(General Data Protection Regulation)
WHY THIS WARNING
This policy is provided only for the https://www.htcontrol.it/ site (hereinafter also simply “site”) and not for other websites possibly consulted by the user via links on the site. The policy is inspired by Recommendation No. 2/2001 of 17 May 2001, Opinion No . 04/2012 on Cookie Consent Exemption of 7 June 2012 and Working Document 02/2013 providing guidance on obtaining consent for cookies of 2 October 2013 that the European authorities for the protection of personal data, gathered in the Group established ex art. 29 of Directive 95/46/EC, adopted to identify some minimum requirements for online personal data collection, and, in particular, the methods, timing and nature of the information that the Data Controllers must provide the users when they connect to web pages, regardless of the purposes of the link.
This policy also applies as so-called “extended” policy compared to the short text in the Data Controller’s commercial form “We use – also through external collaborators – the data that concerns you for our administrative and accounting purposes. Detailed information, also regarding your right of access and your other rights, are provided on www.htcontrol.it ”.
THE DATA CONTROLLER
After consulting this site and possibly sending requests to the contacts listed in its various sections, data may be processed relative to identified or identifiable individuals.
The Data Controller of their processing is Alfa Electronics srl (VAT Number 01038580930), in the person of the legal representative pro tempore, based in Cordenons, via Amman 35.
DATA PROCESSING LOCATION
The processing related to the web service of this site is done at the aforementioned location and is taken care of by the Data Controller and by the consulting company that assists the Data Controller in the maintenance of the site. The optional, explicit and voluntary sending of e-mail to the addresses indicated on this site involves the subsequent acquisition of the sender’s address, necessary to respond to the requests, as well as any other personal data entered in the letter.
DATA TYPES PROCESSED
Information automatically collected by browsing the Site
The computer systems and software procedures responsible for the operation of this website acquire, during their normal operation, some personal data the transmission of which is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and associations with data held by third parties, make it possible to identify the users, the computers used by users who connect to the site, the addresses in Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user’s operating system and computer environment.
By visiting the site, the following information is automatically collected:
- The user’s hostname. The hostname or Internet Protocol address of the user requesting access to the site.
- HTTP and HTTPS header, and the “user agent” string that includes: the type and version of the browser used and the operating system with which the browser itself works.
- System date. The date and time of the user’s visit.
- Complete request. The exact request made by the user.
- Content length. The consistency, in bytes, of every document sent to the user.
- The request method used.
- Universal Resource Identifier (URI). The location of the resources on the server.
- The Request URI string, in other words everything that can be found after the question mark in the URI.
- Type of device used to consult the site.
- The transmission protocol and version used.
The information collected by the Data Controller, through access to the website, is used to improve the quality of the service offered to the users of the site.
Should the processing also involve personal data that falls into the category of “sensitive” data (i.e. data suitable to reveal racial and ethnic origin, religious, philosophical or other beliefs, political views, membership in religious, philosophical, political or trade union parties, trade unions, associations or organisations, as well as personal data suitable to reveal health status and sex life) or “legal” data, the processing will be carried out within the limits indicated by the General Authorisations of the Guarantor, in accordance with the methods provided by D.Lgs. (Legislative Decrete) 196/2003 and the EU Regulation 2016/679 and for the purposes strictly necessary for the regular performance of the activity, the operations related to the disbursement of products/services and the fulfilment of contractual and/or legal/regulatory obligations.
Users are urged to avoid entering unnecessary sensitive and legal data on the site as this could result in the destruction of the message.
Apart from what is specified later for the browsing data, the user is free to provide the personal data listed in any information request forms. Failure to confer it may make it impossible to obtain what is requested.
Personal data is processed with automated tools for the time strictly necessary to achieve the purposes for which it was collected. Specific security measures are observed to prevent data loss, misuse or incorrect use, and unauthorized access.
CONTRIBUTION OF THE DATA
The optional, explicit and voluntary sending of e-mail to the addresses indicated on this site involves the subsequent acquisition of the sender’s address, necessary to respond to the requests, as well as any other personal data entered in the letter.
Apart from what is specified for the information that is automatically collected, the user is free to provide the personal information listed in the request forms or otherwise indicated in the contacts to request the forwarding of information or other communications. Please note that the data required to be able to fulfil the request is the first name, last name, e-mail address, phone number and purpose of the request. Failure to provide it may make it impossible to obtain what is requested.
