This information is provided in conformity with Article 13 of the EU General Data Protection Regulation (EU Regulation 679/2016, “GDPR”) and describes the methods of managing data for those who use the Data Controller’s internet services (hereafter also “Users”) accessible via the website email@example.com, and who may then request the Data Controller to provide products or services. The information concerns only the website indicated and not others that may be consulted using other links.
The Data Controller is Mec. Carp. srl, Vicolo Treviso 2, 31040 Trevignano (TV) ITALY, telephone +39 04 2381 8129, email: firstname.lastname@example.org, in the person of their authorised legal representative.
During normal operation the computer systems and software procedures used to operate the website acquire some personal data (so-called log files) whose transmission is inherent to Internet communication protocols. This information is not collected for purposes of association with specific users, however its nature could allow them to be identified during processing and associations with other data held by third parties. This category of data includes IP addresses and domain names for the users’ computers connecting to the site, the URIs (Uniform Resource Identifiers) of resources requested, the times and methods used to submit the requests to the server, the sizes of the files obtained in response, the numerical response status codes (successful, error, etc.) and other parameters relating to the operating system and computer environment. These data are used only to obtain anonymous statistical information and check the proper function of the site. The data could also be used to ascertain responsibility in the event of any computer crimes involving the site, and can therefore be provided to the Judicial Authority if it makes an explicit request.
In the case that the user voluntarily sends specific messages or requests to the addresses indicated on this site, or fills in a contact form, this will result in the acquisition of the sender’s address and any other personal data included in the message and necessary to respond to the requests. Specific summary information will subsequently be reported or displayed on website pages designed for provision of specific requested services. After the first contact the Data Controller may ask for further personal data from the user, limited to what is necessary for the provision or supply of the requested services and products.
Mec. Carp. Srl will process the personal data provided and then acquired by the user filling out the contact form on the website, for the following purposes:
Please note that if the user is already a customer, Mec. Carp. Srl may send commercial communications relating to services and products similar to those they have already used or purchased, unless they request otherwise.
Personal data will be processed in keeping with the laws and regulations on correctness, relevance and avoidance of excessive inconvenience, using paper-based and computerised media and instruments, ensuring the confidentiality and integrity of the data. The data may be known by persons authorised to carry out the processing, and by personnel external to Mec. Carp. srl authorised to carry out activities necessary for the provision of the services requested and those of a complementary nature (i.e. as required by current legislation on administrative, legal and tax matters).
The legal basis for the processing derives from the user’s request to the Data Controller for provision of products and services.
Possible recipients/categories of recipients of personal data:
Without the need for express consent (Article 6, letters b and c, GDPR), and following inspections or checks (if required) your data may be communicated to all inspection bodies responsible for checks and controls concerning compliance with the law. The user’s data may also be communicated to companies or professional agencies that provide assistance, advice or collaboration to the Data Controller concerning matters of accounting, administration, taxation, law or financial information; the data may also be communicated to public administrations for performance of their institutional functions, within the limits established by laws and regulations, and to third party service providers when this communication is necessary for the performance of the services covered by contracts. Your personal data will not otherwise be communicated or diffused.
Apart from what has been described concerning navigation, the user can choose not to provide personal data. The provision of the data necessary for completion of any contractual relationship that already exists or is in preparation is required for proper management of the relationship, and of any related requests; their communication is necessary to achieve these purposes. The refusal to communicate the data, or the incorrect/incomplete communication of any of the necessary data, may make it impossible for the Data Controller to ensure the adequacy of the data processing.
Any processing of your personal data will be carried out within the European Union; your personal data will not be transferred to third countries.
Personal data will be held for the time necessary to comply with any contractual obligations and with other obligations under the laws and regulations applicable to the Data Controller’s activities. They will be kept for the time necessary to comply with what is described in this Statement, and in any case for not more than 10 years from the end of the relationship with the user.
In accordance with Articles 15 to 22 of the GDPR, the data subject has the rights to:
The data subject can exercise their rights at any time, by sending: