Privacy

Information about the processing of personal data according to articles 13-14 of the European Regulation (EU) 2016/679

GDPR (General Data Protection Regulation) and implementing provisions

 

1. Data Controller

The Data Controller of the acquired data through this website is:

DAVIFIL SRL
headquartered in Benna (BI), via N.Sauro 43
Social Security Number and VAT number 01672450028

Our contact details are the following:

Phone: 015.2558198
mail: info@davifil.it

2 . Data processing

We inform you that in general:

  • The data are processed in a lawful, fair and transparent manner in relation with the data subject, in accordance with the general principles of GDPR and Privacy Code;
  • we collect and process your data only for the purposes indicated in this policy or for specific purposes already shared with you and/or in relation to which you have given your consent;
  • our aim is to collect, process and use the least number of personal data as possible;
  • when we need to collect your personal data, we make sure that they are the most accurate and updated as possible;
  • if the personal data we collect are no longer necessary for any purposes and we are not required to keep it in accordance with the law, we will do everything possible to delete, destroy or anonymize it;
  • specific security measures are observed to prevent the loss of data, illegal or incorrect use and unauthorized access.
  • your personal data will not be shared, sold, made avalaible or communicated to subjects other than those indicated in the policy.

3. Data collected and purpose of the processing

The data collected as indicated below will be processed by using paper (registration forms, order forms, etc.), IT (management software, accounting, etc.) and telematic means with organization and processing logics strictly related to purposes themselves and in any case in order to guarantee the security, integrity and confidentiality of the data in compliance with the organizational, physical and logical measures provided by the current instructions .

 

 

If the person providing the data is under the age of 16, this processing is lawful only if and to the extent that such consent is given or authorized by the holder of parental responsibility for whom the identification data and copy of the documents are acquired.

 

 

The data collected are exclusively “common” data such as, for example, name, surname, fiscal code, etc.

If it is necessary to collect data of a particular type in accordance with the articles 9 and 10 of the GDPR, the express consent will be required and, in any case, the same will not be disclosed.

 

 

The computer systems and software procedures used to operate the above-mentioned websites acquire during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols, defined as “navigation data”.

This information is not collected to be associated with identified interested parties, but which by their nature could – through processing and association with data held by third parties – allow users to be identified.

 

 

 

This category of data includes, for example, the IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) ​​addresses of the requested resources, the time of the request, the method used in the submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.

These data are used for the only purpose of obtaining anonymous statistical information about the use of the site and to check its correct functioning. The data could also be used to ascertain responsibility in case of hypothetical computer crimes against the site (legitimate interests of the owner).

 

The data are processed exclusively by internal personnel, duly authorized and trained in the processing and will not be disclosed to external subjects, disseminated, or transferred to non-EU countries. Only in the event of an investigation they could be made available to the competent authorities.

The data are usually kept for short periods of time, with the exception of any extensions connected to investigation activities.

The data are not provided by the data subject, but they are automatically acquired by the site’s technological systems.

3.1 Cookies

Cookies are text files stored on your computer or on mobile device that are used by the websites listed above to make the user experience more efficient.

 

The site uses technical cookies and profiling, including from third parties.

The European Regulation requires that the “visitor of the site / user of the platform” expresses consent to the processing of personal data concerning him / her through a direct, explicit, unequivocal and distinguishable act also for the so-called “technical cookies”.

 

The specific “Cookie Policy” form indicates what are the cookies used, all the technical mechanisms for management and the possible revocation of the consent granted under the new Regulation.

By consulting the form, the data subject is independently able to view the consents granted and, if necessary, to withdraw consent to one or more areas of activity of cookies.

For specific information on how we manage cookies, you can consult our Cookie Policy.

3.2 Data collected with the user’s consent and purpose of the processing

The optional, explicit and voluntary sending of personal data within the various forms on the site indicated above, expressly accepting the privacy policy, involves the subsequent acquisition of the sender’s name and email address, necessary to respond to requests, as well as any other personal data entered. The company that manages the technological infrastructure and its representatives may access the data, only for maintenance purposes.

 

The collected data will be processed for the following purposes:

 

  • Execute the contractually agreed services;
  • Fulfill legal and accounting and administrative obligations;
  • Fulfill all legal obligations imposed on the Data Controller.

