CONDITIONS FOR THE PROCESSING OF PERSONAL DATA – MANAGEMENT OF PROPRIETARY AND THIRD-PARTY COOKIES
This notice has been prepared to communicate the privacy principles which govern the use by Gruppo Mastrotto S.p.A. of data provided by customers, including data collected through the website www.mastrotto.com. This page describes the management mode of the site in relation to the processing of personal data of the users who consult it. This is a notice that is provided pursuant to art. 13 of EU Regulation no. 2016/679 (hereinafter “GDPR 2016/679”), which lays down provisions for the protection of individuals and other subjects regarding the processing of personal data, to those who interact with the web services accessible electronically from the address: www.mastrotto.com. The notice concerns only this website and not other websites that may be consulted by the user via links found on this site. By visiting this website, you implicitly declare that you have understood and accept the processing methods described in this privacy notice.
Gruppo Mastrotto S.p.A. informs you that the processing of your personal data will be based on the principles of lawfulness, correctness, transparency, limitation of purpose and retention, data minimization, accuracy, integrity and confidentiality. Your personal data will therefore be processed in accordance with the legislative provisions of the applicable law and with the confidentiality obligations set out therein.
The data controller is Gruppo Mastrotto S.p.A., with registered office inZona Industriale – Quarta Strada, 7 – 36071 Arzignano (Vi) – Italia. ny requests pursuant to art. 7 of Leg. D. 196/03 may be sent to the above address or to the e-mail address firstname.lastname@example.org.
Types of data that are processed
“Personal Data” means any information concerning an identified or identifiable individual with particular reference to an identifier such as the name, an identification number, location data, an online identifier or one or more characteristic elements of their physical, physiological, psychological, economic, cultural or social identity.
The Personal Data collected during the browsing of the website https://www.mastrotto.com are the following:
a) rowsing data. The IT systems and software procedures used to operate the website www.mastrotto.com acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols.
This information is not collected to be associated with identified individuals, but, by its very nature, it could allow users to be identified through the processing and association with data held by third parties. This information is collected automatically by this Application (or by third-party applications used by this Application).
The data will be processed using automated tools to store, manage and transmit the data in order to guarantee security as well as confidentiality.
Purposes of processing
The Personal Data you provide through the site will be processed by Gruppo Mastrotto S.p.a. for the following purposes:
a) purposes related to the execution of a contract of which you are a part or to the execution of pre-contractual measures adopted upon your request (i.e.: request for information, quotes, etc.);
b) purposes of statistical research/analysis of aggregated or anonymous data without the possibility of identifying the user, aimed at measuring the functioning of the website, its traffic and evaluating usability and interest;
c) purposes related to the fulfillment of a legal obligation that is binding for Gruppo Mastrotto S.p.a. ;
d) purposes necessary to establish, exercise or defend a right in court or whenever the courts exercise their judicial functions.
The legal basis of the processing of personal data for the purposes referred to in point a) is the provision of a service requested by you or a response to your request and therefore your consent is not required under applicable law.
The purpose referred to in point b) does not involve the processing of personal data; while the purposes referred to in points c) and d) are a legitimate processing of personal data in accordance with the applicable legislation because, once the personal data have been disclosed, their processing is necessary to fulfill a legal obligation that is binding for Gruppo Mastrotto S.p.a. .
Mandatory/optional nature of the conferment of data
The conferment of your personal data for the purposes listed above is optional, but the lack of conferment could make it impossible to answer your request or fulfill a legal obligation that is binding for Gruppo Mastrotto S.p.a.
Subjects who might become aware of your data
Personal data may be known:
a. by subjects whose intervention is necessary for the provision of the services offered by the Site including, by way of example, the analysis of the operation of the site, who act as data managers for Gruppo Mastrotto S.p.a. ;
b. by persons authorized by Gruppo Mastrotto S.p.a. for the processing of personal data who are committed to confidentiality or have a legal obligation of confidentiality (e.g. employees and associates of the Controller);
c. by jurisdictional authorities during the exercise of their functions when required by applicable law.
The data are not subject to disclosure.
