From this website personal data may be collected from the user and, therefore, it must be done in accordance with current regulations. From undicipezzi.com we will only collect, treat, keep, transmit or proceed to delete those personal data that are necessary, always maintaining the principle of data minimization.
In addition, our principle will always be transparency with our customers and our users, so we will give as much information as possible about how we use personal data and for what purpose.
Any process within undicipezzi.com that involves the processing of personal data will be carried out with the strictest respect for the provisions of EU Regulation 2016/679.
This Policy lays the foundations with which Undici Pezzi, as “Data Controller”, manages the personal data of web users, information seekers and customers.
This policy details elements related to the website, without prejudice to other information related to the General Data Protection Regulation, which may be detailed in other policies and which may be made available to you in different media.
You can make any enquiries you may have, in relation to privacy and the General Data Protection Regulation, by contacting us by email at [email protected].
Information of the person in charge of the treatment
Identity: Undici Pezzi
VAT NUMBER: XXXXXXXXXXXX
E-mail: [email protected]
RGPD information e-mail: [email protected]
Personal information
The purpose of our website is to inform any internet user about the activities, products and services developed by undicipezzi.com.
The mere visit to our website may cause cookies to be stored. Please consult the information related to our Cookies Policy.
You can send queries through the mail [email protected] how, although it will be necessary to collect personal data on an ad hoc basis, and these will be treated for the requested sending or to solve the doubts or questions that you ask us.
In any case, this information is collected with your express, voluntary and informed consent. The personal information you submit to us will be treated securely and confidentially.
Your data will not be used for purposes other than those described and, in any case, if necessary, you will be previously informed and your consent will be required.
Purpose of processing
Purpose
The purpose of the collection and processing of this data is to be able to manage the requests made by users of the website, and to be able to send the Newsletter when requested to do so.
When, from the communications made, a relationship beyond the one described above is derived, the purpose will be extended to those described in our records of processing activities.
Basis of processing
The data collected will be processed with your consent, which you may revoke at any time. This consent will be expressly informed at each of the points on the website where it is required, also establishing simple, free and accessible systems for opposition to the processing of your data when it deems appropriate.
The submission of personal data implies that they are true, accurate and that you must update them when they are modified.
Records of Processing Activities
WEB USER MANAGEMENT
Purpose of processing: Management of the contact details of users of the website. Management of queries. Management of information derived from cookies. Newsletter management.
Legitimacy of processing: Consent/legitimate interest.
Categories of personal data:
Identity: Name and surname; identifier; e-mail. Telephone.
Professional data: (place and contact details).
Rights of data subjects: access, rectification, deletion, opposition, limitation and revocation of consent.
Access to personal data on behalf of third parties: Service providers with access to data (designers and platform(s)/web providers, hosting, maintenance and support services for our databases and software and web applications). Marketing/advertising partners for Newsletter mailings.
Categories
Data collected
The data that may be collected from the website will be identification data (full name) and contact data (email and telephone).
We may also, on occasion, process other unique numeric identifiers such as your computer’s IP address or mobile device identifier, or information we collect through cookies.
When you send us an email or make use of specific forms (which we may incorporate), we will be collecting the data you submit in the communication that we may need to respond.
If you use social networks to contact us, we may collect your image in our profile.
Recipients.
The personal data provided may be communicated to entities that assist us in the management of commercial communication processes and in the provision and maintenance of technological services (for example, the website). We also have external partners who assist us with design, development, marketing and advertising activities.
As a policy of undicipezzi.com, we only contract with entities that offer sufficient guarantees to apply appropriate technical and organisational measures, so that the processing of the data you have provided us with is in accordance with the requirements of the data protection regulations and guarantees the protection of the rights of the data subject.
We do not sell or exchange personal data; we only communicate or give access to data to suppliers or subcontractors who have been previously assessed and with whom we have confidentiality agreements.
In addition, the Supervisory Authority may have access to your data.
International transfers
In general, personal data will not be processed outside the EU. However, we do have providers that have the capacity for information outside the European area, such as social networks (Facebook®, Twitter®, LinkedIn®, Google+®, Pinterest®) or tools that assist us in the management of activities (e.g. MailChimp® or Google®). All providers are members of Privacy Shield, which certifies that their security measures are in line with those required in the European Union.
Some of the cookies we have are from third parties and are being transferred outside the European area. However, they are suppliers that adhere to the Privacy Shield.
Third party links
In some cases, from our website we may provide access to third-party websites or applications (e.g. social networks). We cannot guarantee the security available in these third-party environments. Please read carefully the legal policies associated with these third parties. If a user detects that these third parties violate rules or affect the integrity of users, please notify us at [email protected].
