In accordance with articles 13 and 14 of the EU’s General Data Protection Regulation (GDPR) 2016/679 and Italian Legislative Decree 196/03 as updated by Legislative Decree 101/2018
In accordance with the EU's General Data Protection Regulation 2016/679, this page describes the processing of personal data, i.e., any information relating to an identified or identifiable natural person ('data subject'), of users who consult the website of Intermonte SIM S.p.A (hereafter "Intermonte"), accessible online at https://www.intermonte.it
The information on this page does not apply to websites, pages, or online services that are accessible through hypertext links published on this website but which point to resources outside the INTERMONTE domain.
The Data Controller is Intermonte SIM S.p.A. with registered office at Via Galleria De Cristoforis 7/8 - CAP 20122 MILANO (MI), e-mail:email@example.com , tel. +39 02 771151.
The Data Protection Officer is Virginia G. Basiricò, who may be contacted at Via Galleria De Cristoforis 7/8 - CAP 20122 MILANO (MI), e-mail: firstname.lastname@example.org, tel. +39 02 771151.
TYPES OF DATA PROCESSED
Data provided by the user
The optional, explicit and voluntary sending of messages to the Company's contact addresses and the sending of private messages by users to the Company's social media profiles/pages (where this is possible) entail the collection of the sender's contact details necessary for providing a response, and of all the personal data contained in the messages.
Redirection to external websites
The Intermonte website may use so-called social media plug-ins. Social media plug-ins enable social media network functionality to be directly incorporated in a website (e.g., the Facebook "Like" functionality). All the social media plug-ins on the website carry the proprietary logo of the social media network in question (e.g. the LinkedIn logo). When a page on the website is visited and interaction with the social media plug-in takes place or a comment is left, the corresponding information is sent by the browser directly to the social media network platform, where it is stored.
PURPOSE AND LEGAL BASIS OF DATA PROCESSING
Pursuant to art. 6, parag. 1, point b) and point f) of EU Regulation 206/679, personal data are processed without the express consent of the Data subject insofar as data processing is necessary in order to take steps prior to entering into a contract or for the performance of a contract to which the Data Subject is a party, as well as for the legitimate interests pursued by the controller for the following purposes:
- enabling users to contact the Company directly and to obtain information on the services offered;
- enabling clients to access their password-protected area of the website by means of username and password;
- visiting Intermonte social media accounts via redirection from the Intermonte corporate website;
- obtaining statistical information on the use of services (e.g., number of visitors, date-time of the last visit, click-throughs from third-party websites);
- checking that services offered are functioning properly
- ensuring the updating and protection of the website.
DATA RETENTION TIMES
The data provided by the user will be held for the time period necessary for fulfilling the purposes indicated above. If, for any reason, the Data Subject considers that the purpose of processing has been exhausted, the Data Subject may inform Intermonte of this in writing, and Intermonte will immediately erase the information, providing that the request does not conflict with the law.
SOURCES OF DATA
The data for processing may be collected through the Intermonte corporate website.
RECIPIENTS OF DATA
Personal data from users will not be disseminated on an unrestricted basis; instead, such data will only be made available to one or more specified parties, as detailed below. Data may be made available:
- to employees and associates of the Data Controller in their capacity as authorised system users and / or administrators;
- to third-party companies in their capacity as external Data Processors, such as companies entrusted to manage social media channels, and information technology companies that manage and maintain the website;
- to the owners of social media platforms - in their capacity as Independent Data Controllers - whose terms and conditions of use the visitor has previously accepted as a necessary pre-condition for using Intermonte's social media pages.
TRANSFER OF PERSONAL DATA TO OTHER COUNTRIES
Personal data will be stored and managed on servers belonging to the Data Controller and / or other companies duly appointed as Data Processors, and said servers will be located in the European Union. The data will not be transferred outside the European Union. However, it is understood that the Data Controller retains the right, should it be necessary, to move the servers located in Italy and / or the European Union to Non-EU countries. In that case, the Controller henceforth guarantees that the transfer of data outside the EU will take place in accordance with the law by stipulating, if necessary, accords that ensure adequate safeguards and / or by adopting the standard contractual clauses foreseen by the European Commission.
OBLIGATORY OR OPTIONAL NATURE OF PROCESSING
The provision of data is necessary for pursuing the objectives indicated in the section of this policy entitled "PURPOSE AND LEGAL BASIS OF DATA PROCESSING". Consequently, refusal to provide the data requested or the provision of any incorrect information at the time of collection will make it impossible for the Data Controller to fulfil the objectives indicated in the aforementioned section.
RIGHTS OF THE DATA SUBJECT
Within the limits of applicable law, the Data Subject has the right to ask Intermonte at any time for access to their personal data, for the rectification or erasure of said data, to oppose or limit the processing of said data, as well as to obtain said data in a format that is structured, in common use, and legible by automatic device (art. 15 et seq. of EU Regulation 2016/679). Upon a request from a Data Subject to exercise their rights, response will be given within 30 days (potentially extendible for a further 30 days, pursuant to law). Should processing take place in breach of the aforementioned Regulation or related national provisions, the Data Subject also has the right to file a complaint with the Italian Data Protection Authority or to take appropriate action through the courts.
To exercise their rights the Data Subject may contact the parties indicated under the "CONTACT INFORMATION" section of this policy.