This document describes the methods of managing the Website www.refrattarigenerali.com ("Website"), with reference to the processing of personal data of Users ("User/Users") who browse it.
This is an information notice provided pursuant to Article 13 of Regulation (EU) 2016/679 ("GDPR") and national legislation on privacy and personal data protection, applicable to all those who visit the Website and interact with the Controller's web services. The information notice applies solely to the Controller's Websites and services that may be accessed by the User through links on the Website.
The data controller is Refrattari Generali S.R.L., with registered office at Viale Papa Giovanni XXIII, 19, 20014 Nerviano (MI), Italy ("Controller").
Browsing data: The computer systems and software procedures used to operate the Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified individuals, but by its very nature could allow Users to be identified.
This category of data includes (i) IP addresses or domain names of the computers used by Users who connect to the Website, (ii) the URI (Uniform Resource Identifier) addresses of the requested resources, (iii) the time of the request, (iv) the method used to submit the request to the server, (v) the size of the file obtained in response, (vi) the numerical code indicating the status of the server’s response (successful, error), and (vii) other parameters related to the User’s operating system and IT environment.
Data voluntarily provided by the User: The Controller processes personal and identifying data (name, surname, address, phone number, email), hereinafter referred to as "personal data". Users are free to provide their personal data to request information. If the User refuses to provide identifying and personal data in the contact form, the Controller may be unable to fulfill such requests, in whole or in part.
Cookies: The site does not use cookies.
Browsing data: Browsing data is used to obtain statistical information on the use of the Website, for security purposes, and to monitor its proper functioning. It may also be used to ascertain liability in the event of hypothetical cybercrimes to the Website. The legal basis for the processing of such data is the Controller’s legitimate interest and, in the case of requests by judicial authorities, a legal obligation.
Data voluntarily provided by the User: The personal data entered in the contact form will be processed exclusively to respond to the request, or to provide the requested service. Personal data will be processed to fulfill pre-contractual, contractual, or fiscal obligations. Data will be processed for marketing purposes (sending newsletters related to products and services offered by the Controller) only with the User’s express consent. The User shall have the right to withdraw consent at any time. The User’s personal data may also be processed to comply with legal obligations, regulations, EU legislation, or an order from an Authority, and to pursue the Controller’s legitimate interests or exercise the Controller’s rights, such as the right to defense.
Personal data may be disclosed to third parties belonging to the following categories:
– freelancers, professional firms or companies within relationships of assistance and consultancy;
– entities providing services for the management of the activities indicated above under the purposes (communication and printing services);
– entities providing services for the management of the information system and telecommunications networks;
– operators of platforms for the aforementioned services (site hosting, management software);
– competent authorities for compliance with legal obligations and/or orders of public bodies, upon request.
The entities belonging to the above categories act as Data Processors pursuant to Art. 28 GDPR. Personal data will be processed only by individuals authorized by the Controller, pursuant to Art. 29 GDPR, based on their role or professional duties.
The User's personal data will be processed by the Controller only for the time necessary to achieve the purposes of the processing, after which it will be retained solely to comply with applicable legal obligations, for administrative purposes and/or to assert or defend a right.
Personal data processed for marketing purposes will be retained for no longer than five years.
Personal data processed for browsing purposes will be retained for no longer than 14 months.
Data provided directly by the data subject will be retained for the time strictly necessary to respond to requests and then deleted.
Personal data is collected electronically and recorded in digital format using organizational and technical security measures to ensure confidentiality and avoid risks of loss or destruction, unauthorized access, or processing that is not allowed or not compliant with the stated purposes.
Personal data provided will not be transferred abroad to non-EU countries or to an international organization. Data management and storage take place on servers located in the European Union. However, it is understood that the Controller, if necessary, may relocate the servers to Italy and/or the EU and/or non-EU countries. In such cases, the Controller ensures that any transfer of data outside the EU will comply with applicable legal provisions by entering into agreements guaranteeing an adequate level of protection and/or adopting the standard contractual clauses provided by the European Commission.
This Website is not intended for use by minors and no data from minors is knowingly collected or processed. In accordance with applicable laws, parental consent must be provided to collect the minor's personal data. If data from minors is unintentionally processed, the Controller will promptly delete it upon written request by the person exercising parental responsibility.
The User may exercise their rights as expressed in Articles 15 to 22 of Regulation (EU) 2016/679 by contacting the Controller via email at info@refrattarigenerali.com or by sending a registered letter with acknowledgment of receipt to the Controller.
The User has the right, at any time, to request access to their personal data, rectification, erasure, restriction of processing. Moreover, in the cases provided for, the User has the right to object to the processing (including automated processing, e.g., profiling), as well as to withdraw consent given, without affecting the lawfulness of processing based on consent prior to its withdrawal. The User has the right to lodge a complaint with the Data Protection Authority (www.garanteprivacy.it) and/or any other competent Supervisory Authority pursuant to the Regulation. The User also has the right to data portability and, in that case, the Controller will provide the User's personal data in a structured, commonly used, and machine-readable format.
The Controller reserves the right to amend, update, add or remove parts of this privacy policy at its own discretion. Any updates will be published on this page.
Last updated: 15 March 2021
