Privacy
Data
This policy has been drafted in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (GDPR) and on the free movement of such data, and repealing Directive 95/46/EC, also known as the "General Data Protection Regulation".
Website Privacy Policy
This policy describes the management methods of the "http://www.ferroli.com/int" Website with reference to the processing of the personal data of the Users who consult it and to those who interact with the web services accessible electronically from the http://www.ferroli.com/int address, corresponding to the “international” home page of the Company's official website, or via APP. All these subjects assume the quality of "data subjects" in the processing of personal data.
This information is provided only for the http://www.ferroli.com/int site and not for other websites that may be consulted by the user via links.
Following consultation of this site, data relating to identified or identifiable persons may be processed.
Definitions
In order to facilitate the understanding of this Policy, the following definitions are given (art. 4 of the Regulation):
"processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, the comparison or interconnection, restriction, erasure or destruction;
"personal data" means any information relating to an identified or identifiable natural person ("Data Subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
"special categories of personal data" means personal data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data for the purpose of uniquely identifying a natural person, data relating to health or to a person's sex life or sexual orientation.
"controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data;
"data processor": the natural or legal person, public authority, agency or other body that processes personal data on behalf of the Data Controller.
Data Controller
The Data Controller of the personal data relating to users is Ferroli S.p.A., with registered office in San Bonifacio (VR), via Ritonda 78/a, CAP 37047, Tel. +39 045 6139411, E-mail privacy@ferroli.com, PEC ferroli@legalmail,it, hereinafter the Data Controller.
Data Protection Officer
The Data Controller has appointed a "Data Protection Officer" (hereinafter DPO) pursuant to art. 36, 37 and 38 of the Regulation, which can be contacted for any information and request at the e-mail address info@ambroservizi.it or at the PEC address ambrostudioservizi@pec.it
Data subject to processing
The optional, explicit and voluntary sending of personal data - also by e-mail to the addresses indicated or in the registration forms on this site or through the APPs - involves the subsequent and necessary acquisition of the sender's address and the data provided by him/her, as well as any other data included in the message, in order to respond to requests.
Among the personal data collected by this Website, independently or through third parties, there are also usage or navigation data and tracking tools such as cookies, for which please refer to the Cookie Policy.
However, it should be noted from the outset that the usage or navigation data are, by way of example: the pages visited, the actions performed, the URI (acronym for "Uniform Resource Identifier") addresses of the resources requested, the time of the request, the duration of the sessions, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment. This data is collected automatically during your visit to the Website thanks to Internet communication protocols. These data may be used in order to obtain anonymous statistical information on the use of the Website, to check its correct functioning and, if necessary, to ascertain responsibility in the event of hypothetical computer crimes against the Website itself.
The User assumes responsibility for the personal data of third parties obtained, published or shared through this Website and guarantees that he/she has the right to communicate or disseminate them, freeing the Data Controller from any liability towards third parties.
Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services on request.
Legal basis of the processing
The Data Controller processes the User's personal data in the event that one of the following conditions exists:
if the User has spontaneously and unequivocally given consent for one or more specific purposes, with particular reference to marketing, statistical and possibly profiling purposes (study and analysis of the User's preferences);
if the processing is necessary for the performance of a contract with you and/or for the execution of pre-contractual measures, taken at your request;
if the processing is necessary to comply with a legal obligation, to which the Data Controller is subject;
if the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties, with particular reference to the protection and security of the website, the provision of specific services at the request of the data subject, the prevention of fraud and other unlawful conduct and the right of the Data Controller to act and defend itself in any out-of-court and judicial disputes.
It is always possible to request the Data Controller to clarify the concrete legal basis of each processing and to specify it.
Purpose
Any personal data provided by the user are used for purposes related to the execution of the service or performance requested, including through APP, as well as, if the conditions are met, to comply with legal and contractual obligations, to protect the rights and interests of the Data Controller or those of Users or third parties and, also, to identify any malicious or fraudulent activities.
The User's data is also collected for the purposes of displaying content from external platforms, statistics and tag management. For these purposes, please refer to the Cookie Policy.
No data is communicated except to perform the service or performance requested.
Nature of the provision of data
Unless otherwise specified, the data requested in the contact forms are mandatory and, in this case, if the User refuses to communicate them, it may be impossible for the Data Controller to provide the service requested by the User. On the other hand, in the event that the Data Controller indicates some data as optional, Users are totally free not to provide them without this having any consequence on the availability of the service or its operation.
Users, who have doubts about which data are mandatory, can always contact the Data Controller by sending an e-mail to info@ambroservizi.it.
Categories of subjects to whom the data may be communicated
As a rule, the data controller does not and does not intend to communicate data to third parties. While always respecting the principles of lawfulness, fairness and transparency of processing, if the transfer of data is necessary in one of the cases referred to in art. 6 of the Regulation, the Data Controller will be responsible for informing the User of the reasons and purposes that determined the need for such communication.
In this case, personal data may be transmitted to third parties, but only and exclusively in the event that:
there is explicit consent to share data with third parties;
there is a need to share information with third parties in order to provide the requested service;
this is necessary to comply with requests from the Judicial Authority or Public Security.
No data deriving from web services is disseminated.
Place of processing
The processing related to the web services of this site and e-mail takes place both at the headquarters of the Data Controller and is carried out by personnel specifically authorized to process it, and at the company which takes care of the hosting service on behalf of the Data Controller, or by any third-party suppliers in charge of occasional maintenance operations.
To obtain further information on the place of processing, the User can always contact the Data Controller.
Whether your personal data is transferred abroad
The Data Controller does not transfer, nor does it intend to transfer personal data to recipients in third countries or to international organizations.
Processing methods and data retention period
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. In particular, personal data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is satisfied.
The User can always contact the Data Controller to obtain all the information regarding the legitimate interest pursued by the Data Controller, especially with reference to the maximum storage times of the data collected and used for marketing purposes and possibly profiling.
Specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorized access.
Rights of the data subjects
The interested party may assert the rights referred to in art. 15-21 of the Regulations, namely:
access to data;
correction of data;
erasure of data ("right to be forgotten");
restriction of data processing;
data portability;
objection to processing.
The User also has the right to revoke at any time the consent previously expressed to the processing of his or her personal data, without prejudice to the lawfulness of the processing based on consent before the withdrawal.
Since the Data Controller has designated a DPO, your rights may be exercised by sending an e-mail or certified email to that person, precisely to the following addresses:
e-mail: info@ambroservizi.it;
PEC: ambrostudioservizi@pec.it.
Complaint to the Privacy Guarantor
The User, as a data subject, has the right to lodge a complaint with the Italian Guarantor for the protection of personal data, also according to the methods and forms provided on the Guarantor Website, in particular at the following URL: https://www.garanteprivacy.it/home/docweb/-/docweb-display/docweb/4535524.
Anonymous or aggregated data
Anonymization is a processing that has the purpose of preventing the identification of the data subject. Anonymized data does not fall within the scope of data protection legislation. We collect, process, and share aggregated data such as statistical or demographic data for a variety of purposes. Aggregated data may derive from personal data provided by the User, but are not considered personal data as, as specified, they do not allow either directly or indirectly the identification of the data subject. Such data will also be used in order to improve the quality of the products/services offered by the Data Controller, to develop new features, as well as for additional general research purposes (e.g.: in order to verify the frequency with which a certain product or service is used; to calculate the percentage of users who access a specific function of the Website; etc.). Since these data do not allow the identification of a natural person and are not considered personal, they will be shared with other third parties, companies or subsidiaries and