Art. 13 Regulation (EU) 2016/679 (“GDPR”)
the following explains how We process your personal data collected automatically or provided by you through the navigation or use of this website (hereinafter, the “Website”).
1. DATA CONTROLLER
The Data Controller is Bitron Industrie S.p.A., in the person of its legal representative, with its registered office in Strada del Portone 95 - 10095 Grugliasco (TO), Italy (hereinafter “Bitron”, “Company” or “Data Controller”).
2. DATA PROTECTION OFFICER
In consideration of the performed processing activities, the Data Controller has deemed it necessary appointing a Data Protection Officer that you can reach by sending an e-mail to firstname.lastname@example.org.
3. TYPE OF DATA
In order to allow you to use the Website and its services, including the possibility of submitting your application and contacting us (hereinafter, the “Services”), the Data Controller needs to collect and process some of your personal data.
Data voluntarily communicated by you
To allow you to contact the Company for assistance or to request spare parts, the Data Controller will collect your name, surname, the company you work for and your email address.
Furthermore, in order to allow you to get in touch with the Company, the Data Controller needs to process your name, your surname, your country of origin, the company you work for, the position you hold in the company, your telephone number, your email address and any other personal data contained in the message you send.
The computer systems and software procedures used for the Website operations acquire, during their normal functioning, some personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment.
This data, necessary for the use of the Website, is processed for the sole purpose of checking and ensuring the correct functioning of the Services offered.
The navigation data does not persist for more than thirty days and is deleted immediately after their aggregation, except for the possible need to ascertain crimes by the judicial authorities.
The Website uses the following types of cookies.
Technical and session cookies are used. They are small text files containing a certain amount of information exchanged between your terminal or browser and the Website, which allow it to function correctly and to be used.
This Website uses first and third party analytics cookies. The analytics cookies are used to collect information on the use of the Website, in aggregate form, in particular on the number of users and how they visit the Website, also providing anonymous statistical analysis in order to improve the use of the Website and make the content more interesting and relevant to the desires of users.
4. PURPOSE OF THE PROCESSING AND LEGAL BASIS
Use of the Website Content and Services(i,ii,iii) and ensuring network and information security(iv).
This purpose includes the possibility of submitting your requests and communications through the Website.
In addition, this purpose includes the processing of traffic personal data to the extent strictly necessary and proportionate to ensure network and information security.
(i) Performance of a contract to which you are party
(ii) Compliance with legal obligations
(iii) Legittimate interest
The provision of your personal data is mandatory.
Failure to provide your personal data would make it impossible to use the contents and services of the Website and to guarantee network and information security.
5. DATA RETENTION
The navigation data and that is acquired through the use of the Website will not be kept for more than thirty days.
Regarding any other personal data processed, not being able to predetermine with precision their period of retention, the Data Controller commits as of now to inspire its processing to the principles of adequacy, accuracy, and minimization of data, as required by the GDPR, checking annually the need for its retention. This, except in the case where it is necessary to maintain such data to fulfill regulatory obligations, or to ascertain, exercise or defend a right in court.
6. CATEGORIES OF RECIPIENTS OF PERSONAL DATA
The personal data processed will not be disclosed to third parties, but may, however, be shared in relation to the purposes of processing set out above to the following subjects:
- those who can access the personal data according to legal provisions provided by the law of the European Union or the law of the Member State to which the Data Controller is subject;
- subjects that perform ancillary activities and services to the purposes referred to in paragraph 4, i.e. companies that offer IT infrastructures and IT assistance and consultancy services as well as companies or consultants responsible for providing further services to the Data Controller, within the limits of the purposes for which they were collected.
In addition, your personal data may also be disclosed to our employees, provided that they are previously appointed as acting under the authority of the Data Controller pursuant to Article 29 of the GDPR.
7. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES
The Data Controller does not transfer your personal data to third countries outside the European Union.
8. DATA SUBJECTS’ RIGHTS
Regarding the processing of your personal data, you, as a data subject, have the right to obtain access to your personal data. You may also request the Company to rectify or erasure your personal data. Furthermore, you have the right to obtain the restriction of the processing of personal data concerning you, as well as the right to data portability.
In addition to the above, you have the right to object at any time, on grounds relating to your situation, to the processing of your personal data carried out pursuant to Article 6 para. 1, letter e) or f), including profiling on the basis of these provisions, as stated in Article 21 of the GDPR.
Finally, you have the right to lodge a complaint with a supervisory authority or take legal action if you believe that the processing of your data is in breach of the GDPR.
To exercise any of your rights, you may contact the Data Controller, in the person of the legal representative, by addressing a communication to the registered office of Bitron, or by sending an email to email@example.com.