Pursuant to Article 13 of EU Regulation 2016/679
Information on the processing of personal data (articles 13 and 14 of Regulation (EU) 679/2016)
for the website www.xform.it owned by XFORM s.r.l.
This report, concerning the privacy policies of personal data by XFORM s.r.l. intends to accurately describe the management of the processing of personal data of portal users. The information is not valid for other websites that may be consulted through our links.
1. THE DATA CONTROLLER
XFORM s.r.l. (hereinafter also “Organization”) with registered and operational headquarters located in via Gran Sasso d’Italia, 9 – 42122, Reggio Emilia – C.F. and VAT number 01878810355, as the owner of the processing of your personal data, pursuant to Legislative Decree 196/03 as well as Regulation (EU) 679/2016, relating to the “protection of individuals with regard to data processing personal, as well as the free movement of such data “, hereby informs you that the processing of your data will be based on the principles of correctness, lawfulness, transparency and protection of your privacy and your rights.
2. REPRESENTATIVE OF THE DATA CONTROLLER
The ﬁgure of the Representative of the Data Controller is not provided within this Organization as it is not necessary pursuant to the Regulation itself.
3. DATA PROTECTION OFFICER
There is no provision for the ﬁgure of the Data Protection Ofﬁcer within this Organization (also called Data Protection Ofﬁcer – DPO) as it is not necessary pursuant to the Regulation itself
4. PURPOSE OF DATA PROCESSING
The purposes of the processing of your personal data are different but united by the desire to meet your needs and will be implemented only with your free consent.
a) Page “CONTACT US (contacts)”, to request information on new products and / or services by sending an email to the indicated email addresses;
We remind you that the optional, explicit and voluntary sending of e-mails to the addresses indicated on the website or, for example, using the “CONTACT US” service involves, by its very nature, the subsequent acquisition of personal data; We therefore invite our users, in requests for services or in questions, not to send names or other personal data of third parties that are not strictly necessary nor particular and / or judicial data pursuant to art. 9 and 10 of Regulation (EU) 679/2016.
5. LEGAL BASIS AND LAWFULNESS OF THE PROCESSING
With reference to the lawfulness of the processing identiﬁed, the writer speciﬁes, below, the legal bases on which they are based:
a) For the purposes referred to in Point 4., letter a) of this information, the processing of your personal data is possible only and exclusively with your speciﬁc consent (art.6, paragraph 1, letter a) of the Regulations). This consent, since there is no compilation form but a simple email address: firstname.lastname@example.org, is considered conﬁrmed when the user sends the email to the undersigned Organization
6. PROCESSING METHODS
Each treatment takes place through the adoption of security, technical and organizational measures, appropriate to the treatment itself as reported in art. 32 of the Regulation. All data are processed both with the aid of computer systems and, possibly, by means of special paper databases. We use a wide range of advanced security technologies and procedures to help protect personal data against the risks described above.
7. RECIPIENTS OF THE PERSONAL DATA PROCESSED
The recipients of the personal data referred to for the purposes set out above will be solely and exclusively the Owners of the undersigned Organization, the employees and the direct collaborators of the Organization for the sole purpose of performing the service requested by the user unless the communication is imposed by legal obligations or is strictly necessary for the fulﬁllment of user requests.
8. TRANSFER OF DATA TO A THIRD COUNTRY
There is no transfer of your data to a third country or to an international organization outside the European Union (articles 44-49 of the Regulation).
9. STORAGE PERIOD OF PERSONAL DATA
Personal data are not stored beyond the time necessary to achieve the speciﬁc data processing purposes described here, except where there are longer or shorter retention periods pursuant to applicable laws.
a) For the purposes of the processing indicated in Point 4., letter a) of this information, and only with your speciﬁc consent, your personal data will be kept for the duration of any service requested or of the resulting contractual relationship. In the event that, from this contact, a formal contractual relationship is established, your data will be kept as per legal and regulatory obligations in force regarding the maintenance of accounting, tax and administrative records and more generally of employment relationships.
10. DATA SUBJECT’S RIGHTS
You have the right to ask the Data Controller for access, cancellation, communication, updating, rectiﬁcation, opposition to treatment, integration, limitation, portability, knowledge of the violation of your personal data. , as well as in general, can exercise all the rights provided by art. 13 and following of EU Regulation 679/2016. Below is the complete list of your rights, present within Article 13 of EU Regulation 679/2016.
