As required by current legislation (art. 13 General Data Protection Regulation, hereafter also GDPR), Schalcon S.p.a. (hereafter also indicated as “Data Controller” or “Company”) provides the users who access the website www.schalcon.com (hereafter also “website”) with the information relating to the processing of their data.
ABOUT THE DATA CONTROLLER AND HOW TO CONTACT IT
The Data Controller is Schalcon S.p.A., with registered office in Viale Enrico Ortolani, 195 - 00125 Rome, VAT reg. no. 01137561005. Use the e-mail address info@schalcon.com to contact the Company.
WHICH DATA IS PROCESSED
The data processed is the browsing data and the data provided spontaneously by the user.
Browsing data
The IT systems and software procedures used to run this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of the Internet communication protocols. Such information is not collected to be associated to identified data subjects. However, because of its very nature, through processing and association with data held by third parties, it allows the users to be identified. Included in this data category are the IP addresses or domain names of the computers used by the users who connect to the website, the URIs (Uniform Resource Identifier) of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment.
Data provided directly by the user
Included in this category is all the personal data conferred by the user as an option (e.g. when information is required by writing to the e-mail addresses stated on the website). Should the user decide to contact the Data Controller by means of the specific forms available on the website, he/she may find out detailed indications on the processing of the requested data by accessing the specific policies reported on the pages concerned.
WHAT ARE THE PURPOSES AND LEGAL BASES OF THE PROCESSING?
Browsing data: purposes and legal bases
The browsing data is acquired to obtain statistical information on the use of the website, for security purposes and to check its correct operation, and could be used to ascertain liability in case of cyber crimes against the website. The legal base for the processing such data is the legitimate interest and, in the case of requests by the Authorities, the legal obligation. For the use of cookies or pixels for specific purposes, please refer to the cookie policy available at the footer of the website.
Data provided directly by the user: purposes and legal bases
The personal data provided by the user as an option by contacting the data controller, is only used to fulfil any requests put forward and to allow the use the services subscribed. Therefore, the legal base for the processing of such data is the execution of pre-contractual measures and the obligations deriving from the contract. Should it be deemed necessary, the data may also be used for the legitimate interest of the data controller to carry out defensive activities or to assert or defend a right in court.
HOW IS THE DATA MANAGED?
The data collected is processed with IT tools. Suitable security measures are adopted to prevent the loss of data, illicit or incorrect use and unauthorised access. For the processing of data connected to the services of the website, servers located inside the European territory are used. The data provided directly by the user is retained for the time strictly necessary to fulfil the requests and then erased, notwithstanding any defensive requirements (which may call for additional retention). The browsing data of the users who access the website is acquired and processed directly by the hosting provider without the Company having access to it. Regarding the data acquired by means of Google Analytics and other services that use cookies and similar tools, please refer to the cookie policy.
WHAT HAPPENS IF THE DATA IS NOT PROVIDED?
Except for the browsing data needed in terms of IT and electronic protocols, data provision by users through the various available methods is free and optional. However, failure to provide the data will make it impossible to continue with the requests forwarded or that the user intends to forward
WHO MAY KNOW THE DATA?
The data will be processed by the personnel of the Data Controller authorised for the processing. The data may be known by the competent Authorities in the case of specific requests that the data controller is obliged to fulfil by law, by the companies that provide IT services and by consultants for litigation management purposes and for legal assistance in case of disputes that need its involvement. It is hereby specified that some of the subjects stated above work as data processors and that the communication to those who work as independent data controllers is made to fulfil some legal obligations or because it is needed to comply with the obligations deriving from the contractual relationship or in the legitimate interest of the data controller, consisting in maintaining the security of the IT systems and performing the defensive activities through legal consultants. The data subject may request from the Data Controller the list of the external subjects that perform their activity as data processors. In any case the communication is limited only to those data categories whose transmission is necessary in order to carry out the activities and achieve the purposes pursued.
WHAT ARE THE DATA SUBJECTS’ RIGHTS?
The law grants the data subjects the right to ask the data controller to access the personal data and to adjust or erase it or to restrict the processing that concerns them or to object to its processing, in addition to the right to data portability.
The data subject may assert his/her rights at any time, without formalities, by contacting the data controller at the e-mail address privacy@schalcon.com
Reported below in detail are the rights recognised by the current legislation concerning personal data protection.
The data subject is then informed that, in the event he/she deems the processing of his/her personal data to be taking place in breach of GDPR provisions, he/she has the right to lodge a complaint before a supervisory authority, as provided for by art. 77 of the Regulation or to bring the issue before the competent courts (art. 79 of the Regulation).
ADDITIONAL INFORMATION
Concerning cookies and similar tools used by the website, please refer to the cookie policy.
This privacy policy was updated on 28/11/2018