-Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation, hereinafter “EU Regulation”)
-Legislative Decree no. 196 of 30 June 2003 (hereinafter “Privacy Code”), as amended by Legislative Decree no. 101 of 10 August 2018
-Recommendation no. 2 of 17 May 2001 concerning the minimum requirements for the collection of data online in the European Union, adopted by the European authorities for the protection of personal data, meeting in the Working Party established by Article 29 of Directive no. 95/46/EC (hereinafter the “Recommendation of the Working Party pursuant to Article 29”)
Var Group S.p.A. (hereinafter also the “Company”), a duly established corporation with registered office in via Piovola 138, Empoli (FI), VAT no. 03301640482, wishes to inform users of the terms and conditions applied by the Company to the processing operations carried out on personal data during the navigation of its company website. In particular, the information is provided in relation to users’ personal data consulting and using the company website, under the following domain: www.sesa.it. The Company acts as “Data Controller”, meaning “the natural or legal person, public authority, service or other body that, individually or together with others, determines the purposes and means of the processing of personal data”. In concrete terms, the processing of personal data may be carried out by persons specifically authorised to carry out processing operations on users’ personal data and, for this purpose, duly instructed by the Company. In application of the regulations on the processing of personal data, users who consult and use the Company’s website are qualified as “Data Subjects”, meaning the natural persons to whom the personal data being processed refer. This policy does not extend to other websites that may be consulted by users through links, including social buttons, on the Company’s website. In particular, social buttons are digital buttons or direct link to social network platforms (such as LinkedIn, Facebook, etc.), configured in each single “button”. By clicking on these links, users can access the Company social accounts. The editors of social networks, to which the social buttons refer, operate as autonomous Data Controllers; consequently, any information relating to the methods by which the aforementioned Data Controllers carry out the processing operations on the users’ personal data can be retrieved in the related Social Network platforms privacy policies.
Personal data subject to processing. In consideration of the interaction with this website, the Company may process the following personal data:
Purpose and legal basis for the processing of personal data
Rights under Articles 15, 16, 17, 17, 18, 20 and 21 of EU Regulation 2016/679
Users, as Data Subjects, may exercise the rights of access to personal data provided for in Article 15 of the EU Regulation and the rights provided for in Articles 16, 17, 18, 20 and 21 of the same Regulation regarding the rectification, cancellation, limitation of the processing of personal data, data portability, where applicable, and opposition to the processing of personal data. The aforesaid rights can be exercised by a written communication to the following address: firstname.lastname@example.org. If the Company does not provide feedback within the time limits provided for by the legislation or the response to the exercise of rights is not suitable, users may lodge a complaint to the Italian Data Protection Authority using the following contact information: Italian Data Protection Authority, Fax: (+39) 06.69677.3785 Telephone: (+39) 06.69677.1 E-mail: email@example.com
Data protection Officer
SeSa S.p.A., company acting as holding company in SeSa group of undertakings, has appointed, after assessing the expert knowledge of data protection laws, a Data Protection Officer. The Data Protection Officer supervises compliance with data protection regulations and provides the necessary advice. In addition, where necessary, the Data Protection Officer cooperates with the Italian Data Protection Authority. Here are the contact details: firstname.lastname@example.org
Navigation data: the computer systems and software procedures used to operate this website acquire, during normal operation, some personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected in order to be associated with Data Subjects but may by its very nature allow the identification of users through processing and association with personal data held by third parties. Navigation data include IP addresses or domain names of devices used by users who connect to the site, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc..) and other parameters relating to the operating system and device environment of the user. The navigation data collected are used only to obtain anonymous statistical information on the use of the website and to check its correct functioning. Navigation data are stored for a maximum of12 months, without prejudice to any need to detect and prosecute criminal offences by the competent authorities.