Informative document pursuant to Articles 13-14 of the GDPR (General Data Protection Regulation) 2016/679

In compliance with Regulation (EU) 2016/679 (GDPR), we provide you with the necessary information regarding the processing of the personal data you have provided. This information is not valid for other websites that may be consulted via links on the websites of the data controller, who is not to be considered in any way responsible for third-party websites.

1. Data Controller, Data Processor, and Place of Data Processing

Data Controller:

The Data Controller is MAEM-INFORMATICA, with registered and administrative offices at Via Dandolo 25, Varese, represented by the pro-tempore legal representative.

Place of Data Processing:

Data processing is carried out at the Data Controller’s offices and at the locations of identified external parties.

2. Types of Data Processed

Personal and Browsing Data:

Personal data: any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Browsing data: The information systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user’s operating system and computer environment.

Data provided voluntarily by the user: The optional, explicit, and voluntary sending of email to the addresses indicated on this site and/or the completion of data collection forms entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included.

Please refer to the contact information notice at the following link [insert link to contact information notice]. Please refer to the cookie policy at the following link [insert link to cookie policy].

3. Purposes of Data Processing for Which Consent is Required (Art. 6 GDPR)

A) The personal data voluntarily provided will be processed for the following purposes:

Browsing this website; Possible completion of data collection forms for requests for quotes and/or contacts and/or sending applications; Possible completion of data collection forms for online booking; General administrative-accounting activities. For the purposes of applying personal data protection regulations, the processing carried out for administrative-accounting purposes are those connected with the performance of organizational, administrative, financial, and accounting activities, regardless of the nature of the data processed. In particular, these purposes include internal organizational activities, those functional to fulfilling contractual and pre-contractual obligations, and informational activities.

B) The personal data provided by completing data collection forms on websites or data collection modules in general (such as name, surname, email address) will be processed, with prior consent, by the Data Controller and Data Processors for promotional and commercial activities and newsletters via email.

4. Processing Methods – Storage

The processing will be carried out in an automated and manual form, with methods and tools aimed at ensuring maximum security and confidentiality, by persons specifically appointed in compliance with the provisions of Articles 13-14 of the GDPR. Data will be stored for a period not exceeding the purposes for which the data were collected and subsequently processed.

5. Scope of Data Communication and Dissemination

Your data, subject to processing, will not be disseminated and may be communicated to companies contractually linked to MAEM-INFORMATICA, in order to fulfill contracts or related purposes. Data may be communicated to third parties belonging to the following categories:

Entities providing services for the management of the information system used by MAEM-INFORMATICA and telecommunications networks; Firms or companies within the scope of assistance and consultancy relationships; Competent authorities for compliance with legal obligations and/or public body provisions, upon request. The subjects belonging to the above categories perform the function of Data Processor, or operate in total autonomy as separate Data Controllers. The list of Data Processors is constantly updated and available at the registered office of MAEM-INFORMATICA, Via Dandolo 25, Varese. Any further communication or dissemination will take place only with your explicit consent.

6. Nature of Data Provision and Refusal

Apart from what is specified for browsing data, the user is free to provide personal data. The provision of data for the purposes referred to in point A) is necessary. Any refusal to provide data for the purposes referred to in point A) makes it impossible to obtain what has been requested or to use the services of the Data Controller. The provision of consent for data processing for the purposes referred to in point B) is optional. Any refusal of consent for the purposes outlined in point B) will not produce any negative effects for the purposes referred to in point A).

7. Rights of Data Subjects

You can assert your rights as expressed in Articles 12-23 by contacting the Data Controller or the Data Processor by sending an email to info@maem-informatica.it. As a data subject, you have the rights outlined in Article 15 GDPR, specifically the right to:

Obtain confirmation of the existence or non-existence of personal data concerning you, even if not yet recorded, and their communication in an intelligible form;

Obtain indications:

Of the origin of personal data; Of the purposes and methods of processing; Of the logic applied in case of processing carried out with the aid of electronic instruments; Of the identification details of the Data Controller, Data Processors, and the designated representative pursuant to Article 5, paragraph 2 of the Privacy Code and Article 3, paragraph 1, GDPR; Of the subjects or categories of subjects to whom personal data may be communicated or who may become aware of them as designated representative in the territory of the State, Data Processors, or persons in charge; Obtain:

The updating, rectification, or, when interested, integration of the data; The deletion, transformation into anonymous form, or blocking of data processed unlawfully, including data that does not need to be stored for the purposes for which the data were collected or subsequently processed; The certification that the operations referred to in letters a) and b) have been made known, also regarding their content, to those to whom the data have been communicated or disseminated, except where this proves impossible or involves a manifestly disproportionate effort compared to the right protected; Oppose, in whole or in part:

For legitimate reasons, the processing of personal data concerning you, even if pertinent to the purpose of the collection; To the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for the performance of market research or commercial communication, through the use of automated call systems without the intervention of an operator via email and/or traditional marketing methods via telephone and/or paper mail. Where applicable, you also have the rights referred to in Articles 16-21 GDPR (right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object), as well as the right to lodge a complaint with the Supervisory Authority. At any time, you can obtain confirmation of the existence or non-existence of personal data concerning you and the communication of such data and the purposes on which the processing is based. In addition, you can obtain the deletion, transformation into anonymous form, or blocking of data processed in violation of the law, as well as the updating, rectification, or, if there is your interest in this, the integration of the data. You can object, for legitimate reasons, to the processing itself.

8. Changes to the Privacy Policy

The Data Controller reserves the right to modify, update, add, or remove parts of this privacy policy at its discretion and at any time. The data subject is required to check periodically for any changes. In order to facilitate this verification, the policy will contain the date of the update. The use of the site after the publication of changes constitutes acceptance of the same.

9. Social Plug-ins

Our web pages may contain plug-ins from Social Networks (e.g., Facebook.com, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA “Facebook”). If you access one of our web pages equipped with such a plug-in, your internet browser connects directly to the social network and the plug-in is displayed on the screen through the connection with the browser. Before using these Plug-ins, we invite you to consult the privacy policy of these social networks on their official pages.