The company RUBBERPOINT di Bettio Giampaolo, con sede legale in Via Zeriolo, 19 31050 Badoere di Morgano (Treviso) Italia (hereinafter "Owner"), as Data Controller of personal data, informs users of the website www.rubberpoint.net of the purposes and methods of processing personal data collected, their scope of communication and dissemination, in addition to the nature of their contribution.
Data processed, legal bases of processing and purposes
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user's computer environment. The data collected in this way could be used to ascertain responsibility in case of any computer crimes against the site.
The legal basis that legitimizes the processing of such data is the need to make usable the functionality of the site as a result of user access.
Data provided directly by the user
Personal data provided voluntarily by the user by e-mail / form are collected and processed for the following purposes:
1) for carrying out customer relationship activities based on contractual agreements.
2) for administrative purposes and for the fulfillment of legal obligations such as those of an accounting, tax, or to comply with requests from the judicial authority;
3) in the presence of specific consent, for the periodic sending, by e-mail, of newsletters and advertising material;
4) in the case of sending curriculum vitae, exclusively for selection purposes.
The legal basis for the treatment of points 1 and 2 is the execution of a contract of which the person concerned is a party or the execution of pre-contractual measures taken at the request of the person concerned.
The legal basis which legitimizes the processing of points 3 and 4 is the consent freely given by the interested party.
Nature of the provision of data
With the exception of the navigation data required to implement the IT and telematic protocols, the provision of personal data by users:
- with respect to the purposes set out in point 1), 2) and 4) is optional. However, failure to provide the data will make it impossible to implement the contractual commitments undertaken.
- compared to the purposes set out in point 3) is optional and their use is conditional on the issue of an explicit consent. Any refusal will entail the impossibility for the Owner to send newsletters or advertising material.
Method of treatment
The processing of personal data is carried out by means of the operations indicated in art. 4 of the Privacy Code and art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data are subjected to both paper and electronic and / or automated processing. The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes, thus limiting the storage time in compliance with the principle of minimization of data processing.
Access to data
The holder can provide access to personal data to the following subjects (for purposes of fulfillment of obligations related to the relationship established or for purposes of data retention security): to employees and collaborators of the Owner in their capacity as authorized persons and / or DPOs and / or system administrators, all formally appointed or appointed; Data communication The Data Controller may communicate the data for the purposes referred to in art. 2 to Supervisory Bodies, Judicial Authorities and to all the other subjects to whom the communication is obligatory by law for the accomplishment of the purposes established by law. The aforementioned data will not be disseminated.
Storage and data transfer
The management and storage of personal data will be carried out on servers located within the European Union of the Owner and / or third-party companies appointed and duly appointed as Data Processors. Currently the servers are located in Italy. The data will not be transferred to outside the European Union. In any case it is understood that the Data Controller, if necessary, will have the right to move the server locations to other European Union countries and / or non-EU countries. In this case, the Data Controller hereby ensures that the transfer of non-EU data will take place in accordance with the applicable legal provisions, stipulating, if necessary, agreements that guarantee an adequate level of protection and / or adopting the standard contractual clauses provided for European Commission.
The data will be transferred only in the case of acquisition or sale of a company or business unit and, in any case, after sending new information to the user.
Rights of the interested party
The customer in his capacity as an interested party, has the rights set forth in art. 7 of the Privacy Code and art. 15 of the Rules and precisely:
1. The interested party has the right to obtain confirmation of the existence or not of personal data concerning him / her, even if not yet registered, and their communication in intelligible form.
2. The interested party has the right to obtain the indication: a) of the origin of the personal data; b) of the purposes and methods of the processing; c) of the logic applied in case of treatment carried out with the aid of electronic instruments; d) of the identifying details of the holder, the managers and the representative; e) of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the territory of the State, managers or agents.
3. The interested party has the right to obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case where such fulfillment is it proves impossible or involves a use of means manifestly disproportionate to the protected right.
4. The data subject has the right to object, in whole or in part: a) for legitimate reasons, to the processing of personal data concerning him / her, even though they are relevant to the purpose of the collection; b) to the processing of personal data concerning him / her for the pursuit of purposes not contemplated by art. 2. Where applicable, the person concerned also has the rights set forth in articles 16-21 GDPR (Right of rectification, right to be forgotten, right of limitation of treatment, right to data portability, right of opposition), as well as the right of complaint to the Guarantor Authority.
How to exercise rights
The customer at any time can exercise the rights referred to in the previous article by sending:
- a registered letter a.r. to: RUBBERPOINT di Bettio Giampaolo, Via Zeriolo, 19 31050 Badoere di Morgano (Treviso) Italia
- an e-mail address: firstname.lastname@example.org or PEC address: email@example.com