This policy is drafted pursuant to and for the purposes of Art. 13 of EU General Data Protection Regulation 2016/679 (GDPR)

WHY ARE WE PROVIDING YOU WITH THIS INFORMATION?

Pursuant to Art. 13 of Regulation EU 679/2016 (hereinafter referred to as “Regulation”) this page describes how personal data is processed. This policy is drafted in compliance with the provisions of Art. 13 of EU Regulation 679/2016 – GDPR. This policy is not applicable to other websites of Third Parties that may be accessible via links on this website, for which no liability is accepted.

Processable personal data:

Personal data: means any information relating to an identified or identifiable natural person («data subject»); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

Data of contracting parties / users

Browsing data

The computer systems and software procedures used to operate this website acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.

Such data include IP addresses or user computer and terminal domain names, URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the answering file, the numerical code showing the status of the server answer (successful, error, etc.) and other parameters concerning the user’s operating system and IT environment.

Data submitted on a voluntary basis

The discretionary, explicit and voluntary sending of messages to the contact addresses on this website, as well as the completion of data collection forms involves the collection of the sender’s address, which is necessary to reply to requests, as well as the collection of any other personal data entered.

Information on the processing of personal data carried out through Social Media Platforms

With regard to the processing of personal data carried out by the social media platform managers used by the Data Controller, please refer to information provided by said managers in their Privacy Policies. The Data Controller processes the personal data provided by users through the pages of the dedicated social media platforms, in order to manage interactions with users (comments, public posts, etc.) and in compliance with current legislation.

Specific Privacy Policies

Specific Privacy Policies may be available on the pages of this website in relation to particular services or processing of the data provided.

Cookies and other tracking technologies. What are they? What are they used for?

For Cookies and other tracking technologies see the Cookie Policy available in the footer of the website and at the following link

1. WHO IS THE DATA CONTROLLER? HOW TO CONTACT THE DATA CONTROLLER?

Data Controller is Lattonedil S.p.a. Milano, with registered office in via degli Olivetani, 12 Milano (MI) 20123, represented by its pro tempore legal representative, who can be contacted for any information at the following phone number 031 791 377 or by email at the following e-mail address privacy@lattonedil.it

2. PURPOSE OF PROCESSING, LAWFULNESS OF PROCESSING, DATA RETENTION PERIOD AND NATURE OF DATA PROVISION

In addition to navigation, personal data will also be processed for:

3. TO WHICH RECIPIENTS OR CATEGORIES OF RECIPIENTS WILL PERSONAL DATA BE DISCLOSED? DATA RECIPIENTS

The Personal Data provided may be disclosed, depending also on the purposes envisaged in specific areas, to recipients, who shall process them in their capacity as Autonomous Data Controllers or Data Processors (Art. 28 GDPR) and/or as individuals (natural persons) operating under the authority of the Data Controller and Data Processors (Art. 29 GDPR) on the basis of specific instructions given on the purposes and methods of processing, for the relevant purposes based on the specific areas. More specifically, data may be transferred to recipients in the following categories:

• To Entities/parties, that provide services for the management of the website and of the communication networks, including e-mail, host and website management;
• Competent authorities who enforce the law and/or regulations by public bodies, upon request;

The list of the appointed Data Processors is constantly updated and is available upon request to be sent to the email address privacy@lattonedil.it or by writing to the other contact details specified above.

4. WILL PERSONAL DATA BE TRANSFERRED TO COUNTRIES OUTSIDE THE EEA?

Personal data will not be transferred to countries outside the EEA.

5. IS THERE ANY AUTOMATED DATA PROCESSING?

Personal data will be subject to traditional manual, electronic and automated processing Please note that no fully automated decision-making processes are carried out.

Data profiling may be carried out only after the Data Subject has given explicit consent, as specified in the purposes, and the profiling process will be done by an operator, who will profile the Data Subject and analyse his/her habits and consumption choices, in order to improve the commercial offer and services of the Data Controller (non-automated profiling).

6. WHAT ARE YOUR RIGHTS? HOW CAN YOU EXERCISE THEM?

You shall be able to exercise your rights under Articles 15 et seq. of the GDPR by contacting the Data Controller at the e-mail address privacy@lattonedil.it or at the above-mentioned contact details. You shall have the right to obtain, at any moment, from the Data Controller, access to Your personal data (Art. 15), their rectification (Art. 16) or erasure (Art. 17), as well as the restriction of their processing (Art. 18). The Data Controller shall inform (Art. 19) each of the recipients to whom the personal data have been transferred of any rectification or erasure or restriction of processing carried out. The Data Controller shall inform the Data Subject of these recipients if the Data Subject so requests. Where envisaged, You shall have the right to the portability of Your personal data (Art. 20), and if You so wish, the Data Controller shall provide You with the Personal Data concerning You in a structured, commonly used and machine-readable format. Moreover, You shall have the right to object (Art. 21) to the processing of Your personal data based on the legitimate interest.

In the event that the Data Subjects consider that the processing of their personal data carried out by the Data Controller is in breach of the provisions of Regulation (EU) 2016/679, they shall have the right to lodge a complaint with the Data Protection Authority of the Member State in which they are habitually resident or work, or of the place where the alleged violation took place (the Italian Data Protection and Privacy Authority is called Garante Privacy and can be contacted at https://www.garanteprivacy.it/), or to take appropriate legal action.

7. AMENDMENTS TO THE PRIVACY POLICY

The Data Controller reserves the right to amend, update, add or remove parts of this privacy policy at its sole discretion and at any time. In order to facilitate this review, the policy will contain an indication of the date on which the policy was updated.

Updated on: 18 July 2024