3.3 Sign up

This page allows the user to register on the site by creating an exclusive username and password in order to have free access to a series of services using specific credentials:

 

 

A series of personal data are requested (Customer category, Company name, Sector, Name, Surname, Address, ZIP code, City, VAT number or Tax Code, Email, Telephone, Fax).

 

Registration is subject to the acceptance of specific, free, and informed consent. The data are processed exclusively by duly authorized and trained personnel. Depending on the services requested, the data are kept for times compatible with the specific purpose of the collection. The provision of data relating to the mandatory fields is necessary in order to obtain an answer. Failure to provide the data indicated as mandatory or consent will make it impossible to access the various services.

3.4  Order confirmation

This page, accessible during the purchase procedure, allows those interested in the products and services offered by the site to register as customers and purchase the products / services online. Customers already registered on the site and in possession of their username and password can proceed with the purchase by recovering all the data previously entered. In the form proposed to new customers, a series of personal data are requested (category of customer, company name, sector, name, surname, address, postcode, city, VAT number or tax code, email, telephone, fax) and the choice of the person concerned with an individual and exclusive username and password. The registration is subject to the acceptance of specific, free and informed consent and of the general conditions and conditions of sale. The data are processed exclusively by duly authorized and trained personnel. The data are kept for a period of time compatible with the current national administrative and fiscal regulations. The provision of data relating to the mandatory fields is necessary in order to obtain an answer. Failure to provide the data indicated as mandatory or consent will make it impossible to make purchases.

3.5 Sign in 

The “Login” page allows access to a reserved area of ​​the site for those who are already registered customers and who are in possession of appropriate access credentials (username and password), or who register as new customers by filling out the present form on the “Register” page and generating your login credentials (user and password).

4. Categories of data recipients

Without prejudice to the communications made in compliance with legal and contractual obligations, all data collected and processed may be communicated exclusively for the purposes specified above to the following categories of interested parties: Companies or professional offices that provide consultancy activities or collaboration in accounting, tax, legal, commercial; Public administrations for the performance of institutional functions within the limits established by the law; to third party service providers to whom communication is necessary for the fulfillment of the services covered by the contract.

5. Retention period

The data required for contractual, accounting and related to the provision of the service are kept for the time necessary to carry out the contractual relationship, including the relevant applicable legislative requirements. The data of those who do not purchase or use products/services, despite having had a previous contact with company representatives, will be immediately deleted or treated anonymously, where their conservation is not otherwise justified, unless it has been validly acquired the informed consent of the parties concerned relating to a subsequent commercial promotion or market research activity.

6. Legal basis

The processing of customer data is based on the consent given or on the fact that the processing is necessary for the performance of a contract in which the customer is a contracting party, or to take the necessary measures prior to the conclusion of the contract upon request of the customer (see Article 6 paragraph 1 letter a and b of the GDPR).

If the processing is based on the user’s consent, the same can revoke it at any time using the contact details indicated in point 1.

 

 

In order to stipulate a contract regarding the purchase of goods or services, it is necessary to provide the requested personal data. If all the requested data are not provided, it will not be possible to provide what is requested.

7. Rights of the interested party

In accordance with the European Regulation 679/2016 (GDPR) and the national legislation, the interested party may, according to the methods and within the limits established by current legislation, exercise the following rights:

  • to request confirmation of the existence of personal data concerning him (right of access);
  • to know its origin;
  • to receive intelligible communication;
  • to have information about the logic, methods and purposes of the processing;
  • to request the updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected;
  • in cases of consent-based processing, to receive their data provided to the owner, in a structured and readable form by a data processor and in a format commonly used by an electronic device;
  • the right to submit a complaint to the supervisory Authority.

 

The exercise of your rights may take place by sending a request by e-mail to the address of the Data Controller.

8. Transfer of personal data outside the EU area

The management and storage of Personal Data will take place on servers located within the European Union of the Owner and/or duly appointed third parties. The data will not be transferred outside the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the location of the servers to non-EU countries. In this case, the Data Controller ensures from now on that the data will be transferred in accordance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection

9. Update

This information may be subject to periodic review, also in relation to the relevant legislation and jurisprudence. In the event of significant changes, appropriate evidence may be given on the website homepage for a reasonable time. However, the interested party is invited to periodically consult this information.