No automated decision-making processes are applied in the processing of personal data carried out for the purposes referred to in this notice.
Data retention times
The personal data collected while browsing the website www.mastrotto.com will be kept for the time necessary to pursue the aforementioned purposes.
The data will be stored at “Gruppo Mastrotto S.p.a. at least for the times prescribed by law and in any case for a maximum period of ten years and processed by employees and/or third parties appointed by the latter, who carry out the aforementioned activities under its direct supervision and responsibility.
Data processing location
The data are not transferred outside of the European Union.
Rights of the interested party
As an interested party regarding the processing of your personal data, you have the right to obtain confirmation of their existence, to know their content, to verify their accuracy, to access your data, to ask for their origin, correction, integration, deletion, their purposes and methods of processing, their update if incomplete, erroneous or collected in violation of the law and to oppose their processing and to obtain the limitation of their processing; you have the right to transform them into anonymous data and to block data processed in violation of the law; finally, you have the right to the portability of your data.
Requests should be sent to the Data Controller at the following e-mail address: : email@example.com.
If you believe that your personal data have been processed in a way that does not comply with the law, you have the right to lodge a complaint with the Italian Data Protection Authority, Piazza di Monte Citorio 121, Rome, Italy, Telephone switchboard: (+39) 06 696771, e-mail: firstname.lastname@example.org.
Extended notice about cookies
What are Cookies?
Cookies are portions of code saved on the user’s PC within the browser in order to ensure the optimal use of the site according to the purposes described in the notice. Some cookies have purposes that may require the explicit consent of the user. Cookies, usually present in users’ browsers in very large numbers and sometimes even with a long temporal persistence, are used for different purposes such as execution of computer authentication; monitoring of sessions; storage of information on specific configurations concerning users accessing the server, etc.
What are the main types of cookies?
For the purpose of this provision, two categories of cookies are identified: “technical” cookies and “profiling” cookies.
a. Technical cookies
Technical cookies are those used for the sole purpose of “transmitting a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service that is explicitly requested by the subscriber or user “(see Article 122, paragraph 1, of the Privacy Code).
They are not used for other purposes and are normally installed directly by the controller or manager of the website. They are either navigation or session cookies, and they allow the normal browsing and use of the website (like purchases or accesses); cookie analytics, that are like technical cookies if used directly by the site manager to collect information on the number of users and on how they visit the site; functionality cookies which allow the users to browse according to a series of selected features and options, such as language, in order to improve the service rendered to them. The user’s prior consent is not required for these cookies.
b. Profiling cookies.
Profiling cookies are used to create user profiles and are used to send advertising messages based on the preferences expressed by the user while browsing the internet. Since they are quite invasive in the private sphere of users, European and Italian legislation require the user to be informed about their use and to express their consent. Art. 122 of the Privacy Code refers to them when it states that “the storage of information in the terminal of a contracting party or a user or the access to information already filed is permitted only on condition that the contracting party or the user has given their consent after having been informed via the simplified procedures referred to in Article 13, paragraph 3 of the Privacy Code”.
Session and Persistent Cookies
Session Cookies are limited to your current browser session. These cookies are deleted when the browser is closed. Nothing is stored on your computer beyond the time you use the site (ASP.NET_SessionId and language).
Persistent Cookies (ASPXANONYMOUS type) allow sites to recognize that you are an already known user or visitor and adapt accordingly; they have a duration that is set by the website and can vary from a few minutes to several years.
First-party and third-party cookies
First-party cookies are created and readable by the site that created them.
Third-party cookies, on the other hand, are created and readable by domains that are external to the site and their data are kept at the third party’s location.
In addition, we use other tracking technologies inside the communications you receive from us (for example, to know if our emails are received, read and clicked) in order to make future communications more in line with your interests.
What cookies we use and how
It is a web statistical service provided by Google, Inc. (“Google”). The collected data are used in order to track and examine the browsing within the site; the collected data can be shared with other services managed by Google. The data collected could be used by Google for the personalization of advertisements within its network.
What data are collected? Usage data.
