10 March 2021

Privacy EN

Privacy

Information and request for consent for the processing of personal data

 

Introduction

Dear User, on this page you will find information on how your personal data is processed through our website www.isaxis.com (hereinafter the “Site“).
This information is intended to inform users about the methods of processing personal data concerning them.
ISAXIS SPA, in compliance with the Legislative Decree 196/2003 (hereinafter “Privacy Code”) and EU General Data Protection Regulation 2016/679 (hereinafter “Regulation” or “GDPR”), intends to guarantee the privacy and security of the personal data of each visitor in accordance with the provisions of this Notice.

The data controller is ISAXIS SPA, with registered office in Via San Gennaro 28, 60027, Osimo (AN).

Our goal is to provide all the information necessary to make navigation within our site transparent and safe. It is therefore important to carefully read the contents of this document and in case of non-agreement, we recommend that you do not continue browsing.

Data Protection Officer

The ISAXIS SPA Data Protection Officer, who is the person in charge of monitoring compliance with the Regulation, is available to respond to your requests on how we process your data and can be contacted at the ISAXIS SPA headquarters.

Type of data processed and need for processing

The website offers informative and, sometimes, interactive content. While browsing the ISAXIS SPA site, it will be able to acquire information about the visitor, in the following ways:

  • Navigation data
    The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes: IP addresses, the type of browser used, the operating system, the domain name and the addresses of websites from which access was made, information on the pages visited by users within of the site, the access time, the stay on the single page, the analysis of the internal path and other parameters relating to the operating system and the user’s IT environment.
  • Additional categories of data
    This is all personal data provided by the visitor through the site, for example, by writing to an ISAXIS SPA e-mail address to request information.

Communication and diffusion

Your data may be communicated, meaning by this term the disclosure of it to one or more specific subjects, by the writer outside the company to implement all the necessary legal and / or contractual obligations. In particular, your data may be disclosed to:

  1. other parent companies, subsidiaries and associates;
  2. Public bodies or offices or supervisory authorities according to legal and / or contractual obligations.

Your data may be communicated by the writer in the following terms:

  • to subjects who can access the data by virtue of the provision of law, regulation or community legislation, within the limits set by these rules;
  • to subjects who need to access your data for purposes auxiliary to the relationship between you and ISAXIS SPA, within the limits strictly necessary to carry out the auxiliary tasks;
  • to our consultants and / or professionals, within the limits necessary to carry out their assignment at our or their organization, subject to our letter of appointment which imposes the duty of confidentiality and security.

ISAXIS SPA will not indiscriminately disclose your data, or in other words, will not disclose it to undetermined subjects, even by making it available or consulting.

Purpose of the processing

The processing of the categories of personal data referred to in the above list is carried out by the Company, in carrying out its economic and commercial activities, for specific purposes, as better described below.

  1. Contractual and legal purposes
  2. Allow correct navigation on the Site.
  3. Detect your experience of use of our platforms, products and services we offer and ensure the proper functioning of the web pages and their contents.
  4. Carry out profiling activities, i.e., analysis and processing of information relating to the users, their preferences, habits and / or browsing experiences. This activity is also carried out through the use of technologies such as cookies.
  5. Provide the goods and / or service requested by the user, manage user, customer and supplier data, carry out the related administrative, accounting, tax and legal obligations, as well as fulfil the requests made by the user.
  6. Navigation Data: information recorded by ISAXIS SPA’s IT systems during the normal activity of providing its services. This category of data includes, for example, all information relating to internet communication protocols, IP addresses and access logs to ISAXIS SPA computer systems.
  7. Management of any complaints and requests for sending service communications and updates, both through traditional communication tools such as paper mail and through remote communication tools, such as email, chat, telephone, SMS, chatbot, banners, notification systems and other remote communication tools;
  8. Fulfilment of obligations deriving from current law, regulations or community legislation (i.e., tax and accounting obligations) or management and response to requests from the competent administrative and tax authorities as well as from the judicial authority.

The purposes listed above are jointly defined as the “Contractual and Legal Purposes” and the express consent of the interested party is not required. The provision of personal data for the aforementioned purposes is necessary and mandatory so that, in case of refusal, we will not be able to proceed with the relative provision of the requested services.

Circulation of data

With your consent, your data may be disclosed to third-party companies with which ISAXIS SPA may conclude partnership agreements: social networking platforms and interactive platforms, also for commercial and / or promotional purposes.

Data transfer outside the EU

The data you provide will only be processed in Italy. Pursuant to art. 43 of the Privacy Code and art. 44 of the GDPR, ISAXIS SPA may transfer your personal data to third parties located in countries not belonging to the European Union or the European Economic Area. In this circumstance, ISAXIS SPA ensures the adoption of adequate guarantees (such as the signing of standard contractual clauses approved by the EU Commission) with the foreign company receiving the data; these clauses guarantee a level of data protection corresponding to that established by European legislation.

Methods of data processing

The processing of personal data is carried out mainly using electronic procedures and supports (DB, etc.) for the time strictly necessary to achieve the purposes for which the data were collected and, in any case, in compliance with the principles of lawfulness, correctness, not excess and relevance provided for by current privacy legislation. The processing of personal data takes place using manual, paper, IT and telematic tools with logic strictly related to the purposes specified in the privacy policy and in any case in order to guarantee the security and confidentiality of the data. ISAXIS SPA, internally, entrusts the processing of personal data only to formally authorized persons who have received specific instructions and training and who have undertaken to treat the data confidentially.

