Privacy

Privacy2020-11-27T14:12:31+00:00

Privacy Policy

CONTENTS

  1. Controller
  2. Location of data processing
  3. Methods of data processing
  4. Categories of personal data processed
  5. Use of the Website and purposes of the processing
  6. Legal basis for data processing
  7. Categories of Recipients of personal data
  8. Transfer of personal data
  9. Retention period
  10. Cookies
  11. Data subject rights
  12. Amendments to this Privacy Policy

 

PRIVACY POLICY

With this Privacy Policy, Inventia S.r.l. intends to describe the methods of managing the Website with reference to the processing of personal data of the users who access it.

This is an information notice provided to all visitors to the website (“Website”) in accordance with art. 13 of the EU Data Protection Regulation No. 679/2016 (GDPR) and all other applicable laws.

 

1. Controller and contact details

Following access to and consultation of the Website, data relating to identified or identifiable persons may be processed.

The Controller for the data in question is Inventia S.r.l. (“Inventia”), with registered office at Via Valtorta, 48 20127 Milano, Italy.

Users can contact the Controller at the above postal address or via the following telephone number or e-mail address: • privacy@inventia.biz

 

2. Location of data processing

The processing of data collected with reference to those who access the Website is mainly carried out at the Inventia S.r.l. head office, and in any case in accordance with the provisions of the GDPR and all other applicable laws.

Personal data is processed only by specially trained employees or contractors with appropriate technical skills, and who are appointed and authorized to perform the processing, or by subjects appointed as processors.

 

3. Methods of data processing

The data will be processed lawfully and correctly, guaranteeing security and confidentiality, according to the provisions of the GDPR and all other applicable laws. Personal data will be processed using electronic and in any case automated equipment.

 

4. Categories of personal data processed

With reference to browsing data, the computer systems and software procedures used to operate this Website acquire, during their normal operation, some personal data whose transmission is implicit to the use of Internet communication protocols. This information is not collected in association with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This data category includes the IP addresses or domain names of computers used by users who connect to the website, Uniform Resource Identifier (URI) addresses of the requested resources, the time of the request, the method used to submit the server request, and other parameters related to the user’s operating system and computing environment.
The optional and voluntary sending of e-mails to the addresses indicated on the Website or by filling out the appropriate contact form involves the acquisition of the user’s personal data, as indicated therein, which is necessary to respond to user requests.

In addition, specific social media buttons/widgets are present on the Website in the form of social network icons (e.g. LinkedIn, etc.) and icons for other web services (e.g. YouTube, etc.). These buttons allow users browsing the Website to access the specific social media sites in one click. In such cases, the social networks and web services acquire data regarding the user, while the Controller will not share any browsing information or user data acquired through its website with the social networks and web services that can be accessed through the social media buttons/widgets. These services create “third-party cookies”. Below are links to the privacy policies of the most commonly used social networks and of the websites that the buttons link to:

  • LinkedIn Button (LinkedIn Corporation)

The LinkedIn social media buttons and widgets provide interaction with the LinkedIn social network, provided by LinkedIn Corporation.

Personal data collected: Cookies and Usage Data.

Privacy Policy: https://www.linkedin.com/legal/privacy-policy

  • YouTube Cookies

YouTube is a service managed by Google Inc. for displaying video content, enabling this Application to supplement the content on its pages https://policies.google.com/privacy https://policies.google.com/privacy

The user can find more information on the data collected directly or by third parties through cookies in the relative Website Cookie Policy.

 

5. Use of the Website and purposes of the processing

User data may be processed for:

  1. the performance of operations that allow browsing of the Website pages. The Controller, like most web page owners, needs to process personal information relating to users collected automatically or provided by the users themselves through the navigation or use of the Website in order to allow them to browse and use the site. Therefore, this Privacy Policy refers exclusively to the Website and does not refer to any other online sites, pages or services that can be accessed through hyperlinks published on the Website;
  2. the performance of the operations strictly necessary to provide the services or to respond to any requests made by the user through the appropriate contact form on the home page of the Website;
  3. statistical processing of aggregated data in relation to the Website services.

