PRIVACY DISCLOSURE – Regulation EU 679/2016
VitroScreen srl, with headquarters at 103 Via Mosè Bianchi, 20149 Milan , – Italy, Tax Code and VAT No. 13454040158 (hereinafter the “Controller”), in the capacity of Data Controller, informs you pursuant to art. 13 of Regulation EU no. 2016/679 (hereinafter the “GDPR”) that your data will be processed with the following modalities and for the following purposes:
1) Subject of the processing
The Controller processes personal, identifying and non-sensitive data (in particular, name, surname, tax code, VAT number, e-mail address, telephone number – hereinafter “personal data” or even “data”) communicated during registration on the website of the Controller and/or when subscribing to the newsletter service offered by the Controller or directly during trade fairs and/or by e-mail and/or by telephone for requests on our products.
2) Purpose of the processing
Personal data are processed:
2A) Without your express consent (art. 6 letters b, e of the GDPR), for the following purposes:
- To manage and maintain the services requested by the data subject and to find the data subject for the organisation of the services requested.
- To fulfil the precontractual, contractual and tax obligations arising from existing relations with you.
- To fulfil the obligations laid down by the law, a regulation, community legislation or by an order of the Authority, including for Accounting, Fiscal aspects.
- To prevent or discover fraudulent activities or harmful abuses and/or for the purposes provided for by the current anti-money laundering legislation.
- Mandatory obligations deriving from the requirements of the organisational and management models based on specific recognised standards required by law and/or specific contractual requirements requested by the data subject and/or specified as a service requirement.
- To exercise the rights of the Controller, for example the right to defence in court.
- To find the data subject to provide information relevant to the services requested and their management.
- For sending information useful to the data subject according to the services requested.
- For the legitimate interest of the data controller, to send newsletters, trade communications and/or advertising material on products or services offered by the Controller. If the data subject is already our customer, we may send them trade communications relating to services and products of the Controller similar to those already purchased, subject to withdrawal of consent or objection (art. 21 GDPR).
- To allow the download of technical and/or information material on our products and/or to respond to requests for information.
- For needs connected to the operation and maintenance of the website.
3) Modality of the processing
The processing of your personal data is performed by means of the operations indicated in art. 4, no. 2) of the GDPR and more precisely: collection, registration, organisation, retention, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, erasure and destruction of data. Your personal data are subjected to both paper and electronic and automated processing.
The Controller will process the personal data for the time necessary to fulfil the aforementioned purposes and in any case for no more than 10 years from the termination of the relationship for the Purposes of Service and no later than 2 years from the collection of data for Marketing Purposes.
4) Access to data
Your data may be made accessible for the purposes referred to in art. 2.A):
- To employees and collaborators of the Controller, in their capacity as persons in charge of processing and/or internal data processors and/or system administrators;
- To external companies for support activities in the study of the feasibility of the customer’s project, for technical management activities, for the storage of personal data, etc. or to third parties (for example, provider for the management and maintenance of the website, professional offices, etc.) that carry out outsourced activities on behalf of the Data Controller, in their capacity as external data processors.
5) Data communication
Without the express consent of the data subject (art. 6 letters a), b), c) of the GDPR), the Data Controller may communicate the personal data for the purposes referred to in art. 2.A) to the Supervisory Bodies, Judicial Authorities and to all other persons to whom the communication is
mandatory by law for the accomplishment of said purposes. The data will not be disseminated.
6) Data transfer
The management and storage of personal data will be carried out on servers located within the European Union and run by the Data Controller and/or third-party companies duly appointed as Data Processors. Currently our servers are located in Italy. The data will not be transferred outside the European Union. In any case, it is understood that the Data Controller, where necessary, will have the right to move the server location to Italy and/or the European Union and/or non-EU countries. In this case, the Data Controller hereby ensures that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, stipulating, if necessary, agreements that guarantee an adequate level of protection and/or adopting the standard contractual clauses provided by the European Commission.
7) Nature of the provision of data and consequences of refusal to respond
The provision of data for the purposes referred to in art. 2.A) is mandatory. In their absence, we cannot guarantee the purposes of art. 2.A). You can therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in this case, you will not be able to receive newsletters, commercial communications and advertising material concerning the Services offered by the Data Controller. In any case, you will continue to be entitled to the Services referred to in art. 2.A).
