Data Controller
VECON SPA, having registered office in Marghera (VE), Italy, at Porto Commerciale – Molo B, post code 30175, phone +39 041 2582711, e-mail: [email protected] , is the Data Controller.
Any partners that may independently participate in personal data processing shall also operate in a capacity as independent data controllers.
Processed data
1) Browsing data
The information systems and software procedures required for the proper functioning of this site acquire, during normal operation, some personal data the transmission of which is implicit in the use of internet communication protocols. By being associated and treated with data held by third parties, the personal data acquired by the website may, for their very nature, enable to identify the website users/visitors (e.g. IP address, domain names of the PC used by users/visitors logging in to the website, etc.).
These data shall be used for statistical purposes and to verify the website proper functioning only. In any case, web contact data are not stored for longer than seven days, except in case of assessment of any cybercrime offences against the website. No data obtained through the web service shall be communicated or disclosed.
2) Data voluntary provided by users/visitors
If, by logging in to this website, users/visitors send their personal data to access certain services or to make requests or submit applications via e-mail, also by sending CVs, they must be aware that it shall entail the acquisition by the Data Controller of the sender’s address and/or of any other personal data that shall be used exclusively in order to respond to the request/applications or to provide the service.
Personal data provided by users/visitors shall be communicated to third parties only where said communication is necessary in order to process the requests/applications submitted by users/visitors or to comply with any legal requirements (such as in case of billing or hiring after a CV was sent).
3) Cookies
In addition to the data expressly provided to the Data Controller, other data may be recorded from the browsing of the website by the user: when a user logs in, the website may send a “cookie” to the user’s device. A “cookie” is a small text file that the website may automatically send to the user’s computer when the user views our pages. Cookies are used to make browsing easier, as well as to obtain information about browsing by individual users on the site and to enable the functioning of certain services that require identification of the user’s path through different pages of the website. Upon all logins, irrespective of whether there are any cookies, the Website records the browser type (e.g. Internet Explorer, Chrome, Firefox), the operating system (e.g. Windows, Macintosh) and the host and URL of the user-browser, as well as the data on the requested page.
Said data may be used an anonymized and aggregated form for statistical analyses on the website use. For full management of cookies, please see the
“Cookie policy” page of this site
Processing methods
Data are processed with automated means (e.g. using electronic procedures and media) and/or manually (e.g. on paper) for the time that is strictly necessary to achieve the purposes for which they have been collected and, however, in compliance with the applicable legislation.
Specific security measures are in place fit to prevent any loss, unlawful or unfair use of the data, as well as unauthorised access thereto, in order for the data to be accessed only by the persons in charge of processing or data processors appointed in compliance with the applicable legislation. The list of Data Processors appointed under Article 29 of the Italian Data Protection Code (Italian Legislative Decree196/2003) and Article 28 of Regulation (EU) 679/2016 (GDPR) is available at the Data Controller’s headquarters.
Purposes of the processing
In addition to the purposes stated in the information to data subjects given before the completion of the forms in the various sections of the website, the purposes of the processing performed by the Data Controller are the following:
a) Data collection, storing and processing for the purpose of establishing and managing, in operational and administrative terms, the contractual relationship associated with the provision of the service offered on the website;
b) Use of personal data (specifically e-mail addresses) to send notices and communications concerning the established contractual relationship;
c) Processing of the personal data provided and those obtained from the website browsing by users in order to provide a service that is consistent with the indications given while using the service;
d) Collection, storing and processing of data in order to perform statistical analyses in an anonymized and/or aggregated form;
e) Purposes that are functional to our activity, such as offering personalized contents (for example newsletters);
f) For commercial communication about future initiatives, ads on new products or services;
g) Market surveys, statistical and economic analyses;
h) Sending advertisement or promotional material and carrying out games with prizes and promotional initiatives in general.
Legal basis for processing
The legal basis for the processing of Customers’ personal data performed by the Data Controller through the website specified above consists of the request, application, contract or pre-contractual understanding with the data subject, whereas, where the said are lacking, the legal basis for processing consists of the legitimate interest of the Data Controller to freedom to conduct business under Article 41 of the Italian Constitution. Having regard to other purposes for which consent is required, said consent is asked for in the “Information to data subjects and consents to personal data processing” specific section, which shall likewise be deemed valid legal basis for further processing of data.
