Pursuant to Articles 12, 13 and 14 of Regulation (EU) 2016/679 (hereinafter the "Regulation"), SACMI IMOLA S.C., as Data Controller of the personal data relating to individuals who ask to take part and/or take part in livestream events organised by SACMI (hereinafter referred to as "Service" or "Services"), hereby informs about the purposes and methods of processing of the personal data collected, the scope of communication and dissemination thereof, as well as the nature of the data to be provided.
DATA CONTROLLER AND CONTACT DETAILS
The Data Controller is Company SACMI IMOLA S.C. with headquarters in Via Selice Provinciale, 17/A-40026 Imola (BO) - Tax code 00287010375, VAT no. IT00498321207, Tel.: +39-0542-607111, Fax: +39-0542-642354, E-mail: firstname.lastname@example.org@legalmail.it - email@example.com (hereafter also referred to as "the Company”).
The Data Protection Officer of the Company is Mr Massimiliano Bovesi - Certified email (P.E.C.): DPO@sacmi.it
PROCESSING PURPOSES AND PROCESSED PERSONAL DATA
In general, all personal data (hereinafter also referred to as “Personal data” and/or “Data”) that the User will provide to the Company and in the context of use of Services, with special regard to the participation in livestream Events organised by SACMI, will be processed in accordance with the principles recognised by the applicable data protection regulation, such as the principles of transparency, correctness, lawfulness, data minimisation, purpose limitation and storage, accuracy, integrity and confidentiality.
The Data will be subject to treatment by the Company, according to the limits set by the applicable legislation, for the following purposes:
a) allow the performance of operations strictly connected with and instrumental to the proper management of relations with you, such as managing answers to questions received at the contact details provided; registering and processing your requests for registration and participation in the Event, providing technical assistance (Provision of Services);
b) allow proper performance of contractual obligations taken by the COMPANY toward the User and vice versa (Contractual obligations);
c) allow the fulfilment of obligations that may be provided for by laws, regulations and community rules, or of provisions issued by authorities (Legal obligations);
d) obtain information necessary to identify anomalies, fraudulent activities and/or violations in the use of the Site (Security);
e) carry out information activities about the products and/or services of the Company and to carry out promotional and commercial activities, market research and marketing by means of automatic systems without the input of an operator (e.g. emails), but also through traditional contact methods, such as by post or telephone calls; to carry out activities to measure your satisfaction by means of questionnaires, surveys or focus groups (Marketing);
Processed Personal Data fall within the following categories. Data preceded by or marked with an asterisk (*) when User is prompted to provide them are considered by the Company to be necessary and indispensable to fulfil the relevant purposes.
1. Personal details and contact details
The Company may require you to provide information such as: applicant's full name, company email address, company role, company name of applicant, country, telephone number, etc. Further data may be collected during the management of each relationship through the Event platform and/or can comprise data the User decides to provide to the Company at any moment by using the contact data of the Company. The User may also use the special chat available on the Event platform in order to ask questions and/or interact with the Company during the Event. Using this special interactive chat, you can choose to communicate your name and surname, which will be visible to participants together with the content of your interaction, or you can decide to ask questions and/or interact anonymously. During the Event, polls or live polling may also be offered, and you will be free to respond using the tools made available by the Event platform.
Your data such as audio and video images will not be processed during the Event.
In all cases in which you decide to share the Personal Data of third parties with the Company (for example, submitting an application to take part in an Event in the name of and on behalf of another applicant), you will be considered as autonomous data controllers and, as such, you will have to take all relevant legal obligations and responsibilities. Therefore, in this regard, the user grants the COMPANY the widest indemnity with respect to any dispute, claim, request for compensation for damage caused by processing, etc. by persons whose Personal Data have been forwarded by you in violation of applicable data protection regulations. Since, in such a case, the Company would not collect this information directly from the data subjects (but, indirectly, from you), you guarantee that such specific processing may be based on the consent of such data subjects or on another appropriate legal basis that legitimises the processing of the concerned information.
2. Navigation data and other information
The computer systems and software procedures used to operate the Event platform acquire some of the User's Personal Data.
In particular, the following data will be processed: the type of content and the titles of the channels that the User has viewed and/or interacted with; the date and time when the User began viewing, when the User stopped viewing and the duration of the viewing; the User's country of origin; the type of browser, type of device and operating system used by the User.
This Data is used only by the Company for the sole purpose of gaining statistical information about use of the platform and the Service, as well as of checking its proper operation and of identifying any unusual activity and/or abuse.
LEGAL BASIS FOR PROCESSING, COMPULSORY/OPTIONAL NATURE OF PROVISION OF PERSONAL DATA AND CONSEQUENCES IN THE EVENT OF NO ANSWER
The following are the legal bases used by the Company to process your Personal Data, according to the purposes listed under the previous Section (“Purpose of processing and processed Personal Data”).
