This page describes how to manage the site in reference to the processing of personal data of users who consult it. This is an information that is made – pursuant to art. 13 of EU Regulation 679/2016 on the processing of personal data (henceforth EU REGULATION) to those who interact with the web services of ROSSS SPA, accessible electronically from the address: www.rosss.it.
PROCESSING OF PERSONAL DATA
Processing of personal data means any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, even if not recorded in a database, such as collection, registration, the organisation, structuring, preservation, processing, selection, blocking, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction.
ROSSS SPA is the responsable party, provided voluntarily and processed on the website
Located: Viale Kennedy, 97, 50038 Scarperia e San Piero Firenze (FI) – Italy
Phone +39 055 84001 – Fax +39 055 8400300
IT systems and software procedures for the operation of this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of computers used by users who connect to the site, and other parameters related to the operating system and computer environment of the user.
The data, collected in this way, could be used to ascertain responsibility in case of any computer crimes against the site.
Data provided directly by the user
The optional, explicit and voluntary sending of data as requested by various sections of this site are used in order to give course to user requests (indicative and non-exhaustive example: request for information on company products)’.
PURPOSE FOR PROCESSING YOUR DATA
The personal data supplied to us are processed for the following purposes:
- deal with your requests for information and visits
- manage business relations
- get in contact with you through email
- business communications by post or email to apprise you of our products and services, sales and promotions, provided that you have consented to them ;
- provide online support to address your requests for technical assistance or information;
If you are a job candidate, your data can be processed in order to:
- carry out personnel recruitment procedures;
- apprise you of the job vacancies that arise in our organisation ;
- request job references from people or companies to which you have rendered your services;
- when applicable, to hire you as an employee
LEGAL BASIS AND PURPOSE OF PROCESSING
- Essential data for contractual performance
ROSSS SPA can legitimately process your data for the purpose of the fulfillment of orders, the provision of the agreed services and the sending of the information required for the execution of the relevant contract.
- Promotional, commercial and marketing purposes
ROSSS SPA may legitimately send commercial communications relating to products, services, offers and promotions, provided that the user has expressed the appropriate consent.
The processing of personal identifying data will be based on the principles of correctness, lawfulness, transparency and protection of confidentiality.
The processing of data will mainly be carried out with the help of electronic or automated tools, in the manner and with the appropriate means to ensure the security and confidentiality of the data, in accordance with the provisions of the EU Regulation. In particular, all technical, IT, organisational, logistical and procedural security measures will be adopted, so that the data protection required by law is guaranteed, allowing access only to persons in charge of the processing by the Data Controller or the designated persons in charge.
DATA’S CONSERVATION PERIOD
If you request information about our products and services, your data will be stored for the time necessary to provide the answer to this request.
In case of a request for technical assistance or on-line information, the data will be stored for the fulfillment of the request, for the management of commercial relations and for the fulfilment of legal obligations.
If you have commercial relations with ROSSS SPA, the data provided in this context will be kept for the duration of the business relationship or in any case for the years necessary to fulfil the current accounting and tax obligations.
If you have given your consent to receive advertising by traditional or electronic mail, your data will be stored until the moment you decide not to communicate the cancellation from this service or to exercise the right of cancellation of personal data.
For applicants for a job, the data provided for this purpose will be kept until such a job has been assigned
The personal data provided, for the purposes described may be brought to the knowledge of or communicated to the following parties :
- employees and/or collaborators of ROSSS SPA authorized to process data;
- companies or consultants responsible for installing, maintaining, updating and, in general, managing the hardware and software of ROSSS SPA;
- companies entrusted by ROSSS SPA with sending online communications
to all those public and/or private entities, natural and/or legal persons (legal, administrative and tax consultancy firms), if the communication is necessary or functional to the proper fulfilment of the contractual obligations assumed in relation to the services provided through the Site, as well as obligations arising from the law
- to all those persons (including public authorities) who have access to the data by virtue of regulatory or administrative measures.
The personal data will NOT be transferred in any case to third parties for purposes other than those for which they have been specifically authorized. Except for (e.g. security requirements by P.S. Authorities, etc. ) specifically indicated by the EU Regulation .
THE PROVISION OF DATA
The provision of personal data by users is absolutely optional, however any refusal to include them in the page dedicated to registration for the purposes of providing the service, makes it impossible to use the services offered within the website.
TRASFERRING DATA OVERSEAS
The Data Controller may use services offered by third-party companies, which will process your data as data processors and in accordance with the instructions given to them by the Data Controller. It is possible that some of the processing carried out by the data processors takes place outside the territory of the European Union. In these cases, the Data Controller uses legal instruments to ensure adequate protection of your personal data (e.g. by requiring such counterparties to enter into specific contractual clauses or by complying with other specific protection standards proposed or suggested by the European Union and the Data Protection Authority).
RIGHT OF THE DATA SUBJECT
We inform you that as a data subject you may report any use of the data not considered correct or unjustified; may lodge a complaint with the Guarantor Authority for the Protection of Personal Data and finally may assert the rights listed below by sending a request to the Data Controller.
You can exercise the following rights at any time:
to know whether the holder holds and processes personal data relating to his person and to access it in full also by obtaining a copy ( rule 15 Right of Access) rectification of inaccurate personal data or integration of incomplete personal data ( Art. 16 Right of Rectification) deletion of personal data held by the Data Controller if one of the reasons provided for by the Regulation (Right to Deletion, 17);
- request the Data Controller to limit the processing only to certain personal data, if there is one of the reasons provided by the Regulation (Art. 18 Right to restriction of processing)
- request and receive all your personal data processed by the owner, in a structured, commonly used and machine-readable format or request transmission to another owner without hindrance (Art. 20, Right to Portability);
- oppose totally or partially to the processing of data for the purpose of sending advertising material and market research (c.d. Consent) (art. 21 Right to object)
- oppose totally or partially to the processing of data in automatic or semi-automatic mode for profiling purposes (c.d. Consent)
The use of session cookies is strictly functional to the optimization of the use of the site, and therefore exclusively to ensure the best navigation within the site itself.
Other sites to which this site may possibly “link” may contain tracking systems to which the owner of the site is foreign. It is not guaranteed that these external sites are equipped with appropriate security systems aimed at protecting the data processed and to prevent damage (e.g. computer viruses).
SITE’S SECURITY MEASURES
Specific security measures have been adopted for the management of the site, aimed at ensuring safe access and protecting the information contained in the same site from risks of loss or destruction, even accidental. The antivirus software used in the management of the site is updated daily. Furthermore, ROSSS SPA, while ensuring the adoption of special Antivirus systems, reminds that, in addition to being a legal obligation, it is appropriate for the user to equip his workstation with a system of prevention and scanning against the attack