Privacy Information Notice
The following information notice has been issued pursuant to art. 13 of EU Regulation no. 679/2016 ("GDPR") and subsequent national regulations implementing the GDPR (together with the GDPR "Applicable Law") to users of services accessible from the website www.steelcospa.com and www.icospharma.com (hereinafter the "WebSites").
During the consultation of the WebSites, information relating to users that constitute personal data can be collected in accordance with the applicable Privacy Law. The information is provided exclusively for the WebSites and does not cover any other sites accessible by the user through possible links.
IDENTITY AND CONTACT DETAILS OF DATA CONTROLLER
The Data Controller - that is, the legal entity that determines the purposes and methods of processing personal data - is STEELCO S.p.A., with registered office in Via Balegante, 27 - 31039 Riese Pio X (TV) (hereinafter “Steelco” or the “Company”).
DATA PROCESSING PLACE
The processing of data connected to the web services of the WebSites is carried out by personnel duly instructed about the precautions and guarantees to be adopted in compliance with the applicable Privacy Law and by external technicians for management and maintenance operations, appointed by the Data Controller.
CATEGORIES OF PROCESSED PERSONAL DATA
The computer systems and software procedures used to operate the WebSites acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information are not collected to be associated with identified subjects, but due to their own nature could, through processing and association with data held by third parties, allow users identification.
This category of data includes IP addresses or domain names of computers used to access the WebSites, the addresses contained in the Uniform Resource Identifier (URI) of the requested sources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user's computer environment.
These data are used for the sole purpose of checking the correct functioning of the WebSites and are deleted at the latest within 7 days following their collection with the exception of those cases where such information are used to ascertain responsibility for commission of computer crimes against the WebSites. In such case, Information will be kept available to the Authority for the time necessary to guarantee the Company rights for judicial defense.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mails to the addresses indicated on the WebSites entails the subsequent acquisition of the e-mail address and any other personal data included in the electronic communication, as well as the sender / user data necessary to respond to such requests or to provide the service. Dedicated summary information will be provided for each services given.
OPTIONAL DATA SUPPLY
Except as specified for data browsing activities, the user is free to provide his/her personal data or to specify them to enable the dispatch of informative material or other communications. The failure to provide such personal data might, however, prevent the dispatched of the requested materials or information.
METHOD OF TREATMENT - STORAGE TIME
Personal data are processed with automated tools for the strictly necessary time to achieve the purposes for which they have been collected. Specific security measures have been adopted to prevent data loss, illicit or incorrect use and unauthorized access. The information collected will be processed only for the time strictly necessary for the pursuit of the purposes indicated below.
PURPOSES OF THE TREATMENT - LEGAL BASIS OF TREATMENT - COMMUNICATION AND DIFFUSION OF DATA
The personal data provided by the users to get access to information and services, will be used only for the purpose of getting those service and information and will be disclosed only to the Company employees and partners, duly instructed about the precautions to be addressed according to the applicable Privacy Law, as well as third parties who provide ancillary services or activities for the Company, appointed as Data Processors. Cookies are here excluded and ruled by dedicated policy.
Furthermore, personal data can be communicated to daughter companies, being part of Steelco group, even based in foreign countries outside the European Union. Daughter companies have however adopted safety and applicability rules in compliance to the Privacy Law and GDPR.
Request from the Judicial Authority or Public Security are here formally excluded. Personal Data will not be disclosed in any other case.
RIGHTS RECOGNIZED BY APPLICABLE LAW
We inform users that pursuant to the Applicable Law - at any time and free of charge and without any special charges and formalities they will have the right to:
- obtain confirmation of the processing performed by the Data Controller;
- access to personal data and know the origin, the purposes and purposes of the processing, the details of the subjects to whom they are communicated, the retention period of the data or the criteria necessary to determine it;
- revoke the consent at any time, if this constitutes the basis of the treatment. The withdrawal of consent, however, does not prejudice the lawfulness of the treatment based on the consent made before the revocation;
- update or amend personal data so that it is always accurate;
- delete personal data (so-called right to be forgotten) from the databases and / or from back up archives of the Data Controller in the case, among others, where they are no longer necessary for the purposes of the processing or if this is assumed to be illicit , provided that the relevant conditions of law exist; and in any case if the treatment is not justified by another equally legitimate reason;
- limit the processing of personal data in certain circumstances, for example where the accuracy has been challenged, for the period required by the Data Controller to verify its accuracy. The Controller shall inform, in reasonable time, also when the suspension period has been completed or the cause of the limitation of processing has ceased, and therefore the limitation itself revoked;
- obtaining personal data (so-called "portability") if received and / or otherwise processed by the Data Controller with the consent and / or if their processing is carried out on the basis of a contract and with automated tools, in electronic format also in order to transmit them to other data controller;
- to oppose the processing of your Personal Data and, in particular, to the processing for marketing purposes.
The Data Controller must proceed in this direction without delay and, in any case, no later than one month after receiving the request. The deadline may be extended by two months if necessary, taking into account the complexity and the number of requests received from the Data Controller. In such cases, the Data Controller within one month of receiving your request will inform you of the reasons of the extension. The aforementioned rights may be exercised by means of a written request addressed without formalities to the Company to the contacts indicated here below.
The Company reminds you that, if the reply to your requests has not been satisfactory in your opinion, you can contact and submit a complaint to the Italian Data Protection Authority (http://www.garanteprivacy.it/) in the ways provided from Applicable Law.
CONTACT DATA OF DATA PROTECTION MANAGER (C.D. "RPD-DPO")
If appointed and with reference to matters concerning the processing of personal data, you may also contact the Data Protection Officer, available at the following addresses:
VIA BALEGANTE, 27
31039 RIESE PIO X (TV)
TEL. +39 0423 7561
Fax +39 0423 755528