Privacy Policy

PRIVACY POLICY

INFORMATION ON THE PROCESSING OF PERSONAL DATA

In accordance with art. 13 Regulation (EU) 2016/679 on the processing of personal data (GDPR)

In accordance with Regulations to protect individuals with regard to the processing of personal data
and on the free movement of such data (EU Regulation by the European Parliament and Council of
27 April 2016, no. 2016/679/EU – hereafter GDPR), the following describes how the website 1 www.ferasrl.it is managed with regard to the processing of personal data of the users who visit it.

DATA CONTROLLER
FERA (Fabbrica Energie Rinnovabili Alternative) SRL – 7 Piazza Cavour – 20124 Milan – VAT Code 13393960151
e-mail address: fera@pec.ferasrl.it – Tel. + 39 02 37 069 908
https://www.ferasrl.it/

TYPE OF DATA PROCESSED, PURPOSE AND LEGAL BASIS

Data processed by the data controller are:
1. Navigational data: computer systems and software used for the operation of this website

acquire, in the course of its normal operation, certain personal data whose transmission is implicit in the use of Internet navigation protocols. This information is not collected in order to be associated with identified interested parties, but by its nature could allow users to be identified, through processing or association with data held by third parties (IP addresses or the domain names of computers used by visitors browsing the site, or other parameters relating to the users’ operating system or IT environment).

This anonymous data is used for the sole purpose of monitoring the proper functioning of the site and optimising its functionality;
The legal basis that legitimises this processing is a legitimate interest of the owner in safeguarding the security of the site so that it is not used to commit offences or fraud.

2. Data provided voluntarily by the user, through requests for information or requests for contact by the same, via the e-mail address fera@pec.ferasrl.it The types of data collected are First Name and Surname, e-mail address and text of the message sent by the interested party. The data controller informs that, should it receive data of a particular nature, it will delete this data immediately and in a secure manner that does not allow it to be retrieved. Data is used for the purpose of responding to requests from the data subject.

The legal basis for processing is the execution of pre-contractual measures at the request of the data subject.

MODE OF PROCESSING

Processing will be carried out with the aid of electronic means via operations performed by employees and authorised persons of the data controller. Pursuant to Article 32 of the GDPR, the data controller shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.

PERIOD OF DATA RENTENTION

Data will be kept only for the time strictly necessary to achieve the purpose for which data was collected and specifically

  • –  browsing data are kept for a maximum of 6 months after collection;
  • –  data provided by the user to request information are kept for the time necessary to providefeedback to the user and for a subsequent period of 6 months to handle any subsequent requests from the data subject.

DATA RECIPIENTS

Personal data will be disclosed to the data controller’s employees who are authorised to process this data as part of their duties. Data may be accessed by third parties who assist the data controller in managing information systems and in technical assistance activities. They may also be communicated to Authorities upon request in cases provided for by law. Data are not disseminated in any way.

DATA TRANSFER

The Data Controller will not disclose any personal data to third countries ( non EU member states) or international organisations.

DATA SUBJECT’S RIGHTS AND HOW TO EXERCISE THESE RIGHTS

As a data subject and in relation to processing operations described in this Information Notice, the data subject may exercise the following rights by sending a formal request to the e-mail address privacy@ferasrl.it:

  •  Rights of access i.e. the right to obtain confirmation as to whether or not personal data concerning him/her is being processed and, if so, obtaining access to that personal data, including a copy thereof.
  •   The right to rectification i.e. the right to obtain, without undue delay, the correction of inaccurate personal data concerning him/her and/or the supplementation of incomplete personal data;
  •   The right to erase data (the right to be forgotten) i.e. the right to obtain, without undue delay, the deletion of personal data concerning an individual, if one of the following grounds applies:
    •   personal data is no longer necessary in relation to the purpose for which they were collected or otherwise processed;
    •   the subject of this data objects to data processing and there is no overriding legitimate ground for this processing;
    •   personal data has been processed unlawfully;
    •   personal data must be erased in order to comply with a legal obligation laid down by Unionor Member State law to which the Data Controller is subject;
  •   The right to limit processing, i.e. the right to obtain a restriction on processing, when:
    •  the subject of this data disputes the accuracy of personal data, for the period necessary for the Data Controller to verify the accuracy of such data;
    •   processing is unlawful and the data subject objects to the deletion of personal data and requests, instead, that its use is restricted;
    •   personal data is necessary for the establishment, exercise or defence of a legal claim;
    •   the data subject has objected to processing in accordance with Art. 21 GDPR, during the period pending verification as to whether legitimate reasons of the Data Controller prevailover those of the data subject;
  •  The right to data portability, i.e. the right to receive, in a structured, commonly used andmachine-readable format, personal data concerning you and the right to have it transmitted to another Data Controller without hindrance, where processing is based on consent and is carried out by automated means. Furthermore, the right to have your personal data transmitted directly to another Data Controller if this is technically feasible;
  •   Right to object i.e. the right to object, at any time, to the processing of personal data;
  •   Right to complain i.e. the right to lodge a complaint with the Data Protection Authority,following the procedures and indications published on the Authority’s official website www.garanteprivacy.it.

Cookies disclosure statement

This site uses only Technical Cookies

There are no profiling cookies or tracking tools.