NOTICE ACCORDING TO ARTICLE 13 OF REGULATION (EU) 2016/679 (General Data Protection Regulation)
The “controller” of personal data is SACA Industrie S.p.A. (hereafter “SACA”), with registered office in Via Squarzaré no. 9-11 – 33087 Pasiano di Pordenone (PN), Tax ID No. and VAT ID No. 01520700939.
- Personal data collected (object of processing)
Personal data that may be collected are:
- personal data provided in order to receive a specific service (e.g. name and contact information);
- browsing data (e.g. IP address, geographical location – Country -, which pages the user visits on the website, time of website access, browsing time per page, click path analysis. Although SACA does not collect this information to associate it with specific users, users can still be identified using this information or using other information collected);
- Purpose of processing
Apart from what is specified for browsing data and technical cookies, the user may freely provide personal data using special forms on the website.
The data you voluntarily provide will be processed by SACA as the Data Controller for the following purposes:
- to fulfill a specific user request or provide the required service;
- to send you, with your express consent, adverts and/or commercial communications about SACA products and activities;
- to sign up for newsletters and subsequently receive information about the sector in which SACA operates;
- to communicate, with your express consent, your data to companies connected or third party to SACA Industrie S.p.A., and their partner companies who may process your data to provide commercial and/or promotional information and send advertising or interactive commercial communications about products, services and other activities of the said companies, or to conduct market research.
- Legal bases for processing
Your consent is the legal basis for processing pursuant to Art. 13 Paragraph 1), letter c) of the GDPR.
- Method of personal data processing
Personal data (e.g. personal details, telephone number, email, etc.) are processed using IT procedures, with standard basic security measures in place in order to guarantee the integrity, security and confidentiality of those data for the time strictly necessary to fulfill the purposes for which the data were collected or voluntarily communicated by the User.
Specific safety measures are in place, as set out by Art. 32 of Regulation (EU) 2016/679, to prevent data loss, illegal or incorrect use of data and unauthorised access to data.
- Period of data storage
If you consent to personal data processing for marketing purposes, your contact data will be stored until you withdraw consent to data processing and, in any case, for a period of no more than 24 months from data collection.
SACA will store data processed to provide the Service for the length of time considered strictly necessary for such purposes. SACA may nevertheless store these Data for a longer period as necessary to protect the interests of SACA concerning potential responsibility associated with providing the service.
- Subjects to whom personal data may be communicated or who may have access to data as data processing managers or operators
The personal data you provide us with, for the purposes described above, may be processed and revealed to:
- employees in roles of processors, appointed by the Data Controller, operating under the controller’s direct authority in respect of their briefing;
- consulting companies performing technical website maintenance, nominated as external processor according to Article 28 of Regulation 679;
- all subjects (including Public Authorities) who have access to data pursuant to regulatory or administrative provisions.
- Communication of data
Data will not be circulated under any circumstances.
These data will not be used for personal profiling of the User.
- Links to third-party websites
Third-party websites accessible from this website are the responsibility of the third party.
SACA will not be held responsible for any requests for and/or transmission of personal data to third-party websites.
- Mandatory/optional provision of data
Provision of your data for the purposes referred to in point a) of Art. 2 is mandatory. Such processing is necessary to perform the service you have requested, and your refusal means it will be impossible to satisfy your request.
As regards the purposes of processing referred to in points b) c) and d) of Art. 2 consent to data processing is optional and can be given by checking the appropriate box. Failure to give consent will mean that the Data Controller may not send commercial offers and information about company activity and you may not obtain the requested service.
In any case, if you have given consent to authorise SACA to pursue the purposes referred to in points b) c) and d), you may still freely withdraw consent at any time without formal requirements by sending clear communication of this to the email address email@example.com. Once we have received your request, we will remove and erase your data from our database and inform any third party to whom your data have been communicated to do the same.
- Rights of data subjects
Data subjects may exercise the following rights:
- the right to access means that you have the right to be informed if the company has processed your data and, where applicable, you have the right to access your data;
- the right to rectification and the right to erasure mean that you have the right to have incorrect and/or incomplete data rectified, or erased on legitimate grounds;
- the right to restrict processing means you have the right to request interruption of processing on legitimate grounds;
- the right to data portability means you have the right to receive your data in a commonly-used, legible structured format, and the right to transmit your data to other Data Controllers;
- the right to object means you have the right to object to data processing on legitimate grounds, also when your data are being processed for marketing purposes;
- the right to lodge a complaint with a control authority in the case of illegal data processing.
- Exercising your rights
You can exercise the rights listed here at any time by sending a registered letter to the Data Controller’s registered office or an email communication to firstname.lastname@example.org.