WEB PRIVACY POLICY

Company websites might collect data as described in the following document.

PREMISE

FIMIC SRL, with registered office in 54 Via Ospitale – 35010 Carmignano di Brenta – (PD) ITALY – CF and P.Iva 04785520281, in the person of the legal representative, in the capacity of data controller (hereafter, “Holder”), informs you under art. 13 D.Lgs 30.6.2003 n.196 (hereafter, “Privacy Code”) and art. 13 Regolamento UE n. 2016/679 (hereafter, “GDPR”) that your data will be processed in the following ways and for the following ends.

1) Data collected

The Holder will process non-sensitive identification data (name, surname, fiscal code, VAT number, email, phone number – hereafter, “data”) you provide as you sign up to the Holder’s website and/or as you sign up to the newsletter service provided by the Holder.

2) Categories of personal data and purposes of the processing

Your data is processed:

  1. A) Without your explicit consent, according to legal and contractual obligations (art.24 lett. a, b, c Privacy Code and art 6 lett. b, and GDPR) for the following ends:

– Allowing to register on the website;

– Managing and maintaining the website;

– Fulfil existing pre-contractual, contractual, and fiscal obligations arising from dealings with you;

– Fulfil any obligation stemming from law, regulations, Community regulations and Authority orders;

– Prevent or discover fraudulent activity and abuse harmful to the website;

– For necessities tied to maintenance and operation, possible third party services might collect system logs, which may contain data such as user IP address;

– Exercise the Holder’s rights.

  1. B) Just under your explicit consent (art. 23 and 130 Privacy Code and art. 7 GDPR), for the following marketing purposes:

– Sending you newsletter, commercial communications and advertising material concerning products or services provided by the Holder. In case you’re already a customer, we might send commercial communications about products or services akin to ones you already purchased of otherwise benefited of, unless you disagree (art. 130 Privacy Code).

3) Processing methods and data retention period

The processing of your data is done according to the operations specified under art. 4 Privacy Code and art. 4 n. 2 GDPR, more precisely: data collection, registration, organization, conservation, consultation, elaboration, editing, selection, extraction, comparison, use, interconnection, block, communication, erasing and destruction. Your data will be processed on paper, electronically and via automated processing.

The Holder will retain your data for the time necessary to fulfil the purposes above and in any case not beyond ten years from the termination of relationship for Service Purposes

4) Access and communication of data

You can access your data at any time, by requesting them to the addresses mentioned later in this document.

4.1) Cookies

The website uses cookies, for further information check the dedicated document.

5) Data sharing

Your data could be made accessible and/or communicated for the purposes mentioned in 2.A and 2.B.

Without prejudice to communications done in fulfilment of legal obligations, the Holder might share your data both in Italy and abroad (as specified in the following points) to:

– The Holder’s employees and collaborators, in the capacity of data controllers and sysadmins;

– Technicians and managers of administration and accountancy and/or to fulfil specific law obligations inherent to third parties;

– The Holder’s agent network; factoring companies; credit institutions; debt collection companies; credit insurance companies; commercial information companies; professionals and experts; transport companies; supervisory bodies and judicial authorities to which such communications are mandatory by law for the stated purposes.

– Companies or other legal entities qualified and appointed, under art. 28 of Regolamento 679/16, to support activities like: managing and development of communication and advertising means, company processes and projects, and data storage. Access could be granted to third parties and related companies which deliver services deemed necessary and/or useful by the Holder for company management and related services you may request. Among such companies are system maintenance companies, credit institutes, professional offices, companies which deliver services deemed necessary or useful by the Holder, and companies which carry out outsourcing activities for the Holder, in the capacity of external data controllers.

6) Data transfer

The managing and storing of data is carried out on servers located in the EU belonging to the Holder and/or third parties appointed as data controllers. Our servers are currently located in Italy. Data won’t be transferred outside of the EU. The Holder reserves the right to relocate the servers in Italy, in the EU or in extra-EU countries, if deemed necessary. In the latter case, the Holder assures that the transfer would happen in full observation of applicable laws and reaching, if necessary, agreements aimed to guarantee a data protection level comparable to the one provided by EU guidelines.

7) Mandatory or optional nature of data provision and consequences of any refusal

Data provision for the purposes in 2.A is mandatory. In its absence, website sign up and the rest of 2.A services would be unavailable.

Data provision for 2.B is optional.

You may therefore decide not to provide data or to deny processing of provided data: in doing so you forfeit any service described in 2.B, while retaining right of those mentioned in 2.A.

8) Rights of Data Subjects

In capacity of subject, you hold the rights mentioned in art. 7 Privacy Code and art. 15-22 GDPR, more precisely:

  1. A) Demand and obtain confirmation of the existence of data pertaining yourself, stored or not, and the communication of the such;
  2. B) Obtain indication of data origin, methods and purposes of processing, logic applied in case of electronic processing, the Holder’s and every appointee’s (under art. 5, comma 2 Privacy Code and art 3, comma 1 GDPR) identification details, entities which may receive data in capacity of data controllers or appointed representative in local territories;
  3. C) Obtain: the correction, rectification or integration of data; the deletion, anonymisation or blockage of data processed in violation of the law, including those the retaining of which is not necessary to the purpose they were collected of processed; the acknowledgement that any operation mentioned in 8.A and 8.B has been brought to the knowledge of all subjects involved to the extent of common sense;
  4. D) Oppose, completely or partially, to: the processing of your data for the intended purpose, in the presence of legitimate reasons; to the processing of your data for the purpose of advertising, direct selling, market analysis or commercial communication, through automated systems via email, phone call, or mail. The extent of the former right is fully customizable by the subject, who has the possibility of choosing which of the communication methods, if any, he prefers.

If applicable, the subject possesses also the rights mentioned under art. 16-21 GDPR (right of rectification, right to oblivion, right to restriction of processing, right to data portability, right of opposition), and also the right to complain to Competition Authority.

9) Arrangement for the exercise of the rights

You may exercise your rights any time, via:

– Registered mail w/proof of delivery to FIMIC SRL, with registered office in 54 Via Ospitale – 35010 Carmignano di Brenta – (PD) ITALY –;

– Email to info@fimic.it

– PEC to fimit@pecit.it

10) Minors

This website and the services provided by the Holder are not meant for minors, and their data is not to be intentionally collected. In case such data is inadvertently collected, the Holder will provide to its deletion upon user request.

11) Holder, people in charge and appointees

The Holder, as we referred the data controller as, is FIMIC SRL, in capacity of legal representative pro tempore, with registered office in 54 Via Ospitale – 35010 Carmignano di Brenta – (PD) ITALY –. The updated list of people in charge and appointed data controllers is kept by the Holder’s registered office.

12) Data Protection Officer

Not applicable to our company.

13) Alterations of this Policy

The present Policy is subject to alterations and changes. It is therefore advisable to regularly check this Policy and refer to the most recently updated instance available on the above mentioned website.

Conclusions

All these principles are shared with all personnel who, beside putting effort in the correct management of the System, continuously provides the Managership with inputs and informations on how to improve it.

Our attention towards risks stemming from personal data management is an engagement spread on every level of our Company, both internally and externally and towards our Partners and third party collaborators.

Our Company defines and analyses its own processes through risk management techniques. We detected threats and opportunities that our Company faces through appropriate actions, through which we aim to define suitable management systems, updated on the basis normative changes and subjects.

Our S.G.P. is therefore developed and updated to guarantee the necessary and appropriate protection for the subjects data as explained in the Company privacy polic