The EU General Data Protection Regulation 2016/679 (GDPR) provides rules on the protection of individuals with regard to the processing of Personal Data and the free movement of such data. The purpose of the GDPR is to protect the fundamental rights and freedoms of natural persons, in particular the right to the protection of their personal data. The free movement of personal data within the EU shall not be restricted or forbidden for any reasons pertaining to the protection of natural persons in relation to the processing of personal data. According to the GDPR, the definition of ‘personal data’ encompasses any information regarding you, the data subject, directly or indirectly. The data consist in any information used to identify you, i.e.: your name, your ID number, your address, your online identification, physical, physiological, genetic, psychic, economic, cultural, social information. This document also provides details of how the site is managed as regards the processing of its users’ data, who may access its confidential area. Pursuant to Art. 13 of the GPDR this information document is also made available to all those interacting with METEDA SRL’s web services, which can be accessed online at the following addresses:
This information document is exclusively relevant to METEDA SRL websites, not to any other websites accessed by the user through links. After visiting or voluntarily logging onto this website, information relative to identified or identifiable persons may be processed.
The purpose of this information document is to determine certain minimum requirements for collecting personal data online and, in particular, methods, timing, the kind of information data Controllers have to provide users with when they connect with the web pages, regardless of the reason why they are visiting them.
1. IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER The identity and contact details of the data Controller, also shown in the header, are :
2. PURPOSE OF THE PROCESSING
The data processing related to the web services of this website is carried out at the address of the data Controller, at the place identified by the internet site operator. The processing is dealt with only by authorized staff or by people tasked with occasional maintenance operations. No data derived from such web services shall be disclosed or disseminated. The personal data entered by users so that they can be sent material regarding a request for a service (or any information material) shall be used to meet such a request and may be disclosed to third parties only when strictly necessary, if relevant and useful to fulfill any such requests.
The collection and processing of the user’s personal data shall be carried out respecting the general principles of necessity, correctness, relevance and not exceeding the purpose for which the data was collected. In particular, data processing shall aim to:
The legal basis for data processing is laid down in the Civil Code and the Consumer Code.
3. LAWFULNESS OF PERSONAL DATA PROCESSING
Data processing is considered lawful when at least one of the following requisites is met:
a) the data subject has given explicit consent to the processing of his/her personal data for one or more specified purposes;
b) the processing of personal data is essential for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into any such contract;
c) the processing of personal data is necessary for compliance with a legal obligation to which the controller is subject;
f) the processing of personal data is necessary for the purposes of the legitimate interest pursued by the data controller (e.g.: prevention of any damages to our website due to frauds and misuse. Processing personal data for direct marketing falls within the above mentioned legitimate interest, as specified in recital 47 of the GDPR) or by third parties, except where such interests are overridden by the interests for fundamental rights and freedoms of the data subject which require protection, especially if the data subject is under age.
4. RECIPIENTS OF YOUR PERSONAL DATA
Your data will be transferred exclusively to those recipients who are involved and have a role in the attainment of the purposes specified in point 2. Therefore, the collected, processed data
a list of data Processors is available at the address of the data Controller.
5. PERSONAL DATA CATEGORIES
No specific personal data shall be processed (i.e., any data revealing your racial or ethnic origin, your political opinions, religious or phylsophic beliefs, trade union membership, your health, sex life and sexual orientation) nor any data relating to under-age individuals. Personal data processing is strictly limited to those data that are essential and required to the proper attainment of the purposes specified in point 2.
6. DATA RETENTION
The data you provided for the purposes specified in point 2 shall be retained:
Your personal data shall not be disseminated and shall be destroyed as soon as they are no longer necessary or we are no longer obliged to retain them.
7. DATA PROCESSING METHOD
The information systems and software procedures relied upon to operate the platform of this website acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of internet communication protocols. They include: IP addresses (for user verification and security reasons) and/or the domain names of computers used by any user logging onto this website, the URI (Uniform Resource Identifier) of the requested resources, the timestamp of the request, the method used in formulating requests to the server, the size of the files obtained in reply, the numerical code that shows the server’s given reply (successful completion, error and so on) and other parameters relating to the operating system and to the user’s ITC environment.
The use of such data is strictly limited to the purpose of ensuring the proper functioning of the site and deriving anonymous statistical information concerning its use. The data are erased immediately after being processed. They may be used to ascertain liability in the event of computer crimes to the detriment of our website. Subject to this event, currently the data on web contacts are not held for longer than seven days.
Your personal data shall be processed:
There is no automated decision process, nor profiling.
This website uses c.d. cookies, small files stored on your computer hard disk, to provide services and/or information. Most of them are ‘session cookies’, i.e. temporary cookies that remain in the user’s browser cookie file only until the end of the browsing session. They may be present on some of our website pages. By using session cookies we can monitor which parts of the website you have viewed during a visit. This helps us to best adjust content, ads and our services to your benefit, assess the effectiveness of our promotions, guarantee trustworthiness and security
The c.d. session cookies used on this site avoid using other information technologies that may potentially affect the confidentiality of your surfing activities. They do not allow the acquisition of any personal data that may identify you .
9. PROVIDING PERSONAL DATA
Apart from what specified regarding navigation data, users are free to decide whether or not to enter their personal data, when required, in the special windows of the website regarding services, products and any other items that the site manager, or its trading partners, are able to offer.
Your decision not to enter your data when required may make it impossible for the website manager or its trading partners to supply you with their services and products
10. RIGHTS OF THE DATA PROJECT
As the Data Subject, you are entitled to all the rights specified in Art. 15-16-17-18-20-21-22 of the GDPR, among which:
The above mentioned information shall be sent:
All the rights provided for in the GDPR to which you, as the data subject, are entitled to may be exercised without formal obligations, by direct request to the data Controller. Such request may also be made through a person nominated by you and the data Controller shall deal with it timely, with no undue delay.