This privacy notice aims to inform about how Eustema SpA (“Company”) collects and processes visitors and users’ Personal Data through this website www.eustema.it (Site), according to art. 13 of the European Regulation 679/2016 (“GDPR”).
This Information describes the methods by which the Company handles the processing and managing of Personal Data in its capacity as Data Controller of the Site.
This treatment follows the principles of lawfulness and correctness in compliance with all current regulations and appropriate security measures have been adopted to protect the data.
The information collected refers exclusively to the Site and cannot be considered valid for other sites that may be reached via links.
As regards the recruitment page and the “Work with us” form, a specific information is provided in the document: “Information to candidates on the processing of data contained in the curriculum“.
PURPOSE OF THE TREATMENT
1.1. The purpose of collecting and processing User’s personal data consists in carrying out anonymous statistics about the use of the Site in order to check its correct functioning, guarantee the protection of the information and company business, to contrast and track the cyber-attacks .
PERSONAL INFORMATION COLLECTION AND NATURE OF DATA PROCESSED
2.1. The computer systems and software procedures used to operate this website acquire some personal data whose transmission is implicit in the use of Internet communication protocols.
2.2. The information collected will not be associated with identified Users. However, this information could identify the users through processing and association with data held by third parties and could be used to establish responsibility in case of hypothetical computer crimes against the site. This security protection is a legitimate interest of the Data Controller at the base of data processing.
2.3. The treatment concerns exclusively data of a common nature and it will be limited to the data of treatment pertinent and functional to the pursuit of the purposes referred to in art. 1. Moreover, navigation data will be processed. This category of data includes the IP addresses or domain names of the computers used by the users connecting to the site; the URI (Uniform Resource Identifier) addresses of the requested resources; the time of the request; the method used to submit the request to the server; the size of the file obtained in response; the numeric code indicating the status of the response given by the server (success, error, etc.); other parameters relating to the operating system and the user’s IT environment. These data help to obtain anonymous statistical information on the use of the site, to check its correct functioning and to guarantee the protection of information and company business.
3.1. The navigation data are automatically collected by the system contextually to the navigation of User on the website.
PROVISION OF DATA
4.1. The provision of navigation data takes place automatically at the time of navigation. The User can refuse to give the Holder only the data referring to cookies disabling them how explained in the instructions provided by own browser and in the cookie use policy published on the site. However, disabling cookies can worsen the quality of site navigation.
METHOD OF TREATMENT
5.1. The processing of personal data will be carried out with the aid of computerized tools. The data will be stored in electronic archives in order to allow their identification and selection in aggregate form.
5.2. The treatment will be carried out directly by the staff of the Owner specifically authorized to the treatment or it may also have taken place through third parties, service providers for the Owner as indicated under the articles. 6 and 7.
5.3. The data provided by the user may be communicated to subjects for whom there is an obligation of communication pursuant to the law or a need for communication to enforce a fair right of the Company with the appointed bodies.
5.4. In any case, the data will be processed according to logics strictly related to the purposes indicated in order to guarantee their security and confidentiality through the adoption of appropriate measures to prevent the alteration, cancellation, destruction or unauthorized access or processing not allowed or not in accordance with the purposes of the collection. The information acquired will not be used in automated decision-making processes.
ACCESS TO DATA
6.1. Access to personal data is allowed only to those subjects authorized by the Owner within the limits and according to the procedures set out in the respective offices and for the pursuit of the purposes referred to in art. 1.
Regarding this, access the users’ data is allowed to subjects charged with information systems who can also perform the function of system administrator and in this case appointed like that.
6.2. As regards the activity related to software and hardware maintenance and assistance, third party service providers may have access to the data. These suppliers will receive specific instructions and authorizations for data processing.
DATA CIRCULATION AND COMMUNICATION
7.1. The personal data of the user will not be disclosed in any case.
7.2. The personal data of the user can be communicated to the following Categories of Subjects:
- internal staff that manages the site (see art. 6.1);
- third-party companies or other subjects that carry out outsourced activities on behalf of the Data Controller and that can also process data through authorized parties (eg companies that provide IT systems management services).
- These subjects will receive specific instructions and authorizations to process the data through an agreement drawn up according to art. 28 paragraph 3 of the GDPR.
