Within this page the user may find a description of how the website www.mondosd.it (“Website”) is handled with regard to the treatment of the personal data of the users who access and browse the Website. This policy shall be also intended as informative pursuant to articles 13 and 14 of the EU Reg 2016/679 (“GDPR”).
This policy only concerns the Website, any other website by third parties eventually accessible through any link available on the Website shall not be intended as covered by this policy.
The Data Controller is mondosd S.r.l., via del Bosco 28, 21052, Busto Arsizio (VA), Fiscal Code and VAT number 01511120121 (the “Controller” or “mondosd”).
PERSONAL DATA COLLECTED
The computer systems and computer programs used to operate this Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information are not collected to be associated with identified data subjects, but in light of their nature could, through processing and association with data held by third parties, such data may allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the Website, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment. The navigation data will be collected exclusively in the legitimate interest of allowing the user to access to the content published on the Website of the Controller and its proper administration and management. These data are kept for a short time and could be used to ascertain any liability in the event of computer crimes against mondosd. Thereafter, the data are kept only in anonymous form for the sole statistical interest.
Dati forniti volontariamente dall’utente
The optional, explicit and voluntary transmission of e-mails to the addresses indicated on this Website entails the subsequent acquisition of the sender’s address, in order to duly reply, as well as any other personal data included in the message. The legal bases of the processing are, therefore, the legitimate interest of the Controller to reply to the communications received or the need to process pre-contractual requests made by the interested party. The data will be kept for the time necessary to satisfy any requests from the sender or issues submitted therein to the Controller and, in any case, for the time imposed by specific legal provisions. The sender has, however, the right to request cancellation of the same according to the methods, conditions and limits provided for by art. 17 of the GDPR.
If the user makes deliberately get in touch with the Controller by filling in the form in the “Careers” section, he will receive specific information.
OPTIONAL PROVISION OF DATA
PROCESSING METHODS AND SUBJECTS AUTHORIZED TO TREATMENT
The treatments connected to the web services of this Website (physically placed in “hosting” at the server of V-HOSTING SOLUTION S.r.l. located in Europe) take place at the headquarters of the Controller. The control and custody of information are handled by authorized personnel responsible for accepting online requests. The data may occasionally be accessed, for exclusive technical reasons, by authorized personnel who provide assistance to the site and the IT systems of the Controller. No data deriving from web browsing is communicated or disclosed to further third parties except in compliance with legal obligations.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
LEGAL GROUND OF THE PROCESSING
The Controller processes the personal data of the user if one of the following conditions occurs:
- the user has given its consent for one or more specific purposes; in some jurisdictions the Controller may be authorized to process personal data without the user’s consent or another of the legal bases specified below, as long as the user does not object (“opt-out”) to such treatment. However, this is not applicable if the processing of personal data is regulated by European legislation on the protection of personal data;
- the processing is necessary for the execution of a contract with the user and / or for the execution of pre-contractual measures;
- the processing is necessary to fulfill a legal obligation to which the Controller is subject;
- the processing is necessary for the execution of a task of public interest or for the exercise of public authority vested in the Controller;
- the processing is necessary for the pursuit of the legitimate interest of the Controller or third parties.
However, it is always possible to ask the Controller to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.
The data are processed and stored for the time necessary in relation to the purposes for which they were collected.
- personal data collected for purposes related to the execution of a contract between the Controller and the user will be processed until the execution of such contract is completed;
- personal data collected for purposes related to the legitimate interest of the Data Controller will be processed until this interest is satisfied. The user can obtain further information regarding the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.
When the processing is based on the user’s consent, the Controller can keep personal data until such consent is revoked. Furthermore, the Controller may be obliged to keep personal data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period the personal data will be deleted. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
TRANSFER OF DATA ABROAD
Requests and messages sent spontaneously to the Controller at its e-mail addresses or in through the compilation of the web forms on the Website can be tracked / stored on servers located outside the EU or the European Economic Area (EEA) belonging to third-party platforms; consequently, it is possible that your personal data are transferred to subjects or companies located outside the EU or the European Economic Area (EEA). In these cases, or if the need arises to make use of other types of non-EU suppliers who have access to some of your personal data, the Controller will provide you with full information and will verify that all appropriate and necessary measures (both contractual and not) have been adopted to guarantee an adequate level of protection of your personal data in accordance with the methods indicated in Chapter V of the GDPR and, in any case, by the current legislation on the protection of personal data. In any case, you can always request more information on the identity of third parties outside the EU who may know / process your personal data and the activities they carry out by making a request by making a request to the company privacy contact or at email@example.com
RIGHTS OF THE INTERESTED PARTIES
The interested party has the right to ask the Controller to access the data, or to rectify or cancel them, or to limit the processing or to oppose the processing of data under the conditions established by Articles 15,16,17,18,21 of the GDPR. Finally, the interested party has the right to lodge a complaint with a supervisory authority if he believes that the processing that concerns him violates the legislation applicable to the protection of his data.
To request information on data processing or exercise the rights on your data, please contact us at firstname.lastname@example.org
The information provided here may be subject to revision following:
- changes to the legislation on the protection of personal data;
- technological implementations adopted by the Controller that impact on current processing methods;
- organizational changes in the structure of the Controller that may affect the interested party.
Users are kindly invited to periodically consult this information in order to be constantly updated on the characteristics of the treatment.