PRIVACY POLICY

PRIVACY POLICY FOR THIS WEBSITE

Disclosure statement regarding processing of personal data (art. 13 GDPR 2016/679)

1. PURPOSE OF THIS STATEMENT

The following provides a description of personal data processing by the present company in relation to all interested parties, and with the purpose of expressing the Company Policy applied to ensure compliance with the provisions of GDPR 2016/679, Italian Leg. Decree 196/2003, national regulations on this subject, the Guidelines issued by the European Data Protection Board, as well as EU Directives regulating the protection of personal data of natural persons.
This statement is drafted according to art. 13 of EU Regulation 2016/679 in relation to those who establish any form of relationship with the present company, the latter represented primarily by the following Internet website:

https://intals.it/en/the-company.html

The Privacy Policy for the present website is not applicable to any other forms of processing conducted or described subsequent to navigation to other Internet websites using hyperlinks incidentally present on the abovementioned website.

2. DATA CONTROLLER

The Data Controller for processing is Intals S.p.A., with registered office at via E. Schievano 7 - 20143 Milano (MI), Italy.

3. TYPES OF DATA PROCESSED

3.1. DATA REGARDING DIRECT CUSTOMERS, CUSTOMER COMPANIES, OR SUPPLIER COMPANIES
Personal data communicated by the subjects indicated above, or collected by the present company while conducting contractual relations, are a consequence of the need to conduct activities agreed between the parties.

Purpose and legal basis for data processing (GDPR Art.13, par. 1, lett. c)	Data are collected and used in order to: sustain contractual/professional relations; fulfill precontractual, contractual, and fiscal obligations deriving from the relations in force, and manage necessary associated communications; fulfill obligations deriving from law, regulations, EU standards, or orders from national authorities; exercise legitimate interests and the rights of the data controller (for example: the right to defense in legal proceedings, the protection of credit interests; routine internal operational, management, and accounting requirements).
Ambit of communication (GDPR Art.13, par. 1, letts. e, f)	The data are processed exclusively by internal personnel, duly authorized and instructed as regards processing (GDPR Art. 29) and the data will not be communicated to external subjects, disseminated, or transferred to countries outside the EU.
Data processing methods (GDPR C. 39)	Personal data are processed using automated and printed instruments. Specific security measures are applied to prevent loss of data, illicit or inappropriate use, and unauthorized access.
Data storage period (GDPR, Art.13, par. 2, lett. a)	The data are normally stored for short time periods, strictly necessary for fulfillment of contractual or regulatory obligations.
Provision of data (GDPR, Art.13, par. 2, lett. f)	The data are requested by the present company for the purposes indicated.
Legitimacy (GDPR, Art. 6 par. 1)	Processing is necessary for the establishment of contractual relations and consequently consent is not required.

3.2. WEBSITE NAVIGATION DATA
The normal operation of the computer systems and software procedures involved in the functioning of this website result in acquisition of certain personal data, the communication of which is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with specific data subjects, but it could by its nature permit identification of users after processing and association with other data held by third parties. This data category includes IP addresses or domain names of the computers used to connect to the website, addresses in URI (Uniform Resource Identifier) notation for requested resources, request times, methods used to submit requests to the server, size of files received in response, numeric codes indicating the server response status (successful, errors, etc.), and other parameters regarding the user's operating system and computer platform.

Purpose and legal basis for data processing (GDPR Art.13, par. 1, lett. c)	The data are used for the sole purpose of extrapolating anonymous statistical data about the use of the website, and to monitor its correct operation. They are cancelled immediately after processing. The data could be used for establishing responsibility in hypothetical cases of cyber crime to the damage of the website.
Ambit of communication (GDPR Art.13, par. 1, letts. e, f)	The data are processed exclusively by internal personnel, duly authorized and instructed as regards processing and the data will not be communicated to external subjects, disseminated, or transferred to countries outside the EU. They could be made available to the competent authorities only in cases of criminal investigations.
Data processing methods (GDPR C. 39)	Personal data are processed using automated and printed instruments. Specific security measures are applied to prevent loss of data, illicit or inappropriate use, and unauthorized access.
Data storage period (GDPR, Art.13, par. 2, lett. a)	The data are normally stored for short time periods, with the exception of incidental extensions associated with investigative activities.
Provision of data (GDPR, Art.13, par. 2, lett. f)	The data are collected automatically in relation to interested parties and for the purposes indicated above.
Legitimacy (GDPR, Art. 6 par. 1)	Processing is necessary to satisfy legal obligations and consequently consent is not required.

3.3. COOKIES
For a description of the types of cookies used, their management and purposes, see the "Cookie Policy" paragraph in the relevant document published on this website.

4. RIGHTS OF DATA SUBJECTS (GDPR arts. 15-22)

At any time data subjects may exercise the right to:

Request confirmation of the storage or otherwise of their own personal data;
Receive explanations for the purpose of processing, the categories of personal data held, the subjects or subject categories to whom the personal data have been or will be communicated, and, when possible, the period of storage;
Obtain correction or cancellation of data;
Limit processing;
Obtain data portability, which means receiving the data from a data controller in a common structured format readable by automatic systems, and transmit the same to another data controller without impediment.
Oppose processing at any time including use for purposes of direct marketing;
Oppose automated decisional processes regarding natural persons, including profiling;
Submit complaints to the Italian Personal Data Protection Authority.

Requests should be submitted to the data controller by e-mail to This email address is being protected from spambots. You need JavaScript enabled to view it.

Every effort will be taken to integrate the operation of this website with the automatic privacy control mechanisms available in certain products utilized by website users.

5. DATA PROTECTION OFFICER:

The Data Protection Officer (DPO) is not identified since the present company does not process data of natural persons under the definition of art. 37 of European Regulation GDPR 2016/679.

Bearing in mind that the degree of reliability of automatic control mechanisms is not currently free of errors and malfunctions, the present document, published at the Internet address https://intals.it/en/privacy-policy-en.html comprises the “Privacy Policy” for the present website and is subject to future revision.