PRIVACY POLICY
Privacy Policy
PRIVACY POLICY – GENERAL
Information notice pursuant to Art. 13 Regulation (EU) 2016/679 (GDPR)
WHY THIS INFORMATION
Pursuant to Regulation (EU) 2016/679 (hereinafter, "GDPR"), this page describes how we process your personal data. This information is provided pursuant to Art. 13 GDPR. The information is not applicable to other third-party websites that may be consulted via links on this website, for which no liability is accepted.
Personal data processed
Personal data
Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (C26, C27, C30).
Contractor / User data
Navigation data
Computer systems and procedures software preceded to the operation of this site, acquire, during their normal exercise, some personal data whose transmission is implicit using Internet communication protocols. This category includes: IP addresses, URI/URL (Uniform Resource Identifier/Locator), time of request, type of request, outgoing packet size, server status of response (received, error, etc.) and other parameters related to the operating system
Data provided by data subject
The optional, explicit and voluntary dispatching of messages to contact-addresses, as well as compilation and forwarding of forms, involves the acquisition of sender’s personal data necessary to reply, as well as all the personal data included in messages themselves.
WHO IS THE DATA CONTROLLER? HOT CAN YOU CONTACT HIM?
The Data Controller is Steliau Technology Italy S.p.A. with registered office in Viale Sarca n. 336 edificio 13 -20126 Milan (MI), in person of its pro-tempore legal representative. The Data Controller’s contacts: e-mail privacy@steliau.it
Cookies
Click here for more information about the cookie policy.
In addition to navigation, personal data will be processed for:
Purposes |
Lawfulness of the processing |
Data retention period |
Providing nature |
Navigation on this website |
The processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, considering the reasonable expectations of the data subject and the activities strictly necessary for the operation of the site and navigation itself (C47) Art. 6, par. 1 lett. f) GDPR |
For the duration of the browsing session and in any case the browsing data will not be retained for more than seven days (except in the event of the need to ascertain criminal offences by the judicial authorities). | The provision of data is necessary for browsing the website. |
CONTACTS, sending contact requests, information |
The processing is necessary for the execution of a contract to which the data subject is party or for the execution of pre-contractual measures taken at the request of the data subject (C44) Art. 6 par. 1 lett. b) GDPR |
1 year | The provision of data is necessary. If you do not provide your necessary personal data, the Data Controller will not be able to contact you for sending the requests information. |
DIRECT MARKETING, by subscribing to the newsletter service |
The processing is based on consent to the processing of personal data (C42, C43) Art. 6 par. 1 lett. a) GDPR |
Until withdrawal of consent (opt-out) |
The provision of data is optional. If you do not provide your necessary personal data, the Data Controller will not be able to send you direct marketing communications. |
Menagement of the returns / complaints form in the services area of this site |
The processing is necessary for the execution of a contract to which the data subject is party or for the execution of pre-contractual measures taken at the request of the data subject (C44) Art. 6 par. 1 lett. b) GDPR |
Until the complete fulfillment of the request or for a longer time required by regulatory provisions | The provision of data is necessary. If you do not provide your necessary personal data, the Data Controller will not be able to contact you for sending the requests information. |
Sending CV for job applications |
The processing is necessary for the execution of a contract to which the data subject is party or for the execution of pre-contractual measures taken at the request of the data subject (C44) Art. 6 par. 1 lett. b) del GDPR |
24 months In principle, the personal data collected during the recruitment process will be deleted as soon as it becomes clear that no job offer will be made or that the offer will not be accepted by the candidate. | The provision of data is necessary. If you do not provide your personal data, you will not be able to candidate yourself. |
WHO THE COLLECTED DATA WILL BE COMMUNICATED TO?
The personal data will be communicated, also on the basis of the purposes contained in specific areas, to subjects who will process the data as autonomous Data Controllers, or Data Processors (art. 28 GDPR) and processed by natural persons (art. 29 GDPR) who act under the authority of the Data Controller and Data Processors on the basis of specific instructions given regarding the purposes and methods of processing, for specific purposes according to the area of reference. The data will be communicated to recipients belonging to the following categories:
- Subjects providing services for the website and communication networks, including e-mail, hosting and website management;
- Subjects with whom the Data Controller has signed agreements and prior consent, where applicable;
- Competent authorities for the fulfilment of legal obligations, upon request.
The list of data processors is available by writing to the Data Controller at the contacts indicated above.
DOES THE DATA CONTROLLER TRANSFER DATA TO A THIRD COUNTRY AND/OR TO INTERNATIONAL ORGANISATIONS?
The personal data will not be transferred to non-European Economic Area (EEA)
ARE PERSONAL DATA PROCESSED BY AN AUTOMATED MEAN?
The personal data will be subject to traditional, manual, electronic and automated processing. Please note that no fully automated decision-making processes are carried out.
WHICH ARE YOU RIGHTS? HOW CAN YOU EXERCISE THEM?
You may assert your rights as expressed in Artt. 15 et seq. GDPR, by contacting the Data Controller at the e-mail at the contacts listed above. You have the right, at any time, to request access to your personal data (Art. 15), rectification (Art. 16), deletion of the same (Art. 17), restriction of processing (Art. 18). The Data Controller shall inform (Art. 19) each of the recipients to whom the personal data have been transmitted of any rectification or erasure or restriction of processing carried out. The Data Controller shall inform the data subject of these recipients if the data subject so requests. In the cases provided for, you have the right to the portability of your data (Art. 20), in which case they will be provided to you in a structured, commonly used and machine-readable format. You have the right to object (Art. 21), at any time, to the processing of your data based on legitimate interest by writing to the contact details above with the subject "objection" and in cases where the legal basis is consent, you have the right to revoke the consent given without prejudice to the lawfulness of the processing based on the consent before revocation.
To stop receiving marketing communications, please write an e-mail to privacy@steliau.it with the subject "unsubscribe marketing". In the event that he/she considers that the processing of personal data carried out by the Data Controller is in breach of the provisions of Regulation (EU) 2016/679, the data subject has the right to lodge a complaint with the Supervisory Authority, in particular in the Member State where he/she normally resides or works or in the place where the alleged breach of the Regulation occurred (Garante Privacy https://www.garanteprivacy.it/), or to take appropriate legal action.
INFORMATION NOTICE AMENDMENTS
The Data Controller reserves the right to amend, update, add or remove parts of this information notice. In order to facilitate the verification and modification of the text, the information notice will contain the date of update.
Date of update: 24/08/2022