PRIVACY AND COOKIE POLICY

PRIVACY POLICY

Dear Data Subject, we wish to inform you that ‘European Regulation 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data’ (hereinafter ‘GDPR’) provides for the protection of individuals with regard to the processing of personal data as a fundamental right. Pursuant to Article 13 of the GDPR, we therefore inform you that:

A. CATEGORIES OF DATA
Savifin srl will process your personal data such as:

a. Automatically collected data. The computer systems and applications dedicated to the operation of this website detect, in the course of their normal operation, certain data (the transmission of which is implicit in the use of Internet communication protocols) potentially associated with identifiable users. Falling into this category is data such as the IP addresses or domain names of the computers used by users visiting the site, addresses in the URI (Uniform Resource Identifier) notation of the requested resources, the time requested, the method used to make the request to the server, the size of the file received in response, the numeric code indicating the status of the response given by the server falls into this category (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment. These data are processed, for the time strictly necessary, for the sole purpose of obtaining statistical information on the use of the site and to monitor it is operated correctly. The provision of such data is mandatory as it is directly linked to the web browsing experience.

b. Data provided voluntarily by the user The voluntary and explicit sending of electronic mail to the addresses indicated in the various access channels of this site does not imply a request for consent, and any completion of forms specifically designed for this purpose entails the subsequent acquisition of the sender’s/user’s address and data, which are necessary in order to respond to the requests made and/or provide the service requested. If you voluntarily send e-mails to our e-mail addresses, no further information or request for consent is required. On the contrary, specific summary information will be reported or displayed on the pages of the site set up for particular services on request (forms). The user must therefore explicitly consent to the use of the data in these forms in order to send the request.

c. Cookies The site uses cookies. The data collected through cookies may be used to access parts of the site or for statistical purposes or to make the browsing experience more pleasant and more efficient in the future, by attempting to assess user behaviour and to modify the proposed content offer according to user behaviour. A separate cookie policy is available for more information.

PROTECTION OF PERSONAL DATA
The personal data in Savifin srl’s possession is collected directly from the data subject.

C. DATA CONTROLLER
The data controller is:
Savifin srl
Via Volta, 34 – 20825 Barlassina (MB)
Tax ID Code and VAT no.02238390963

D. CONTACT DETAILS OF THE D.P.O.
The holder does not need to appoint a D.P.O.

E. PURPOSE OF DATA PROCESSING AND LEGAL BASIS
The processing of your data is based on your consent and is carried out for the following purposes:
1. Improving the web browsing experience;
2. Use of the data in contact e-mails and forms to send replies to specific requests;
3. Assessing user behaviour and modifying content offerings according to user behaviour.

F. RECIPIENTS OF THE DATA
Within the limits relevant to the processing purposes indicated, your data may be communicated to partners, consulting companies, private companies, appointed by the Data Controller as Data Processors or for legal obligations or to fulfil your specific requests. Your data will not be disseminated in any way. The Data Controllers and Data Processors are duly identified in the Privacy Document, which is updated periodically.

G. TRANSFER OF DATA TO OTHER COUNTRIES
The data collected are not communicated to the Controller’s foreign partners, natural and/or legal persons, or to other companies in third countries that are part of the same business group as the Controller.

H. RETENTION PERIOD
The data collected will be stored for a period of time not exceeding the fulfilment of the purposes for which they are processed (‘principle of storage limitation’, Art.5, GDPR) or according to the deadlines provided for by law. Verification of the obsolescence of stored data in relation to the purposes for which they were collected is carried out periodically.

I. RIGHTS OF THE DATA SUBJECT
The data subject is always entitled to request from the Data Controller access to his/her data, rectification or erasure thereof, restriction of processing or the possibility to object to processing, to request data portability, to withdraw consent to processing by asserting these and other rights provided for by the GDPR by simple communication to the Data Controller. The data subject may also file a complaint with a supervisory authority.

J. WHETHER OR NOT CONSENT IS COMPULSORY
The provision of your data is compulsory when browsing our website with regard to points E.1 and E.2 of the above-mentioned purposes, in order to enable the correct provision of the service. The provision of your consent for point E.3 is optional and will not affect the provision of the service in any way.

K. DATA PROCESSING METHODS
The personal data you provide will be processed in compliance with the above-mentioned legislation and with the confidentiality obligations that govern the Controller’s activities. The data will be processed both electronically and in hard copy or on any other suitable medium, in compliance with the appropriate security measures pursuant to Art. 5 par. 1 lett. F of the GDPR).


COOKIE POLICY

WHAT ARE COOKIES?
Cookies are small text files sent by the site to the terminal of the data subject (usually the browser), where they are stored and then transmitted to the site the next time the same user visits. A cookie cannot retrieve any other data from the user’s hard disk or transmit computer viruses or acquire email addresses. Each cookie is unique to the user’s web browser. Some of the functions of cookies may be delegated to other technologies. In this document, the term ‘cookies’ refers both to cookies as such and to all similar technologies.
Cookies can be used to record information about your preferences, such as the pages you browse or the files you download from our site, or other similar actions you take while browsing our site.

COOKIES FROM FIRST- OR THIRD-PARTIES 
Cookies may be first or third party cookies, where ‘first party’ means cookies developed by the site owner itself, and ‘third party’ means cookies developed by third parties other than the site owner.

