Riva Forni Elettrici S.p.A. with registered office in Milan, Viale Certosa 249, as Data Controller pursuant to EU Regulation 679/2016 applicable from 25 May 2018 - General Regulation on Data Protection ("GDPR") and pursuant to Legislative Decree no. 196/2003 - Personal Data Protection Code ("Privacy Code") as amended by Legislative Decree 101/18 (hereinafter the Privacy Code and GDPR are collectively referred to as "Applicable Law") recognizes the importance of protecting Personal Data and considers their protection one of the main objectives of its activities.
In accordance with the Applicable Law, we provide you with the necessary information regarding the processing of the Personal Data you provide. This information is provided in accordance with art. 13 of the Applicable Law and Riva Forni Elettrici S.p.A. invites you to read it carefully as it contains important information on the protection of Personal Data and on the security measures adopted to guarantee their confidentiality in full compliance with the Applicable Law.
Riva Forni Elettrici S.p.A. informs that the processing of Personal Data will be based on the principles of lawfulness, correctness, transparency, limitation of purposes and storage, adequacy, minimization of data, accuracy, integrity and confidentiality. Personal Data will therefore be processed in accordance with the legal provisions of the Applicable Law and the confidentiality obligations provided for therein.
In view of the above, we inform you in accordance with articles 6, 7, 9 and 13 of the GDPR:
PERSONAL DATA SUBJECT TO PROCESSING
As part of your navigation of our site, the Data Controller may process the following categories of data;
PURPOSE, LEGAL BASIS AND MANDATORY OR OPTIONAL NATURE OF THE PROCESSING
The processing to which your Personal Data will be subjected has the following purposes:
For the purposes set forth in point 1, the processing of data is based on the principle expressed in Art. 6 of the GDPR, according to which the processing of personal data is lawful because it is necessary to fulfil a legal obligation to which the Data Controller is subject. For the purposes set forth in points 2 and 3, in compliance with Article 6 of the GDPR, the processing is lawful because it is necessary for the pre-contractual or contractual execution between the parties.
The provision of data is necessary to pursue the purposes indicated. Your refusal to provide such data could make it impossible for Riva Forni Elettrici S.p.A. to evaluate the application submitted or respond to the requests of the Data Subject, guarantee the correct use of the website, as well as the services offered therein.
The processing may be carried out manually or with the aid of electronic or automated systems, will take place at the aforementioned headquarters of the Data Controller, at the operating offices or at third parties identified and will include, in compliance with the limits and conditions set forth in art. 5 and 25 of the GDPR, all the operations provided for in art. 4, paragraph 1, no. 2) of the GDPR necessary for the processing in question, including the communication to the parties referred to in the next point.
SCOPE OF COMMUNICATION AND DISSEMINATION AND TARGET AUDIENCES
The Personal Data you provide may be shared, for the purposes specified above, with:
a) Service providers used by the Data Controller for the management and/or maintenance of the information system and telecommunications networks (including e-mails and/or internet platforms) operating as authorised subjects or processors;
The subjects belonging to the above-mentioned categories act as Data Processors or operate in total autonomy as separate Data Controllers. The list of Data processors is constantly updated and available on request at the headquarters of the Data Controller.
b) persons authorised by Riva Forni Elettrici S.p.A. to process Personal Data who are committed to confidentiality or have an adequate legal obligation of confidentiality; (e.g. employees and collaborators of Riva Forni Elettrici S.p.A.);
We also inform you that the processing of Personal Data is carried out in a system of joint control between Riva Forni Elettrici S.p.A. and Riva Acciaio S.p.A. The parties have determined in a transparent way their respective responsibilities regarding the observance of the obligations deriving from the GDPR, through an internal agreement stipulated according to art. 26 of the GDPR. In particular, the parties agree that the respective areas of joint control concern the processing of data of employees in compliance with the purposes set out below, such as:
- Management of ICT systems;
DATA TRANSFER ABROAD
Due to the configuration of the IT infrastructure your data may be communicated to companies contractually linked to Riva Forni Elettrici S.p.A. with registered offices in third countries outside the EU, in accordance with and within the limits provided for by the Applicable Law. In particular, your Personal Data may be transferred to Switzerland, a country in respect of which the EU Commission has taken a decision of adequacy pursuant to art. 45 of the GDPR.
The processing of the Personal Data in question and their storage will have a duration coinciding with the time necessary for the exhaustion of the purposes indicated in this statement and in any case up to 12 (twelve) months from reception of the above-mentioned data.
RIGHTS OF SUBJECT DATA
Within the limits of Applicable Law, as a Data subject, you have the right to request from Riva Forni Elettrici S.p.A. the access your Personal Data, the rectification or erasure thereof and to limit or object to the processing of your Personal Data at any time.
Requests must be sent via e-mail to the following address: firstname.lastname@example.org.
As a Data subject, you have the right to lodge a complaint with the competent supervisory authority (Personal Data Protection Authority), if you believe that the processing of your Personal Data is contrary to current legislation.
DATA CONTROLLER AND DATA PROTECTION OFFICER
The Data Controller is the company Riva Forni Elettrici S.p.A. with registered office in Milan Viale Certosa 249, tel. 02307001, e-mail address email@example.com. In turn, Riva Forni Elettrici S.p.A. has appointed GetSolution di Paola Generali, with registered office in Via Ippolito Rosellini, 12 20124 Milan, tel. 0239661701 e-mail address firstname.lastname@example.org, as Data Protection Officer (DPO), available for any information regarding the processing of Personal Data carried out by the Data Controller.