Information notice pursuant to Art. 13 of the EU Regulation 2016/679 (European personal data protection Regulation) related to the protection of natural persons for what concerns the processing of their personal data, and the free circulation of that data (hereinafter also “the Regulation ” or “GDPR”).
ADMA PARTNERS S.r.l.
Registered office: Viale G. Marconi no. 472, 47521 – Cesena (FC) – Italy
VAT number – 04590510402
Phone: +39 0547 397469 – email: email@example.com
Categories of data subjects
ADMA PARTNERS S.r.l. processes the personal data of its website users. Personal data is considered any information concerning an identified or identifiable natural person («data subject»); identifiable is the natural person who can be identified, directly or indirectly, with specific reference to an identifier such as name, an identification number, data related to location, an online identifier or one or more characteristic elements of the person’s physical, physiological, genetic, mental, economic, cultural or social identity.
Types of data processed
Visiting and consulting the Website does not generally imply collection and processing of the user’s personal data except for the navigation data and cookies as specified below. In addition to the so-called “navigation data” (see below), any personal data voluntarily provided by the user can be processed when the person interacts with Website functionalities or asks to use services offered on the Website by contacting the Company’s contact details.
During their normal operations, the computer systems and software procedures used to operate this website acquire some personal data where transmission is implicit when using the Internet communication protocols.
This data category includes the IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of resources required, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user’s operating system and computer environment.
Dati forniti volontariamente dall’utente
Gli utenti possono contattare la Società tramite telefono o posta elettronica, scrivendo agli indirizzi presenti sul sito. L’invio facoltativo, esplicito e volontario di messaggi agli indirizzi di contatto, comporta l’acquisizione dei dati di contatto del mittente, necessari a rispondere, nonché di tutti i dati personali inclusi nelle comunicazioni.
Third party data
If users should decide to provide us with third party data, we recommend they make sure that those parties have been suitably informed in advance of the processing methods and purposes indicated. Related to that hypothesis, the user is the autonomous controller of processing, taking on all legal obligations and responsibilities.
Finalità a base giuridica del trattamento
Data of a personal nature will be processed pursuant to legality conditions in art. 6, paragraph 1, of the EU Regulation 2016/679 (“GDPR”), for the following purposes:
- to respond to the request of the User – LEGAL BASIS: to execute the contract that the data subject is part of or the pre-contractual measures adopted at the request of the latter.
How data is provided
Providing personal data for the above-indicated processing purposes is optional, but necessary. Not providing that data will make it impossible for the User to make a request of the Controller and enable the latter to provide a response.
All data will mainly be processed in electronic format.
The personal data and any other information directly or indirectly associable to a certain user are collected and processed applying technical and organisational security measures that guarantee an adequate risk security level, considering the state of the art, implementation costs and, where foreseen, security measures prescribed by specific regulations; merely as an example, measures envisaged by provisions issued by the personal data protection Authority or by specific laws and regulations.
Data recipients or recipient categories
Within the above-indicated purposes, the personal data will be accessible (limited to respective area of responsibility) to parties appointed by the Controller to process data, in particular by:
- Employees, assimilated personnel and collaborators of the Company specifically authorised and who have received suitable operating instructions;
- Any third party suppliers of services, operating as Processors pursuant to art. 28, GDPR, only when needed for the operational and maintenance needs of the website and services made available through the Website itself;
- Subjects, entities or authorities where communicating the personal data of the data subject is mandatory by law or orders from competent authorities.
Except for the aforementioned considerations, the personal data will not be circulated and/or communicated to third parties.
Transfer of data outside the European Union
The personal data are not transferred to third party Countries outside the European Union and the European Economic Area.
If that transfer should be needed and/or inevitable for the organisational requirements of the Controller, please note that:
- It will only be to Countries where the European Commission has adopted a decision of adequacy;
- If the Country is not one of the ones indicated in the previous point, the transfer of data will be regulated by the Standard Contractual Clauses without prejudice to adoption, with the prior agreement of the Parties involved, of another of the protection measures established by art.46 of the GDPR or application of one of the derogatory mechanisms pursuant to art.49 of GDPR.
Retention of data and duration of processing
The processing will not last for longer than needed for the purpose for which the data were collected. After that, they will be stored in compliance with the law.
Once that term has gone by, the personal data will be destroyed or made anonymous compatibly with the erasure and back-up techniques.
Rights of the data subject and lodging a complaint
As Data Subjects, users enjoy the rights established by the following articles in the EU Regulation 2016/679 (“GDPR”):
– Article 7, paragraph 3: Conditions for consent, Right to revoke consent;
– Article 13, paragraph 2, letter d): Right to lodge a complaint with the controlling authority;
– Article 15: Right of access by the data subject;
– Article 16: Right of rectification;
– Article 17: Right of erasure («right to be forgotten»);
– Article 18: Right to restrict processing;
– Article 20: Right to data portability;
– Article 21: Right to oppose.
In order to exercise the rights in the above points, the data subject may contact the Controller directly in writing, to be sent to the e-mail address: firstname.lastname@example.org; the latter must provide a written response within 30 – 90 days in cases that are specifically complex.
Exercising rights is usually free of charge except for the right to ask the data subject for a contribution if the requests are manifestly unfounded, excessive or repetitive.
If data subjects should discern a breach of the law in the processing of their personal data, they may lodge a complaint with the Privacy Authority.
However, an instance may also be submitted to the legal authorities.
For further information on the rights and regulations regarding the protection of personal data in general, please visit the website of the Privacy Authority at the e-mail address http://www.garanteprivacy.it/