Privacy Policy on the Usage of Personal Data
In accordance with Article 13 of Regulation (EU) 2016/679 (“Privacy Policy”)
This privacy policy is pursuant to Regulation (EU) 2016/679 (hereafter “Regulation” or “GDPR”) and lays out the methods for the usage and processing of personal data of users that consult and utilize this website, accessible at the following link https://www.rotagroup.it/it/ (hereafter “website”) or that utilize the services offered through the website. On the basis of the current European Regulation regarding the protection of personal data n. 679/2016 (“GDPR”), the collection and usage of said data will always follow principles of lawfulness, fairness, and transparency.
Personal data of the users who browse the website (referred to as “the interested party”, in that they are identified or identifiable individuals) may be processed following use of the website.
A. DATA CONTROLLER
The Controller of said personal data is the company Rota Group s.r.l., in the person of its legal representative pro tem, PI: 00767870967, with legal headquarters in Via E. Berlinguer 1 – 20060 Pozzo d’Adda (MI), e-mail privacy@rotagroup.it (hereafter “Controller”).
B. JOINT CONTROLLER PURSUANT TO ART. 26 GDPR
Rota Group s.r.l. and Ossidazione Anodica s.r.l. unipersonale are joint controllers of the processing pursuant to Article 26 GDPR by virtue of an agreement signed between the parties.
C. DATA PROTECTION OFFICER (DPO)
The Data protection officer (DPO) is lawyer Francesca Fumana.
For all matters relating to the handling of personal data, including the exercising of rights of the interested party acknowledged by the current legislation, the Data protection officer can be contacted at: dpo@rotagroup.it or avv.francescafumana@ordineavvocatibopec.it
C. CATEGORIES OF DATA COLLECTED, PURPOSE, LEGAL BASIS, AND RETENTION TIME
1. Navigation Data
Personal data can be collected autonomously by the Controller or through third parties.
In these cases, the systems and software procedures utilized for the proper functioning of this website gather user’s technical data (for example: IP address, browser used, operating system, domain name, and websites on which users may have signed in or out of an account, etc.), whose transmission is inherent to normal internet usage.
Purpose: this data can only be used anonymously and for statistical purposes related to the usage of this site and/or to control its proper functioning.
Retention: this data will be immediately deleted after processing.
Legal basis: the usage of this data is carried out on the basis of the legitimate interest of the Controller to improve the site’s accessibility and security (art. 6, par. 1 lett.f). Consent will be requested from the interested party exclusively for profiling purposes (art. 6, par. 1 lett.a).
2. User’s Contacts via email and cell phone
Any communication, whether optional, explicit or voluntary, by email to the email addresses indicated on this website, will result in the acquisition of data provided by the user, including their email address, and the consent to receive messages in response to any requests made.
In these cases, providing an email address or other personal data is optional, but necessary in order to use this service and receive a reply to any requests made. Without this data, it is not possible to process the user’s request.
Purpose: The personal data provided are utilized exclusively to satisfy or respond to the requests made and are communicated to third parties only if necessary.
Retention: The personal data is saved for the period of time necessary to respond to the request made and in accordance with current legislation.
Legal Basis: the use and processing of this data is carried out in order to fulfill a contractual and pre-contractual obligation taken on by the Controller through this service (art. 6, par. 1 lett.b).
3. Link to other website
The Website may include hyperlinks to other websites. By clicking on one of these links, the user may be redirected to another website or another Internet source that may collect information about the user through cookies or other technologies. The Owner assumes no responsibility or control authority over these other websites or Internet resources, nor their collection, use, and disclosure of user’s personal data. It is necessary to check the privacy statements of these other websites and Internet sources in order to judge whether they act in accordance with privacy legislation.
This site uses cookies as specified in the Cookie Policy.
4. This site uses technical, tracking, and profiling cookies. For more details, consult our cookie policy.
D. DATA RECIPIENTS
The personal data gathered are handled by the Controller’s staff, which acts with previous consent and following the specific instructions given, based on the purposes and modality of the processing of said data.
In addition, the processors or sub-processors responsible for data processing under art. 28 of GDPR, whom the Controller employs in order to provide certain services or to carry out activities under his jurisdiction, may be recipients of the data gathered after visiting the site or using its services, within the limits of the activity assigned.
You can request the associated list from the Controller using the contact information indicated in section A.
If and when a data processor or sub-processor becomes responsible for any personal data through the site’s services in accordance with art. 28 of GDPR, this data will be communicated to the Controller and/or other responsible parties.
E. DATA TRANSFER
There shall be no international transfer of the personal data gathered.
F. RIGHTS OF THE INTERESTED PARTIES
The interested parties- the identified or identifiable individuals that the data refers to- are entitled to specific rights regarding data protection, as listed below:
a) Right to access: the right to obtain from the Controller confirmation that their data is being utilized, and if so, to obtain access to the personal data and detailed information regarding the origin, the purposes, the category of data being processed, the recipients of communication or transfer of data, and more;
b) Right to rectification: the right to obtain from the Controller the correction of any incorrect personal data without unjustified delay, as well as the integration of any incomplete personal data, supplying a supplementary statement if required;
c) Right to elimination (“obscurity”): the right to obtain from the Controller the elimination of any personal data without unjustified delay in the following cases: i. the data that was necessary to process certain requests is no longer necessary; ii. the agreement that the data usage was based on has been revoked and there is no other legal basis for the processing of said data; iii. the personal data has been unlawfully utilized; iv. the personal data must be eliminated for a legal obligation;
d) Right to object to data usage: the right to object at any time to the usage of personal data that is, in a legal sense, of legitimate interest to the Controller;
e) Right to restriction: the right to obtain from the Controller the restriction of data usage, in the case that the accuracy of the personal data becomes disputable (for the period of time necessary for the Controller to verify the accuracy of said data), or that the usage is unlawful and/or if the interested party objects to the usage of their data;
f) Right to data portability: the right to receive in a structured format, easily legible and machine-readable, one’s personal data and to send said data to another data controller, if technically feasible, only in the case that the data processing is based on an agreement or contract, and only for the specific data being electronically utilized;
g) Right to lodge a complaint to a supervising authority: notwithstanding any other administrative or legal appeals, if the interested party believes that the usage of their data violates the Regulation, they have the right to lodge a formal complaint to the supervising authority of the government in which they reside or regularly work, that is, the country in which the violation has taken place.
These rights can be exercised by contacting the Controller using the contact information indicated in sections A and B, repeated here:
– Data Controller privacy@rotagroup.it
– DPO avv.francescafumana@ordineavvocatibopec.it
This privacy policy has been updated on 13/04/2024.