data ”) of the subjects who browse or who in any case contact the company in the manner indicated on the Site (hereinafter " users " or " interested parties ").

 

This document represents information pursuant to art. 13 of the European Regulation of 27 April 2016 n. 679 (hereinafter " GDPR ") and is valid only and exclusively for the Site and not for other sites or web pages that can be consulted by the user through links or other interactive connections possibly activated through the Site. Users are therefore invited to take viewing the information on data processing provided by the owners of each site to which they may be redirected during navigation.

 

It is specified that this Policy may undergo changes following the introduction of new rules or following changes to the Site, so users are invited to periodically visit the "Privacy&Cookies" section of the Site.

 

This information does not exclude that further information on the processing of personal data is provided to interested parties even in different ways, for example by sending specific information following the activation or request of a specific service.

 

  1. Identity and contact details of the Data Controller

The Data Controller of personal data for the purposes described in this Information is UNITERS SPA, with registered office in Via Enrico De Nicola n. 1, 36075 Montecchio Maggiore (VI), Italy, VAT number: 02263640241 (hereinafter also “ Owner ” or “ Company ”).

 

For all questions relating to data processing, for the exercise of rights deriving from the Regulation (on this point, see paragraph 9 below), as well as for any doubts or clarifications regarding this Information, the interested party can contact the Data Controller by sending a registered letter with return receipt to the above address, or a communication to the following e-mail address: privacy@uniters.com

 

  1. Purpose and legal basis of the processing

The personal data collected through the Site are processed for the following purposes:

  1. ensure the correct functioning of the web pages and their contents and obtain statistical information on the use of the services;
  2. provide assistance/contact the user and/or otherwise respond/follow up on requests sent by the user by completing the data collection forms in dedicated areas of the Site (by way of example and not limited to: "contacts" section) or with the methods indicated therein (e.g. telephone contact, via e-mail), or by asking to use specific services on the Site (for which specific privacy information is not provided) and managing the activities related to the provision of the requested services;
  3. direct marketing by the Data Controller: to send to the interested party - via paper mail, e-mail, SMS, telephone calls with or without an operator or other means used by the Data Controller, information material, newsletters, promotional, commercial and advertising communications or communications relating to events and initiatives of the Owner, carrying out market research and activities to measure the degree of satisfaction regarding the Owner's services.

We inform you that, where the conditions set out in art. 130, co. 4, Privacy Code, the Owner may also carry out soft spam activities (as described below).

 

We also inform you that:

  • in relation to the purposes referred to in the previous letter a ) , the legal basis lies in the legitimate interest of the Data Controller (art. 6.1 letter f ) GDPR) to guarantee the correct functioning of the Site and its improvement;
  • in relation to the purposes referred to in the previous letter b ) , the legal basis lies, depending on the case: in the need to execute a contract or in pre-contractual measures adopted at the request of the interested party (art. 6.1 letter b ) GDPR) ; in the legitimate interest of the Data Controller (art. 6.1 letter f ) GDPR) consisting in the need to respond to the requests of the interested party, taking into account his reasonable expectations, where the request does not have a pre-contractual or contractual nature;
  • in relation to the purpose referred to in letter c) the processing will be carried out only after obtaining your express consent (art. 6.1 letter a ) GDPR), except for the cases of so-called "soft spam" as described below. Interested parties are informed that in Italy the Privacy Code (art. 130, paragraph 4, Legislative Decree 196/2003 and subsequent amendments) allows soft spam . This means that without having to acquire the explicit consent of the interested parties, it is possible to use the e-mail address that was provided with a previous purchase, for the purpose of direct sales of services similar to those that the interested party has already purchased from the Companies. , provided that the interested party does not object to such use. It is specified that the interested party may object to this processing at any time by contacting the Data Controller at the addresses referred to in point 1) or by clicking on the appropriate link to oppose the receipt of communications considered unwanted, present in all emails containing commercial sent by the Company.