Recipients
Besides the Data Controller, in some cases, data may be accessed by categories of data processors and authorised persons involved in the Website corporate organization (administration, sales and marketing personnel, lawyers, system administrators). The Data Controller may also use the services provided by external parties (such as service providers, third-party engineers, carriers, hosting providers, cloud service providers, IT companies, communication agencies), which may be appointed as external Data Processors. The updated list of Data Processors may always be obtained from the Data Controller, writing to the address given above.
Transfer to Third Countries
For the services provided by the website, the Data Controller uses servers located in the following Countries:
– Italy and, therefore, in accordance with Regulation (EU) 2016/679, to be deemed ensuring adequate protection as they are in the EU.
The data processed by the Data Controller shall never be disseminated.
Place where the data processing takes place
The data processing associated with the web services provided by this site takes place at the Data Controller’s headquarters set out above and is carried out only by technical staff of the Office in charge of data processing. Where necessary, the data associated with the newsletter service may be processed by the personnel of the company that manages the Data Center (data processor under Section 29 of the Italian Data Protection Code), at the headquarters of said company.
Period for which and place where the personal data are stored
The data are processed for the time that is strictly necessary to provide the service requested by the User and are then destroyed with safe destruction means, such as paper shredders, in case of data on paper, and wiping for data on electronic media.
Profiling and geolocalization data are destroyed after 12 months
of the last purchase or contract with the User.
Optional or mandatory provision of data
except as specified about browsing data, which are automatically acquired, users/visitors shall be free to provide their personal data or not. Failure to provide said data may only make it impossible to obtain what has been requested. The optional, explicit and voluntary sending of e-mails to the addresses set forth in this website entails the subsequent acquisition of the sender’s address, which is required to respond to requests for services and/or information, as well as any other personal data included in the e-mail.
Rights of data subjects
Under the GDPR, data subjects (i.e. the natural persons that are the subject of the personal data) shall have the right, at any time, to obtain confirmation as to whether or not personal data concerning them exist and to be informed of the data content and source, to verify their correctness or to obtain their updating, integration or rectification.
Data subjects can exercise their rights sending the related requests to VECON SPA, having registered office in Marghera (VE), Italy, at Porto Commerciale – Molo B, post code 30175, phone + 39 041 2582711, e-mail:
[email protected] .
Having regard to the aforementioned personal data, the data subject shall have the right to obtain the following from the Data Controller:
1. Confirmation as to whether or not personal data concerning him or her exist, their communication in an intelligible form and information on their origin and on the logic the data processing is based on;
2. Erasure, within a reasonable term, of his or her data, or their anonymisation or blocking of any data processed unlawfully;
3. Update and rectification of personal data or, when the data subject has in interest, their completion if they are incomplete;
4. The statement that the operations referred to in points 2) and 3) above have been communicated to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.
5. The data subject shall also have the right to obtain rectification or erasure of the data concerning him or her o restriction of their processing.
6. The data subject shall have the right to withdraw his or her consent to processing that is optional and not associated with the performance of the contract signed with the Data Controller.
7. The data subject shall also have the right to object, on legitimate grounds, to the processing of personal data concerning him or her, including where relevant for the purpose they have been collected, of obtain data portability and the right to be forgotten, as well as the right to lodge a complaint with the competent Data Protection Authority for any violation he or she has suffered; the Italian Data Protection Authority is the Garante per la protezione dei dati personali and it can be contacted via e-mail, at address: [email protected], via fax at number: +39 06 696773785, or by mail sent to Garante per la protezione dei dati personali, with address at Piazza Venezia no. 11 – post code 00187, Rome, Italy
Automated decision-making processes
No automated decision-making processes are used on the aggregated data collected, other than those aimed at better management of the website.
Appointed Data Protection Officer (DPO)
SILVIA DALLE NOGARE, lawyer
Email: [email protected]
Certified e-mail address: [email protected]
