INFORMATION ON THE PROCESSING OF PERSONAL DATA OF WEBSITE USERS PURSUANT TO ART. 13 OF REGULATION (EU) 2016/679 ("GDPR")

The purpose of this document is to inform you of the contents and methods of processing your personal data carried out by Danieli Automation S.p.A. in accordance with EU Regulation 2016/679 (GDPR).

In fact, the following will be outlined: (i) the data controller; (ii) the type of personal data processed; (iii) the purpose of the processing with indication of the legal basis and the period of storage of the data; (iv) the categories of recipients of the data, (v) the subjects authorized to process it; (vi) the rights of the data subject.

DATA CONTROLLER

DATA PROTECTION OFFICER (DPO)

Company name: Danieli Automation S.p.A.

Administrative and managerial headquarters: Via B. Stringher, n. 4, 33042 - Buttrio (UD), Italy

(hereinafter referred to as the "Company" or "Owner")

dpo@danieli.com

DATA COLLECTION AND PROCESSING

Browsing data

The computer systems and software procedures used to operate this Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but which, by its very nature, could, through processing and association with data held by third parties, allow users to be identified. 

This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, successful,  error, etc.) and other parameters related to the user's operating system and computer environment. 

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning, and are deleted immediately after processing.

The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site. 

This data is usually deleted immediately after processing.

PURPOSE OF THE PROCESSING

Technical administration and management of the operation of the website

LEGAL BASIS OF THE PROCESSING

Performance of the contract to which the data subject is a party, pursuant to art. 6.1 b) GDPR.

DATA RETENTION PERIOD

For the duration of the navigation.

PURPOSE OF THE PROCESSING

To comply with obligations provided for by regulations and applicable national and supranational legislation (fiscal, administrative obligations, etc.).

LEGAL BASIS OF THE PROCESSING

Need to comply with legal obligations to which the Data Controller is subject.

DATA RETENTION PERIOD

Duration provided for by law (10 years for administrative-accounting obligations).

PURPOSE OF THE PROCESSING

If necessary, to ascertain, exercise or defend the rights of the Data Controller in court and/or out of court.

LEGAL BASIS OF THE PROCESSING

Legitimate interest as well as to ascertain, exercise or defend the rights of the Data Controller in court.

DATA RETENTION PERIOD

For the entire duration of the complaint and/or out-of-court and/or judicial proceedings, until the exhaustion of the terms of availability of judicial protections and/or appeal actions.

AFTER THE EXPIRY OF THE STORAGE TERMS INDICATED ABOVE, THE DATA WILL BE DESTROYED, DELETED OR MADE ANONYMOUS, COMPATIBLY WITH THE TECHNICAL PROCEDURES OF DELETION AND BACKUP.

PROVISION OF DATA

Navigation data are necessary to carry out computer and telematic protocols, therefore failure to provide them would not allow the operation of this website.

CATEGORIES OF DATA RECIPIENTS

The data may be processed by external parties operating as independent data controllers such as, by way of example, supervisory and control authorities and bodies.

The data may also be processed, on behalf of the Company, by external parties designated as data processors (pursuant to Article 28 of the GDPR), to whom adequate operating instructions are given. Such subjects, by way of example, may be companies that carry out the management and/or maintenance service of the Company's website.

PERSONS AUTHORISED TO PROCESS

The data may be processed by employees of the company departments responsible for pursuing the purposes indicated above, who have been expressly authorised to process the data and who have received adequate operating instructions.

TRANSFER OF PERSONAL DATA TO COUNTRIES OUTSIDE THE EUROPEAN UNION

The Data may be transferred to non-European countries, in compliance with the provisions of Chapter V of the GDPR.

For more details, see the Cookie Policy.

RIGHTS OF THE DATA SUBJECT - COMPLAINT TO THE SUPERVISORY AUTHORITY

By contacting the Legal Department by e-mail at dataprotection@danieli.com, interested parties may:

·         ask the Data Controller for access to the data concerning them, their rectification, integration or cancellation, as well as the limitation of processing;

·         object to the processing in the event of the legitimate interest of the data controller;

·         receive the data in a structured, commonly used and machine-readable format, as well as, if technically feasible, transmit them to another controller without hindrance ("right to data portability");

·         in the event that the processing is based on consent or contract and is carried out with automated tools, receive the data in a structured, commonly used and machine-readable format, as well as, if technically feasible, transmit them to another controller without hindrance.

Data subjects also have the right to lodge a complaint with the competent supervisory authority.