Link to / from third party sites

From this website it is possible to connect, through specific links, to other ISAXIS SPA websites or it is possible from third party websites to connect to our website.

The Data Controller declines any responsibility for any request and / or release of personal data to third party sites and for the management of authentication credentials provided by third parties.

Data retention

The Data are processed and stored for the time required by the purposes for which they were collected. Therefore:

  • Personal Data collected for purposes related to the execution of a contract between the Owner and the User will be retained until the execution of this contract is completed.
  • Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until this interest is satisfied. The User can obtain further information regarding the legitimate interest pursued by the Owner in the relevant sections of this document or by contacting the Owner.
  • When the processing is based on the User’s consent, the Data Controller can keep the Personal Data longer until such consent is revoked. Furthermore, the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority.

At the end of the retention period Personal Data will be deleted. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.

We inform you that the data relating to the navigation logs, if registered, will be kept by the Data Controller for a period of 2 months. We also inform you that the data you provide will be processed for the entire duration of the collaboration and / or commercial relationship between us and further stored exclusively for the period provided for the fulfilment of legal obligations, unless it is necessary to keep them further to defend or assert a right or to fulfil any further legal obligations or orders of the Authorities.

Rights of interested parties

The subjects to whom the aforementioned personal data refer (so-called “interested parties”), have the right to exercise their rights in the manner and within the limits established by current privacy legislation.

In relation to the processing of your personal data, you have the right to ask ISAXIS SPA:

  • access: you can ask for confirmation as to whether or not data concerning you are being processed, as well as further clarifications about the information referred to in this Notice, as well as to receive the data, within the limits of reasonableness;
  • rectification: you can ask to rectify or supplement the data you have provided or in any case in our possession, if inaccurate;
  • cancellation: you can request that your data acquired or processed by ISAXIS SPA be deleted, if they are no longer necessary for our purposes or where there are no disputes or disputes in place, in case of revocation of consent or its opposition to processing, in case of unlawful processing, or if there is a legal obligation of cancellation;
  • limitation: you can request the limitation of the processing of your personal data, when one of the conditions referred to in art. 18 of the GDPR; in this case, your data will not be processed, except for storage, without your consent except as specified in the same article in paragraph 2.
  • opposition: you can oppose the processing of your data at any time on the basis of our legitimate interest, unless there are legitimate reasons for proceeding with the processing that prevail over yours, for example for the exercise or our defence in judicial seat; your opposition will always and in any case prevail over our legitimate interest in processing your data for other purposes;

Furthermore, pursuant to art. 7, par. 3, GDPR, we inform you that you can exercise your right to withdraw your consent at any time, without affecting the lawfulness of the treatment based on the consent given previously. Finally, we inform you that you have the right to lodge a complaint with the Supervisory Authority, which in Italy is the Guarantor for the Protection of Personal Data.

To exercise these rights, report problems or ask for clarification on the processing of your personal data, you can send an email to info@isaxis.com

We also inform you that you can also forward your requests by post, by writing to the Data Controller, ISAXIS SPA, based in Via San Gennaro 28, Osimo (AN) – Italy, specifying the subject of the request. When contacting us, the interested party must make sure to include their name, email / postal address and / or telephone number (s), to be sure that the communication can be handled correctly.

Right to be forgotten

We inform you that this Notice exclusively concerns the processing of personal data that you have provided or will provide to ISAXIS SPA and those that ISAXIS SPA will eventually acquire during this collaboration and / or commercial relationship and / or further relationships between you and us.

If, on the other hand, you would like to assert the right to be forgotten with reference to your personal data that may be contained in the pages of the site, we remind you that the Data Controller is ISAXIS SPA, to which you can contact, for the purpose of exercising this right to referred to in art. 17 of the GDPR, by writing to the Data Controller based in Via San Gennaro, 28 – 60027 OSIMO (AN), or by sending an email to the email address info@isaxis.com. When contacting us, the interested party must make sure to include their name, email / postal address and / or telephone number(s), to be sure that the communication can be handled correctly.

Roles and responsibilities in the privacy field

Your personal data are processed as Data Controller by:

ISAXIS SPA
Via San Gennaro, 28
60027 OSIMO (ANCONA)

Communications must be sent to this address by registered letter.

More detailed information on the names of the data processors can be requested by sending an email to the following address: info@isaxis.com. When contacting us, the interested party must make sure to include their name, email / postal address and / or telephone number(s), to be sure that the communication can be managed correctly. For any dispute that may arise regarding access or use of the site, or in relation to the download or use of the material sent, or for any other reason, between the user and the owner of the site or other subjects who have collaborated, collaborate or will collaborate in the creation and management of the same, the user accepts the jurisdiction of the Italian State and, in any case, the application of Italian law regardless of his domicile or headquarters. The competent court is that of ANCONA.

Changes to the information

The possible entry into force of new sector regulations, as well as the constant examination and updating of user services, may result in the need to change the methods and terms described in this Notice. It is therefore possible that this document may undergo changes over time. We therefore invite you to periodically consult this page.

We will publish any changes to this Notice on this page and, if the changes are relevant, we will notify you with a more visible notification.

The previous versions of this information will, in any case, be archived to allow consultation.