Google Adwords conversion
This service enables the linking of the AdWords ads to the user to evaluate their behavior and the actions that are performed in relation to the defined objectives. What data are collected? Usage and browsing data.
Google Dynamic remarketing / display advertising
They are Remarketing and Behavioral Targeting services connected to the Google advertising network with the aim of linking the activity tracked by Analytics during website browsing with the AdWords and DoubleClick network in order to show the ads that are as relevant to the user’s interests as possible. What data are collected? Usage and browsing data.
It is a service that enables the display of geographic maps and their integration within a website and to show geolocalized information. What data are collected? Usage data and GPS position (if active).
It is a Widget that enables the interaction with different social networks and external channels to simplify the sharing of site content. Depending on the configuration of the widget, it can show icons or buttons for the direct interaction with the various social networks, in this case the third parties who provide the service (e.g. Facebook) will be aware of the activities carried out through the widget. The service is made available by Clearspring Technologies Inc.
What data are collected? Usage data.
Like button and Facebook social widgets
They are services provided by Facebook which enable the direct interaction of the site with the social network, facilitating the sharing and “Like-ing” directly from the page. What data are collected?
Connects the Social Network to the site and enables direct registration and authentication through your social account, linking the site to your profile. What data are collected? Personal data, part of the data depends on the service’s specific policies.
Tweet button Twitter social widgets
They are services provided by Twitter which enable the direct interaction of the site with the social network, facilitating the direct sharing of content and posts.
What data are collected? Usage data.
+1 Button and Google+ social widgets
They are services provided by Google which enable the direct interaction of the site with the social network, facilitating the direct sharing of content and posts.
What data are collected? Usage data.
Pinterest widget and “Pin it” Button
They are services provided by Pinterest which enable the direct interaction of the site with the social network, facilitating the direct sharing of content and images on the board.
It is a social network for the management of images and through the widget it enables the integration of images from the platform into your pages.
YouTube video playback
They are services provided by YouTube which enable the direct interaction of the site with the social network, facilitating the direct sharing of content and posts.
Vimeo video playback
They are services provided by Vimeo which enable the direct interaction of the site with the social network, facilitating the direct sharing of content and posts.
How to manage Cookies within the browser?
The user has the right to also manage cookies through the settings of their browser. Below we list the sites where you can find the management procedure for different browsers.
More information on processing
System logs and maintenance
For needs related to operation and maintenance, this Application and any third party services used by it may collect System Logs which are files that record interactions and which may also contain Personal Data, such as the User IP address
Information not contained in this policy
More information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact information.
DEFINITIONS AND LEGAL REFERENCES
Personal data is any information relating to an individual, identified or identifiable, even indirectly, by reference to any other information, including a personal identification number.
This information is collected automatically by this Application (or by third-party applications used by this Application) including: the IP addresses or domain names of the computers used by the User who connects with this Application; the addresses in URI (Uniform Resource Identifier) notation; the time of the request; the method used in submitting the request to the server; the size of the file obtained in response; the numerical code indicating the status of the response from the server (successful, error, etc.); the country of origin; the characteristics of the browser and of the operating system used by the visitor; the various temporal connotations of the visit (for example, the time spent on each page); and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, to the parameters relating to the operating system and to the user’s IT environment.
The individual who uses this application who must coincide with the interested party or be authorized by them and whose personal data are being processed
The individual or legal entity to whom the Personal Data refers.
Data Controller (or Controller)
The individual or legal entity, public authority, service or other body which, individually or together with others, determines the purposes and means of personal data processing. When the purposes and means of such processing are determined by the law of the European Union or of a Member State, the controller or the specific criteria applicable to their appointment may be established by the law of the European Union or of a Member State.
Data Manager (or Manager)
The natural or legal entity, public authority, service or other body that processes personal data on behalf of the data controller.
The hardware or software tool through which the Personal Data of Users are collected.
Small portion of data stored in the User’s device.
This privacy notice is prepared in fulfillment of the obligations under Art. 13 of EU regulation no. 679/2016, as well as the provisions of Directive 2002/58/ EC as updated by Directive 2009/136/EC concerning Cookies. This privacy notice only concerns this Application.