This page describes how to manage the personal data that the user decides to provide by browsing the site https://www.ecocaps.com/
This is information provided to users in relation to the rules laid down by EU Regulation 2016/679 and in particular of the Articles 12-23 of the same Regulation.
The data controller of personal data collected through the site https://www.ecocaps.com// is Ecocap’s S.r.l., Via Modigliani 13 – 40033 Casalecchio di Reno (BO), which you can reach at: firstname.lastname@example.org
Data Processor: Chiara Caprini
External Manager: Labirinto S.r.l., via Emilia Ovest, 194 – 41121 Modena (Italy) VAT number: 02545080364 Ref. Paola Gallo – email@example.com
Place of processing
By browsing on this site:
- The user voluntarily leaves personal data by entering them in the appropriate forms (for example contact requests).
- Each individual form provides a mechanism by which the user is informed of the purposes for which the data is collected.
- The user has the ability to browse the site without releasing any type of personal data by disabling cookies according to the procedure described in the appropriate section.
This site collects user data in two ways.
– Data collected in an automated manner
During the Users’ browsing, the following information can be collected and stored in the site’s server log files (hosting):
– internet protocol address (IP);
– type of browser;
– parameters of the device used to connect to the site;
– name of the internet service provider (ISP);
– date and time of visit;
– web page of origin of the visitor (referral) and exit;
– possibly the number of clicks.
These data are used for statistical and analytical purposes, in an exclusively aggregated form. The IP address is used exclusively for security purposes and is not combined with any other data.
– Data provided voluntarily
The site may collect other data in case of voluntary use of services by users, such as commenting, communication services (contact forms, comment boxes), and will be used exclusively for the provision of the requested service:
– email address;
– phone number
– any additional data sent spontaneously by the user in the message box.
The submission by the user of requests for information on this site leads to the subsequent acquisition of this information.
We treat visitor/user data in a lawful and correct manner, adopting appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data. We are committed to protecting the security of your personal data when it is sent, using Secure Sockets Layer (SSL) software, which encrypts information in transit. The processing is carried out using IT and/or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the data controller, in some cases, other kinds of employees involved in the organization of the site or external parties (such as third party technical service providers, hosting providers) may have access to the data.
The data collected by the site during its operation are kept for the time strictly necessary to carry out the specified activities. Upon expiry, the data will be deleted or anonymized, unless there are other purposes for their conservation. The data (IP address) used for site security purposes (blocking attempts to damage the site) are kept for 30 days. Data for analytics (statistics) purposes are stored in aggregate form for 24 months.
In the section reserved for cookies law we will explain what they are and which ones this site uses.
The user who browses the site can decide to disable cookies in the manner described in the cookies section.
Purpose of the processing
Personal data collected through the website www.ecocaps.com are used to:
– Statistics (analysis)
Collection of data and information in an exclusively aggregated and anonymous form in order to check the correct functioning of the site. None of this information is related to the individual person-User of the site, and does not allow identification in any way. Consent is not required.
Collection of data and information in order to protect the security of the site and of the Users (spam filters, firewalls, virus detection) and to prevent or reveal fraud or abuse against the website. The data are recorded automatically and may possibly also include personal data (IP address) that could be used, in accordance with the laws in force on the subject, in order to block attempts to damage the site itself or to damage other users, or in any case harmful activities or those constituting a crime. These data are never used for the identification or profiling of the User and are periodically deleted. Consent is not required.
– Ancillary activities
Communicate the data to third parties who perform functions necessary or instrumental to the operation of the service (e.g. comment box), and to allow third parties to carry out technical, logistical and other activities on our behalf. Suppliers have access only to personal data that are necessary to carry out their duties, and are committed to not use the data for other purposes, and are required to process personal data in accordance with current regulations.
– Consultancy and professional assignments
In case of spontaneous sending of data in order to request professional advice or for a professional assignment, the data will be used for the sole purpose of evaluating the assignment and for the eventual fulfillment of the same. In such cases, specific information will be provided.
