Information > Privacy Policy

Privacy Policy

INFORMATION PROVIDED PURSUANT TO REG.EU 2016/679 (GDPR), ART.13

1. GENERAL INFORMATION
The Data Subjects are informed of the following general profiles, valid for all areas of treatment:

  • all the data of the subjects with whom we interface are treated in a lawful, correct and transparent manner, in compliance with the general principles set out in Art.5 of the GDPR;
  • specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access, pursuant to Article 32 of the GDPR.

References and rights of the data subjects:

  • the Data Controller is the undersigned Organization, in person of the pro-tempore legal representative. In order to guarantee adequate support to the interested parties, the Data Controller has appointed a DPO (Dott. Gregorio Galli - Ph. +39 0523.1865049 - ) which can be contacted to exercise all the rights foreseen by art.15- 21 of the GDPR (right of access, rectification, cancellation, limitation, portability, opposition), as well as revoke a previously granted consent; in case of failure to reply to their requests, the interested parties can propose a complaint to the Supervisory Authority for the protection of personal data (GDPR - Art.13, paragraph 2, letter d).

2) DATA PROCESSING RELATED TO THIS WEBSITE
Navigation data
The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols. Such information is not collected in order to relate it to identified data subjects, however it might allow user identification after being processed and matched with data held by third parties. This data category includes IP addresses and/or the domain names of the computers used by any user connecting with this web site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user's operating system and computer environment.

PURPOSES AND LAWFULNESS OF PROCESSING
(GDPR-ART.13, C.1, LETT.C)
These data are only used to extract anonymous statistical information on website use as well as to check its functioning. The data might be used to establish liability in case computer crimes are committed against the website (Controller legitimate interest).
SCOPE OF COMMUNICATION
(GDPR-ART.13, C.1, LETT.E,F)
The data may only be processed by internal personnel, duly authorized and instructed in the processing (GDPR-Art.29) or by the Processor of the web platform (appointed Data Processor, Art.28 GDPR) and will not be disclosed to other parties, disseminated or transferred to non-EU countries. Only in the case of an investigation they can be made available to the competent authorities.
DATA RETENTION
(GDPR-ART.13, C.2, LETT.A)
Data are usually kept for short periods of time, with the exception of any extensions connected to investigations.
DATA PROVISION
(GDPR-ART.13, C.2, LETT.F)
The data are not provided by the data subject but automatically acquired by the site's technological systems.

Cookies
What are cookies: Cookies are short pieces of text (letters and / or numbers) that allow the web server to store information on the client (the browser) to be reused during the same visit to the site (session cookies) or later , even after several days (persistent cookies). Cookies are stored, based on user preferences, by the individual browser on the specific device used (computer, tablet, smartphone). Similar technologies, such as, for example, web beacons, transparent GIFs and all forms of local storage introduced with HTML5, can be used to gather information on user behavior and use of services. In the following of this statement we will refer to cookies and all similar technologies by simply using the term "cookies".

Possible types of first-party cookies and preferences management methods

CATEGORY PURPOSES PREFERENCE MANAGEMENT
Technical browsing or session cookies Guarantee the normal web browsing and use of the site

Through the main navigation browsers it is possible:

  • Block the receipt of all (or some) types of cookies by default
  • View the analytical list of the cookies used
  • Remove all or some of the installed cookies

For information on the setting of individual browsers see specific paragraph. Please note that blocking or deleting cookies may compromise the navigability of the site.

Analytical technical cookies Gather information on the number of visitors to the site and on the pages viewed
Technical functionality cookies Allow web browsing according to a set of selected criteria
Profiling cookies Create user profiles to send advertising messages in line with preferences

The site may contain links to third party websites and third-party cookies; for more information, please see the privacy policy of any linked sites.

