INFORMATION NOTE PURSUANT TO ARTICLES 13 and 14 EU Regulation 2016/679 - GDPR FOR THE PROCESSING OF PERSONAL DATA OF USERS OF THE SITE www.ennegi.it
Section I - GENERAL INFORMATION ABOUT DATA ACQUISITION
1. This section contains information on how we manage the web pages of the website ennegi.it.
2. This information note is also valid for the purposes of art. 13 of Legislative Decree no. 196/2003, the Personal Data Protection Code, and for the purposes of art. 13 of EU Regulation no. 2016/679, concerning the protection of individuals with regard to the processing of personal data and the free movement of such data, for persons interacting with the web domain ennegi.it whose homepage is www.ennegi.it.
3. This information note applies only to the domain ennegi.it and not to other websites that may be consulted by the user through links contained therein.
4. The purpose of this document is to provide information about the methods, timing and nature of the information that data controllers must provide to users when connecting to the web pages of ennegi.it, regardless of the purpose of the connection itself, according to Italian and European legislation.
5. This information note may be subject to change due to the introduction of new regulations in this regard, we therefore invite you to regularly check this page.
6. In accordance with Art. 8, par. 1 EU Regulation 2016/679, if you are under sixteen years of age, you shall have to legitimise your consent by means of parental or guardian authorisation.
Section II – DATA PROCESSING
1. The data controller is the natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of the processing of personal data. It also deals with security profiles.
With regard to this website, the data controller is Ennegi s.r.l., with registered office in Pesaro (PU), Via San Leo no. 6, tax code 02040450419, in the person of its sole administrator Mr. Marco Del Prete, email address firstname.lastname@example.org and PEC email@example.com. You can contact the data controller by sending an email to firstname.lastname@example.org to ask for clarifications or to exercise your rights.
2. Data processor
The data processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Pursuant to article 28 EU Regulation no. 2016/679, upon appointment of the data controller, the data processor of the site ennegi.it is Mrs. Giulia Del Prete, Key Account Manager at Ennegi S.r.l.
3. Place of data processing
The data processing generated by the use of ennegi.it takes place at the registered office of Ennegi S.r.l.
In case of need, the data connected to the newsletter service may be processed by the data processor or by the persons appointed by her for this purpose at the relevant premises.
Section III – DATA PROCESSED
1. Data acquisition
1.1. Like all websites, this website makes use of log files in which information collected automatically during users' visits is stored. The information collected may include the following:
- Internet Protocol (IP) address;
- Browser type and device parameters used to connect to the site;
- Name of the Internet Service Provider (ISP);
- Date and time of visit;
- Web page of origin of the visitor (referal) and of exit;
- The number of clicks, if any.
1.2. The aforesaid information is processed by automated means and collected in an exclusively aggregated form in order to verify the correct functioning of the site and for security reasons. This information will be processed based on the legitimate interests of the controller.
1.3. For security purposes (spam filters, firewalls, virus detection) the automatically recorded data may also include personal data such as the IP address, which could be used, in accordance with applicable laws, to block attempts to damage the site or to cause damage to other users or harmful or criminal activities. These data are never used for the identification or profiling of the user, but only for the protection of the site and its users, this information will be used according to the legitimate interests of the controller.
1.5. The information that users of the site will consider to make public through the services and tools made available to them, is provided by the user knowingly and voluntarily, and the user holds the owner of this site harmless against any liability for any violation of the law. The user is responsible to verify that he or she has the permission to enter personal data of third parties or content protected by national and international regulations.
2. Purposes of data processing
2.1. The data collected by the site during its operation are used exclusively for the purposes indicated above and kept for the time strictly necessary to carry out the specified activities and, in any case, no longer than 2 years.
2.2. The data used for security purposes (blocking attempts to damage the site) are stored for the time strictly necessary to achieve the abovementioned purpose.
