The policy of the website www.lav-in.it is provided pursuant to Articles 13 and 14 of EU Regulation No. 2016/679 (hereinafter Regulation or GDPR), on the protection of individuals with regard to the processing of personal data, and Italian Legislative Decree No. 196/2003, as amended and supplemented.
LAV.IN srl hereby informs you that the use of this website therefore involves the processing of personal data of data subjects only for the purposes and through the methods indicated below.
a) Data Controller
- The data controller is LAV.IN srl with registered office in 30023 Concordia Sagittaria (VE), Via Fratelli Cervi 77 (tax code and register of companies registration no.: 03302360270).
- Contact details of the data controller is the following e-mail address: firstname.lastname@example.org
b) Processing purposes and legal basis for processing:
1. The personal data (hereinafter also “Data”) provided by you while browsing the website is collected and processed for the provision of services based on a web interface, for publication and consultation of web pages of an informative nature and in anonymous and aggregated form, as well as for statistical purposes and for monitoring the proper functioning of the website.
2. Moreover, your personal data may also be used in various processing operations (storage, archiving, processing) in any case in terms compatible with this purpose. In particular, your personal data may be processed for the following purposes
- respond to requests for information;
- prepare quotations;
- allow provision of the requested services;
- comply with legal obligations;
- marketing for sending, also periodically, for example by means of newsletters, advertising material, direct sales, to carry out market research and/or commercial and promotional communication including invitations to trade fairs, meetings, training courses, competitions and/or other private / public events organised for promotion of the company’s activities, carried out directly by the Company or through specialised external companies.
The legal basis for processing the personal data pursuant to points (b)(2), i), ii), iii) and iv) is Art. 6(1)(b) and (c) of the Regulation, since the processing is necessary for the provision of services, for execution of the contract to which the data subject is a party or for execution of pre-contractual measures or to respond to requests made by the data subject, also representing processing necessary to fulfil a legal obligation on the part of the Data Controller. Provision of personal data for these purposes is optional, but failure to provide it would make it impossible to activate the services provided by the Website or reply to requests.
The legal basis for processing the data pursuant to point (b)(2)(v) is Art. 6(2)(a) of the Regulation. The data for these purposes may be processed subject to explicit and specific consent. The provision of consent for these purposes is therefore free and optional and, in its absence, the Controller will only process the data for the purposes pursuant to the further points without in any way prejudice to the possibility of using the services. Even if consent for such purposes is provided, it may be withdrawn at any time by making a mere request to the Data Controller.
c) Data processed
1. data provided voluntarily by the user
The website only processes common data (such as, for example, name, surname, email).
2. browsing data
This category of data includes IP addresses or domain names of the computers used by data subjects who connect to the website, the addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server response – successful, error, etc.) and other parameters relating to the operating system and computer environment of the data subject.
d) Processing methods
Your personal data will be processed through the use of tools and procedures suitable for guaranteeing security and confidentiality, using both analogue/paper media and computer and/or telematic media and tools.
e) Parties that may be recipients of the personal data
I suoi dati personali saranno trattati esclusivamente dal Titolare del trattamento, dai Responsabili del Trattamento da lui nominati e dagli incaricati del trattamento strettamente autorizzati. L’elenco aggiornato dei Responsabili e degli incaricati potrà sempre essere richiesto al Titolare per la consultazione.
Your personal data will be processed exclusively by the Data Controller, by the Data Processors appointed by the same and by the strictly authorised persons in charge of processing. You may ask the Controller to consult the updated list of Processors and persons in charge of processing.
Your personal data may be communicated, as a result of inspections or audits, to all inspection bodies responsible for audits and checks regarding compliance with legal requirements.
Your personal data may be communicated by way of example and not limited to companies/professional firms that provide assistance, or advice or collaboration to the data controller, with regard to accounting, administrative, fiscal, legal, tax, financial or social security issues, in relation to the establishment and management of the contractual and/or pre-contractual relationship with you, to public administrations for the performance of institutional functions within the limits established by law or regulations or to third party service providers to whom the communication is necessary for performance of the services inherent to and connected with the existing contractual and/or pre-contractual relationship with you, to other employees and/or collaborators of the data controller for the time strictly necessary for the performance of their duties, instrumental and/or ancillary to execution of the relationship in place with you and always under the control and supervision of the data controller, of the data processors and of the strictly authorised persons in charge of processing. Your personal data may be disclosed to public or private entities that may have access to your personal data pursuant to legal or regulatory provisions or pursuant to orders issued by the judicial authorities.
Your personal data will not be disseminated except in cases where you have provided your express and explicit consent. In this latter case, dissemination will be limited to and governed by that expressly consented to by you with a document signed by you.
f) Data retention period
Your personal data will be retained for the time necessary to comply with your requests and in any case for a period of time not exceeding 10 (ten) years, limited and instrumental to the need to be able to guarantee the Company the possible exercise and protection, in and out of court, of its rights and interests deriving from, connected or related to the relationship with you and/or its subject matter.
Personal data processed for further optional purposes (marketing purposes) will be deleted after 5 years, a term considered appropriate since it concerns data related to the sale of goods covered by the contract and in any case not beyond withdrawal of consent, without prejudice to the lawfulness of the processing based on consent prior to withdrawal.
g) Existence of an automated decision-making process
There is non automated decision-making process.
h) Intention of the data controller
Your personal data is currently not transferred abroad.
