Privacy Policy

INFORMATION ON THE PROCESSING AND PROTECTION OF PERSONAL DATA

This information describes the processing of personal data entered or collected on the websites www.fysilab.it andoffer.fysilab.it and is provided pursuant to Article 13 of EU Regulation 679/2016 (hereinafter "GDPR") and the legislation applicable national law on privacy and protection of personal data.

  1. IDENTITY AND CONTACT DETAILS OF THE DATA PROCESSING HOLDER
FYSILAB - Click Performance Ads Srl with registered office in 12051 - Alba (CN), via Rossini 14 CF and VAT number 03987860040 (hereinafter "Fysilab" or the "Company" or "Owner").
In the event that the Data Controller makes use of data processors or sub-processors pursuant to art. 28 GDPR, the updated list of data processors and persons in charge of processing is kept at the Data Controller's registered office.
  1. WHAT TYPES OF PERSONAL DATA WE PROCESS

The types of personal data we collect depend on the purpose for which they are collected.
In general, we can collect the following types of personal data directly from you (hereinafter "Personal Data"):
personal contact data, such as name, surname, e-mail address, address, city, telephone number;
the personal data directly provided by you through communications or attachments to communications;
usage, navigation, functional, session, statistical, profiling data, including the device identifier or the user's IP address, the moment in which the user visits the site, the addresses in URI notation (Uniform Resource Identifier) ​​of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and IT environment;

  1. WHY WE PROCESS YOUR PERSONAL DATA AND ON WHICH LEGAL BASES

The processing of your personal data by the owner takes place for the following purposes:

A) conclude purchase orders with the Owner and fulfill the contractual and tax obligations deriving from them;
B) fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority;
C) pursue a legitimate interest of the Data Controller or third parties, provided that their interests or their fundamental rights and freedoms that require the protection of personal data do not prevail (e.g. the right of defense in court of the Data Controller);
D) Only with your specific and distinct consent (Article 6 letter a) and art. 7 GDPR), for the following marketing purposes:
- send by e-mail, post and / or text message and / or telephone contacts, newsletters, commercial communications and / or advertising material on products or services offered by the Data Controller and survey of the degree of satisfaction with the quality of services;
E) Only with your specific and distinct consent (Article 6 letter a) and art. 7 GDPR), for the following profiling purposes:
- send advertising communications, offers and promotions, via e-mail, post and / or sms and / or telephone contacts, which are consistent with your interests and your consumer profile. Profiling will allow the Owner to customize the offer of products and services addressed to you in the best way. To this end, the Data Controller will evaluate the type and number of requests for information submitted, including through the website, the purchases of goods or services made by you from the Data Controller, your personal and contact information (for example the place of residence), as well as any additional information relating to you that is in our possession (for example your age and profession).
If you have denied your consent it will not be possible to carry out the aforementioned activities under D) and / or E), and if you have given consent to the processing activities under D) and / or E), you will in any case have the right to revoke the consent given at any time.
  1. HOW LONG WE KEEP AND PROCESS YOUR PERSONAL DATA

Your Personal Data will be processed by the Data Controller only for the period of time necessary to achieve the purposes of the processing referred to in the previous article 2, after which they will be kept only in execution of the legal obligations in force on the subject, for administrative and / or administrative purposes. to assert or defend one's own right and, in any case, no later than the terms established by law for the prescription of rights.
In particular, for marketing purposes, the User's Personal Data will be kept by the Data Controller for a maximum of two years, while for profiling purposes for a maximum of one year.

  1. HOW WE PROCESS YOUR PERSONAL DATA

Personal Data are subjected to both paper and electronic and / or automated processing for the time necessary to achieve the purposes for which they are collected by the Data Controller or by subjects duly authorized and / or appointed to carry out these tasks, constantly identified and / or appointed, appropriately trained and made aware of the constraints imposed by law, as well as through the use of security measures designed to guarantee the protection of confidentiality and to avoid the risk of loss or destruction, unauthorized access, not allowed or not compliant with the aforementioned purposes.