3. Data provided by the user
3.1. As indicated above, the optional, explicit and voluntary sending of emails to the addresses indicated on this site involves the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.
3.2. Specific summary information notes will be progressively published or displayed on the pages of the site prepared for particular services on request.
4. Support in configuring your browser
4.1. You can also manage cookies through your browser settings. However, deleting cookies from your browser may remove the preferences you have set for the site. For more information and support you can also visit the help page specific to the web browser you are using:
5. Social Network Plugins
5. 2. The collection and use of information obtained through the plugin are governed by the respective privacy policies of social networks, to which please refer to:
6. Google analytics.
6.1. The data collected through the cookies of the ennegi.it website are processed with anonymized IP through the web analysis service Google Analytics provided by Google Inc. ("Google"). Google uses the Personal Data collected for the purpose of tracking and examining the use of the application, compiling reports and sharing it with other services developed by Google.
Google may use your personal data to contextualize and personalize the ads in its advertising network. This integration of Google Analytics makes the IP address anonymous. The anonymisation works by shortening the IP address of the Users within the borders of the Member States of the European Union or other countries that are parties to the Agreement on the European Economic Area.
Only in exceptional cases, the IP address will be sent to Google's servers and shortened within the United States.
Place of processing: USA
Section IV- RIGHTS OF THE USER
1. Art. 13 par. 2 EU Regulation 2016/679 lists the rights of the user.
2. The owner of the site ennegi.it intends, therefore, to inform the user on the existence of:
- the right of the data subject to ask the data controller for access to personal data (art. 15 EU Regulation), their updating (art. 7, para. 3, letter a of Legislative Decree 196/2003), rectification (art. 16 EU Regulation), integration (art. 7, para. 3, letter a of Legislative Decree 196/2003), limitation of the processing concerning the user (art. 18 EU Regulation) or to object, for legitimate reasons, to their processing (art. 21 EU Regulation), in addition to the right to data portability (art. 20 EU Regulation);
- the right to request erasure (art. 17 EU Regulation), transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed (art. 7, paragraph 3, letter b of Legislative Decree no. 196/2003);
- the right to obtain certification that the operations of updating, rectification, integration of data, erasure, blocking of data, transformation, have been notified, as also related to their contents, to those to whom the data were communicated or disseminated, unless this requirement proves impossible or involves the use of means manifestly disproportionate to the right protected (art. 7 paragraph 3, letter c of Legislative Decree 196/2003).
3. Requests can be addressed to the data controller at the abovementioned email address (without formalities) or using the form provided by the Data Protection Authority.
4. Where the processing is based on Article 6 paragraph 1 letter a - express consent to the use - or on Article 9 paragraph 2 letter a - express consent to the use of genetic, biometric, health-related data revealing religious or philosophical beliefs or trade-union membership, revealing racial or ethnic origin, political opinions - the user has the right to withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given before the withdrawal of consent.
5. Moreover, in case of violation of the law, the user has the right to lodge a complaint with the Data Protection Authority, as the authority responsible for monitoring the processing in Italy.
6. For a more detailed examination of your rights, see article 15 et seq. EU Regulation 2016/679 and art. 7 of Legislative Decree no. 196/2003.
Section V - REQUIREMENTS
1. The data controller shall notify the Data Protection Authority of the processing of personal data which it intends to carry out, only if the processing concerns:
- genetic, biometric data or data indicating the geographical position of persons or objects via an electronic communication network;
- data revealing health status and sex life, processed for the purposes of assisted reproduction, provision of health services by telematics related to databases or the supply of goods, epidemiological investigations, detection of mental, infectious and diffusive diseases, seropositivity, organ and tissue transplantation and monitoring of health expenditure;
- data suitable for revealing sexual life or the psychic sphere, processed by non-profit associations, bodies and organisations, even if non-incorporated, of a political, philosophical, religious or trade union nature;
- data processed with the aid of electronic tools designed to define the profile or personality of the data subject or to analyze consumer habits and choices or to monitor the use of electronic communication services with the exclusion of processing that is technically essential to provide such services to users;
- sensitive data recorded in databases for recruitment purposes on behalf of third parties as well as sensitive data used for opinion polls, market research and other sample surveys;
- data recorded in special databases managed with electronic instruments and relating to the risk of economic solvency, the financial situation, the correct fulfilment of obligations, illegal or fraudulent behaviour.