 

  1. Nature of the provision of data

The provision of data for the purposes referred to in letter a ) is optional and nevertheless necessary for the correct functioning and use of the Site. Any refusal to provide data in relation to the aforementioned purpose could therefore make it impossible to navigate the Site , to view all its contents and access the related services. The provision of data for the purposes referred to in letter b ) is optional; however, any refusal to provide data in relation to the aforementioned purpose will make it impossible to process your requests (e.g.: obtaining information on products or services, quotes, etc.). The provision and consent to the processing of your data for the purposes referred to in letter c ) is entirely optional. Any refusal will make it impossible for the Data Controller to carry out marketing activities towards you, while it will not entail any negative consequences regarding the purposes referred to in letters a ) and b ) .

 

  1. Type of data processed

In pursuit of the purposes indicated above, the following categories of data will be processed:

  • Navigation data : the computer systems and software procedures used to operate the Site acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI ( Uniform Resource Identifier ) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment. This data is used for the sole purpose of obtaining statistical information on the use of the Site and to check its correct functioning. The data could be used to ascertain responsibility in the event of computer crimes against the Site or other users, for example at the request of the Authority or supervisory bodies in charge. The above information may be collected automatically through cookies and other similar technologies. For more information and to personalize your browsing choices, we invite the user to consult our cookie policy on the site ;
  • Data provided by the user: identification data (name, surname) and contact data (telephone number, e-mail address, etc.). Any further personal data voluntarily provided when completing data collection forms and/or through the voluntary sending of e-mails will be processed according to the principles of correctness, lawfulness and transparency, as well as in compliance with the principle of "minimization", i.e. acquiring and processing data limited to what is necessary for the purposes pursued

 

  1. Methods of Treatment

The processing of personal data will be carried out using paper-based methods and IT tools, in compliance with the provisions regarding the protection of personal data and, in particular, the appropriate technical and organizational measures referred to in art. 32.1 GDPR, as well as with the observance of every precautionary measure that guarantees its integrity, confidentiality and availability.

 

  1. Categories of data recipients

The data will not be disclosed unless required by law. The data is processed by subjects specifically authorized and trained by the Data Controller pursuant to art. 29 of the GDPR. The data may also be communicated and/or known by other companies of the Uniters Group (including those based outside the EU), to which the Data Controller belongs, by virtue of specific agreements on data processing and always in full compliance with the guarantees of the GDPR. The data may also be communicated, in strict relation to the purposes indicated above, to the following subjects or categories of subjects:

  1. third-party subjects and companies that provide services to the Data Controller, such as - by way of example - the management of the information system and telecommunications networks (including e-mail), the development and management of the Site, the sending of commercial communications, etc. .;
  2. studios, companies or professionals in the context of assistance and consultancy relationships;
  3. call center for the provision of after-sales assistance service;
  4. competent authorities for compliance with legal obligations.

We also inform you that the subjects referred to in letter d) will process the data as independent Data Controllers. In relation to the categories of subjects referred to in letters a ) , b ) and c ) , however, the Data Controller undertakes to rely exclusively on subjects who provide adequate guarantees regarding data protection, appointing them where required by current legislation. , Data Controllers pursuant to art. 28 GDPR. The list of Data Processors is available from the Data Controller and the interested party can view it upon request.

 

  1. Transfer of personal data to third countries

To achieve the aforementioned purposes, the data may be transferred to countries not belonging to the European Union/EEA area (“Third Countries”). The Data Controller guarantees from now on that any transfer of data to Third Countries will take place in full compliance with the conditions set out in Chapter V of the GDPR (art. 44 et seq.) in order to ensure that the level of protection of natural persons guaranteed by the GDPR is not prejudiced. The transfer will therefore take place towards countries that the European Commission has deemed to guarantee an adequate level of protection, in compliance with the provisions of the art. 44 GDPR or in compliance with specific standard contractual clauses approved by the European Commission pursuant to art. 46 GDPR, provided that the recipient of the data provides adequate guarantees and that the interested parties have enforceable rights and effective remedies. In the latter case, the interested party is informed that he has the right to request a copy of the standard contractual clauses signed by the Data Controller. Any exceptions to the above will only take place in compliance with the art. 49 GDPR.