8) Rights of the data subject
In your capacity as the data subject, you have the rights referred to in art. 15 of the GDPR and precisely the right to:
8.A) Obtain confirmation as to whether or not personal data concerning you exist, regardless of whether they have already been recorded, and communication of such data in intelligible form;
8.B) Obtain specification:
- Of the source of the personal data;
- Of the purposes and modalities of the processing;
- Of the logic applied to the processing, if the latter is carried out with the help of electronic means;
- Of the identification data concerning the Data Controller, Data Processors and the designated representative pursuant to art. 3, paragraph 1 of the GDPR; and of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing;
- The update, rectification or, where interested therein, integration of the data;
- The erasure, anonymisation or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
- Certification to the effect that the operations as per articles 8 A) and B) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
8.D) Object, in whole or in part:
- On legitimate grounds, to the processing of personal data concerning you even though they are relevant to the purpose of the collection;
- To the processing of personal data concerning you, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys through the use of automated call systems without the intervention of an operator by e-mail and/or through traditional marketing methods by telephone and/or post. It should be noted that the right of opposition of the data subject, set out in point B) above, for direct marketing purposes through automated methods extends to traditional ones and that in any case the possibility remains for the data subject to exercise the right to object even only partially. Therefore, the data subject can decide to receive only communication using traditional methods or only automated communication or none of the
two types of communication;
- Where applicable, you also have the rights referred to in articles 16-21 of the GDPR (Right of rectification, right to be forgotten, right of limitation of processing, right to data portability, right of objection), as well as the right to make a complaint to the Authority.
9) Mechanism to exercise rights
You can at any time exercise your rights by sending:
A registered letter with return receipt to the following address: VitroScreen srl, with headquarters at 103 Via Mosè Bianchi 103, 20149 Milan – Italy
A Certified E-mail to the address: firstname.lastname@example.org
10) Data Controller, Data Processors and Persons in charge of the processing
The Data Controller is VitroScreen Srl, with headquarters at 103 Via Mosè Bianchi, 20149 Milan – Italy. The updated list of Data Processors and persons in charge of the processing is kept at the Data Controller’s headquarters.
11) Changes to this Disclosure
This Disclosure may change. It is therefore advisable to regularly check this Disclosure and refer to the latest version.
Software procedures used to operate this website acquire, during the normal course of their operation, some personal data whose transmission is implicit in the use of internet communication protocols. The site contains a statistical tool, which collects anonymous data on visits (IP, referrer, browser used, operating system, monitor resolution, date, time, online presence). The data collected with the Google proprietary system of statistics are used solely and exclusively for statistical purposes to monitor the progress of the site and to improve the service. No data deriving from the web service is communicated or disclosed to third parties.
Cookies and how we use them
- To identify you when you log in to our sites;
- To allow the correct use of the site through technical cookies;
- To prevent fraudulent activity;
- To improve security.
Our Site uses the following types of cookies
- These cookies collect data on how users use the site in order to analyse the traffic andunderstand the use made thereof. For this purpose we use Google Analytics. These cookies do not collect information that can identify the user; the data are in fact aggregated and, therefore, anonymous, and used exclusively to improve the operation of the Site. You can find more information about Google Analytics at the following link: https://developers.google.com/analytics/resources/concepts/gaConceptsCookies. If you want to prevent the installation of Google Analytics with reference to your use of the Sites, you can download and install the Browser Plugin available at the following link: https://tools.google.com/dlpage/gaoptout
- These cookies allow our site to remember the choices made (such as your user name and password) and provide improvements and personalisation. The data collected by these cookies can be anonymous and are not able to track the browsing activities on other sites.
- These cookies are used when sharing information using the sharing buttons with social media or “like” in our Sites or in case you have connected your account or use our content on or through a social network, such as Facebook, Twitter, Instagram, You Tube, Google+. Social networks will record this action. Such data may be related to advertising activities.
How to manage Cookies
The user can decide whether or not to accept cookies using the settings of their browser.
Attention: the total or partial disabling of technical cookies can compromise the use of the site features reserved for registered users. On the contrary, the use of public content is also possible by completely disabling cookies.
The disabling of “third-party” cookies does not affect browsing. The setting can be defined specifically for different websites and web applications.
Each browser has different procedures for managing settings. The user can obtain specific instructions through the links below.
- Chrome: https://support.google.com/accounts/answer/61416?hl=en
- Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-websitepreferences
- Safari mobile: https://support.apple.com/it-it/HT201265
- Explorer: https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-deletemanage-cookies
- Opera: http://help.opera.com/Windows/10.00/it/cookies.html
How to disable Cookies
From the “Tools> Internet Options” menu, click on the “Privacy” tab, select the desired configuration and press the advanced settings button. Enable “Replace automatic cookie handling” box. Mark the “Activate” or “Block” boxes. We recommend that you activate the “Always accept session cookies” option to allow optimal navigation on our site.
In the “Settings> Options” menu, click on the “Privacy” tab. Activate or deactivate the “Accept cookies from sites” box or “notify sites my desire not to be tracked”, depending on the browser version. You can also delete installed cookies by clicking on the “Remove individual cookies” option.
In the “Tools> Settings” menu, click on the “Privacy> Content settings” tab. After selecting the “Show advanced settings” option, choose the configuration you prefer. If you do not want to allow the installation, you can select the “block site data and third-party cookies” option.
In the “Settings> Preferences” menu, click on the “Advanced” tab. In the “Cookies” menu select the options “Accept cookies” or “Never accept cookies”. For a greater control over cookies that are installed on your terminal, we recommend that you select the “Ask before accepting a cookie” option.
In the “Tools> Preferences” menu, click on the “Security” tab. In the “Accept cookies” menu select the “Always” or “Never” box. With an iPhone you will have to go to “Settings> Safari” and choose whether to accept cookies or not.