Preferences management through the main browsers

The user can decide whether to accept cookies using the settings on his browser (we point out that, by default, almost all web browsers are set to automatically accept cookies). The setting can be modified and defined specifically for the different websites and web applications. Furthermore, the best browsers allow you to define different settings for "proprietary" and "third-party" cookies. Usually, the cookie configuration is done from the "Preferences", "Tools" or "Options" menu.

The following are links to the guides for managing the cookies of the main browsers:

Internet Explorer: http://support.microsoft.com/kb/278835
Internet Explorer [versione mobile]: http://www.windowsphone.com/en-us/how-to/wp7/web/changing-privacy-and-other-browser-settings
Chrome: http://support.google.com/chrome/bin/answer.py?hl=en-GB&answer=95647
Safari: http://docs.info.apple.com/article.html?path=Safari/5.0/en/9277.html
Safari [mobile]: http://support.apple.com/kb/HT1677
Firefox: http://support.mozilla.org/en-US/kb/Enabling%20and%20disabling%20cookies
Android: http://support.google.com/mobile/bin/answer.py?hl=en&answer=169022
Opera: http://help.opera.com/opera/Windows/1781/it/controlPages.html#manageCookies

Further information

Specific services
The site may contain data collection forms aimed at guaranteeing the browser any services / functionalities (eg: request information, registrations, etc.).

PURPOSE AND LEGAL BASIS OF THE PROCESSING
(GDPR-ART.13, COMMA 1, LETT.C)
The identification and contact data necessary to respond to the requests of the data subjects could be requested. The submission of the request is subject to specific, free and informed consent (GDPR-Art.6, comma1, lett.a).
SCOPE OF COMMUNICATION
(GDPR-ART.13, PARAGRAPH 1, LETT.E, F)
The data are processed exclusively by authorized and trained personnel (GDPR-Art.29) or by any persons responsible for maintaining the web platform or providing of the service (appointed in this case external managers).The data will not be disclosed or transferred to non-EU countries.
DATA RETENTION PERIOD
(GDPR-ART.13, PARAGRAPH 2, LETTER A)
Data are kept for times compatible with the purpose of the collection.
DATA PROVISION
(GDPR-ART.13, COMMA 2, LETT.F)
The provision of data related to the mandatory fields is necessary to obtain an answer, while the optional fields are aimed at providing the staff with other useful elements to facilitate contact.

Data provided voluntarily by users
Sending e-mail messages to the addresses mentioned on this website, which is done on the basis of a freely chosen, explicit, and voluntary option, entails acquisition of the sender's address, which is necessary in order to reply to any request, as well as of such additional personal data as is contained in the message(s). The sender who gives his curriculum to submit his job application remains the only responsible for the relevance and accuracy of the data sent. It should be noted that any curriculum without the data processing consent will be immediately deleted.

3) DATA PROCESSING CONNECTED TO THE RELATIONSHIPS WITH CUSTOMERS AND SUPPLIERS

3.1 Object of the processing
The Company processes personal identifying data of customers / suppliers (for example, name, surname, company name, personal / fiscal data, address, telephone, e-mail, bank and payment details) and its operative contacts (name surname and data contact information) acquired and used for managing the services provided by the Company.

3.2 Purposes and legal basis of the processing
Data are processed to:

  • manage contractual / professional agreements, as well as manage the necessary communications connected to them;
  • to fulfill the pre-contractual, contractual and fiscal obligations deriving from existing relationships, as well as to manage the necessary communications connected to them;
  • fulfill the obligations established by law, by a regulation, by the community legislation or by an order of the Authority;
  • exercise a legitimate interest of the Controller (for example: the right of defense in court, the protection of credit positions; the ordinary internal operating, management and accounting needs).

Failure to provide the aforementioned data will make it impossible to establish the relationship with the Controller. The aforementioned purposes represent, pursuant to Article 6, commi b, c, f, suitable legal bases for the lawfulness of the processing. If it is intended to carry out treatments for different purposes, it will be required a specific consent from the data subjects.

