General Data Protection Regulation (GDPR) Regulation EU 2016/679 and other applicable laws

The protection of your privacy and your personal data is an important issue to which we pay attention in all our business relationships and in all the services offered.

We respect the confidentiality of your personal data and we always act in compliance with the provisions of the data protection laws and this privacy policy.

Introduction

This page is intended to inform the Data Subject / User on how ROMEA LEGNAMI Srl uses personal data collected from the website www.romealegnami.com and related online applications, regardless of the purpose of the connection. The information can not be extended to websites that may be consulted by the user through links.
The methods for collecting and managing the processing of personal data are described by identifying: type of data, legal basis,
recipients of processing (including any foreign), retention period, rights of the Data Subject, if there is an obligation to communicate data and any consequences of denial, possible presence of automated decision-making (including profiling) and categories of data processed.
By consulting this website, data relating to identified or identifiable subjects are processed in accordance with articles 4 and 24 of EU Reg. 2016/679 - GDPR. This information is collected, evaluated and subsequently used exclusively for authorized and permitted purposes and is not transmitted to third parties, except for express authorization of the Data Subject or if specified for the achievement of the purposes.
This privacy policy
is provided in compliance with the with articles 12, 13 and 14 of EU Reg. 2016/679 - GDPR.

1. Controller

The Controller is ROMEA VENICE srl, based in Sestiere Dorsoduro 3423, Venezia, Italy, contactable at: info@romealegnami.com .

The processing operations will be carried out by Data Handler appointed by the Controller, who will operate under his direct authority in accordance with the instructions received.

 

2. Personal Data Collected and Treated

Navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
The collected data includes information on accesses, such as IP addresses and domain names of the computers used by users connecting to the site, as well as other parameters concerning the IT environment used by users (such as: the Internet browser used , the operating system, the domain name of the website visited last before accessing our website, the number of visits, the time spent on our website and the accessed pages).
These data are used only for obtaining anonymous statistical information on the use of the site and to check its correct functioning.
This data, collected automatically, are not associated with any data from other sources. However, we reserve the right to retrospectively verify these data if specific information on illegal use is brought to our attention. 

Data provided voluntarily by the User
Some personal data (for example: name, surname, email address) are requested from the User for registration or for the use of online services on our site. In this case, personal data are collected, as far as possible, on a voluntary basis and for each of the services on our website there is a dedicated Policy that allows the User to understand precisely what is the related treatment. In fact, we believe that it is the best way to guarantee correctness, transparency and intelligibility of the information that must be given to the User.

However, if the User decides to send spontaneously and freely e-mail or mail to the addresses indicated on this web site, this will result in the subsequent acquisition of the sender's e-mail or mail address and any other personal data inserted in the message necessary to reply to the requests.
The personal data collected in this case are exclusively related to:
- Identification data (for example: name, surname, address, telephone, fax, e-mail, etc.).
- Tax information (if required by law - for example, tax code, VAT number, etc.).
Personal data sent to us of different nature or not related to those specified above (such as sensitive or judicial personal data) will be processed in compliance with Regulation EU 2016/679 and related legislation only with express consent of the Data Subject and only if necessary to achieve the required purposes, otherwise they will be ignored and not treated or destroyed, with the exception of those necessary for the fulfillment of contractual or legal obligations.

Cookie
This website uses various cookies to improve and make easy the navigation.
For all the information regarding Cookies and Cookie Policy of this Website visit:
Cookie policy

3. Lawfulness, Purposes and Methods of Processing

The personal data provided by the Data Subject interacting with this website will be processed in compliance with the conditions of lawfulness pursuant to art. 6 Reg. EU 2016/679 (consent given to the processing, execution of a contract or pre-contractual measures, fulfillment of legal obligations, pursuit of the legitimate interest of the Controller) and are processed and used, in the minimum necessary content, exclusively for the following purposes:

  1. Operation and improvement of navigation on this website.
  2. Supply, improvement and support of our online services.
  3. Reply to requests made through the use of the contact form (refer to specific privacy policy at the time of use).
  4. Evaluation of job candidatures (refer to specific privacy policy at the time of sending).
  5. Legitimate interests pursued by the Controller.
  6. Legislative and regulations obligations.