 

6. Legal basis for data processing

Your personal data will be processed on the basis of one or more of the following legitimacy conditions. In particular, processing carried out for the purposes referred to in:

letters a. and b. above, have as their legal basis the need to fulfill the requests for the provision of a service or to respond to a user request. This processing is strictly necessary and connected to a pre-contractual stage at the request of the data subject and/or a contractual phase or designed to respond to a specific request according to art. 6 (1) (b) of the GDPR. In this regard, the personal information collected from time to time through the Website is necessary. If the user decides not to provide the information, it will not be possible to provide the service or proceed with the requests;

letter c. above, has as its legal basis, to a proportionate and necessary extent, the legitimate interests of the Controller in accordance with art. 6 (1) (f) of the GDPR, consisting of improving the performance and verifying the proper functioning of the Website. In this regard, we also invite you to consult the website Cookie Policy.

 

7. Categories of Recipients of personal data

The Controller, for the same purposes as this Privacy Policy and/or in any case for purposes strictly related to the services provided by the Website, may communicate the user’s data to subjects that act in the role of processors pursuant to art. 28 of the GDPR, which will perform or provide specific services, including:

  • Hosting and back-end infrastructure

This type of service has the function of hosting data and files that enable the Website to function and perform data processing in order to enable the Website to be used by users.

  • Site Administration (administration, sales and legal personnel, and system administrators).
  • Statistics
    The services contained in this section allow the Controller to monitor and analyze the traffic data for the Website. The Controller uses this service in order to perform aggregated analysis of its users in anonymous form and, thus, improve Website performance. All statistical services are used by the Controller through an integration that anonymizes the IP address of the user, including:

Google Analytics with IP anonymization, which is a free statistical service provided by Google Inc.

Personal data collected: Cookies and Usage Data.

Privacy Policyhttps://policies.google.com/privacy?hl=it – Opt Out google.com/settings/ads/onweb/optout.

The user can ask the Controller for an up-to-date list of Processors at any time.

 

8. Transfer of personal data

Generally, the data of Website users will not be transferred outside the European Union. However, it is possible that such a transfer may occur based on the individual service provided by Inventia or following the implementation of functionalities on the site (e.g. social media buttons, link to third-party sites). For each service requested by the Inventia customer, a special information notice will be provided with the details of the countries (if any) to which the data will be transferred, and the user is also given the opportunity to check the information notices of third-party controllers. In any case, in relation to services provided by Inventia, should personal data be transferred outside the European Union, the transfer will be carried out in accordance with the provisions of the GDPR and all other applicable laws, with suitable guarantees concerning personal data protection.

 

9. Retention period

For each service or initiative requested by the Inventia customer, a special information notice will be provided (where applicable) with details of the data retention period or the criteria used to determine this period.

Inventia shall process and retain the browsing data for the time required by the purposes for which the data was collected. Therefore:

  • any data collected for purposes essential to the execution of a contract between the Controller and the user will be retained until the execution of the contract/request is complete and for the duration of the processing.
  • in addition, the Controller may be obliged to retain the personal information for a longer period in compliance with a legal obligation or to retain it based on its legitimate interests for the management of any ongoing litigation or pre-litigation.

As for browsing data, the Controller will delete this information 12 months after the last online interaction that occurred in relation to the Controller’s communications or the content published on the Website for which the Controller has direct evidence of this interaction (e.g. clicks, opening, response).

 

10. Cookies

For details about the use of Cookies on this website, please refer to the Cookie Policy.

 

11. Data subject rights

We hereby inform you that, pursuant to articles 15-22 of the GDPR, the user can exercise the following rights: the right to access his or her personal data in accordance with art. 15 of the GDPR, ask for the amendment or deletion of the data, or restriction of its processing. The data subject also has the right to oppose the processing as well as the right to portability in the cases set out in articles 20 and 21 of the GDPR. In addition, the user can withdraw his or her consent at any time, it being understood that the withdrawal of consent does not affect the lawfulness of the processing carried out up to the point of withdrawal.

In such cases, you can exercise your rights by contacting the Controller using the following contact details: • privacy@inventia.biz

The data subject can also submit a complaint to the Italian Data Protection Authority, following the instructions through the link: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524

Data Protection Officer

For any questions regarding the processing of your personal data, you can contact the Data Protection Officer by writing to:
e-mail: privacy@inventia.biz; certified e-mail: inventiasrl@legalmail.it

 

12. Amendments to this Privacy Policy

The Controller reserves the right to amend this Privacy Policy at any time, informing users on this page and, if possible, on the Website. Therefore, please consult this page regularly, referring to the date of updating at the bottom of the page.

English Translation: 27 Nov 2020

Original Italian Version: 14 September 2020