Privacy and Cookie Policy
Dear User, This notice describes, pursuant to and in accordance with Art. 13 of EU Regulation 679/2016 (General Data Protection Regulation, hereinafter GDPR), the ways in which Endotec Srl – as Data Controller – processes the data provided by the User through the website www.endotec.it.
The processing of personal data will be based on the principles of lawfulness, transparency, fairness and protection of the confidentiality and rights of the User, always in accordance with national and European legislation currently in force.
Data controller
Pursuant to Articles 4 and 24 of the GDPR, the Data Controller is Endotec Srl, Via Giuseppe De Nava, 40/B 89123 Reggio di Calabria.
Email address: info@endotec.it
Phone: 0965 1892204
Type of data collected
The personal data subject to processing are those provided by the User and those that, eventually, will be acquired in the course of the relationship between Endotec Srl and the same User.
Specifically, the data processed through the website www.endotec.it are as follows:
- navigation data. The computer systems and software procedures used to operate this website may acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols. This category of data could include the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given to the server (successful, error, etc.) and other parameters related to the user’s operating system and computer environment. This data is used for the sole purpose of receiving anonymous statistical information about the use of the site and to check its proper functioning and is deleted immediately after processing;
- data provided directly by the User through the “Ask the Expert” section (first name, last name, email address, telephone and province of residence and any other data voluntarily provided in the “question” area). This data is used solely to enable the Owner to provide an answer to the specific question posed by the User;
- Data provided directly by the User through the “Contact” section. In addition to the data collected as a result of the User sending a missive via e-mail to the e-mail addresses indicated on the site in order to receive information or request a specific service, through the specific form are captured: first name, last name, email, telephone, municipality, province and any other data that the User enters in the
“message.” This data is used solely for the purpose of fulfilling the User’s requests;
- personal data, including “special”, contained in cv ‘s that should be received at the email addresses indicated in the “Contact” section on the site. In such a case, the Controller-in accordance with the provisions and guidelines of the Guarantor-will provide information on the processing of the data contained in the resume at the time of the first useful contact with the candidate.
The data processed through the website www.endotec.it are as follows:
(a) browsing data;
- Email address provided by the User to execute thenewsletter subscription. By registering for the mailing list or newsletter, the User’s email address is automatically included in a list of contacts to whom email messages containing information, including of a commercial and promotional nature, relating to Endotec Srl may be sent. The User’s email address may also be added to this list as a result of registering on the website or by making a purchase, after requesting express consent through appropriate flag.
- Data provided directly by the User following registration on the website (Login). In this case, the data acquired by the Holder are: email, address, city, vat number, province, telephone and any other data spontaneously provided through the “message” section. This is data collected for the purpose of enabling the User’s registration to the website and use of the online goods sales service. No banking or other data necessary to finalize the payment is collected through this section;
- data provided directly by the User through the “Contact Us” section, namely email and any other data provided in the “attachment” and “message” sections. By filling out the contact form with their data, the User consents to their use to respond to requests for information, quotes or any other nature indicated by the header of the form;
- Personal data, including “special” data, contained in cv ‘s possibly sent by the User to the email addresses indicated on the site.
Purpose and legal basis for processing
The data provided will be processed in accordance with the conditions of lawfulness under Article 6 of the GDPR for the following purposes:
- to execute the User’s requests and respond to questions formulated through the “Ask the Expert” and “Contact Us” sections active on the websites or through the email addresses indicated in the footer of the website and in the “Contact Us” section. In this case, the processing of collected and stored data has as its legal basis the legitimate interest of the Data Controller (Article 6(f) of the GDPR) to be more efficient, to give information about the services offered, and to improve and develop new products and services;
- To execute all contractual and pre-contractual measures taken at the request of the User concerned, as well as all related operational and management needs. The legal basis in this case is the need to give effect to the contract to which the User concerned is a party or to give effect to pre-contractual measures (Article 6(b) of the GDPR);
- To comply with legal obligations to which the Data Controller is subject. In the latter case, the legal basis is the need to fulfill legal obligations that require the Controller to collect and/or further process certain types of personal data (Article 6(c) of the GDPR);
- processing of data contained in CVs received is lawful insofar as it is necessary to give effect to pre-contractual measures (Article 6(b) GDPR) taken at the request of the data subject. The processing of “special” data is lawful on the basis of the Garante’s June 5, 2019 Order supplementing and amending General Authorization No. 1/2016.
Nature of provision of data
With the exception of navigation data, which are necessary to give effect to computer and telematic protocols, the provision of personal data by Users is free and optional. However, with specific regard to the provision of personal data marked with an asterisk (*), failure to provide the same will result in the impossibility for the User to send the request and/or take advantage of the desired service. Providing additional data, however, is purely optional.
Processing that requires the express consent of the User
With the express consent of the User, personal data may be processed by the Owner for commercial and promotional purposes. Should the User give consent, therefore, they may receive commercial communications, including through automated contact tools (newsletters).
Place of processing
Data are processed at the registered and operational offices of the Data Controller, at any other location where the parties involved in the processing are located, and at the host servers under the responsibility of the bandwidth and domain providers. For more information, contact the Holder.
