This Policy, pursuant to Art. 13 of the European Regulation n. 679/2016 (hereafter “GDPR”) describes the purposes and management of your personal data.
Where necessary, additional specific information may be provided for certain purposes and processing methods.
OWNER OF THE DATA
The Data Controller of the processed data is Girardini S.r.l. based in Tione di Trento (TN), Via Fabbrica 90/92 (hereafter “Data Controller”).
CATEGORIES DATA PROCESSING
The Data Controller, for various processing purposes, collects and processes the following data:
1. personal and identification data;
2. bank and/or payment details;
3. fiscal data;
4. residence/domicile address, telephone numbers and email address;
5. information necessary for the performance of requested services;
6. internet browsing data.
PURPOSES, LEGAL BASIS AND METHODS OF PROCESSING
Data collected, that is voluntarily given by you (via requests), will be processed for the purposes indicated below:
a) execution of the contractual service
Your personal data will be processed for the fulfillment and correct execution of the contractual obligations. In particular, the Data Controller may process the data indicated in points 1, 2, 3, 4, 5 for the:
• definition, management and execution of contractual relationships;
• correct execution of the consequent accounting and tax obligations;
• implementation of specific requests formulated by you.
b) fulfillment of legal obligations
Your personal data will be processed to allow compliance with legal obligations.
In particular, the Data Controller may process the data indicated in points 1, 2, 3, 4, 5, 6 in order to:
• enforce the obligations of the law, regulations and European Community norms, or provisions issued by bodies authorized by law and by supervisory and control bodies;
• determine, exercise and/or defend a right in court.
c) ancillary activities and statistics
Your personal data will be processed, subject to consent, for functional purposes and ancillary activities of the Data Controller. In particular, the Data Controller may process the data indicated in points 1, 4 and 5 for:
• determining of the degree of satisfaction with the quality of services rendered;
• marketing, promotion, information and sale of products and services of the Data Controller, or third parties;
• electronic communications (for example: e-mail, phone, postal mail).
d) access and navigation to the website.
Your personal data will be processed to allow access and navigation on the website www.lokibase.com (subsequently “Site”). In particular, the Data Controller may process
the data indicated in points 4, 6 to:
• allow access to and use of the services and content on the Site;
• allow possible registration for restricted areas;
• process requests submitted via the form.
During normal operation, IT systems and software procedures used to run this web site collect some personal data, which are implicitly transmitted through the use of Internet communication protocols.
This information is not collected to be associated with identified subjects, but by their very nature could, through processing and association with data held by third parties, identify users.
The data categories collected include IP addresses, browser type, operating system, computer domain name used by visitors who connect to the site, URI (Uniform Resource Identifier) of requested resources, access time, method used to submit the request to the server, file dimension, numerical code indicating the server response status (successful, error, etc.).and other parameters regarding the operating system and the user IT environment.
These data are used for the sole purpose of obtaining anonymous statistics on the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.
DATA VOLUNTARILY SUPPLIED BY THE USER
The Owner collects user data through phone calls, online compilation of forms (c.d. “Form”); such forms may vary depending on the specific service requested by the User.
The optional, explicit and voluntary sending of emails to addresses indicated on this site involves the acquisition of the sender’s address and any other data included in the message that are necessary to respond to the message.
The e-mail received and the data contained therein are kept for a time consistent with the execution of the service requested.
RECIPIENTS OR CATEGORIES OF RECIPIENTS OF PERSONAL DATA
The personal data processed will not be disclosed but will be known by the staff of the Data Controller in charge of the processing in order to achieve the purposes previously
indicated. Personal Data may be communicated, for the purposes indicated, to the following categories of individuals:
• the partners of the company’s corporate and industrial group;
• suppliers, collaborators, partners or agents of the Data Controller;
• persons, companies or professional firms that provide the Data Controller with assistance and advice in order to protect a right of the Data Controller (for example:
lawyers, accountants, tax advisors, auditors);
• IT service providers;
• parties authorized by law, regulations, secondary legislation and by various competent authorities.
The Data Controller is available to provide, on request, an updated list of the subjects to whom the data are communicated.
TRANSFER OF PERSONAL DATA OUTSIDE THE EUROPEAN UNION.
The Data Controller reserves the right to transfer data to countries outside the European Union provided that (alternatively):
• the country guarantees an adequate level of protection based on a specific decision of the European Commission;
• the recipient is contractually obliged to protect data with a level of protection equal to the GDPR.
MANDATORY NATURE OF PROVIDING PERSONAL DATA
AND CONSEQUENCES WHEN IT IS NOT SUPPLIED
Except for data specified as navigation data, failure to provide data may make it impossible to provide and / or obtain what has been requested.
Providing data necessary for functional purposes and purposes ancillary to the activity of the Data Controller, on the other hand, is optional; a refusal to consent to such processing would make it impossible to process the data for said purposes.
THE PERIOD FOR WHICH DATA WILL BE STORED
The period for which the data will be stored depends of the purposes of the processing. In particular, data will be kept for the duration of the contract, for the time necessary to deliver what is required and for a further period:
• established by current legislation, by the secondary or regulatory legislation that requires data retention (for example, 10 years for accounting records).
• necessary to protect or assert a right of the Data Controller. Data collected for ancillary activities and statistics (e.g. marketing activities) will be kept for a period of 26 months.
RIGHTS OF THE INTERESTED PARTIES
Pursuant to current legislation, you have the right to:
1. request and obtain access to your Personal Data;
2. request and obtain a correction to or removal of your Personal Data;
3. request and obtain a limitation on the processing of your personal data;
4. object to the processing;
5. ask about and obtain the portability (in a structured format, commonly used and readable by an automatic device) of your personal data as well as its transmission to another Data Controller;
6. revoke any consent given, except in cases where processing is necessary to fulfill a legal obligation;
7. make a complaint to a supervisory authority.
Requests should be addressed to Girardini S.r.l., Via Fabbrica, n. 90. – 38079 Trento or by writing to the e-mail address firstname.lastname@example.org, attaching an identity document with the request.
DISCLAIMER OF LIABILITY
Girardini S.r.l. does not assume any liability related to the content or to any problems arising from the use of this site or any sites linked to it.
Every product or company mentioned in this site are trademarks of their respective owners and may be protected by patents and/or copyrights granted or registered by the authorities.