Facebook Linkedin-in Instagram Youtube

Information request

1234
Edit Template

Information request

1234
Edit Template

Privacy Policy

II European Regulation on the Protection of Personal Data (EU Regulation 2016/679), which protects the rights and freedoms of natural persons, in Articles 13 and 14, provides for informing data subjects. We hereby provide detailed information on the protection of your personal data processed by the company through our portal/website. As the data controller, we are responsible for the collection and processing of your personal data in connection with our activities. The purpose of this document is to inform you, in particular, about which of your data we process, the purposes for which we process and share it, the retention period, what your rights are and how you can exercise them.

  1. Identity and contact details of the data controller

The data controller is: ELMECO SRL

The contact details of the owner are:

  • e-mail: info@com
  • tel: 081.5055724

  1. Purposes of the treatments

Processing consists of the operations or set of operations referred to in Article 4(2) of EU Regulation 2016/679, i.e. any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction.

In particular, the processing carried out by ELMECO SRL with your data as part of the use of the portal/website has the following purposes:

  • Use of the portal/website and its features;
  • Use of services provided by the portal/site
  • Provision of services required while browsing the portal/website including collection, storage and processing for operational and technical management;
  • Provision of the required services with the registration on the portal/website and creation of its account and profile including the collection, storage and processing of data for the operational, technical and administrative management of the relationship (and the created account and profile) for the provision of services and communication related to the provision of services;
  • Management of relations with authorities and third-party public bodies for purposes concerning particular requests and fulfillment of legal obligations.

  1. Personal data processed

The categories of processed data that we may collect are as follows:

  • identifying and biographical data (e.g., first name, last name, place and date of birth, gender, photo);
  • contact information (e.g., address, e-mail address);
  • Browsing data (e.g., cookies).

The data collected through the portal/website are processed with the support of computer and telematic means and are protected with appropriate security measures suitable to ensure their confidentiality and integrity. The data will be recorded in special databases, and used strictly and exclusively in the context of browsing the portal/website. Since the communication of your data is necessary for the purpose of navigation on the portal/website, failure to communicate it will make such navigation impossible.

We never ask for personal data relating to your racial or ethnic origins, political opinions, religious or philosophical beliefs, trade union membership, genetic data or data concerning your sexual orientation unless required by a legal obligation. It is understood, that where we must, however, also process such data in other cases, we will provide you with specific information and acquire your explicit consent.

  1. Data Source.

The data we process and derived from our portal/website is provided directly by you when you browse or when you enter it into any of our forms on our portal/website.

  1. Legal basis for processing

We process your data for the following reasons:

  • The execution of a contract related to the functionality of the portal/website;
  • To comply with legal obligations, regulations and orders of the Authority;
  • to satisfy legitimate interests of the Enterprise, particularly in order to implement and develop our products or services, to improve our risk management, and to defend our rights;
  • for marketing purposes and is possible only with your consent, which can be revoked at any time.

  1. Recipients of personal data

The data will be processed by individuals with appropriate skills, who will use electronic and non-electronic tools, configured, so as to ensure the confidentiality and protection of your data.

Your personal data may be communicated, for the purposes defined above, to external collaborators.

  1. Information on data transfer to a third country (where applicable)

There are no data transfers to third countries or international organizations.

The company reserves the option of using cloud services, in which case the service providers will be selected from among those who provide adequate guarantees, as stipulated in Article 46 of the Regulations.

  1. Period of retention of personal data

For your personal data, processed exclusively for the purposes stated above, the retention period is related to the service for which you provided your data. Your personal data may be recorded on protected computer media and paper forms will be properly maintained and protected. Your personal data will not be disseminated.

  1. Rights of the data subject

In order to provide the data subject with the greatest guarantees regarding the processing of his or her data, the European Regulation (GDPR) presents a section dedicated to the rights that the data subject can exercise against the data controller, below is the list of rights:

  • Data subject’s right of access (Art. 15);
  • Right of rectification (Art. 16);
  • Right to erasure (“right to be forgotten”) (Art. 17);
  • Right to limitation of processing (Art. 18);
  • Right to data portability (Art. 20);
  • Right to object (Article 21).

The exercise of rights by the data subject can be made through a request to be addressed to the data controller, the request can be made through the Rights Exercise Model.

The holder must provide information regarding the request for the exercise of rights without undue delay, and in any case, no later than one month after receipt of the request. This deadline may be extended by another two months, if necessary, in case of complexity and large number of requests. The holder shall inform the data subject of the extension and the reasons for the delay within one month of receipt of the request. If the data subject’s requests are unfounded or excessive (repetitive), the holder may charge a fee or refuse the request.