8.1. The processing operations connected to the web services of this site take place at the Company’s offices and are not transferred abroad.
RIGHTS OF INTERESTED PARTIES
9.1. The Owner recognizes the users to whom the data refers, the possibility of exercising specific rights in relation to their personal data where technically possible.
9.2. Users have the right to obtain confirmation about the processing of their personal data in any time as well as to verify the existence or not of them.
Moreover, when technically possible, they can also ask to know about the content and origin of these data and to verify its accuracy, integration, updating or the rectification (articles 15-18, privacy regulations)
9.3. Users have the right to request the deletion, transformation into anonymous form or blocking of data processed in violation of the law, to oppose for legitimate reasons to their processing, as well as to lodge a complaint with a supervisory authority ( Guarantor Authority).
9.4. Requests to exercise the aforementioned rights must be sent to the email address “firstname.lastname@example.org”.
HOW TO EXERCISE THE RIGHTS
10.1 Users may at any time exercise their rights by sending the requests pursuant to art. 9 by e-mail to the address “email@example.com“. The e-mail must contain the name and surname of the interested party, the type of operation requested (access, rectification, cancellation, limitation, portability, opposition, etc.), any other significant information and a copy of a identity document attached.
10.2. The Company, in its capacity as Owner, will carry out the requested operation without any delay and no later than 30 days from the receiver of the request.
Moreover, the Company must inform each of the other subjects to whom the personal data have been transmitted as well as any corrections or cancellations or processing limitations that have been made.
If the Company deems that there are no conditions to accept the request, it will promptly inform the user, at the latest within 30 days, stating the reasons for which it intends not to accept the request.
11.1. The treatments explained in art. 1 do not specifically refer at minors and do not involve particular risks for them. In particular, the data acquired are not used for marketing purposes or for creating personal or user profiles.
DURATION OF TREATMENT
12.1. Once obtained anonymous statistical information about the use of the site, the navigation data are deleted from it right after their processing.
However, some technical navigation data could remain stored on computer security systems for 12 months, except for reasons of computer security.
12.2. The user may request, at any time, the Owner to terminate the processing of personal data, exercising the rights referred to in art. 9).
CHANGES TO THE INFORMATION
13.1. The Company as Owner, reserves the right to make changes to this privacy statement at any time by giving publicity to users on this page. Please, consult it often considering the date of last modification showed at the bottom. If the changes made to this privacy statement are not accepted, the user is required to stop browsing the site.
OWNER OF THE TREATMENT AND RESPONSIBLE FOR DATA PROTECTION
14.1. The Owner of this information is EUSTEMA S.p.A. in the person of its Legal Representative.
Our Office is registered in Rome at Via Carlo Mirabello nr. 7.
Indirizzo: Via Carlo Mirabello, 7 00195 Roma
Tel.: +39 06372721 +39 06374931
15.1. This information is prepared in compliance with the Legislative Decree 196/2003, by GDPR 679/16, by art. 10 of the Directive n. 95/46 / CE, as well as the provisions of Directive 2009/136 / EC regarding Cookies.
Strictly necessary cookies
These cookies are necessary for the operation of the site and cannot be deactivated in our systems. They are usually set only in response to the actions Users take that constitute a request for services, such as setting privacy preferences, accessing or filling out forms. Users can set their browser to block or have alerts about these cookies, but as a result, some parts of the site will not work. These cookies do not store personal information.
These cookies allow evaluating the number of visits and traffic sources in order to measure and improve the performance of our site. They help us to know which pages are the most and least popular and to see how visitors navigate the site. All information collected by cookies is collected anonymously.
If Users do not allow these cookies, information about their navigation on the website are not knowable and their performance can not be monitored.
These cookies allow the site to provide advanced features and customization.
They can be set by the Company or by third-party providers whose services have been added to corporate website pages.
If users do not authorize these cookies, some or all of web services may not work properly.
Cookies for targeted advertising
These cookies can be set through Eustema’s website by our advertising partners.
They can be used by these companies to build a profile of users’ interests and show them relevant ads on other sites. They do not directly store personal information, but they identify users’ browser and their internet device.
If users do not allow the use of these cookies, they will receive less targeted advertising.