This Policy is aimed at illustrating the means and purposes of the processing of personal data carried out by [•], in its quality of data controller (hereinafter “Data Controller”), through the website [•] (hereinafter the “Website”).
The processing of personal data of the User will take place in full compliance with the applicable legislation, with particular regard to the Regulation (EU) 2016/679 (the “GDPR”) concerning the protection of natural person with regard to the processing of personal data, as well as free movement of such data.
- DATA CONTROLLER
The Data controller is [•], with registered offices in [•].
- THE WEBSITE
This Website aims to provide information on the products and services offered by Draka, a company of Prysmian’s Group.
- PURPOSEOF THE PROCESSING
The User’s personal data will be processed by the Data Controller for the sole purposes of:
- a) allowing the correct navigation on the Website and informing the Users about the activities performed and the services offered by Draka. As this processing is needed to run the Website and to allow the User to access the contents requested, User’s consent is not required;
- b) fulfill any request made by the User through the contact form available on the Website. As this processing is necessary to provide the Users with the information directly requested by them, noir consent must not be acquired;
- c) complying with the obligations provided by applicable laws and to ascertain responsibilities in the case of computer crimes against the Website. As this processing is mandatory by law, User’s consent is not required;
- CATEGORIESOF PERSONAL DATA COLLECTED
- a) Traffic data
The computer systems and software procedures used to operate this Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes: IP addresses, browser type, operating system, the domain name and website addresses from which you are logged in or out, the information on pages visited by User within the site, the time of access, time period of User’s staying on a single page, the internal path analysis and other parameters regarding the User’s operating system and computer environment.
This technical / IT data are collected and used only in an aggregated and not immediately identifiable manner. They could be used to ascertain responsibilities in case of hypothetical crimes against the Website or upon public authorities’ request.
- b) Personal data provided directly from User
The provision of personal data by the User (e.g. name, surname, email address, telephone number, etc.) implies the acquisition of such data by the Data Controller and their subsequent processing aimed at the sole purpose of sending the data provided to the responsible wholesaler to honour the request.
- COMMUNICATIONS TO THIRD PARTIES
The personal data collected by the Data Controller will not be shared or communicated to third parties, except for the wholesaler which is linked to a specific contact form. Unless upon specific consent of the data subject or as otherwise required by applicable laws.
Should communication to third-party suppliers or partners of the Controller (such as service providers, mail carriers, hosting providers, IT companies, communication agencies) be necessary for organizational, administrative or support needs, it will be the Data Controller’s responsibility to appoint such parties as data processor by virtue of the capacity, experience and reliability demonstrated.
It remains understood that the Users’ personal data can be made available to third parties, such as competent and police authorities, whenever this is required by applicable law or by an order issued by them.
- TRANSFER OF DATA ABROAD
Given the international nature of Prysmian Group’s activities, the data may be transferred outside the European Economic Area (hereinafter, the “EEA”) and processed, for the sole purposes described above, by companies of Prysmian Group established on the territory of third countries.
In particular, the data may be sent to companies of the Prysmian Group in the United States.
In such cases, the data transmission abroad is subject to specific personal data protection guarantees through the adoption of data protection Standard Contractual Clauses approved by the European Commission or other equivalent safeguards.
- METHODS OF THE PROCESSING, DATA RETENTION AND DATA SECURITY
The personal data are collected and processed lawfully and fairly, for the above purposes and in accordance with the fundamental principles established by the applicable legislation. Personal data may be processed either manually, through information technology tools or electronically, but always under technical and organizational measures that enable ensuring their security and confidentiality, especially for the purposes of reducing the risks of destruction or loss, including accidental, of the data, unauthorized access, or unauthorized processing or processing that is not compliant with the purposes of the collection.
The processing will be performed only by those subjects who have been duly authorized to do so by the Data Controller, in compliance with the provisions set forth by applicable data protection laws and regulations.
The same personal data will be kept in a format that allows User’s identification only for the time strictly necessary to fulfill the purposes for which the data have been originally collected and, in any case, within the limits set forth by applicable laws and regulations, as well as to enforce or protect the rights of the Controller, where necessary.
When no longer necessary, the data will be immediately cancelled.
- REDIRECT TO OTHER WEB SITES
The Website incorporates links which allow the User to connect to other websites run both by other companies within the Prysmian Group and by third parties. The Controller assumes no responsibility regarding the processing of personal data which may take place through and/or in connection with third-parties’ websites.
Therefore, each User who accesses such web pages and/or social platforms through the Website must carefully read the relevant privacy policies in order to better understand how their personal data will be processed by the third parties which, as autonomous controllers, will provide and manage such websites.
- DATA SUBJECTS’ RIGHTS
The Users, in compliance with applicable law, can exercise their rights at any time, including:
- a) accessing their personal data, obtaining evidence of the purposes pursued by the Controller, the categories of data involved, the recipients to whom they may be disclosed, the applicable storage period, the existence of automated decision-making processes;
- b) having incorrect personal data referred to them rectified without delay;
- c) having their data erased in the cases provided for by the law;
- d) obtaining restrictions to processing, where possible;
- e) requesting portability of the data provided to the Data Controller, receiving them in a structured, commonly used and machine-readable format, also for transmitting such data to another controller, without any hindrance by the Controller, in all situations where it is required by the law in force;
- f) lodge a complaint to the data protection Supervisory Authority.
To exercise these rights, or for any further information and/or clarifications, please write to the Data Controller, by sending an email to its Data Protection Officer, at Privacy@Prysmiangroup.Com.