9.1 Data subject’s right of access (Art. 15)

The data subject has the right to obtain confirmation from the data controller as to whether or not personal data concerning him or her are being processed, and if so, to obtain access to the personal data and the following information:

  1. the purposes of processing;
  2. the categories of personal data in question;
  3. The recipients or categories of recipients to whom the personal data have been or will be disclosed, particularly if recipients in third countries or international organizations;
  4. the intended retention period of personal data or, if this is not possible, the criteria used to determine this period;
  5. the existence of the data subject’s right to request from the data controller the rectification or erasure of personal data or the restriction of the processing of personal data concerning him or her or to object to their processing;
  6. The right to file a complaint with a supervisory authority;
  7. the existence of automated decision-making, including profiling, and, at least in such cases, meaningful information about the logic used, as well as the significance and expected consequences of such processing for the data subject.

9.2 Right of rectification (Art. 16)

The data subject has the right to obtain from the data controller the rectification of his/her inaccurate personal data without undue delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, including through a supplementary declaration. The data controller must notify each of the recipients of the rectification made, unless such notification is impossible or particularly burdensome. The data controller is required to notify the recipients of the data to the data subject if the data subject so requests.

9.3 Right to erasure (“right to be forgotten”) (Art. 17);

The data subject shall have the right to obtain from the data controller the erasure of personal data concerning him or her without undue delay, and the data controller shall be obliged to erase the personal data without undue delay if one of the following grounds exists:

  1. personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  2. the data subject withdraws the consent on which the processing is based and if there is no other legal basis for the processing;
  3. the data subject objects to processing under Article 21(1) and there is no overriding legitimate reason for processing, or objects to processing under Article 21(2);
  4. personal data have been unlawfully processed;
  5. personal data must be deleted in order to comply with a legal obligation under Union or Member State law to which the data controller is subject;
  6. personal data were collected in relation to the provision of information society services as defined in Article 8(1) of EU Reg. 2016/679.

9.4 Right to limitation of processing (Art. 18)

The data subject has the right to obtain from the data controller the restriction of processing when one of the following cases occurs:

  1. the data subject disputes the accuracy of personal data, for the period necessary for the data controller to verify the accuracy of such personal data;
  2. processing is unlawful and the data subject objects to the deletion of personal data and instead requests that their use be restricted;
  3. although the data controller no longer needs it for the purposes of processing, the personal data is necessary for the data subject to establish, exercise or defend a right in court;
  4. the data subject has objected to the processing pursuant to Article 21(1), EU Reg 2016/679 pending verification as to whether the data controller’s legitimate grounds prevail over those of the data subject.


9.5 Right to data portability (Art. 20)

As Article 20 of EU Regulation 2016/679 provides, in some special cases (e.g., processing carried out by automated means), the data subject has the right to receive personal data concerning him or her provided to a data controller and has the right to transmit it to another data controller. The data subject has the right to obtain the direct transmission of personal data from one controller to another, if technically feasible and if it does not infringe the rights and freedoms of others.


9.6 Right of Objection (Art.21)

The data subject has the right to object at any time to the processing of personal data concerning him or her, including profiling. The data controller shall refrain from further processing personal data except in special cases. Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data concerning him or her carried out for such purposes, including profiling insofar as it is related to such direct marketing.

If the data subject objects to processing for direct marketing purposes, personal data are no longer processed for such purposes.

  • Withdrawal of consent

Article 7 of the Regulations gives you the right to withdraw your consent to the processing of your personal data by sending us:

  • registered letter with return receipt to: ELMECO SRL – Via Circumvallazione esterna, 12 – 80025 Casandrino (NA)
  • pec to the address: elmeco@legalmail.it
  • Automated decision making

The Enterprise does not currently have an automated decision-making process.

  • Treatment for other purposes

In the event that the company is to carry out processing of your data for purposes other than those listed in this notice, you will be given adequate information and, if necessary, asked for your consent before such processing.

  • Complaint

Without prejudice to actions in administrative or judicial proceedings, the data subject may file a complaint with the Data Protection Authority (www.garanteprivacy.it), unless the data subject resides or works in another EU member state. In the latter case, or in the case where the violation of personal data protection legislation takes place in another EU country, the competence to receive and hear the complaint will be of the Supervisory Authorities of the country where the processing takes place.

  • Update of disclosure

Any updates to this policy will be communicated to you promptly and through appropriate means.

Casandrino (NA),

The Data Controller

ELMECO SRL

Elmeco is a partner of
Follow us on
Facebook-f Linkedin Instagram Youtube

Italy Headquarters

America Distribution Center

India Distribution Center

Certifications

© 2024 Elmeco srl P.iva 01313841213 | web design and development Estrogens&Partners