Spontaneous reporting – Privacy Notice pursuant to Article 13 of the European Regulation no. 2016/679 concerning the protection of physical persons with regard to the treatment of personal data (GDPR)
The reason for this notice
The methods are described on this page of managing users’ personal data collected through the following form of this website.
This is an information briefing that is also made available in accordance with article 13 of the European Regulation 2016/679 regarding the protection of physical persons with regard to the processing of personal data (GDPR) of users who voluntarily provide their personal data in the appropriate sections of our website.
The Data “Controller”
The entry and forwarding of your personal data on the forms of this website involve the processing of personal data provided by you. The Data Controller is Alfasigma S.p.A. with registered office and administrative headquarters in Via Ragazzi del ’99 – 40133 Bologna – Tax Code and VAT No. 03432221202 – Email email@example.com
The Company has identified a Data Protection Officer in accordance with Article 37 of the Regulation, who is Mr Antonio Armento. The DPO can be contacted for questions concerning the processing of your data, through the following contact details: Privacy Tel. +39-06-91393955, email firstname.lastname@example.org
The company Apex S.r.l. has been appointed data manager in accordance with article 28 of the aforementioned Regulation 9 on matters of the protection of personal data, since it is responsible for the maintenance of the website's technological part.
The updated list of the managers and the persons authorised to process the data can be consulted by sending a request to the email address: email@example.com
Data Processing and Purposes
The personal data collected may be used and processed – on paper and electronically – by means of automatic archiving in the computer system of Apex S.r.l, ], through its appointees or data managers for the following purposes:
- management of contact and information requests;
The personal data collected may also be communicated to other companies, be they the parent company, subsidiaries or affiliates in accordance with article 2359 of the Civil Code, also through the Data Managers exclusively for the purposes of the data processing indicated in the above points.
It is made clear that the communication of personal data to public or private subjects shall be carried out only if sanctioned by the laws or regulations or if it should be necessary for the conduct of institutional functions.
Voluntary nature of granting Data
The granting of the data requested is optional. However, please be aware that, should consent not be given to the processing, the user would not be able to use the requested services.
Method of the Treatment
The personal data is treated with automated instruments for the time strictly necessary to achieve the purposes for which they were collected.
Specific security measures are followed in order to prevent data loss, illegal or improper use and unauthorised access.
Transfer of the data
The management and retention of the personal data shall take place on servers, located within the European Union, of the Data Processor and/or third-party companies duly appointed as Data Managers. Currently, the servers are located in Italy. The data are not currently subject to transfer outside the European Union.
In any event, it remains understood that the Data Controller, should it be necessary, shall have the right to change the location of the servers, in Italy, within the European Union and/or to countries outside the EU.
In this case, the Data Controller guarantees henceforth that the transfer of the data outside the EU shall take place in compliance with articles 44 and subsequent of the Regulation and the applicable legal measures stipulating, where necessary, agreements that ensure an adequate level of protection.
Data retention times
The data concerning you shall be retained in accordance with the following criteria:
Data Subjects Rights
- for a period of time no longer than that necessary to attain the purposes for which they are processed;
- for a period of time no longer than necessary to fulfil regulatory obligations.
The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or otherwise of that data and to know their content and origin, to check the data are correct and request supplements or updates, or corrections (Articles 15, 16, 17, 18, 20, 21, of the European Regulation 2016/679 GDPR).
The rights can be exercised by making a written request to the email address: firstname.lastname@example.org, or by contacting the Data Protection Officer at the email email@example.com
Changes to this Information Briefing
This Information Briefing may undergo changes. It is therefore recommended that you regularly check this Information Briefing and refer to the most up-to-date version.