Method of treatment
The Controller performs the necessary processing in obedience to national privacy regulations, as well as in compliance with the GDPR. Personal data will be processed using both paper and automated and telematic methods and logics strictly related to the above purposes, ensuring the use of appropriate measures for data security and guaranteeing data confidentiality.
The Data Controller will process personal data in accordance with current security provisions in order to minimize the risks of destruction and loss, including accidental loss, of data; unauthorized access; processing that is not permitted or not in accordance with the purposes for which the data were collected; and unlawful or incorrect use of the data.
Data retention
The data are and/or will be processed for the time strictly necessary for the execution of the User’s requests or – in general – to achieve the purpose for which they were collected. They will, in addition, be kept for the duration of the business, contractual relationship and also thereafter for the fulfillment of legal obligations and/or for administrative, commercial, tax purposes. Data collected for marketing purposes will be kept for up to 24 months from the date of last contact. In any case, the User will always be able to request the interruption of the processing or the deletion of the data.
At the end of the retention period, personal data will be deleted. Therefore, upon the expiration of this period, the right of access, deletion, rectification and the right to data portability can no longer be exercised.
Communication and outreach
The User’s data will not be disseminated, disclosed or made known to unspecified parties in any way, including by making them available.
For purposes related to the provision of the requested service, the data themselves may be communicated and/or made available to the following entities:
- Subjects authorized to process data, always according to the instructions given by the Owner;
- Subjects who have the right to access the data by virtue of provisions of the law, regulation or European legislation, within the limits and for the purposes provided for by these rules;
- other service-providing companies, as duly appointed autonomous data controllers or data processors;
- Banks, Credit Institutions, Debt Collection Companies, Insurance Agencies.
Data Transfer
You are informed that your personal data will not be transferred abroad to countries outside the EU that do not ensure adequate levels of personal data protection. In case this is necessary to provide the User with services or to conclude a contract, we assure that the transfer of personal data to non-EU countries that do not ensure an adequate level of protection will be performed in compliance with Articles 44 et seq. of EU Regulation 679/2016.
Google Analytics (Google LLC)
Google Analytics is a web analytics service provided by Google LLC (Google). Google uses the personal data collected for the purpose of tracking and examining website usage, compiling reports, and sharing them with other services developed by Google. Google may use personal data to contextualize and personalize ads in its ad network.
Personal data collected: cookies; usage data.
Place of processing: United States; Privacy Shield party.
Social Media
These websites use social media for the purpose of communicating content related to their services.
Third-party sites that can be accessed are not covered by this policy. To review the Privacy Policies of these social media, the User is invited to visit the pages:
Facebook: https://facebook.com/about/privacy
Pinterest: https://policy.pinterest.com/it/privacy-policy Twitter:
https://www.translatetheweb.com/?from=en&to=it&ref=SERP&dl=it&rr=UC&a=https%3a%2f%2ftwitter.com%2fit%
2fprivacy
Google+: https://policies.google.com/privacy?hl=it
YouTube: https://policies.google.com/privacy?gl=IT&hl=it
LinkedIn : https://www.linkedin.com/legal/privacy-policy
Instagram: https://help.instagram.com/402411646841720
User Rights
Pursuant to Articles 15 et seq. of EU Regulation 679/2016, the User – with reference to the data processed by the Controller – has the right to:
- Revoke at any time the previously expressed consent to the processing of their data;
- access the data processed by the Data Controller, obtain information about certain aspects of the processing, and receive a copy of the processed data (GDPR Article 15, Right of Access);
- verify the accuracy of their data and request their update or rectification (Article 16 of the GDPR, right to rectification);
- Obtain the deletion or removal of one’s personal data by the Data Controller (Article 17 of the GDPR, right to erasure);
- obtain the restriction of the processing of one’s own data when certain conditions are met (Article 18 of the GDPR, right to restriction of processing);
- to receive their data in a structured, commonly used, machine-readable format and, where technically feasible, to have it transferred unhindered to another Data Controller (GDPR Article 20, right to portability);
- object to the processing of their data when it is done on a legal basis other than consent (Article 21 of the GDPR, right to object). When personal data are processed in the public interest, in the exercise of public authority vested in the Data Controller or in pursuit of a legitimate interest of the Data Controller, the User has the right to object to the processing on grounds related to his or her particular situation;
- Propose a complaint to the competent data protection supervisory authority (for Italy, Garante per la privacy, https://www.garanteprivacy.it/) or take legal action if you believe that the processing of your personal data is contrary to the regulations in force.
To exercise the aforementioned rights, the User may address a request to the contact details of the Owner indicated in this document. Requests are filed free of charge and processed by the Holder as quickly as possible, in any case within one month.
Cookie Policy
This website makes use of Cookies. To learn more and to view the detailed policy, the User may consult the Cookie Policy.
Updates and changes to this Privacy Policy
This policy is a document that is constantly being updated: the Data Controller reserves the right to make changes at any time, including in consideration of changes in the laws or regulations that govern this matter and protect the rights of the User. The changes will apply from the date of publication on the websites. Therefore, the User is encouraged to consult this section regularly to check the publication of the most up-to-date Privacy Policy.