Information on the processing of personal data ex art. 13-14 EU Reg. 2016/679
Dema Solution S.r.l., in its capacity as Data Controller of personal data, pursuant to and for the purposes of EU Regulation 2016/679 (hereinafter referred to as ‘GDPR’), hereby informs you that the aforementioned legislation provides for the protection of those involved with regard to the processing of personal data and that such processing will be based on principles of correctness, lawfulness, transparency and protection of your privacy and your rights.
All personal data provided, will be treated in accordance with the legislative provisions of the above mentioned legislation and the confidentiality obligations of provided for therein.
The Data Controller is DEMA SOLUTIONS S.r.l. with registered office in Via Antonio Gramsci n°10/12 20900 Monza MB – Italy – P. IVA 0399467678 – email@example.com.
The updated list of those responsible for and authorized to process data is kept at the registered office of the Data Controller. The Data Protection Officer has not been appointed.
Legal basis of the treatment
The Data Controller shall process Personal Data in the event that one of the following conditions is met:
- The User has given consent or one or multiple specific purposes;
- The processing is necessary to execute a contract and/or execute pre-contractual measures;
- The processing is necessary to fulfil a legal obligation to which the Holder is subject to;
- Processing is necessary for the completion of a task of public interest or for the exercise of official authorities the Holder is vested in;
- The processing is necessary for the pursuit of the legitimate interest of the Holder or of third parties.
However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each processing and, in particular, to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.
Purpose of processing:
All personal data voluntarily provided by users who forward to the addresses available on the site and requests for informational material or direct contact by the company, are used for the sole purpose of fulfilling the request and are communicated to third parties only if this is necessary for that purpose.
The data will be processed for the following purposes related to the execution of a contract and compliance implementation relating to legislative or contractual obligations:
- Customer management
- Translation of technical documentation, with occasional personal data content (mixed data)
- Supplier management
- Provider management
The data will be processed for the following purposes related to the legitimate interest of the owner, taking into account the reasonable expectations of the person involved based on the relationship with the owner:
- CVs received from spontaneous applications
- Social Network Contacts
- Prospect Management
The user is free to provide or not to provide any personal data that may be requested, but failure to provide such data may make it impossible to provide the services requested.
In order to analyze site traffic anonymously and for the site, browsing, the site has some “cookies”. Dema Solutions website using third part JS for collecting data (Google Analytics and Hubspot) to analyze trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base as a whole.
During your navigation on this website we acquire some data, such as the IP address of your computer and the pages of the site you visit. This data is collected exclusively to ensure that the site is functioning and navigable correctly. For this reason we do not collect any data for commercial purposes or for the identification of the user, who therefore remains anonymous.
What are Cookies?
Cookies are information exchanged between the server and your computer and allow you to create statistics on the areas of the site visited by users anonymously. The collected data is then read in aggregate form to understand the efficiency of the site and the level of browsing experience. The cookies used therefore do not contain any personal information about users. Most browsers are able to detect new cookies and to ask for their acceptance or not. If you have set your browser so as not to accept cookies, interaction with the site may be difficult.
Which cookies we use and why?
For the measurement of navigation data we use the following Google Analytics cookies
Used to distinguish users.
Used to distinguish users.
If you want more information on the content of Google cookies visit this page:
To disable Google Analytics cookies instead, visit this page: https://tools.google.com/dlpage/gaoptout
And technical cookies from HubSpot analytics.
If you want more information on the contents of HubSpot cookies visit this page:
Methods of processing:
Personal data is processed by computer, for the time strictly necessary to achieve the purposes for which it was collected.
The processing takes place according to the procedures set out in Articles. 6, 32 of the GDPR and by adopting the appropriate security measures observed to prevent data loss, illicit or incorrect use and unauthorized access to them.
In accordance with the principles of lawfulness, purpose limitation, and data minimization, pursuant to art. 5 of the GDPR, the period of retention of your personal data is established for a period of time not exceeding achievement of the purposes for which it was collected and processed for the execution and fulfillment of contractual purposes, and in compliance with the mandatory time requirements prescribed by law (10 years from the termination of the contractual relationship)
Access to data:
All personal data provided, will be processed only by personnel expressly authorized and informed by the Owner, and in particular by the following categories of employees:
- Collaborators, as persons in charge and/or internal data processors and/or system administrators
- Third-party companies or freelance professionals in charge of and/or responsible for “external” processing
- IT service providers
- Providers of administrative and accounting services
All personal data provided, will be communicated only to competent persons who are duly appointed for the completion of services necessary for proper management of the relationship, guaranteeing that the rights of the person concerned are safeguarded. Depending on the service provided, they may also be communicated to third parties duly appointed as Data processors, in particular to:
- Public and/or private individuals for whom the data communication is mandatory or necessary in the fulfillment of legal obligations or is in any case functional to the administration of the relationship (supervisory bodies, INAIL, Labour Inspectorate, insurance companies)
- Constitutional bodies or bodies of constitutional importance
- Consultants and freelancers, also in associated form
- Supervisory authority
- Professional consultants of the person involved
- Justice and police services
All personal data provided will not be disseminated in any way.
The user’s data may be transferred to third parties established in countries belonging to the European Union and, therefore, subject to the regulatory obligations set out in EU Regulation 2016/679.
User data may also be disclosed to third parties established in countries outside the European Union. The transfer guarantees are given by standard contractual clauses and by the Adequacy decision taken by the European Union, and wherever necessary, by explicit consent of the user.
Rights of the interested party (EU Reg. 2016/679: Articles 15, 16, 17, 18, 19, 20, 21, 22)
1. The interested party has the right to obtain:
- The confirmation of the existence or not of personal data concerning him, even if not yet recorded, and their communication in intelligible form.
- An indication of the origin of the personal data
- The indication of the purposes and methods of treatment
- An indication of the logic applied in the case of processing completed using electronic tools
- The indication of the identification details for the owner, managers and the representative designated according to Article 5, comma 2
- The indication of the subjects or categories of subjects to whom the personal data may be communicated to or who may gain knowledge of it or designated representative in the territory of the State, managers or agents.
- The updating, correction or, where needed, integration of the data
- The deletion, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data was collected or subsequently processed
- Data portability.
2. The interested party has the right to object, in whole or in part:
- To the processing of personal data concerning him, for legitimate reasons, even if pertinent to the purpose of the collection.
- The processing of personal data concerning him/her for the purpose of sending advertising materials or direct selling or for the performance of market or commercial communication surveys.
3. The person concerned has the right to withdraw, in whole or in part
- His consent
4. The interested party has the right to propose:
- Complaint to a Control Authority www.garanteprivacy.it.
Procedures for exercising the rights of the interested party:
The interested party may exercise the rights listed above by sending:
- Registered letter with notification of receipt to DEMA SOLUTIONS S.r.l. – Via Antonio Gramsci n°10/12 20900 Monza MB or mail at firstname.lastname@example.org.