NATURE OF COOKIES
As regards the nature of cookies, there are several types:
Technical cookies Technical cookies are those used for the sole purpose of ‘carrying out the transmission of a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide such a service’ (see Art. 122, para. 1 of the Code).
They are not used for any other purpose and are normally installed directly by the owner or operator of the website. They can be divided into:
– browsing or session cookies, which ensure the normal navigation and use of the website (allowing, for example, a user to make a purchase or authentication to access restricted areas); they are actually necessary for the proper functioning of the site;
– analytics cookies, assimilated to technical cookies where they are used directly by the site operator to collect information, in aggregate form, on the number of users and how they visit the site, in order to improve the performance of the site;
– functionality cookies, which allow the user to navigate according to a number of selected criteria (e.g., language, products selected for purchase) in order to improve the service provided to the user. Users’ prior consent is not required for the installation of such cookies (more information in the section Managing cookies below).
Profiling cookies Profiling cookies are designed to create profiles of the user and are used to send advertising messages in line with the preferences expressed by the user while surfing the web.
The consent of the person concerned is required for the use of profiling cookies. According to measure no. 229 of 8 May 2014 the user must be able to authorise or refuse consent to the installation of profiling cookies if they are present.
In the case of third-party cookies, the site has no direct control over individual cookies and cannot control them (it can neither directly install them nor delete them). You can still manage these cookies through your browser settings (follow the instructions below), or the sites listed in the “Cookie Management” section.
The User is therefore invited to check the site of the third party indicated below.
The site uses only technical cookies.

COOKIE DURATION
Cookies have a lifetime dictated by the expiry date (or a specific action such as closing the browser) set at the time of installation. Cookies can be:
– temporary or session cookies: these are used to store temporary information, allow you to link actions performed during a specific session and are removed from your computer when you close your browser;
– persistent cookies: these are used to store information, such as your login name and password, so that you do not have to re-type them each time you visit a specific site. These remain stored on the computer even after closing the browser.
Session cookies are not stored once the connection to this website is terminated. The computer systems used for this site use temporary and permanent cookies.

COOKIE MANAGEMENT
You can deactivate cookies on websites by downloading special software such as Ghostery (https://www.ghostery.com) for your browser and disabling the use of individual cookies. Or you can activate the ‘anonymous surfing’ mode – this is a function that allows you to surf without leaving any trace of your surfing data in the browser. This function only makes it possible not to keep navigation data in the browser.
Alternatively, you can disable/delete cookies by accessing the configuration panel of your browser.

ACCEPTANCE AND REJECTION OF COOKIES
By continuing to browse this site, closing the information wrapper or clicking anywhere on the page or scrolling down to highlight further content, you accept the Cookie Policy and will be setting and collecting cookies. If you do not accept cookies by abandoning the session, any cookies already stored locally in your browser will remain stored there but will no longer be read or used by us until you accept the Policy at a later date. You will always be able to remove these cookies at any time using the methods mentioned.


INFORMATION ON THE USE OF FORMS

Dear data subject, we would like to inform you that the ‘European Regulation 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data’ (hereinafter ‘GDPR’) provides for the protection of persons and other subjects with regard to the processing of personal data. Savifin srl, in its capacity as ‘Data Controller’, in accordance with Article 13 of the GDPR, therefore, provides you with the following information:

A. CATEGORIES OF DATA
Savifin srl will process the personal data entered in the forms on the site.

B. PROTECTION OF PERSONAL DATA
The personal data which Savifin srl will be in possession of are collected directly from the person concerned when filling in the forms on the site.

C. DATA CONTROLLER
The data controller is:
Savifin srl
Via Desio, 47/49 – 20813 Bovisio Masciago (MB)
VAT NO. 00732010962
please contact info@gruppoformenti.it

D. CONTACT DETAILS OF THE D.P.O.
the holder does not need to appoint a D.P.O.

E. PURPOSE OF DATA PROCESSING AND LEGAL BASIS
The processing of your data, collected and archived in relation to the completion of the forms, has the legal basis of your consent and is carried out for the purposes indicated (e.g., requesting information, providing the assistance and technical support services requested, commercial profiling activities, personnel selection, etc.).

F. RECIPIENTS OF THE DATA
To the extent relevant to the purposes of processing indicated, your data may be communicated to partners, consultancy firms, private companies, appointed as Data Processors by the Data Controller. Your data will not be disseminated in any way. The Data Controllers and Data Processors are duly identified in the Privacy Document, which is updated periodically.

G. TRANSFER OF DATA TO OTHER COUNTRIES
The data collected are not communicated to the Controller’s foreign associates or Processors located in third countries.

H. RETENTION PERIOD
The data collected will be stored for a period of time not exceeding the fulfilment of the purposes for which they are processed (‘principle of storage limitation’, Art.5, GDPR) or according to the deadlines provided for by law. Verification of the obsolescence of stored data in relation to the purposes for which they were collected is carried out periodically.

I. RIGHTS OF THE DATA SUBJECT
The data subject is always entitled to request from the Data Controller access to his/her data, rectification or erasure thereof, restriction of processing or the possibility to object to processing, to request data portability, to withdraw consent to processing by asserting these and other rights provided for by the GDPR by simple communication to the Data Controller. The data subject may also file a complaint with a supervisory authority.

J. WHETHER OR NOT CONSENT IS COMPULSORY
We would like to inform you that the provision of data is optional for some fields and compulsory for others (marked with an asterisk) and that failure to provide this data will result in the forms not being sent.

K. DATA PROCESSING METHODS
The personal data you provide will be processed in compliance with the above-mentioned legislation and with the confidentiality obligations that govern the Controller’s activities. The data will be processed both by electronically and in hard copy or on any other suitable medium, in compliance with appropriate technical and organisational security measures provided for by the GDPR.