Privacy Policy

Information on the processing of personal data

On this page, we describe the management methods of this website regarding the processing of personal data of users who consult it. This is an information notice provided in compliance with the current legislation on personal data for users who interact with the services of this website under EU Regulation 2016/679. The information is provided only for this website and not for other websites possibly consulted by the user through our links.

 

The “Data Controller”

Following consultation of the website, data relating to identified or identifiable persons may be processed. The “Data Controller” of their processing is:

EVOTECK SRL

VIA VENETO 24 –

25025 MANERBIO (BS)

Tax Code and VAT no. 06508010961

 

Place of data processing

The processing related to the web services is handled only by the technical staff of the office responsible for the processing or by any persons in charge of occasional maintenance operations. No data deriving from the web service is communicated or disseminated.

 

Purposes of processing and legal basis for processing

The personal data provided by users who submit requests or intend to use services or products offered through the website, as well as receive further specific content, are used solely to respond to requests or perform the requested service and are communicated to third parties only if necessary for this purpose. The legal basis for these processing activities is the necessity of responding to the requests of the data subjects or carrying out activities provided by agreements defined with the data subjects.

With the user’s express consent, the data may be used for commercial communication activities related to offers of additional products or services of the controller. The legal basis for this processing is the freely given consent of the data subject.

Apart from these situations, users’ browsing data are kept for the time strictly necessary to manage processing activities within the limits provided by law.

 

Types of data processed

Browsing data

The computer systems and software procedures used to operate the website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the website, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters related to the user’s operating system and computer environment. These data are used only to obtain anonymous statistical information on the use of the website and to check its correct functioning and are deleted after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the website.

Data voluntarily provided by the user

The optional, explicit, and voluntary sending of email to the addresses indicated on the website involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the website prepared for particular on-demand services.

Cookies

Cookies refer to a textual element that is inserted into the hard drive of a computer only after authorization. Cookies are intended to streamline the analysis of web traffic or to indicate when a specific website is visited, and they allow web applications to send information to individual users. No personal data of users is acquired by the website for this purpose. Cookies are not used for the transmission of personal information, nor are persistent cookies of any kind used, i.e., systems for tracking users. The use of session cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to ensure secure and efficient browsing of the website. The session cookies used on the website avoid the use of other computer techniques potentially prejudicial to the confidentiality of user navigation and do not allow the acquisition of personal identification data of the user.

Optional nature of data provision

Apart from what is specified for browsing data, the user is free to provide personal data to request services offered by the Controller. Failure to provide such data may result in the inability to obtain what is requested.

 

Processing methods and data retention periods

Personal data are processed using automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, unlawful or incorrect use, and unauthorized access.

The data are retained for the time strictly necessary to pursue the purposes indicated in this notice and will be deleted at the end of this period, unless the data need to be retained to comply with legal obligations or to assert a right in court.

 

Rights of data subjects

Within the limits and under the conditions provided by law, the controller is obliged to respond to the data subject’s requests concerning their personal data. In particular, under the current legislation:

  1. The data subject has the right to obtain from the data controller confirmation as to whether or not personal data concerning them are being processed and, where that is the case, access to the personal data and the following information:
  • the purposes of the processing;
  • the categories of personal data concerned;
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
  • the right to lodge a complaint with a supervisory authority;
  • where the personal data are not collected from the data subject, any available information as to their source;
  • the existence of automated decision-making, including profiling
  1. The data subject has the right to obtain from the data controller the rectification of inaccurate personal data concerning them without undue delay. Considering the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.
  2. The data subject has the right to obtain from the data controller the erasure of personal data concerning them without undue delay, and the data controller has the obligation to erase personal data without undue delay within the limits and cases provided for by the current legislation. The data controller shall communicate to each recipient to whom the personal data have been disclosed any rectification or erasure or restriction of processing within the limits and forms provided by the current legislation.
  3. The data subject has the right to obtain from the data controller the restriction of processing.
  4. The data subject has the right to receive the personal data concerning them, which they have provided to a data controller, in a structured, commonly used, and machine-readable format, and has the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.

To exercise the above-listed rights, the data subject must make a request using the following contact points through which the Data Protection Officer, if designated by the Controller, can also be contacted.

Requests should be addressed to the Controller at the following address: evoteck@evoteck.it, where the Data Protection Officer may also be contacted if appointed by the Controller.

This version of the privacy policy on personal data processing was updated on May 7, 2018.