Retention periods
Our corporate policy states that we will only keep your personal data for as long as is essential and necessary for each processing purpose. The retention period will generally be imposed by law, either to provide you with a service or because we need to retain evidence of compliance. In any case, the periods will vary according to each of the processing operations we carry out.
To determine the retention period, by way of example and without being exhaustive or limitative, the following criteria are used:
-Data associated with cookies. 12 months from the consent of each user.
-Exercise of rights, during the period indicated by the regulations in force for the exercise of responsibilities.
In any case, the data, once the purpose for which they were collected has expired, initially about 3 years, will be cancelled.
When the data are no longer necessary for the fulfilment of the obligations and duties established, they will be regularly and securely deleted.
User rights
We guarantee you the right to exercise the rights that you, as the owner of personal data, have. To exercise your rights against Undici Pezzi, simply contact us by e-mail at [email protected].
In general, we will explain briefly what rights you have:
- You have the right to obtain confirmation as to whether we are processing your personal data.
- You have the right to access your personal data, as well as to request its rectification if it is inaccurate, or to request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
- You have the right to revoke your consent, however, this revocation does not affect the lawfulness of the processing prior to the revocation. If you no longer wish to receive information from our Newsletter, you can indicate this in any mailing (by detailed unsubscribe actions) or by sending communication to the e-mail address [email protected].
We will also try, where technically possible, to grant you the right to receive your data or provide it to third parties in a structured, accessible and machine-readable format, in accordance with the regulations of Art. 20 of the EU General Data Protection Regulation.
Detailed rights
But we want to give you a little more detail:
The right to obtain information in a clear and transparent manner about how your personal data is processed, the purpose of the processing, retention periods, data transfers to third parties or international processing of the data and the possibility to lodge complaints with the Spanish Data Protection Agency.
Right to access and know what personal data we are processing.
Right to request:
The suspension in the processing while we proceed to the rectification of your data.
The right to keep your personal data for the exercise of actions or claims in defence of your interests.
The rectification of personal data that is inaccurate or incomplete.
The right to erasure of your personal data when the purpose of the processing ceases to exist, or when you have given your consent for it to be erased unless there is a legal obligation to retain it.
The right to object to the processing of your personal data.
The right to limit the processing of your personal data for certain activities.
The right to the portability of your personal data, which operates in certain circumstances in which the data are processed automatically and whenever possible.
Remember that you have the right to revoke/withdraw your consent at any time.
How to exercise your rights
To process your request to exercise your rights, which will be free of charge, you can contact us by e-mail at [email protected]. To exercise your rights, you must provide reliable proof of identity by means of a valid identification document. If you are acting on behalf of a third party, you must present us with the representation document.
Guardianship before the supervisory authority
You may lodge a complaint for the protection of your rights with the Spanish Personal Data Protection Agency at its electronic headquarters or at its postal address at Calle Jorge Juan 6, 28001 Madrid. For further information, please visit the website www.agpd.es.
Security measures
It is corporate policy to maintain the necessary technical and organisational measures to guarantee the security of personal data and to avoid its alteration, loss, processing or unauthorised access, in compliance with current legislation on personal data protection.
All security measures developed and implemented are based on risk management. All measures have been considered in accordance with the requirements of the General Data Protection Regulation.
Our measures are required for all our suppliers. All staff with access to personal data in our organisation, whether they are our own or third parties’, must follow the security measures.
It is our group policy to maintain the security, integrity and confidentiality of your personal data. Failure to comply with our rules will be investigated.
Any action that attempts to attack our security measures, and which is done knowingly, will involve actions by our IT department and specialised providers to protect the data and investigate its origin.
Security Breach Notice
When we become aware that we have suffered a security breach affecting your personal data, we will remedy the damage. We will also notify the Supervisory Authority within 72 hours. When your personal data is compromised, we will send you an email with the necessary information and, where appropriate, the security measures to be taken to avoid negative effects.
Policy changes
Any changes to our privacy policy will be posted and will take effect from the date of posting. This policy is published on the reference date which appears at the bottom of the policy.
If any user considers that there is any non-applicable element that needs to be expanded or modified, please notify us by emailing [email protected].
Translation
This policy can be found in several languages. In the event of any discrepancy between the various versions, the original and official policy is deemed to be the English language version and interpretation shall always be in accordance with the terms provided herein.
Any error, omission or ambiguity will not be considered the responsibility of our entity.
To unsubscribe from communications you can follow the instructions provided in the mailings or send an email to [email protected].