Read the information notice on clients Data processing

Read the information notice on prospects Data processing

PRIVACY POLICY

The present policy identifies the procedures implemented by FONDERIA AUGUSTA S.r.l. (hereinafter “Fonderia Augusta” or the “Controller”) regarding the processing of personal data (the “Data” or “Personal Data”) collected through the website: http://www.fonderia-augusta.com/ (hereinafter the “Website”). Unless otherwise specified, this policy is considered to be an information notice – pursuant to Article 13 of Regulation (EU) 2016/679 (hereinafter the “GDPR”) – provided to those interacting with the Website (hereinafter the “User”).

Detailed information notices on data processing are provided, where needed, on the pages concerning the different services offered through the Website. Such information notices are aimed at defining the limits and modalities of data processing for each service, upon which the User may freely express his/her consent, where needed, and eventually authorize Data collection and their subsequent processing.

  1. Categories of Data Processed
    1. Navigation data

The IT systems and the software processes responsible to the functioning of this Website collect, during its operations, some Personal Data whose transmission is implicit in the implementation of Internet communication protocols. Such information is not collected to be associated to particular data subjects, but, by their own nature, they might, through further elaborations and association with third-party data, allow to identify the Users. This data category includes IP addresses or domain names of the computers used by the Users connected to the Website, the URI (Uniform Resource Identifier) addresses of the resources required, the time of the query, the method used to submit the query to the server, the dimension of the file obtained as a result, the code number stating the status of the result from the server (successful, error, et cetera) and other parameters related to the operating system and the system environment of the User. These Data are used only for the purpose of obtaining anonymous statistical information on the use of the Website and to monitor its correct functioning. Such data are erased immediately after their elaboration. Data may be used to ascertain liability in case of possible cybercrimes committed to the detriment of the Website.

  1. Data provided on a voluntary basis by the User or collected from third parties

The optional, expressed and voluntary provision of an email address, the messages to the addresses indicated in the Website, as well as the messages sent through the published Data collection forms, causes the subsequent collection of the address of the sender and the eventual other Personal Data inserted, needed to answer the queries. Specific and summarized information notices may be affixed or displayed, from time to time and where strictly necessary, in the pages of the Website made available for particular services on request. In addition to the above, any further Personal Data (e.g. personal identification data, contact information such as corporate and/or personal phone, e-mail address) provided to the Controller or in any case collected by the Controller from third parties, shall be processed by the Controller in accordance with the present information notice and within the limits provided by the GDPR.

  1. Purposes of data processing

Personal Data are processed by the Controller: i) for managing the information queries transmitted by the User; ii) to allow access to the reserved area of the Website and provide the related services. The processing of personal Data for the purposes indicated does not requires the consent of the User as the processing is required to fulfill specific requests of the Data subject pursuant to Article 6, paragraph 1, letter b) of the GDPR.

  1. Data provision and consequences of failure to submit

The provision of Personal Data is optional and failure to submit shall entail, as sole consequence, the impossibility for the Controller to manage and fulfill the requests of the Data subject as well as to grant access to the reserved area of the Website and to provide the related services.

  1. Data recipients and categories of recipients

Employees and/or independent contractors of the Company expressly appointed as processors or people in charge of the processing (“persons authorized to process”) shall have access to Data within the limits and the modalities set forth in their appointment, and exclusively to the extent it is required in order to achieve the purposes above. Moreover, Personal Data may be also communicated to: - Employees and/or any independent contractors of the Company; - Public and private entities, natural persons or legal entities that the Controller avails itself of to carry out activities instrumental to achieve the purpose above or to which the Controller is bound to communicate Data under legal or contractual obligations. In any case, the Data will not be disseminated.

  1. Storage period

Data shall be stored for a maximum period of time equal to the limitation period of the rights exercisable by the Controller, applicable from time to time.

  1. Rights of the Data subject

Right of access, right to erasure, right to restrict processing, right to data portability

The Controller recognizes to Data subjects the rights provided within Articles from 12 to 22 of the GDPR. By way of example, each Data subject may:

  1. Obtain confirmation whether there is an ongoing process of Personal Data concerning him/her or not;
  2. In case of an ongoing Data processing, obtain access to Personal Data and to information related to Data processing as well require a copy of the Personal Data;
  3. Obtain rectification of inaccurate Personal Data and completion of incomplete Personal Data;
  4. Obtain, in case one of the conditions under Article 17 of GDPR is met, erasure of Personal Data concerning him/her;
  5. Obtain, in the circumstances under Article 18 GDPR, restrictions over Data processing;
  6. On the conditions under Article 20 of the GDPR, receive Personal Data concerning him/her in a structured, commonly used and machine-readable format and have such Data transmitted to another Controller, if technically feasible.

Right to object

Each Data subject is entitled to object in any moment to the processing of his/her Personal Data performed in pursuit of a legitimate interests of the Controller. In case of objection, his/her Personal Data shall not be object of any processing activities unless there are legitimate grounds for the processing which override the interests, rights and freedoms of the Data subject or for the establishment, exercise or defense of legal claims.

Right to withdraw consent

In case of processing based upon consent, each Data subject may withdraw such consent at any time, without affecting the lawfulness of processing based on consent granted before its withdrawal.

Right to lodge a complaint before the Italian Data Protection Authority

Furthermore, any Data subject may lodge a complaint before the Italian Data Protection Authority in case he/she might believe that his/her rights under the GDPR have been infringed, with the modalities set forth on the website of the Italian Data Protection Authority accessible at the address: www.garanteprivacy.it.

  1. Data Controller. Data Processors

The Data Controller is FONDERIA AUGUSTA S.r.l., with registered office in Costa di Mezzate (BG) – Italy, at 1 Via Landri 1e/f, telephone 035681352, e-mail privacy@fonderia-augusta.com. The updated list of the Data Processors is available at the registered office of the Controller.

  1. Amendments to this information notice

This information notice may be subject to amendments. It is recommended, then, to check regularly this policy and make reference to its more recently updated version.