INFORMATION PURSUANT TO ART. 13 AND 14 OF THE EUROPEAN GDPR – EU REGULATION N. 679/16 and also INFORMATION PURSUANT TO ART. 13 OF D.LGS. N. 196/03
In compliance with articles 13 and 14 of the European Regulation on the Protection of Personal Data, in the acronym GDPR (ref. EU n. 679/16) and at the same time also with regulatory transition pursuant to art. 13 of Legislative Decree 30 June 2003 n. 196 (Privacy Code)
Sta Solutions, as an autonomous owner of personal data, releases this information regarding the processing of personal data acquired through consultation of its website. The information is to be considered valid only for this website and not for other websites that may be consulted by the user through links. The Owner is not to be considered in any way responsible for third party websites.
HOLDER OF THE PROCESSING
The data controller is Sta Solutions with headquarters in Viale Resistenza 33, 42018 San Martino in Rio (RE) Italy.
PLACE OF TREATMENT
The treatments connected to the web services of this site take place at the headquarters of the Data Controller and are only handled by the personnel in charge of the treatment and by the provider in charge of the Internet and hosting / housing services of this site. Furthermore, these treatments are handled exclusively by technical staff of the Office in charge of processing, or by any persons in charge for occasional maintenance operations under the strict control of the Owner.
TYPE OF DATA PROCESSED
During their normal operation, the IT systems and software used to operate this website acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the IP addresses or Domain Names (DNS) of the computers used by users who connect to the website, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the IT environment of the user. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing.
The data could be used to ascertain responsibility in case of hypothetical computer crimes against the website; except for this eventuality, the data on web contacts do not persist for more than seven days.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website, and the presence of data entry forms (web form) and / or newsletter subscription forms on the website, entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data.
Specific summary information is shown or displayed on the website pages
prepared for data collection (web form).
PURPOSE OF THE PROCESSING
Personal data voluntarily provided by the user will be processed,
up to its opposition, for the following purposes:
- navigation on this website;
- any contact request, by sending the requested information;
- supply of ordered products and services and fulfillment of contractual obligations;
- fulfillment of obligations under laws and regulations;
- bookkeeping, invoicing, credit management and administrative-accounting activities in general. For the purposes of applying the provisions on the protection of personal data, the treatments carried out for administrative-accounting purposes are those connected with the performance of organizational, administrative, financial and accounting activities, regardless of the nature of the data processed. In particular, the internal organizational activities, those functional to the fulfillment of contractual and pre-contractual obligations, the information activity pursue these purposes;
sending newsletters and periodic communications via e-mail, when the user has made a specific request through the appropriate online form (web form);
- all company activities generally related to the existing relationship.
- entities that provide services for the management of the information system;
- studies or companies in the context of assistance and consultancy relationships;
- Administrations, public bodies and competent authorities, for the fulfillment of legal obligations and / or provisions of public bodies;
- Group companies and / or the network of companies or private subjects directly involved in the performance of the service or legitimated to know the data according to the law.
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
COMMUNICATION AND DIFFUSION SCOPE
The data being processed will not be disclosed, sold or exchanged with third parties without the express consent of the interested party. The scope of data communication is limited exclusively to the subjects competent for the fulfillment of contractual operations and the observance of legal obligations. They may therefore be disclosed to third parties belonging to the following categories:
In any case, only the necessary and relevant data with respect to the purposes of the processing for which they are responsible will be communicated to the aforementioned subjects.
OPTIONAL NATURE OF THE CONFERENCE
Apart from that specified for navigation data, the user is free to provide personal data contained in the forms on the website (web form) or to request the sending of newsletters, information material, commercial offers or other communications.
Their absence can make it impossible to obtain what is requested.
TRANSFER OF DATA TO EXTRA-EU COUNTRIES
There is no transfer of personal data collected in non-EU countries.
STORAGE PERIOD OF THE COLLECTED DATA
The personal data collected for the purposes set out above will be kept at our company for the time necessary for the related activities (or defined in the data collection web pages – web form); after which they will be destroyed (right to be forgotten) or, if necessary, made anonymous (pseudonymisation) for statistical or historicization purposes.
For personal data collected for administrative and accounting purposes, the data retention period respects the relative legal obligations, at the end of which, the data will be destroyed (right to be forgotten) or, if necessary, made anonymous (pseudonymisation ) for statistical or historicization purposes.
REVOCATION OF CONSENT
The consents expressed in the various web forms for the collection of personal data can always be revoked pursuant to art. 7 p.3 and pursuant to art. 17 p.1 lett. b). The revocation can be done by writing to our Owner, through the references shown in the next paragraph.
DATA SUBJECT’S RIGHTS
In relation to the aforementioned treatments, the rights referred to in Articles 15, 16, 17, 18 and 19 of the EU GDPR n. 679/16 (rights of access, rectification, cancellation, limitation of treatment and notification in cases of Rectification / Cancellation / Limitation by the Data Controller).
In relation to the aforementioned treatments, the rights referred to in Article 7 of Legislative Decree 196/2003 may be exercised, within the limits and under the conditions set out in articles 8, 9 and 10 of the aforementioned legislative decree.
The above rights can be asserted by writing to the e-mail address firstname.lastname@example.org or directly to the Data Controller or Data Processor.
List of Privacy Managers (art. 13 Legislative Decree 196/2003)
The following list of Sta Solutions’ Privacy Managers is published pursuant to art. 13, paragraph 1, letter f, of the “Code regarding the protection of personal data” (Legislative Decree no. 196/03), in order to make known to all interested parties who are responsible for the processing of personal data carried out from this company.
List of Managers:
Responsible for feedback to the interested party: Sta Solutions in the person of the legal representative;
General Privacy Manager: Sta Solutions in the person of its legal representative.