The provision of personal details, and therefore consent for their collection and processing, is optional and users may refuse their consent and may withdraw consent conceded previously at any time (through the Contacts link at the bottom of the page). However, refusing consent can render it impossible to provide certain services and the navigation of the website may be compromised.
Starting from 25 May 2018 (date of coming into force of the GDPR), the present website retains some personal details on the basis of the legitimate interests of the Data Controller.
Personal details collected and purposes
Like all websites, the present site makes use of log files in order to store information collected automatically during user visits. The data collected may include the following:
Internet Protocol address (IP);
type of browser and characteristics of the device used to connect to the website;
name of the Internet Service Provider (ISP);
date and time of the visit;
web page from which the visitor arrived (referral) and to which they left;
the number of mouse clicks.
The information above is processed automatically and stored in exclusively aggregated form in order to verify the correct operation of the website, and for purposes of security (since 25 May 2018 this information is processed on the basis of the legitimate interests of the Data Controller).
For the purposes of security (anti-spam filters, firewalls, virus detection), the automatically recorded information can also include personal details like IP address, which could be used, in compliance with the relevant laws in force, for the purpose of blocking attempts to damage the website or cause damage to other users, or conduct any other harmful or illicit activities. This information is never used for the identification and profiling of users, but exclusively for the protection of the website and its users (since 25 May 2018 this information is processed on the basis of the legitimate interests of the Data Controller).
The data received will be used exclusively for the provision of the requested service and only for the time required for the provision of the service.
Information that website users decide to render public, through the services and instruments made available to them, are supplied by users knowingly and willingly, exempting the present website from any responsibility in relation to incidental legal infringements. Users are responsible for verifying they have permission for the publication of the personal details of third parties or content protected by national or international regulations.
The information collected by the website during operation is used exclusively for the purposes indicated above and conserved for the time strictly necessary in order to conduct the specified activities. The information collected by the website will never be transferred to third parties for any reason, save cases of legitimate request from the legal authorities and only in the specific cases provided for in law.
Information used for security purposes (blocking attempts to damage the website) is conserved for 7 days.
Where processing takes place
The information collected by the website is processed at the registered office of the Data Controller, and at the web hosting datacenter. The web host (Aruba) is responsible for the processing of the personal details on behalf of the Data Controller, is located within the European Economic Area, and acts in compliance with European regulations.
Session cookies are essential in order to distinguish between connected users, and are useful to avoid requested functions being delivered to the wrong user, as well as for security purposes to prevent digital attacks on the website. Session cookies do not contain personal details and only last for the duration of the session underway, which is until the browser is closed. No consent is required for their use.
The functionality cookies utilized by the website are strictly necessary for the use of the site, and are linked to express requests for functions by users (for example, Login), for which no form of consent is required.
Instructions for disabling cookies are available on the following web pages:
Mozilla Firefox – Microsoft Internet Explorer – Microsoft Edge – Google Chrome – Opera – Apple Safari
Third party cookies
The present website also acts as an intermediary for third party cookies, which serve to provide further services and functions for visitors and to improve the use of the website, including buttons for social media or videos. This website has no control over third party cookies, which are entirely managed by the same third parties. Consequently, information regarding the use of third party cookies and the purpose of the same, as well as methods for disabling them, is supplied directly by the third parties on the web pages indicated below.
The present website uses the following third party cookies:
On the basis of a specific agreement with Google, who is designated a Responsible Processing Entity, the same undertakes to process the data on the basis of the requests of the Data Controller (see relevant section at end of statement) as specified in the software settings. According to these settings, the advertising and data sharing options are disabled.
Further information about Google Analytics cookies is available on the web page Google Analytics Cookie Usage on Websites.
Users may selectively disable the collection of data by Google Analytics by installing a specific component provided by Google on their browser (opt out).
For more information on the use and processing of data by Google, please see the information provided on the dedicated page provided by Google, and the page regarding the forms of use of data by Google when using partners’ websites or apps.
Social Media Plugins
The collection and use of information obtained from plugins is regulated by the respective social media privacy statements, to which users are requested to refer.
– Facebook – (cookie statement link)
– Twitter – (cookie statement link)
– LinkedIn – (cookie statement link)
– Google+ – (cookie statement link).
Transfer of data to countries outside of the EU
The present website may share some of the information collected with services based outside of the European Union, and specifically with Google, Facebook, and Microsoft (LinkedIn) through social media plugins and the Google Analytics service. This transfer is authorized on the basis of specific rulings of the European Union and by the Italian Data Protection Authority, and specifically the ruling 1250/2016 (Privacy Shield – the following link is to the Italian Authority information page), and so no additional consent is required. The companies mentioned above guarantee their compliance with the Privacy Shield.
The present website collects data from users in a legitimate and proper manner, adopting appropriate security measures in order to prevent unauthorized access, divulgation, modification, or unauthorized destruction of the information. The data processing is conducted using IT and/or telematic instruments, applying organizational methods and logic strictly correlated with the indicated purposes. In addition to the Data Controller, in some cases, access to the information may extend to categories of employees involved in the organization of the website (administrative, commercial, marketing, and legal personnel, or system administrators) or external subjects (like third party suppliers of technical services, postal couriers, hosting providers, IT companies, communication agencies).
Pursuant to European Regulation 679/2016 (GDPR) and Italian national legislation, users may, by the methods and within the limits foreseen in the regulations in force, exercise the following rights:
request confirmation of the existence of personal details regarding the user (right of access);
know the origin of the same;
receive intelligible communication of the same;
receive information about the logic, methods, and purposes of processing;
request the updating, correction, amendment, cancellation, transformation into anonymous form of the data, and the blocking of personal details processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected;
in cases of processing based on consent, receive at the sole cost of the incidental support medium, the personal details submitted to the Data Controller, in a structured computer readable form, and in a format commonly used by electronic devices;
submit a complaint to the inspecting authorities (Italian Data Protection Authority – link to the Authority Page);
as well as generally exercise all rights provided for by the laws in force.
Requests should be submitted to the Data Controller.
If information has been processed on the basis of legitimate interests, the rights of those affected by the processing are in all cases guaranteed (apart from the right to data portability, which is not contemplated in the regulations) and specifically the right to oppose processing, which can be exercised by submitting a request to the Data Controller.
The Data Controller pursuant to the laws in force is the Legal Representative of S.I.S.T.E.M.I. srl a s.u., Valerio Dallago, who can be contacted at the e-mail address firstname.lastname@example.org.
Responsible Processing Entity
The web host (Aruba) is nominated as a Responsible Processing Entity, processing information on behalf of the Data Controller. The web host is located within the European Economic Area and acts in compliance with European regulations (https://www.aruba.it/informativa_arubaspa.pdf).
Google (Google Analytics) is also nominated as a Responsible Processing Entity, processing information on behalf of the Data Controller.
For any clarifications, corrections, or requests regarding the processing of personal details, click HERE.