Browsing this website may lead to the processing of data concerning identified or identifiable persons.
Pursuant to the applicable regulation and to the provisions of article 13 of EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the “EU Regulation”), we would like to inform you that the Controller of the Data you provide is Miroglio S.p.A., with registered offices in Alba (CN), Via S. Margherita 23, Italy, fiscal code and VAT no. 00164430043 (hereinafter the “Controller”).
We would also like to inform you that the Miroglio Group has appointed a Data Protection Officer, who resides at the following address: Miroglio Group – Data Protection Officer, Via S. Barbara 11, 12051 – Alba (CN), Italy, email: firstname.lastname@example.org.
METHODS FOR PROCESSINGAND POSSIBLE RECIPIENT OF PERSONAL DATA
Specific safety measures are complied with to prevent loss of data, illegal use or misuse of and unauthorised access to the same. Processing connected to this website’s services is only carried out by personnel in charge of processing, or by Data Processors in charge of occasional maintenance operations.
Data may be disclosed to other companies belonging to the Miroglio Group or to third parties qualified as external Data Processors, exclusively for activities related to the purposes set forth in the specific disclosures on the site. A full list of external Data Processors may be requested at any time in writing from the Data Controller, Miroglio S.p.A., at the address specified in the section “Rights of the data subject”.
Personal data will be processed within the European Union.
TYPE OF DATA PROCESSED
Computer systems and software procedures used for operating this website acquire, during normal operation, some personal data whose conveyance is implicit in the use of Internet communication protocols. This information is not collected to be associated to identified parties, but due to its very nature it might allow users to be identified through processing and association with data held by third parties. This category of data includes IP addresses or domain names of computers used by users connecting to the site, URI (Uniform Resource Identifier) of requested resources, time of request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the user’s operating system and computer environment.
These data are only used to obtain anonymous statistical information about site use and to ensure its correct operation and are deleted immediately after processing. The data might be used to ascertain liability in the event of hypothetical computer crimes against the website: except for this eventuality, the data on web contacts currently do not persist longer than seven days.
Data intentionally supplied by the user
Browsing the website does not require the provision of any personal data by the user. The optional, explicit and voluntary sending of e-mail to the addresses listed on this site involves subsequent acquisition of the sender’s address, required to respond to requests, and any other personal data included in the message. Said data will only be used in order to follow up the user’s request and they may be disclosed to third parties only when this is necessary for said purpose.
The processing of the data for such purposes does not require your consent, since the processing is necessary for the execution of a contract to which you are party or for the application of pre-contractual measures adopted at your request (article 6, subparagraph 1, letter b of the Regulation) or, where applicable, in order to fulfil a legal obligation (article 6, subparagraph 1, letter a of the Regulation).
For the processing of data for purposes other than the ones mentioned above,
said data will be retained for the time that is strictly necessary for the provision of the requested service to the user and they will be deleted immediately afterwards, without prejudice to other obligations of retention stipulated by law.
Data concerning self-application on Vendor Management Portal (Suppliers Area)
In case of self-application on the Vendor Management Portal, the Data Controller will process the following categories of supplier’s data: a) personal and identification data; b) contact details; c) any further information and/or document directly provided by the supplier.
The abovementioned data will be processed on the legal basis of the consent of the applicant supplier and only for the purposes of self-application management on the Vendor Portal.
The data entered in the Vendor Management Portal, for the aim of the self-application, could be stored until December 31st of the calendar year following the one of the self-application data entry.
OPTIONAL NATURE OF DATA PROVISION
Except as specified for navigation data, the user is free to provide personal data when requested in special sections of the site. Failure to provide them may involve the impossibility to obtain what is required.
RIGHTS OF THE DATA SUBJECT
The subjects of the personal data have the right, at any time, to exercise their articles as they arise from articles 15 et seq. of the EU Regulation, among which: a) the right to be informed on the purposes and methods of processing; b) access; c) update and rectification; d) deletion, anonymisation or blocking; e) objection to processing, including objection to automated decision-making and profiling; f) withdrawal of consent; g) portability; h) limitation of processing.
The subjects of the personal data also have the right to lodge a complaint with the supervisory authority.
Said rights may be exercised by directly contacting the Controller at the e-mail address email@example.com or by writing to Miroglio Group – Group Privacy Officer, Via S. Barbara 11, 12051 – Alba (CN), Italy.
AMENDMENTS TO THE POLICY