Updated September 2018
This describes how the website is managed in terms of processing of Personal Data of users consulting it.
NOTE: If the user is a minor (under 18), a parent or guardian must read the conditions listed here and approve them before starting to use the Website and its services.
The information notice, pursuant to articles 13 and 14 of GDPR, refers to this website only and not to any other website which the user may consult by following links.
DATA CONTROLLER
The Data Controller is Vitrablok S.r.o. which may be contacted at the addresses shown on this information notice, where one may ask for information about the People in Charge of Processing appointed by the Controller and the Co-Controllers.
Co-Controllers of the processing are associated (holding and subsidiary) companies and partners who share in managing the services delivered through the website and in satisfying requests by the data subjects, as well as in providing information and delivering commercial communications.
KINDS OF DATA PROCESSED
Following the consultation of this website, data may be processed which concerns people who are identified or may be identified.
Navigation data
The information systems and software procedures for operating this Website, during their ordinary operation, acquire some personal data, transmission of which is implicit in the use of Internet communications protocols.
This is information which has not been collected in order to be associated with identified data subjects, but which by its very nature, through processing and association with data held by third parties, could allow identification of users.
This data category includes IP addresses or name dominions of computers used by users connecting to the Website, addresses in URI (Uniform Resource Identifier) notation of the requested resources, time of request, method used to submit the request to the server, size of the file obtained in reply, numerical code indicating the state of the reply given by the server (successful, error, etc.) and other parameters referring to the operating system and IT environment of the user.
These data are used only to collect anonymous statistical information about use of the Websites and to check their proper operation. The data could be used to ascertain liability only in case of hypothetical computer crimes against the website and only in such case could specific procedures to identify the author be undertaken.
The LEGAL GROUNDS FOR PROCESSING these data are the legitimate interest of the controllers in security of the data and proper operation of the website.
Personal data
These are all the personal data which the visitor provides through the website, for example, by writing to an email address shown in the contact area in order to ask for information and/or ask for commercial information and/or register in a reserved area, etc.
The LEGAL GROUNDS FOR PROCESSING these data come from the fact that this processing is necessary to satisfy requests and/or fulfil contract obligations.
PROVISION OF THE DATA
Apart from what has been specified for navigation data, the user is free to provide the personal data requested during navigation in order to submit his own requests to the Company, ask for delivery of information material or other communications. Failure to provide such data may make it impossible to obtain what has been requested.
Data provided voluntarily by the user
The first time the user enters the website, he will see an information banner with a link to this document. Specific cookies (see below) register his decision to continue navigation.
The optional, explicit and voluntary sending of email messages to the addresses shown on this website implies that the address of the personal writing will be acquired, being necessary to answer his request, and any other personal data which may be included in the message will be acquired and – except in case of other needs duly notified – will be kept for the time needed to satisfy the requests.
One should bear in mind that the regulation calls for special precautions for specific categories of data (such as: personal data which can reveal the racial or ethnic origin, religious or philosophical beliefs, as well as when processing genetic data, biometric data which can uniquely identify a physical person, data concerning health or sex life or sexual orientation of a person). Therefore the user is invited not to include information falling into these categories in his first request for contact , since without specific consent, it might be impossible to fulfil the request of the data subject.
Should the website contain pages set up for special services on demand or which allow acquisition of personal data, another link will be provided to this information notice and – if necessary – the user will be asked for consent and/or will be provided with specific information referring to the services present on such page.
MANNER OF DATA PROCESSING AND PEOPLE IN CHARGE OF PROCESSING
The personal data are processed using automatic tools for the time strictly needed to achieve the purposes for which they were collected. Processing consequent to the services of this website is handled by staff appointed by the Data Controller and by outside parties, called People in Charge, appointed by the technical and maintenance management of the website and its information systems. Specific security measures will be employed to prevent loss of data, illicit or improper use and unauthorised access.
No data coming from the web service will be disseminated.
The personal data provided by users delivering questions to the Company or requests for information material are used only to perform the service requested and will be communicated to third parties only should it be necessary for such purpose.
Data processing consequent to a request for a contact. Subscribing to the newsletter service
Personal data conferred spontaneously by the data subject through the contact area where one can also subscribe to the newsletter service:
It should be remembered that fields marked with an asterisk (*) are obligatory: lacking such data, it will not be possible to satisfy the requests or answer the requests of the data subject.
DATA RETENTION
The data communicated – unless the data subject duly demands otherwise – will be retained for the time needed to satisfy the requests of the data subject and fulfil legal obligations.
In case of registration in certain sections of the website or with some services, the data will be kept until cancellation of the registration. After this, retention will continue only if provided for by the law and in compliance with regulations on retention of administrative documentation.
Should the data subject have a contract with the Data Controller, the data will be retained – if pertinent – throughout the duration of the contract. After this, retention will continue only if provided for by the law and in compliance with regulations on retention of administrative documentation.
The addresses for which delivery of commercial communications has been granted consent will be retained for up to 12 months after the last delivery or until the data subject recalls his consent.
SOCIAL PLUGINS
This site uses “Social Plugins” (hereinafter called buttons) of social networks such as Facebook and Youtube. These buttons are deactivated by default, that is, they do not send data to their social networks without your consent.
To activate the buttons, just click on them. The button stays active until it is deactivated again or its cookies are deleted. After activation, a direction connection is established with the server of the social network. The content associated with the button is then transmitted directly by the social networks to your browser and connected by the latter to the web page.
When a button is pressed, the social network in question may detect a series of data, however you may interact with the button. If you have logged into a social network, the network may assign your visit to this web page to your user profile.
In order to discover the purpose and entity of the detection and processing/use of data effected by social networks and third party websites, which we have nothing to do with, the user may access the information notices and privacy policy notes made available on the portals of the social networks themselves.
RIGHT OF THE DATA SUBJECTS
The data subject is entitled to:
- ask the processing controller for access to the personal data and their rectification or erasure or limitation of processing of personal data concerning him, or object to such processing,
- if the processing has been carried out using electronic means and on basis of one’s consent, to receive – in a structured format, of common use and readable from an automatic device – the personal data which concern him and/or to obtain direct transmission to another data Controller if technically possible
- to recall his consent at any time (without prejudice to the legitimacy of the processing previous to the recall), of course for processing on such a basis
- to lodge complaint with the authority for the protection of personal data: Garante per la protezione dei dati personali – Piazza di Monte Citorio n. 121 00186 ROMA – Fax: (+39) 06.69677.3785 – Switchboard: (+39) 06.696771 – E-mail: garante@gpdp.it – certified email protocollo@pec.gpdp.it
Requests must be sent to the Controller:
LEGAL VALIDITY
For correct interpretation for legal purposes, the Italian text is valid.
Document drawn up by C.S.I. S.r.l. for use by Vitrablok S.r.o.. Transfer to third parties, use or copy – even in part – by parties not authorised by the author are forbidden. Any reproduction – even in part – is permitted only if complete with this note..