 

  1. Data retention period

The data collected to ensure the correct functioning of the web pages and their contents and to obtain statistical information on the use of the services will be kept for the time necessary to achieve the purposes for which they were collected and in any case in compliance with what is indicated in our cookies policy present on the site, where relevant.

The data processed to respond to user requests will be kept for the time necessary to provide the interested party with a response and in any case no later than 24 months from the processing of the request, unless a contractual relationship is already in place or subsequently established with the user. interested party, in which case the data will be kept for a period of 10 years from the termination of the relationship, in compliance with current legislation.

For direct marketing activities, the data will be retained for a period of 24 months from the collection of consent, unless renewed. For the purposes of soft spam, the data will be processed for a period of 24 months from the last purchase by the interested party.

We inform you that, at the end of this period, the data will be subject to automatic deletion or irreversible anonymization. However, a longer period of data retention may possibly be determined by requests made by the Public Administration or by another body or authority, or by the participation of the Data Controller in judicial procedures that involve the processing of data.

 

  1. Rights recognized to the interested party

The interested party may exercise the rights recognized by the GDPR at any time, in the manner described in the previous paragraph 1. In particular, the interested party is entitled to:

 

Right of access

The interested party can ask us whether or not we process any of his data and, if so, he can obtain from us access to such data in the form of a copy. When the data subject makes an access request, we also provide further information, such as the purposes of the processing, the categories of personal data concerned and any other information necessary for the data subject to exercise this right.

 

Right of rectification

The interested party has the right to rectify his data in case of inaccuracy or incompleteness. Upon request, we will correct inaccurate personal data and, taking into account the purposes of the processing, complete incomplete data.

 

Right of cancellation

The interested party has the right to have his personal data deleted. The deletion of personal data can only take place in certain cases, listed in Article 17 of the GDPR. This includes situations where the data subject's personal data are no longer necessary in relation to the initial purposes for which they were processed, as well as situations where they have been processed unlawfully. Due to the way we provide some services, we inform you that it may take some time for backup copies to be deleted. We also inform you that the Data Controller will, within the limits of the state of the art, delete the personal data of the interested party, except in cases where their conservation is required by law.

 

Right to limit processing

The data subject has the right to obtain the restriction of the processing of his or her personal data, which means that we suspend the processing of the data subject's data for a certain period of time. Circumstances that may give rise to this right (art. 18 GDPR) include situations where the accuracy of the personal data has been contested, but time is needed to verify their (in)accuracy. If the interested party has obtained the limitation of the processing of your data, we will inform him before this limitation is revoked.

 

Right of opposition

You have the right to object to the processing of your personal data, which means that you can request that we no longer process your personal data for certain purposes (e.g. direct marketing). We inform you that this right is recognized to the interested party only in particular circumstances (art. 21 GDPR) and, in particular, in the case in which the legal basis of the processing is constituted by the legitimate interest of the Data Controller.

 

Right to data portability

The right to data portability means that the interested party can ask us to provide him with his personal data in a structured, commonly used and machine-readable format and to ask us to transmit such data directly to another data controller, where this is technically feasible.

 

Right to withdraw consent

The interested party has the right to withdraw consent to the processing of personal data at any time, if the processing is based on his consent (e.g. direct marketing). In any case, the revocation of consent does not affect the lawfulness of the processing based on consent before the revocation.

 

  1. Right to lodge a complaint with the supervisory authority

The interested party also has the right to lodge a complaint with the supervisory authority, if he believes that processing concerning him violates the GDPR. Please note that in Italy this Authority is represented by the Guarantor for the Protection of Personal Data, based in Rome. The interested party not resident in Italy may lodge a complaint before the Supervisory Authority designated in their country of residence.

 

  1. Lack of an automated decision-making process

The processing referred to in this Information is not subject to automated decision-making processes.

 

The Data Controller

 

UNITERS SPA

Recently Viewed
No recently views items
Clear All