PURSUANT TO ARTICLE 13 OF REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/EC (General Data Protection Regulation).
1. Official Data Protection Data Controller (DPO)
The Data Controller is Rivoira Giovanni e Figli SpA, with its registered address at Via Pomarolo, 88 Verzuolo, with VAT number 00182260042, tel. 0175 280800 and email address firstname.lastname@example.org,
Kiwi Uno SpA, with its registered address at Via Mattona, 174 / C Verzuolo, with VAT no. 01760900041, tel. 0175 280700 and email address email@example.com and Rivoira PO, with its registered address at Via Mattona, 174 / C, with VAT number 03671790040, tel. 0175 280781 and email address firstname.lastname@example.org. They are joint controllers, as per Art. 26 of the GDPR.
2. Types of data collected
The categories of personal data collected and processed when you browse https://www.rivoira.it are as follows:
- personal data that you provide to us when you communicate with our office;
- information about your browsing in https://www.rivoira.it;
- information collected through cookies.
If the User does not provide certain personal data, it may prevent this website from providing its services.
3. Purpose of processing the collected data and the related lawful basis
|To allow the website to function and be displayed properly||Legitimate interest of the controller to ensure that its website works correctly|
|To fulfil an obligation imposed by the law||Fulfilment of a legal obligation to which the data controller is subject|
|To assess your unsolicited application sent via the ‘Would you like to work with us?’ section||Executing a contract to which you are a party or implementing pre-contractual measures adopted at your request|
|Statistical analyses and surveys to improve our range of products and services||Consent of the data subject|
4. Processing methods
The Data Controller processes the personal data of users by adopting suitable security measures to prevent unauthorised access to and the disclosure, modification or destruction of personal data.
It is processed using computer and/or electronic tools, with organisational methods and logic strictly related to the stated purposes. In addition to the Data Controller, in some cases access may be given to interested parties duly designated by the Data Controller, involved in organising the website or external parties (such as providers of third-party technical services, postal services, hosting providers, IT companies and communication agencies), with data processors also being designated by the controller if necessary. An up-to-date list of processors may always be requested from the Data Controller.
5. Transfer of data
In the event of the personal data being transferred outside the European Union, for technical and organisational purposes and to ensure high service continuity, the Data Controller guarantees that the transfer will be carried out in accordance with the conditions established in Chapter V of the GDPR, notwithstanding any other provisions of the Regulation.
6. Retention period of personal data.
We retain your personal data for a limited period of time, which differs according to the type of activity involved in processing your personal data. After this period, your data will be deleted permanently or irreversibly anonymised.
Your personal data will be stored in accordance with the terms and requirements specified below:
|PURPOSES||DATA RETENTION PERIOD|
|To allow the website to function and be displayed properly||As defined in our cookies policy|
|Statistical analyses and surveys to improve our range of products and services||As defined in our cookies policy|
|To assess your unsolicited application sent via the ‘Would you like to work with us?’ section||1 year|
|To fulfil an obligation imposed by the law||In accordance with the terms established by law|
In any event, for technical reasons, the cessation of processing and subsequent final deletion or irreversible anonymisation of the related personal data will be final within thirty days of the periods specified above.
7. Further information about processing.
7.1 Defence in court
The user’s personal data may be used for the defence of the controller in a court and in preparatory proceedings to establish any abuse in the use of the services or related services by the user.
The user declares that they are aware that the Data Controller may be required to disclose data at the request of the public authorities.
7.2 Specific information
7.3 System log and maintenance
For operation and maintenance needs, this website and the third-party services used by it may collect system logs, i.e. files that log any interactions and may contain personal data, such as the user’s IP address.
7.4 Information not contained in this policy
Further information regarding personal data processing may be requested at any time from the Data Controller using the contact information.
8. Exercise of rights by users
At any time, the data subjects to whom the personal data relates have the right to obtain confirmation of the existence or otherwise thereof from the Data Controller, to be informed of the content and origin thereof, to verify its accuracy and to request that any personal data processed in violation of the law be integrated, erased, updated, rectified, anonymised or blocked and, in any event, to object to the processing thereof on legitimate grounds. The requests must be sent to the Data Controller and/or DPO.
Text updated on: 07.07.2020