Information notice pursuant to Art. 13 of the Regulation (EU) 2016/679 (“GDPR”)
DATA CONTROLLER, pursuant to art. 4 and art. 24 of the Regulation (EU) 2016/679 is Magir Srl, with registered address in via Aurelio Saffi, 132 – 21100 Varese (VA) represented by the Center Administrator – Legal Representative. You can contact the Controller at any time at the following contacts: email firstname.lastname@example.org.
PROCESSED PERSONAL DATA
Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (such as name, last name, date of birth, address, email, telephone number).
During their ordinary course of operation, the IT systems and software procedures required to run this website acquire certain Personal Data, whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified Data Subjects but, by its very nature, it could enable identification of the users through the processing and matching of data held by third parties. This data category includes IP addresses or domain names of computers used by the users who visit the site, as well as the URI addresses (Uniform Resource Identifier) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in reply, the numerical code indicating the status of the reply from the server (done, error, etc.) and other parameters related to the operating system and the IT environment of the user.
Data provided voluntarily by the user
The optional and voluntary disclosure of personal data (e.g.: sending of emails to the email addresses indicated on this website and/or the completion of a data collection form on this website) entails the collection and processing of the voluntary disclosed user’s data, necessary to reply to the request, as well as other personal data included in the email message (such as name, last name, address, telephone number, email address).
|Legal basis||Data Retention|
|A) Navigation of this website / obtaining anonymous statistical information on the use of the website and services / control of website’s correct functioning||Controller’s legitimate interest:
ensure the correct browsing and
usage of the website
|Duration of the browsing session, (except for any need to ascertain criminal offenses by the judicial authorities)|
|B) Send a message||Controller’s legitimate interest:
reply to users’ requests
|C) E-Commerce and related administrative-accounting activities||Contract
Art. 6 point (b) GDPR: the processing of personal data is necessary for the performance of the contract to which the data subject is party (E-Commerce)
Compliance with a legal obligation
art. 6 point (c) GDPR:
|10 years or different legal term set forth under article 2220 of the Italian Civile Code|
PERSONAL DATA RECIPIENTS
The personal data provided will be communicated to recipients, who will process the data as processors (Article 28 of the GDPR), as persons acting under the authority of the Controller and Processor (Article 29 of the GDPR) or autonomous Data Controllers, for the purposes listed above. Precisely, the data will be communicated to: – parties that provide services for the management of the information system and telecommunications networks used by the Data Controller (including email, the web platform); studies or companies in the context of assistance and consultancy relationships; – in case of administrative and accounting purposes, data could be transmitted to business information companies evaluating solvency and payment habits and/or relating to debt collectioning; -competent authorities for compliance with legal obligations and / or provisions of public bodies, upon request. The list of data processors is constantly updated and available at the headquarters of the Data Controller.
DATA TRANSFER TO A THIRD COUNTRY AND / OR AN INTERNATIONAL ORGANIZATION AND GUARANTEES
The personal data provided may be transferred to countries outside the EU, in order to comply with the aforementioned purposes, within the limits and under the conditions set forth in art. 44 and following of Regulation (EU) 2016/679. The data subject may obtain information about the guarantees contacting the Data Controller.
NATURE OF DATA PROVISION
Except for what specified for navigation data which are necessary in order to allow navigation of the website, users are free to provide their personal data and their refusal may result in the impossibility of obtaining the information or services requested and provided through this website.
DATA SUBJECT’S RIGHTS | COMPLAINT TO SUPERVISORY AUTHORITY
You may exercise your rights pursuant to articles 15, 16, 17, 18, 19, 20, 21, 22 of the Regulation EU 2016/679 by writing to the Controller’s contacts above.
You have the right, at any time, to request the Controller to access your personal data and receive the information concerning their processing. You have the right to rectify, erase your personal data or limit their processing.
Where appropriate, you have the right to object, at any time, to the processing of your data, including profiling, and you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.
You have the right to the portability of your personal data; in such case the Controller shall provide you with your personal data in a structured, commonly used and machine-readable format.
Without prejudice to any other administrative or judicial remedy, if you consider that the processing of your personal data infringes the Regulation (EU) 2016/679, you have the right to lodge a complaint with the Data Protection Authority.
Last update: January 2019
DATA CONTROLLER – MAGIR SRL