  1. TO WHOM WE CAN COMMUNICATE YOUR PERSONAL DATA

For the purposes indicated above, your collected data may be made accessible or communicated to:


- employees and collaborators of the Data Controller, in their capacity as authorized personnel for the processing, in the context of their respective duties and in accordance with the instructions received. Such individuals are in any case subject to confidentiality and confidentiality obligations;
- to third parties who carry out outsourced activities on behalf of the Data Controller who are entrusted with certain activities, or part of them, functional to the provision and distribution of the services offered through the site (e.g. hosting companies, programmers, systems engineers and database administrators, technical assistance centers, Internet and telecommunications operators) or whose activity is connected, instrumental or supportive to that of the Data Controller (e.g. management and / or cloud marketing software, fulfillment service providers, transport and delivery service providers, etc.);
- to all those public and / or private subjects, natural and / or legal persons (legal, administrative and tax consultancy firms, credit recovery companies, Judicial Offices, Chambers of Commerce, Chambers and Labor Offices, etc.), if the communication is necessary or functional for the correct fulfillment of the contractual obligations assumed, as well as the obligations deriving from the law;
- to all those subjects (including Public Authorities) who have access to personal data by virtue of regulatory or administrative provisions;
In any case, your personal data collected will not be resold or transferred to third parties for marketing purposes and will not be disseminated.

  1. MINORS
This site and the Data Controller do not intentionally collect Personal Data referring to minors under the age of 18. In accordance with applicable laws, the exerciser of parental responsibility must provide consent to the collection of the child's Personal Data. In the event that Personal Data on minors were unintentionally registered, the Data Controller will delete them in a timely manner, at the request of the parental responsibility operator.
  1. YOUR RIGHTS

Pursuant to art. 15 and ss. of the GDPR and the applicable national legislation on privacy and protection of personal data, you have the right to:

obtain from the Data Controller confirmation as to whether or not personal data concerning you are being processed and, in this case, to obtain access to personal data and the following information:

the purposes of the processing;
the categories of personal data in question;
the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if they are recipients of third countries or international organizations;
when possible, the retention period of the personal data provided or, if not possible, the criteria used to determine this period;
the existence of the right of the interested party to ask the data controller to correct or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;

the right to lodge a complaint with a supervisory authority;

if the data are not collected from the interested party, all available information on their origin;

the existence of an automated decision-making process, including profiling.
Obtain from the Data Controller the correction of inaccurate personal data concerning him without undue delay. Taking into account the purposes of the processing, the interested party has the right to obtain the integration of incomplete personal data, also by providing an additional declaration.
Obtain from the Data Controller the cancellation of personal data concerning him without undue delay and the Data Controller is obliged to cancel the personal data without undue delay within the limits and in the cases provided for by current legislation.
Obtain the limitation of the processing from the Data Controller.
Receive in a structured format, commonly used and readable by an automatic device, the personal data concerning you provided to the Data Controller and have the right to data portability and therefore to transmit such data to another data controller without impediments by the owner of the processing to which you provided them if the processing is based on consent or on a contract and the processing is carried out by automated means.
Oppose at any time, for reasons connected to your particular situation, to the processing of personal data concerning you if the processing is necessary for the performance of a task of public interest or connected to the exercise of public authority vested in the Data Controller o the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.
If you believe that your rights have been violated by the Data Controller, lodge a complaint with the Guarantor Authority for the protection of personal data (Piazza Venezia 11, 00187 Rome (RM) - garanteprivacy.it) and / or other competent supervisory authority in force of the GDPR

Following the exercise of the rights referred to in points 2), 3) and 4), the Data Controller communicates to each of the recipients to whom the personal data have been transmitted any corrections or cancellations or limitations of processing within the limits and in the forms provided for by the current legislation.

To exercise the rights listed above towards the owner, you must submit a written request by sending a registered letter to the address FYSILAB c / o Click Performance Ads Srl, via Rossini, 14 - 12051 Alba (CN) or by sending an e-mail to 'address info@fysilab.it

WHAT HAPPENS IF THE PRIVACY POLICY IS CHANGED

This information may be modified and / or updated at any time. If the Data Controller intends to process your Personal Data for purposes other than those provided for in the previous art. 3, undertakes to provide you, before such further processing, with adequate information regarding these different purposes and to carry out this further processing in compliance with current legislation, collecting your specific consent where necessary.