Section VI – SECURITY OF DATA PROVIDED
1. This site processes users’ data in a lawful and correct manner, taking appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of data. The processing is carried out by means of computer and/or telematic tools, with organizational methods and logics strictly related to the indicated purposes.
2. In addition to the controller, in some cases, categories of persons involved in the organization of the site (administrative, marketing, commercial and legal staff, system administrators) or external parties (such as third party technical service providers, postal carriers, hosting providers, computer companies, communication agencies) may have access to the data.
Section VIII – AMENDMENTS TO THIS DOCUMENT
1. This document is published on: http://www.ennegisrl.it/privacy-policy/.
2. It may be subject to changes or updates. In the case of relevant changes and updates, these will be notified to users by means of appropriate notifications.
3. Previous versions of this document will be available on this page.
4. This document was updated on 10 January 2019 to comply with the relevant regulatory provisions and in particular with EU Regulation 2016/679.
Subscription to Ennegi S.r.l. newsletter
Information on personal data processing pursuant to article 13 EU Regulation 2016/679
The Newsletter of Ennegi S.r.l. (hereinafter, "Ennegi") is distributed via e-mail - automatically and free of charge - to those who request to receive it by filling in the form on the dedicated web page.
The data provided will be used with computerized and telematic tools for the sole purpose of providing the requested service and, for this reason, will be kept exclusively for the period in which it is active.
The purpose of the processing is to allow the Data Controller to carry out all the phases connected with the sending of the periodic information for which the data subject has expressed an interest by filling in the appropriate form.
The legal basis for such processing is to be found in the relationship established between the Data Controller and the data subject with regard to the sending of the abovementioned information.
The provision of all the necessary data is mandatory and without it it will be impossible to manage the requests of the data subject. The contact activities for this purpose may be carried out through both traditional methods (paper mail and telephone calls through an operator on fixed and mobile numbering) and via e-mail and text messages.
Ennegi S.r.l. may also process the data provided by the data subject in order to send informative and institutional communications about its projects, activities and initiatives, and to carry out research on all the people who have expressed interest in its activities, through actions designed in a personalized manner based on the characteristics of behaviour, interests and preferences expressed by the data subject at the time of his/her subscription.
The data controller is Ennegi s.r.l., with registered office in Pesaro (PU), Via San Leo no. 6, tax code 02040450419, in person of its sole administrator Mr. Marco Del Prete, email address email@example.com and PEC firstname.lastname@example.org, telephone 0721 402287. The data processor is Mrs. Giulia Del Prete, Key Account Manager at Ennegi S.r.l..
The data will be processed exclusively by the staff and collaborators of Ennegi S.r.l. or by companies expressly appointed as data processors (e.g. for technological maintenance needs of the site).
The data subject has the right to obtain from Ennegi, in the cases provided for, access to personal data and the rectification or erasure of the same or the limitation of the processing that concerns him/her or to object to the processing (art. 15 et seq. GDPR). The relevant request to Ennegi is made by contacting the Data Protection Officer at the email address email@example.com or at the contact details of Ennegi S.r.l.
If the data subject believes that the processing of his/her personal data carried out through this service is in violation of the provisions of the Regulation, he/she has the right to lodge a complaint to the Data Protection Authority, as provided for by art. 77 of the Regulation, or to take appropriate legal action (art. 79 of the Regulation).
Cancellation from the service can take place automatically using the appropriate link that will be inserted within each communication.
In case of technical problems, you can send an e-mail to: firstname.lastname@example.org.