In the commercial sphere, the provision of data is mandatory for the fulfilment of all related legal and contractual obligations, and the failure to provide it may result in the impossibility of establishing or continuing the contractual relationship correctly.
PURPOSE OF THE PROCESSING AND LEGAL BASIS
The processing of the data collected by the Data Controller is carried out in accordance with the rules on the confidentiality and protection of personal data in force and the principles of accuracy, lawfulness, transparency, relevance, completeness and no surplus information. In addition, the personal data collected, automatically or by voluntary submission of the user, will be processed only for the following purposes and stored for the period strictly necessary for those purposes.
The processing, furthermore, concerns the data relative to the performance of economic activities, processed in accordance with the current legislation on business and industrial secrecy.
|Manage access to the site and preserve its security||Legitimate interest.|
|Carry out obligations arising from a contract of which the interested subject is a part or to fulfil, prior to the conclusion of the contract, specific requests of the interested party||Contractual or pre-contract fulfilment.|
|Provide customer support service and related activities||Contractual and legal fulfilment.|
|Comply with tax and accounting obligations provided by the Law||Legal obligation.|
Legitimate interest (communication data to the accountant).
|In general, comply with the legal obligations, EU regulation or legislation resulting and related to the above contractual relationship.||Legal obligation.|
|Subscribe to the newsletter||Consent of the person concerned.|
|To satisfy the Data Controller’s legitimate interest in maintaining a channel of communication with the Customer, the Alfa Electronics S.r.l. company will use the Customer’s contact information to provide occasional communications about their products and business. At any time, the Customer can tell the Data Controller if he no longer wants to receive such communications.||Legitimate interest of the Data Controller.|
Art. 130, paragraph 4, D.Lgs. 196/2003.
CATEGORIES OF RECIPIENTS
The data provided may only be known by the employees and partners of the Data Controller specifically authorized to process such data as appointees and managers, for the sole purpose of completing the activities requested by the customer/user of the site. These subjects are bound to secrecy and confidentiality also based on appropriate internal regulations.
The subjects or categories of subjects who, within the scope of the purposes outlined in this policy, may become aware of the data or which may be communicated to them are, since they are involved in the organization of the site and in the management of the orders, the specially appointed internal staff (administrative and technical) and also external entities (third-party technical service providers, hosting providers, IT companies, consultants, banks, couriers/shippers, insurance companies for any insured risks) also appointed, if necessary, Processing Managers by the Data Controller.
The data may also possibly be communicated to Public Bodies, Police Forces or other Public and Private Entities, but only to fulfil statutory obligations, EU regulations or legislation.
The data is processed and stored for the time required by the purposes for which it was collected. Therefore:
- The personal data collected for purposes related to the execution of a contract or a pre-contract request between the Data Controller and the User/Customer will be retained until the full execution of that contract and also later by legal obligation (e.g. 10 years for invoices) or to protect, enforce or defend a right of the Data Controller.
- When the processing is based on the User’s consent, the Data Controller may retain personal data for longer, until that consent is revoked or until the service is interrupted by the Data Controller. In addition, the Data Controller may be obligated to keep the Personal Data for a longer period in accordance with a legal obligation or by order of an Authority.
- The data processed by legal obligation is processed for the duration of the statutory regulations applicable to each individual treatment.
- The data processed based on a legitimate interest is subject to processing until the person expresses their objection (e.g. sending commercial communications to its clients – Art. 130 paragraph 4 D.Lgs. 196/2003).
- At the end of the retention period, the personal data will be deleted. Therefore, at the end of that period the right to access, delete, correct and the right to portability of the data can no longer be exercised.
The Data Controller is available to the interested party to provide any further information regarding the retention period.
RIGHTS OF INTERESTED PARTIES
At any time, you may exercise, without any particular formality, your rights vis-a-vis the Data Controller, pursuant to articles 15 and following of the Regulation, in particular to obtain confirmation from the Data Controller of the existence or otherwise of data processing that concerns them, in order to know its origin, to request access to the personal data, its updating, rectifying, deleting or to request the limitation of the processing of the personal data or to express an objection to its treatment, to ask for its portability. These articles also provide for the right of the person to file a complaint with a European Control Authority (in Italy it is the Data Protection Authority).
Requests should be directed to firstname.lastname@example.org or to the address of the Data Controller’s office, also using the following FORM prepared by the Owner.
