PRIVACY POLICY
Metalleghe S.p.A. recognizes the importance of the protection of personal data, undertakes to respect the privacy of users, to treat private data with caution and confidentiality and not to use them for purposes other than those specified below.
To this end, this policy describes how the site is managed with regard to the processing of personal data of users who consult it.
This is a statement made pursuant to art.13 of EU Regulation 679/2016, to those who interact with the web services of Metalleghe S.p.A., accessible electronically from the following address:
• www.metalleghegroup.com;
This Policy may be amended or updated at any time by Metalleghe S.p.A.
The information is provided only for these sites and not for other websites that may be consulted by the user through links except those indicated above.
Data controller
The Data Controller is: Metalleghe S.p.A., corrente in Flero (BS), via E. Fermi n. 12-14, fiscal code 02711250981.
Data and purposes of processing
Metalleghe S.p.A. informs users of the sites that the data collected will be used exclusively for the purposes specified below, and to keep users up to date on news, promotions, and activities of Metalleghe S.p.A.
The data subject to processing are navigation data and data provided voluntarily by the user.
Navigation data
The computer systems and software procedures responsible for the operation of this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified data subjects, but by their very nature, could, through processing and association with data held by third parties, allow you to identify users.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given to the server and other parameters related to the operating system and the computer environment of the user.
This data is used only for the purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mail to the addresses indicated on the site, involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data contained in the letter. Any specific summary information is reported or displayed on the pages of the Site prepared for services on request, in order to draw the attention of the interested party on the processing of his personal data.
Metalleghe S.p.A. will use the collected data to:
a) purposes related to the use of the services offered by the sites (site navigation);
b) activities closely linked and instrumental to the management of customer relations (contact requests); c) process data relating to curricula for job application evaluation.
The provision of data for the purposes referred to in letter c) is optional and must be provided in the manner expressly provided for in Article 7 of the GDPR.
If you are already a customer of ours, we may send you commercial communications relating to services similar to those you are already using, and for which you have already given your consent, unless you disagree.
Method of treatment
The data will be processed in accordance with art. 4 n. 2) of the GDPR, by means of the following operations: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data.
Your data will be processed both on paper and electronically and/or automated.
The processing is carried out through automated systems for a period strictly necessary to achieve the purposes for which they were collected and in any case, in accordance with current legislation. The table showing the main data retention periods is attached below.
DATA CATEGORY
Prospect employee Employee
DURATION
Max 24 months
10 years after the end of the relationship
LAW AND REGULATIONS
art 5 lett. e) del Reg UE 2016/679 art. 43 del Dpr 600/73; art. 2946 codice civile; Titolo I, Capo III, del D.lgs.81/08 e s.m.i.
Client and supplier | 5-10 years | art. 2948 codice civile 5 years for recurrent payment per i pagamenti periodici; art. 2220 codice civile che prevede la conservazione per 10 anni delle scritture contabili; art. 22 del D.P.R. 29 settembre 1973, n.600. |
Prospect Client | in compliance with the terms prescribed by law for the type of activity and in any case until the consent is revoked or until the right to object is exercised | Provv. generale del 15/05/13; art. 21 Reg. UE 2016/679. |
Data processed for marketing purposes | in compliance with the terms prescribed by law for the type of activity and in any case until the consent is revoked or until the right to object is exercised | Provv. generale del 15/05/13; art. 21 Reg. UE 2016/679. |
Video surveillance images
Data of navigation
24 h
Last 10 web site
Provv. Generale del Garante; art. 21 Reg. 2016/679
Provv. Generale del Garante/legge; art. 21 Reg. UE 2016/679
LOG System Administrator | Max 6 months | Provv. Generale del Garante 27/11/2008 e ss.mm.; art. 21 Reg. UE n. 2016/679 |
Communication and transfer of data
Your data, subject to processing, will not be disseminated; instead, for the purposes indicated above, they may be communicated to the Group companies, and to third parties, including business partners, consultants and freelancers, banks and credit institutions, insurance, financial companies, factoring, leasing, services, credit management and recovery, auditors, debt collection companies, public bodies, audit or supervisory bodies, to comply with obligations arising from law, Regulations, Community regulations or matters concerning the management and execution of the legal relationship with you.
Your data will be processed by the following subjects:
Employees of the Company and of the Group, in Italy and abroad, who operate as persons authorised to process data according to the tasks carried out and adequately trained.
Responsible pursuant to art. 28 GDPR.
The list of Data Processors is available at the registered office of Metalleghe S.p.A.
For all the purposes indicated in this information, your data may also be communicated abroad, inside and outside the European Union, in compliance with the rights and guarantees provided by current legislation, after checking that the country in question guarantees an “adequate” level of protection in accordance with the provisions of the GDPR.
Rights of the data subject
Please note that in your capacity as interested parties, at any time you can ask: a) access to your personal data;
b) their correction in case of inaccuracy;
c) the deletion of data relating to you;
d) restriction of processing;
e) the right to object to the processing of your data where the conditions are met;
f) the right to data portability, that is, to receive in a structured format of common use and readable by automatic device, the personal data provided and to obtain the transfer of data to another Data Controller without hindrance.
For what is not expressly provided for by the provisions referred to herein, please refer in full to the current legislation on Privacy and specifically to art. 15, 16, 17, 18, 20 and 21 of the GDPR.
Withdrawal of consent
Your consent may be revoked, at any time, without this however being able to:
prejudice the lawfulness of processing based on the consent given before the withdrawal;
affect further processing of the same data based on other legal bases such as contractual or legal obligations.
If you would like to exercise your rights or revoke your consent, you can write to privacy@metalleghe.it for further clarification on this privacy policy or any other privacy issues.