In any case, personal data will be processed in computerized, electronic and paper form and included in the databases to which only the Controller and its Data Handler may access. With regard to the data processed in all their forms, all appropriate security measures have been adopted to protect the rights, freedoms and legitimate interests of the Data Subject.
In addition, specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access to the data. 

4. Obligation to provide data

Some personal data transmitted in the implicit use of internet communication protocols, as previously specified, are automatically conferred and necessary to proceed with browsing the website.

For what concerns the online services offered on this website, the provision of the data indicated as mandatory in the fields of the form is necessary to obtain what is required, to provide service and / or any professional or business relationships. 

Except as specified above, the user is free to provide other personal data when reading this site and completing the online services forms.

5. Place of Data Processing

Processing related to the web services of this site takes place at the Controller’s office and is handled only by authorized Data Handler, or by subject in charge of occasional maintenance operations. The acquired data are saved on web servers in housing in dedicated server farms located in Italy and in the EU.

6. Possible Recipients of the Data

Depending on the type of interaction required (for example: request for information or material, placement of an order, request for services, etc.), the data may be transmitted to third parties involved in the execution of orders and contracts or if it is necessary for pursuit the purpose of providing the service. We may also be required to transmit personal data to third parties in order to comply with legal obligations or requirements and / or to enforce rights and agreements.

  • Data transmission to third parties: for the execution of certain orders and for the provision of certain services, we work with external suppliers that reside within the Italian or EU territory. These suppliers are authorized to use or transmit the data collected and processed by us only for the execution of the order / contract forwarded by the Data Controller and for no other purpose.
  • Abroad data transmission: we do not transmit the data to foreign subjects.
  • Compliance with laws and similar obligations: we will transmit your personal data in order to:
    1. apply or comply with law, regulation, order issued by a public authority or mandatory measures;
    2. detect and prevent security threats, fraud or other harmful activities;
    3. protect and / or enforce the rights and property of ROMEA LEGNAMI Srl or third parties;
    4. protect the rights and security of our employees and third parties.

In relation to the purposes indicated in points 1, 2 and 3 of the previous paragraph, the data may also be disclosed to the following subjects or to the categories of subjects indicated below:

  • Accountants and tax/business consultant in assistance to companies when the communication is due by law, or is in the interest of the subject (natural or legal person);
  • Lawyers in assistance to companies when the communication is due by law, regularly assigned to processing in full compliance with the existing regulations, or when the communication is in the interest of the subject (natural or legal person);
  • Technical and / or Commercial Consultants to fulfill requests or services.

7. Data Retention Period

At the end of the service or provision of the service, or when it is not otherwise provided in the dedicated Policies accepted by the Data Subject, personal data will be stored only for historical or statistical purposes or for any obligations, in accordance with the law, regulations, Community legislation and the codes of deontology and good conduct signed in accordance with art. 40 of Reg. EU 2016/679, for the period prescribed by current legislation (usually 10 years) or, in case they are not subject to any law, for a period not exceeding 5 years. After this period, personal data will be stored anonymously or destroyed.

8. Absence of an Automated Decision Making Process

There is no automated decision-making process on this website and no profiling system.

9. Data Subject rights

Data subject has the right to:

  • obtain confirmation of the existence of personal data concerning him, even if not yet registered, and their communication without delay in an intelligible form;
  • require information on your personal data stored by us (ex: origin, purposes, methods, categories, applied logic, retention period, rights, identification data of the Data Controller, subjects or categories to which data can be communicated) by writing us;
  • withdraw consent to the processing of data;
  • demand erasing of data;
  • require the transformation and / or the limitation or the block of processed data in violation of the law;
  • require updating, rectification or integration of data;
  • obtain his personal data, provided to the Controller, in order to transmit it to another Controller;
  • Ask for confirmation that the aforementioned operations have been brought to the attention of which data have been communicated, except in the case where this fulfillment is impossible or involves disproportionate duty respect to the protected right;
  • oppose, in whole or in part, for legitimate reasons, to the processing of personal data concerning him, even if pertinent to the purpose of the collection;
  • propose a complaint to the Privacy Authority (in Italy: garanteprivacy.it ).

For further information regarding laws and privacy rights, the Data Subject can visit the website of the respective competent Privacy Authority.

Privacy Authority in Italy: www.garanteprivacy.it .

The Data subject who wants to exercise his right must use the contacts of the Controller.