INFORMATION ON THE USE OF THE COOKIES
1. What are Cookies?
Cookies are small strings of text that the sites visited by the user send to its terminal (usually to the browser), where they are stored and then transmitted back to the same sites the next time the same user visits. During the navigation of a site, the user can also receive on their terminal cookies that are sent from different sites or web servers (so-called “third parties”), on which certain elements may reside (such as images, maps, sounds, specific links to pages of other domains) present on the site that they are visiting. The cookies, usually present in user browsers in very large numbers and sometimes even with features of wide time persistence, are used for different purposes: performing computer authentications, monitoring sessions, storing information about specific configurations concerning users accessing the server, choosing the language of consultation, storage of the shopping cart, etc.
2. What are the main types of Cookies?
In this regard, and for the purposes of the Privacy Guarantor’s provision no. 229/2014, two macro-categories can therefore be identified: “technical” cookies and “profiling” cookies.
- Technical cookies. Technical cookies are those used for the sole purpose of “transmitting a communication on an electronic communication network, or to the extent strictly necessary to the provider of an information society service specifically requested by the subscriber or user to provide such a service” (see Article 122, paragraph 1, of the Privacy Code). They are not used for additional purposes and are normally installed directly by the Data Controller or operator of the website. They can be divided into navigation or session cookies, which guarantee the normal navigation and use of the website (allowing, for example, to make a purchase or be authenticated to access confidential areas): our site uses non-persistent technical cookies for the sole purpose of improving your browsing experience and allowing you subsequent faster access; cookie analytics, assimilated to technical cookies where used directly by the site manager to collect information, in aggregate form, on the number of users and how they visit the site itself; function cookies, which allow the user to navigate according to a set of selected criteria (for example, the language, the products selected for purchase) in order to improve the service rendered to them. The installation of these cookies does not require the prior consent of the users.
- Profiling cookies. Profiling cookies are intended to create profiles related to the user and are used to send advertisements in line with the preferences expressed by the user in the context of web browsing. Due to the invasiveness that such devices may have in the privacy of users, European and Italian law requires that the user be adequately informed about the use of them and thus express their valid consent. Art. 122 of the Privacy Code refers to them where it stipulates that “the storage of information in the terminal of a contracting party or user or access to information already stored is permitted only on the condition that the contracting party or the user has expressed their consent after being informed in the simplified manner of Article 13 Privacy Code, paragraph 3”. Our site does not use profiling cookies.
Session and Persistent Cookies.
The Session Cookies, also used by our Site, contain the information that is used in your current browser session. These cookies are automatically deleted when you close the browser. Nothing is stored on your computer beyond the time of use of the site.
The Persistent Cookies are used to keep the information that is used during the period between one access and another to the website, or used for technical purposes and to improve navigation on the site. This information allows the sites to recognize that you are already known user or visitor and adapts accordingly. “Persistent” cookies have a duration that is fixed by the website and can range from a few minutes to two years. Our site uses this type of cookies only to allow faster and easier subsequent access and have a duration of one month.
First-party and third-party cookies You should take into account the different subject that installs the cookies on the user’s terminal, depending on whether it is the same site manager that the user is visiting (so-called “first party”) or a different site that installs cookies through the first (so-called “third parties”). First-party cookies are created and can be read by the site that created them. Third-party cookies, on the other hand, are created and can be read by domains outside the site and whose data is stored with the third party. This site uses first-party cookies of a technical nature, so, as mentioned, consent is not anticipated only this information.
For more information about this type of advertising based on users’ tastes, derived from third-party cookies, you can visit the third-party websites at the following links. At the links www.youronlinechoices.com and www.aboutads.info/choices/ you will also find information on how behavioural advertising works and a lot of information about cookies as well as steps to follow to protect your privacy on the internet.
If you want to know more about cookies and how to manage them you can also visit the website www.aboutcookies.org.
The Data Controller does not guarantee that the links to the above policies are always working, and this is due to possible updates that do not depend on his will, so the user is required to consult and verify personally the text in force on the sites of the above companies. The Data Controller is not responsible for any malfunctions or conditions that do not permit the consultation of the policies of those applications.
MANAGEMENT OF THE COOKIES IN THE CONFIGURATION OF THE MAJOR BROWSERS USED
We provide once again the following site to analyse, more generally, and manage your preferences on “online behavioural advertising” http://www.youronlinechoices.com.
Last updated: 21 July 2020.