Should the data controller transfer your personal data to countries outside the EU or in any case outside the European Economic Area (consisting of Switzerland, Iceland, Liechtenstein and Norway) it will proceed as follows.
In the event of transfer of data to the above mentioned third countries, the data controller shall ensure an adequate level of protection pursuant to Art. 45 of European Regulation No. 679/2016 and Art. 29 of the Working Party (the Commission has the power to establish such adequacy by means of a specific decision and on this point please refer to the list of decisions on the website of the Personal Data Protection Authority www.garanteprivacy.it).
In the absence of an adequacy decision pursuant to Art. 45 of the European Regulation, the data controller shall provide adequate guarantees pursuant to Arts. 46 – 47 of European Regulation No. 679/2016.
Finally, in the event that there is no adequacy decision pursuant to Art. 45 of E.R. 679/2016 or adequate guarantees pursuant to Art. 46 of the aforementioned Regulation, including binding company regulations, the transfer of personal data to a country shall be allowed only in the presence of exceptions in specific situations pursuant to Art. 49 of E.R. 679/2016.
All information relating to the adequate guarantees referred to in the preceding paragraph shall in any case always be available at the Data Controller’s premises and may be requested at the following e-mail email@example.com.
i) Redirection to external websites
l) Data subject rights
In relation to the personal data subject to processing pursuant to this policy, are at any time you have the right of:
– Access (Art. 15 EU Reg. No. 2016/679):the Controller shall guarantee the right of access to personal data concerning the data subject;
– Rectification (Art. 16 EU Reg. No. 2016/679): the Controller shall, at the request of the data subject, rectify inaccurate personal data without undue delay.
– Erasure (Art. 17 EU Reg. No. 2016/679): the Data Controller shall erase the personal data of the data subject without undue delay if: the personal data is no longer necessary with respect to the purposes for which it was collected or processed; the data subject withdraws consent; the data subject objects to processing and there is no prevailing legitimate reason for processing; the personal data has been processed unlawfully.
– Restriction (Art. 18 EU Reg. No. 2016/679): the Data Controller shall restrict processing at the request of the data subject when: the data subject disputes the accuracy of the data; the processing is unlawful and the data subject objects to erasure of the data but requests restriction of processing; the data is no longer necessary for the processing purposes, but is necessary for ascertaining, exercising or defending a right in court; the data subject has objected to processing and prevalence of the legitimate reasons of the Data Controller over those of the data subject is pending.
– Portability (Art. 20 EU Reg. No. 2016/679): understood as the right to obtain the data in a structured, commonly-used, machine-readable format from the Data Controller in order to transmit it to another data controller without hindrance.
– Objection to procession (Art. 21 EU Reg. No. 2016/679): the data subject has the right at any time to object to the processing of personal data concerning him/her.
–Exercise the right to withdraw consent, if provided for one or more specific purposes, at any time, without prejudice to the lawfulness of processing up to the time the aforementioned consent is withdrawn.
– Lodge a complaint with the Personal Data Protection Authority (Art. 51 EU Reg. No. 2016/679).
The above mentioned rights may be exercised by means of a written communication to be sent by email to the following address firstname.lastname@example.org
Or by registered letter to the following address LAV.IN srl, Via Fratelli Cervi n. 77, 30023 Concordia Sagittaria.
The Data Controller shall ensure that this policy is kept updated.
Cookies of the Website manager:
The Website uses “technical” cookies, such as browsing or session cookies, functionality cookies and analytical cookies, created and used by the Website manager.
Browsing or session cookies
Specifically, browsing or session cookies are used to ensure the normal browsing and use of the website, and therefore aimed at making browsing functional and optimising it within the website.
In addition, functionality cookies are installed, which are strictly necessary to provide services explicitly requested by the user.
Finally, there are analytics cookies, used and implemented only by the manager of the Website, in order to collect information, in aggregate and anonymous form, on the number of users and how they visit the website. The data acquired through Google Analytics may also be used by Google, according to the terms of service prepared by the same https://www.google.it/intl/it/policies/privacy/
The Website uses its own profiling cookies, i.e. cookies aimed at creating user profiles, in order to send advertising messages based on the preferences expressed by individual users when browsing the Website.
Third party cookies
Third party service analysis cookies
These cookies are used to collect information on the use of the Website by users in anonymous form, such as: pages viewed, time spent, origins of source traffic, geographic origin, age, gender and interests for the purpose of marketing campaigns . These cookies are sent by third-party domains external to the Website.
Cookies to integrate third party software products and functionsThis type of cookie incorporates functions developed by third parties inside the Website pages such as icons and preferences expressed in social media websites in order to share Website contents or use third party software services (such as software for creating maps and other software offering extra services). These cookies are sent by third-party domains and partner websites, offering their functionalities among the Website pages.
These are cookies sent by third parties, through the Website, necessary to create user profiles in order to send advertising messages, by such third parties, in line with the preferences expressed by the user.
Cookie installation/uninstallation. Browser options
Users can object to recording cookies on their device by configuring their browser: if they use the Website without changing the browser settings, it is assumed that they intend to receive all cookies used by the Website and benefit from all the functionalities.