Provision of Personal Data and their processing for the purposes associated with the Supply of Services and other Contractual obligations are strictly functional to perform the required service and to properly perform the contractual relationship signed with you, respectively; therefore they are a necessary condition to establish the contractual relationship. Consequently, failure to provide Personal Data required for this purpose, or the provision of wrong data, may make it impossible for the Company to perform the Service and the contractual relationship and will entitle the Company to refuse to perform them or to stop their performance.
The provision of Personal Data and their processing for the purposes of the Legal Obligations are required by the Company to meet the relevant legal obligations. When you provide Personal Data to the Company, it needs to process it in compliance with applicable laws that may include storing them or communicating them to pertinent authorities.
The provision of Personal Data and their processing for the purposes of Security, is based on the commitment of the Company to identify and prevent illegal behaviours and to ascertain responsibility in the event of any cybercrime perpetrated using the platform. Consequently, failure to provide Personal Data required for this purpose may make it impossible for the Company to provide access to the platform.
RECIPIENTS AND TRANSFER OF PERSONAL DATA
Personal Data will be provided to personnel of the Company, who is authorised to process them in order to fulfil the previously described purposes and who is committed to confidentiality or has received a suitable legal confidentiality obligation.
The up-to-date list of companies of the SACMI Group can be viewed on the website of the Group www.sacmi.it.
Personal Data will be supplied to third parties, called Data Processors, since they process Data on behalf of the Company (e.g. companies with whom it is necessary to interact to provide Services, such as hosting providers, providers of emailing services, or other companies appointed to carry out technical maintenance, including maintenance of network equipment and electronic communication networks, software developers, companies providing the technological platform and payment gateways for product order with e-payments, etc.). Personal Data that is strictly required to perform commercial operations or required Services may be shared with third parties with whom the Company has agreements for services that are functional to its operations (such as auditing firms, people, firms or professional offices that provide support and consultancy services in the fields of administration, law, taxation, financial services and debt collection services, for the purpose of providing these Services).
Finally, Personal Data will be communicated, upon request, to the relevant authorities (e.g. in the event of frauds and/or abuses when using the Site), to financial offices or to other Public Institutions according to the provisions of current regulations.
The Data shall not be circulated ("circulation" meaning making unspecified subjects aware of the Data).
STORAGE OF PERSONAL DATA
Personal Data processed for the purposes of Supply of Services and Contractual Obligations will be stored by the COMPANY for the time that is strictly required to perform the requested Service and to properly fulfill our contractual relationship with you. In any case, since this Personal Data is processed to provide Services and to allow the contractual relationship to be fulfilled, the Company may store them for a longer period, in particular as necessary in order to protect the interests of the Company from any liability pertaining to the Services. Data will be deleted at the end of this period.
The Personal Data processed for the purposes of Legal Obligations will be kept by the Company for the period provided for by specific legal obligations or applicable regulations.
Personal data processed for the purpose of Security will not last more than 6 months, except when it is used to ascertain responsibility for any cybercrime against the Company or third parties (e.g. to protect from legal actions by providing this data to the relevant Authorities).
Personal Data processed for the purpose of Marketing will be stored by the Company until you withdraw your authorisation to do so. After withdrawing your authorisation, the Company will no longer use your Personal Data for this purpose, but will still be able to store them, particularly when necessary to protect the interests of the Company against any liability based on this processing.
YOUR RIGHTS AS DATA SUBJECTS
As Data subjects, you have the right, exercisable at any time, to:
· request access to your Personal Data (and/or a copy of such Personal Data), as well as further information on the processing in progress on them;
· request the rectification or updating of your Personal Data processed by the Company, if they are incomplete or not updated;
· request the deletion of your Personal Data from the Company’s databases, where you consider the processing to be unnecessary or unlawful;
· request the limitation of the processing of your Personal Data by the Company where you consider that your Personal Data are incorrect, not necessary or unlawfully processed, or where you have objected to their processing;
· to exercise the right to the portability of the Data, i.e. to obtain in a structured, commonly used and machine-readable format a copy of the Personal Data concerning you provided to the Company, or to request its transmission to another Data Controller;
· to oppose the processing of your Personal Data, using a legal basis relating to your particular situation, which you believe should prevent the Company from processing your Personal Data;
· to revoke your consent for Marketing and Profiling purposes. Remember that the authorisation given for Marketing communications covers not only communications sent by means of automatic systems without operator intervention (such as emails or SMS) but also traditional contact methods such as the phone or postal service. You can always withdraw authorisation to processing also separately, for example deciding to receive these communications only by means of automatic systems such as email or SMS but not through the postal service or phone and vice versa.
The Company informs you that the above rights can be exercised by writing to the email address firstname.lastname@example.org.
For Marketing purposes, you can ask to withdraw or cease sending the relevant commercial communications at any moment by writing to the email address email@example.com. When communications are received by means of computer tools, follow the procedure described in the footer of the communications (by means of the “Delete” button).