Requests relating to the exercise of the rights of the interested party must be addressed to Gran Sasso d’Italia, 9 – 42122, Reggio Emilia – C.F. and VAT number 01878810355 – Tel: 0039 0522 337584 – Fax 0039 0522 337584 -,
or at the e-mail address: email@example.com,
11. RIGHT TO WITHDRAWAL
You have the right to withdraw at any time the processing of your personal data referred to in Point 4. letter a) of this information, by directly contacting firstname.lastname@example.org, except that, after your requests for information have not been contractual relationships are established, in which case the right of revocation will be subject to legal, regulatory and contractual obligations.
12. CONTROL AUTHORITY
You have the right to lodge a complaint with the competent supervisory authority “Italian Privacy Guarantor” if you believe that your rights in the ﬁeld of personal data protection are at risk.
13. POSSIBLE CONSEQUENCES OF REFUSAL TO RESPOND
In relation to the aforementioned purpose referred to in Point 4., letter a) of this information, the provision of personal data by the user is NOT “mandatory”, but voluntary (eg request for information using the “CONTACTS” service ).
14. AUTOMATED DECISION-MAKING PROCESS
Your data will not be entered within any automated decision-making process.
A cookie is a text ﬁle that is stored on the user’s computer or mobile device (smartphone or tablet) by the server of a website that the user accesses and which can be read or retrieved by the server that installed it in occasion of subsequent visits to the site itself. The cookie contains some information (e.g. the server from which it originates, a numerical identiﬁer, the expiration of the cookie, etc.) and allows the website that installed it to remember, for example, the preferences expressed by the user while browsing or to make a purchase, authenticate to access restricted areas or to monitor sessions.
During navigation, the user can also receive cookies sent from different websites or web servers on his terminal (so-called third parties), on which some elements may reside (e.g. images, maps, sounds, speciﬁc links to other pages). domains) on the site the user is visiting.
During their normal operation, the computer systems and software procedures used to operate this website acquire some personal data, the transmission of which is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identiﬁed interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identiﬁed.
This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URL (Uniform Resource Locator) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the ﬁle obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing.
The data in question could be used to ascertain responsibility in the event of any computer crimes against our site.
The information is not valid for other websites that may be consulted through our links.
Cookies are text ﬁles that are stored on the computers of web users to allow safe and efﬁcient exploration of the site and monitor its use. The XFORM s.r.l. site uses only technical session cookies.
As deﬁned in the previous paragraph, cookies are text ﬁles that are stored on web users’ computers to allow safe and efﬁcient exploration of the site and monitor its use.
This site therefore DOES NOT use proﬁling cookies aimed at creating user proﬁles that are then used to send advertising messages in line with the preferences expressed by the same part of surﬁng the net.
Personal Data: any information concerning an identiﬁed or identiﬁable natural person («interested party»); the natural person who can be identiﬁed, directly or indirectly, with particular reference to an identiﬁer such as the name, an identiﬁcation number, location data, an online identiﬁer or one or more characteristic elements of his physical identity is considered identiﬁable, physiological, genetic, psychic, economic, cultural or social;
‘Treatment’: any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, such as the collection, registration, organization, structuring, conservation, l adaptation or modiﬁcation, extraction, consultation, use, communication by transmission, diffusion or any other form of making available, comparison or interconnection, limitation, cancellation or destruction;
Usage Data: are the information collected automatically by this Application (or by third party applications that this Application uses), including: the IP addresses or domain names of the computers used by the User who connects with this Application , the addresses in URI
(Uniform Resource Identiﬁer) notation, the time of the request, the method used in submitting the request to the server, the size of the ﬁle obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, the parameters relating to the operating system and the info environment of the User.
User: the individual who uses the services of this website, even for web browsing purposes only (coincides with the person concerned). Interested: the natural person to whom the Personal Data refers.
Data Controller: the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of processing personal data; when the purposes and means of such processing are determined by Union or Member State law, the data controller or the speciﬁc criteria applicable to its designation may be established by Union or Member State law;
This Application or Platform or Website: the hardware or software tool through which Users’ Personal Data is collected.