Information on data processing
Sole proprietorship BCODEAUTOMATION (hereinafter defined as the “Owner”) informs that the personal data acquired through the navigation of this site will be treated in compliance with the law on the protection of personal data.
With reference to the methods of management and processing of personal data of users who consult this site, pursuant to article 13 of EU Regulation no. 679/2016, the Data Controller provides the following information:
1. Types of data collected, purpose and legal basis of the processing
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes the IP addresses or domain names of the terminals of the users who connect to the site, the MAC (Media Access Control) addresses, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are canceled immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site. The legal basis that legitimizes the processing of personal data for this purpose is to be found in the hypothesis provided for by art. 6 par. 1, lit. b) of EU Regulation no. 679/2016, or to allow the user to use the requested service. The same data may also be used to fulfill legal obligations or requests from judicial authorities. The legal basis that legitimizes the processing of personal data for this purpose is to be found in the hypothesis provided for by art. 6 par. 1, lit. c) of EU Regulation no. 679/2016, or because the processing is necessary to fulfill a legal obligation to which the data controller is subject.
Data provided voluntarily by the user
Following the voluntary sending of e-mail messages to the e-mail addresses on the site, the Data Controller may process the sender’s e-mail address and the additional personal data contained in the message, to respond, again via e-mail, to requests formulated by the user. The legal basis that legitimizes the processing of personal data for this purpose is to be found in the hypothesis provided for by art. 6 par. 1, lit. b) of EU Regulation no. 679/2016, or to provide the user with the requested service. The same data may also be used to fulfill legal obligations or requests from judicial authorities. The legal basis that legitimizes the processing of personal data for this purpose is to be found in the hypothesis provided for by art. 6 par. 1, lit. c) of EU Regulation no. 679/2016, or because the processing is necessary to fulfill a legal obligation to which the data controller is subject.
The interested party is invited not to insert or send through the tools present on the site “particular categories of personal data”, “biometric data”, “genetic data”, “data relating to health”, “data relating to crimes or criminal convictions ” as defined by the legislation in force.
These data, if provided by the interested party, will be immediately deleted.
The site uses technical cookies (session and navigation), to ensure normal navigation and use of the website (allowing, for example, authentication to access restricted areas). The site also uses third-party analytical cookies (with reduced identification potential), in order to monitor the use of the site by users for the purpose of optimizing the web platform and statistics (analytical) and profiling cookies. For all the information relating to the processing of personal data carried out through cookies, please refer to the extended cookie information, which can be reached on each page of the portal.
2. Data retention period
The personal data collected and processed following navigation of this site will be kept for the entire period of service provision and in any case canceled or made anonymous within 7 days. Personal data submitted autonomously by users through the tools
on the site will be deleted after having provided the requested service or having responded to the same and in any case within a maximum period of 15 days from the end of this activity, with the exception of those necessary for compliance with tax, accounting and administrative regulations or to fulfill other legal obligations and to document the activities carried out.
3. Processing methods
The personal data collected will be processed, stored and processed with electronic tools and will be stored both on IT supports and on paper supports, organized in databases, and on any other type of suitable support.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
The processing of personal data carried out by the Data Controller does not involve automated decision-making processes.
4. Communication of personal data
The communication of navigation data is a necessary requirement for the provision of the requested service (navigation on the site) and therefore mandatory for this purpose: failure to communicate personal data by the interested party will make it impossible for the Data Controller to allow navigation of the this site. The communication of data for further purposes is optional: failure to communicate data, in such cases, will have no consequences for the interested party, but may make it impossible to provide the user with the requested response.
5. Persons to whom personal data may be disclosed
The personal data collected will not be disclosed and may be communicated, as well as to subjects who have the right and interest to access your personal data by law or secondary and/or community regulations, to authorized personnel within the Data Controller, as well as to companies, associations or professional studios that provide services and activities on behalf of the Data Controller as Data Processor for the fulfillment of legal obligations, as well as for any organizational and administrative requirement necessary to provide the requested services.
The names of the additional subjects who may become aware of your personal data as “Data Processors” are shown in an updated list available from the Data Controller (to be requested at the contact details indicated in point 9).
6. Transfer of data abroad or to international organizations
The Data Controller does not transfer the personal data of the interested parties collected through this site and the tools provided therein abroad or to international organizations.
7. Connection to sites or services of third parties
This information is provided only for the processing of personal data carried out through this site or the tools provided by the same, and not also for other websites that may be consulted by the user via a link, whose managers operate as independent data controllers . Users are therefore invited to carefully read their privacy information before accessing the services of third parties.
8. Rights of the interested party
In relation to the aforementioned processing of personal data, the interested party has the right to exercise the rights provided for by EU Regulation no. 679/2016, including, for example, to obtain the indication within 30 days of the request:
- the origin of the personal data;
- of the purposes and methods of the treatment;
- of the logic applied in case of treatment carried out with the aid of electronic instruments;
- of the identification details of the Data Controller, of the data processors and of the designated representative.
The interested party has the right to obtain within the same 30-day term:
- access, updating, rectification or, when interested, integration of data;
- the cancellation, transformation into anonymous form or blocking of data processed in violation of the law;
- the limitation of the processing of data concerning him, i.e. to ask the data controller or data processor to reduce the purposes or methods with which his data are processed.
The interested party may also request a copy of their data in a standard format (so-called “Right to data portability”).
Finally, the subject to whom the data refers has the right to object at any time and at no cost, in whole or in part:
- for legitimate reasons, to the processing of personal data concerning him, even if pertinent to the purpose of the collection;
- to the processing of personal data concerning him carried out pursuant to article 6, paragraph 1 GDPR, letters e. (“the processing is necessary for the execution of a task of public interest or connected to the exercise of public powers vested in the data controller”) or f. (“the processing is necessary for the pursuit of the legitimate interest of the data controller or of third parties”) including profiling on the basis of these provisions.
- to the processing of personal data concerning him for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication (direct marketing), including profiling to the extent that it is connected to it.
The interested party has the right to revoke his consent to the processing, when this is based on the hypothesis provided for by art. 6, paragraph 1, letter a. (when “the interested party has given his consent to the processing of his personal data for one or more specific purposes”), or from article 9, paragraph 2, letter a. (when “the interested party has given his explicit consent to the processing of such personal data for one or more specific purposes”) of EU Regulation 679/2016, at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation.
In the event that the interested party considers that the treatment concerning him violates the legislation in force, he has the right to lodge a complaint with a supervisory authority, especially in the Member State in which he habitually resides, works or of the place where he is verified the alleged violation. The Italian Supervisory Authority can be reached at the contact details on its website.
9. Data controller – Contact details
The Data Controller is the sole proprietorship BCODEAUTOMATION, with office in Via Carlo Cattaneo, 9 20851 Lissone (MB), VAT number IT 10111760962.
The Data Controller can also be contacted at the email address firstname.lastname@example.org.
To exercise the rights listed above, the interested party may send a request using the e-mail account email@example.com.