The Company also informs you that you always have the right to lodge a complaint with the competent Control Authority (for example, that of the Country in which you have your habitual residence, in Italy the Data Protection Authority) if you believe that the processing of your Data is in breach of the applicable legislation on the protection of personal data.
LIST OF SECTIONS
a) Definitions, types and regulation application
b) Types of cookies used by the Site
c) List of cookies used by the Site
d) How to manage or delete cookies
Definitions, types and regulation application
Cookies are small text files sent by the websites visited by the user and recorded on the user's computer or mobile device and retransmitted to the same websites on the subsequent visit. Cookies allow a website to remember the user's actions and preferences (such as login details, language chosen, font size, other display settings, etc.) avoiding the need to indicate them again when the user returns to the website or browses through its web pages.
For further information on cookies and their general functions, the User can visit the information Website allaboutcookies.org
Cookies may be those set directly by the website or web server that the user is visiting or those of the website whose address was typed by the user and displayed in the URL window (so-called "first-party” cookies).
While browsing a website, users may also receive on their devices cookies from websites or web servers other than the one they are visiting (so-called "third-party" cookies). Third-party cookies are relevant in cases when the user visits a website and a third party, with respect to the manager of the website visited, sets a third-party cookie using said website.
There are also various types of cookies, depending on their characteristics and functions, which remain on the user’s computer for different periods of time: session cookies, which are automatically deleted when the browser is closed; persistent cookies, which remain on your device until a predetermined expiration time.
- first-party analytical cookies, used to collect information, in aggregate form, about the number of users and how they use the website;
- third-party analytical cookies, when tools are used to reduce the identification power of cookies and the third party does not cross-reference the collected information with other information that it already has;
- browsing or session cookies, used for authentication and access to a service;
- functionality cookies, which allow the user to navigate based on a number of selected criteria (e.g. language, products selected for purchase) in order to improve the service provided.
On the other hand, for profiling cookies, i.e. those aimed at creating profiles referred to users and used to send advertising messages in line with the preferences expressed by the latter when browsing the web, the user's prior consent is required. User consent is also required for third-party analytical cookies when tools are not used to reduce the identification power of cookies and the third party cross-references the collected information with other information that it already has.
Types of cookies used by the Site
The Siteuses the following types of cookies:
- browsing technical or session cookies, strictly necessary for the operation of the Site or to allow the User to take advantage of the contents and Services requested;
- functionality cookies, used to activate specific functionalities of the Site and to configure the Site according to the User's choices (e.g. language) in order to improve the browsing experience.
Please note that by disabling browsing, session and/or functionality cookies, the Site may be unavailable or certain Services or functions of the Site may be unavailable or not work properly and users may be forced to modify or manually enter certain information or preferences each time they visit the Site.
- analytical cookies, which allow the COMPANY to understand how the site is used by users and to track the website incoming and outgoing traffic.
With regards to third-party cookies, third parties typically act as autonomous data controllers with respect to the cookies they provide (and use the data they collect for their purposes and according to their own terms) or operate as Data Processors (i.e. they process Personal Data on behalf of the COMPANY). For further information on how these third parties may use your information, please refer to their personal data processing policies (privacy policies and consent forms)
List of cookies used by the Site
The cookies used by the Site can be viewed by the User by accessing, at any time, the list of cookies, including third-party cookies, accessible from the cookie banner through the "Cookie Settings" button or from the "Cookie Settings" link located in the footer of the Site.
Social buttons and widgets
It is also possible to find social buttons/widgets on our Websites or specific "buttons" that depict the social network icons (for example, Facebook, Twitter, YouTube, Google Plus, etc.). These "buttons" allow the Users who are navigating the Websites to reach and interact with social networks directly with one "click". By clicking on Social buttons/widgets, the social network obtains data relating to the User visit. Aside from these cases where the User can share his or her own navigation data spontaneously with preselected social networks with one click, the COMPANY does not share any User navigation information or data obtained through the Websites with social networks that are accessible through Social buttons/widgets. For further information, refer to the privacy policies of the specific social networks that may be accessed through our Websites using the social buttons.
You Tube and Google Plus
How to manage or delete cookies
Most Internet browsers are initially set to accept cookies automatically. The User may modify these settings in order to block cookies or be warned every time cookies are sent to the navigation device. Furthermore, at the end of each navigation session, the User may delete the cookies that were collected from his or her device. There are various methods to manage cookies. Please refer to the specific instructions for the browser in use. If the User uses various devices to visit and access Websites (for example, computer, smartphone, tablet, etc.), then the User is responsible for ensuring that each browser of each device is set to reflect his or her expressed preferences regarding cookies. For more information on managing cookies, please refer to the page http://www.allaboutcookies.org/manage-cookies/
Select the following links to access specific instructions for managing cookies through some of the main navigation programs.
Microsoft Windows Explorer
If the User does not use any of the aforementioned browsers then the User may, in any case, select "cookies" in the relevant section of the guide to see where the cookies folder is located.
You can also manage your choices about third-party cookies by means of online platforms such as AdChoice.