3.3 Data processing methods
The processing of personal data is carried out by means of the operations indicated in Art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data is processed both on paper and electronic and / or automated. The Data Controller will process personal data for the time necessary to fulfill the purposes for which they were collected and related legal obligations.

3.4 Scope of the processing
The data are processed by internal regularly authorized subjects and instructed pursuant to Article 29 of the GDPR. It is also possible to request the scope of communication of personal data, obtaining precise indications on any external subjects operating as managers or independent data controllers (consultants, technicians, banks, transporters, etc.).

4) POLICY UPDATING
It should be noted that this information may be subject to periodic review, also in relation to the relevant legislation and jurisprudence. In the event of significant changes, appropriate evidence will be given in the home-page of the site for a suitable time. In any case, the interested party is invited to periodically consult the present policy.

INFORMATION ON DATA PROCESSING FOR VIDEO SURVEILLANCE PURPOSES

To complete the information provided to whom it may concern with cartel exposed in the areas where the active video surveillance system is set, we therefore inform you that:

- The treatment of the personal data using video surveillance systems is made according to the current legislation regarding Privacy (UE 2016/679 “GDPR”; D.Lgs.196/2003, modified and integrated by D.Lgs.101/2018; General Provisions of the Guarantor Authority for the protection of personal data recognized by the art.22, paragraph 4 of the D.Lgs.101/2018)

- The record of the images is made by Nuova General Instruments Srl as Holder of the treatment and as Legal representative pro tempore;

- The video surveillance system has been installed for SECURITY scope and the use of the cameras is done for the protection of goods, people and property from possible intrusions, fire, theft, robbery or act of vandalism; and for the eventual defence of the Holder in judicial place (acquisition of evidences);

- The access or the passage of the people to all kind of premises, locals and spaces of relevance leads necessary to the record of the image that may regard them;

 - The images detected can be recorded and stored for the period of time strictly necessary to achieve the scope described above, the preservation time can’t be over the period described by the legislation (7 days), except for the longer term necessary to fulfil specific requests from judicial authority or judicial police in relation to ongoing investigative activities; at the end of the retention period, the recorded images are deleted from electronic, computer or magnetic media;

- The images can be used only by formally authorized and instructed personnel or by external societies responsible of the treatment of these data which cooperate to the maintenance of the system and likewise to the surveillance activities; the images are not divulgated externally by the holder, except for the execution of official orders received from the judicial authority or from the judicial police. In case of illegal acts, the image can be used in judicial places;

- The images will be used with the instruments and with the correct methodology that will grant the correct level of security and confidentiality, with particular attention regarding the Art.32 description of the GDPR and General Measure of the 08/04/2010;

- The people interested have the right to ask to the Holder of the treatment for the access of the data recorded which concern them according to the Art.15 and sequential of the GDPR. Should the person interested be recognized, he has the right to obtain the confirmation of the presence of personal data that concern him from the Holder; he has the right to know the use of those personal data (origin of the data, scope and method of use; identification details of the owner and, if known, the responsible, etc…); he has the right to ask for the cancellation or the blocking of the use of the personal data if used not accordingly to the law; he has the right to oppose, for legitimate reasons, of the treatment of these personal data;

- The eventual record of works and the use of the recorded image is done according to the current legislation regarding labour matters ( 4 L.300/70 “Worked Statement”, modified by the Art. 23 of the D.Lgs. 151/2015 “Last decree of the Jobs Act”)

 HOLDER OF THE TREATMENT DATA AND DATA PROTECTION OFFICER (IF PREFSENT)

  The Holder of the Treatment is the undersigned Organization, in the person of the pro-tempore legal representative:
- Nuova General Instruments Srl
- Tel: 0523-994629 – Email: umberto.colombini@nuovageneral.it

The Holder, according to the Art. 37-39 of the GDPR, has nominated the Data Protection Officer to whom it is possible to ask for information regarding Privacy and grant own Privacy rights:
- Galli Data Service Srl
- Tel: 0523-1865049 – Email: dpo@gallidataservice.com