This site processes data mainly on the basis of user consent. The granting of consent takes place through the banner placed at the bottom of the page, or through the use or consultation of the site, as a conclusive behavior. With the use or consultation of the site, visitors and users approve this privacy statement and consent to the processing of their personal data in relation to the methods and purposes described below, including any disclosure to third parties if necessary for the provision of a service. Additional consents relating to the specific purpose of the service are collected through the communication or service request forms.
The provision of data and therefore the consent to the collection and processing of data is optional, the User can deny consent, and can revoke a consent already provided at any time (via the banner at the bottom of the page or the browser settings for cookies, or the Contacts link). However, denying consent may make it impossible to provide some services and the browsing experience on the site would be compromised.
The data for the security of the site and for the prevention of abuse and SPAM, as well as the data for the analysis of the site traffic (statistics) in aggregate form, are processed on the basis of the legitimate interest of the data controller in protecting the site and of the users themselves. In such cases, the user always has the right to object to the processing of data (see paragraph: User rights).
The data provided for professional consultancy or assignments are processed on the basis of the fulfillment of a contract and the fulfillment of a legal obligation. In such cases, specific information is provided.
Recipients of personal data
The personal data collected by the site may be processed by subjects involved in the organization of the site (such as administrative, commercial, marketing, and legal personnel, and system administrators) or by external personnel (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) from time to time appointed, if necessary, as Data Processors pursuant to Article 4 Number 8 GDPR which defines as “data processor” the individual or legal person, public authority, service or other body that processes personal data on behalf of the data controller.
In any case, each user can always ask the data controller for an updated list of data processors in the manner specified in the section relating to the user’s rights (i.e. by sending an email to firstname.lastname@example.org )
Except for the cases just indicated, the user’s personal data are not disclosed to third parties unless:
- the user has given their express consent to the communication;
- the communication is necessary to provide the service or product requested by the user;
- the communication is necessary in reference to third parties who collaborate with the Company to provide the service or product requested by the user. (In this case, only the data essential for the provision of the service or the supply of the product will be communicated and they are prohibited from using the same data for different purposes);
- it is required by law.
Right of access
The interested party has the right to ask the data controller whether personal data concerning them is being processed and, if so, to obtain access to them and the following information:
- The purposes of the processing;
- The kind of data in question;
- The recipients or kind of recipients to whom the personal data have been or will be communicated, in particular if they are recipients of other countries or international organizations;
- When possible, the retention period of the personal data envisaged or, if not possible, the criteria used to determine this period;
- The existence of the data subject’s right to ask the data controller to rectify or delete personal data or limit the processing of personal data concerning them or to oppose their processing;
- The right to lodge a complaint with a supervisory authority;
- If the data are not collected from the data subject, all available information on their origin;
- The existence of an automated decision-making process, including the profiling referred to in Article 22, Paragraphs 1 and 4, and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the interested party.
If personal data are transferred to another country or to an international organization, the interested party has the right to be informed of the existence of adequate guarantees relating to the transfer under Article 46.
ECOCAP’S SRL specifies that:
- It does not disclose users’ personal data to international organizations or other countries;
- At any time, the interested party has the possibility to request the rectification or cancellation of their personal data in the manner indicated in the relevant section (i.e. by sending an email to email@example.com)
- Personal data is not collected with fully automated procedures, but the consent of the user who enters their data in the forms provided on the site is always required.
Right to cancellation and right to rectification
The interested party has the right to obtain from the data controller:
- the rectification of data, if they are not correct
- the cancellation of their personal data.
To exercise this right, you can send a written request to firstname.lastname@example.org. The data controller will provide, without delay, the requested cancellation in full compliance with Article 17 of the European Regulation.
Right to limit the processing
The interested party has the right to obtain from the data controller the limitation of the processing itself in the following cases:
- the data subject disputes the accuracy of their data: for the time necessary for the data controller to verify its accuracy;
- unlawful processing: the interested party opposes the cancellation and requests that its use be limited;
- the interested party opposes the processing under Article 21 Paragraph 1 pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party.
Ecocaps SRL specifies that: The processing of personal data takes place exclusively after the user’s consent is given, solely for the purposes specified from time to time at the moment of personal data collection. If the interested party wishes to exercise the right to limit the processing, they can send a written request to email@example.com
Right to lodge a complaint
The interested party has the right to lodge a complaint with the supervisory authority.