WHY THESE INFORMATIONS
According to article 13 of the European Regulation 679/2016 (GDPR), this private policy applies to the use of any and all data collected by us or provided by you in relation to your use of the website of INDAF s.a.s. company (here mentioned as INDAF) i.e. www.indaf.it.
The present information does not concern other websites, pages or on-line services that can be accessed from this website to any links contained but not referred to INDAF.
In compliance with current legislation, every data collection will be governed by the principles of correctness, lawfulness and transparency.
As a result of users browsing the website, personal data may be processed that concern identified or identifiable individuals.
The data controller is INDAF s.a.s., with registered office in Via Liguria 96, 33100 Udine (Italy) (email: firstname.lastname@example.org), phone number +39 0432 565971).
TYPE OF DATA PROCESSED AND PURPOSE OF THE PROCESSING
The computer systems and the software procedures used to perform this website obtains personal data whose transmission is implicit in internet communication protocols.
This category includes IP address, domain names of the computers or terminals used by the visitors, URI/URL (Uniform Resources Identifier/Locator) addresses, the hour of the request, the numeric code indicating the status of the answer given by the server (successful, error, etc) and other parameters related to the operational system or to the computing environment of the user.
These data are necessary to the use of the web services and are processed in order to :
- obtain statistical information concerning the use of the services (visited pages, number of visitors per hour range or daily range, geographic zones, etc.)
- control the correct functioning of the services offered
Legal basis of the processing
The legal basis on which the processing is lawful is the legitimate interest of the controller.
- the browsing data are not retained for more than 30 days (exception made in case there is a need for criminal investigation by the judicial authority) if these data contain the complete IP address of the user (log of the server)
- The browsing data having an anonym IP, which does not allow to identify the user, are stored and used for statistical and improvement purposes concerning the user of the website and are stored for 2 years maximum.
Data sent by the user
The optional, explicit and voluntary sending of messages to the INDAF contact address, the private messages sent by the users to profiles/pages on social media (where this possibility is foreseen) and the fact to fill and despatch the contact form on INDAF website, will cause the acquisition of the contact data of the sender, necessary to answer, and of the personal data contained in the communications. Any refusal to provide data will have the sole effect of not being able to answer to the request.
Legal basis of the treatment
The legal basis on which the treatment is lawful is the request made.
The data collected with the contact request of the user will be stocked up to the processing of the request.
Cookies and other tracing systems
Cookies are not used for profiling purposes and no other tracing systems are used.
Technical cookies are used to :
- storage of the language of the user; this information is stored in the browser of the user for 12 months
- statistical analysis of the behavior of the site users
Legal basis of the treatment
The legal basis on which the cookies are lawful is the legitimate interest of the controller.
In particular, it should be noted that the use of anonymization of the IP address is considered by the Privacy Authority, sufficient to classify the cookie as technical (and not as tracing or profiling), technology that does not require the explicit consent of the interested party for the purpose of letter c) above mentioned.
The cookies used are stored in the browser of the user who can delete them in any moment for a maximum period of :
- Preferred language for 12 months
- Statistic analysis for 6 months
RECEIVERS OF THE DATA
The browsing data and the cookies may be accessible also to the company that manages the servers where the website is hosted and to the company delegated to the technical management; these two companies are responsible of the data processing.
The up dated list of the data processors is available by contacting the data controller to the above mentioned email.
The data provided for the purposes related to the response of the requests may be accessible only to the staff or other personnel expressly appointed who act on the basis of specific instructions received to perform the request.
TRANSFER OF PERSONAL DATA
The collected data could be transferred to third countries outside the European Union, where the computer tools used for the management of the site and internet services are located; for example statistics, sending and receiving mail, cloud storage. In these cases the transfer will take place in the form and manner provided for the current legislation and, anyway, ensuring an adequate level of protection as Privacy Shield.
RIGHTS OF THE DATA SUBJECTS
The data subject has the right to exercise the rights referred to in articles 7, 15-22 of the European Regulation 679/2016.
In particular for processing based on consent, the data subject has the right to revoke it at any time by contacting the controller to his email address. The data subject, in the same way, has the right to know from the controller if his personal data exist and to obtain them in a readable form; he has the right to request access to the personal data concerning him, to receive the personal data supplied to the controller and to transmit them to another controller without any impediment; he has the right to ask and obtain the up dating of his data, to the limitation of processing, to the rectification of the data and to ask to cancel the data processed in breach of current legislation.
The data subject has also the right, for legitimate reasons, to object to the processing of his personal data and to the processing of his data for marketing purposes, on-line sale, advertising. He has the right to lodge a complaint with the Privacy Guarantor as a supervisory authority concerning the protection of personal data.
RIGHT TO COMPLAIN
The data subjects who believe that the processing of their data carried out through this website is in breach of what is written in the Regulation can file a complaint with the Privacy Guarantor, as foreseen in the article 77 of the Regulation, or can refer to the appropriate courts (article 79 of the Regulation).