Information notice pursuant to art. 13 of the REGULATION (EU) 2016/679 – (GDPR)

 

In compliance with the provisions of Regulation (EU) 2016/679 (European Regulation for the protection of personal data), we provide you with the necessary information regarding the processing of personal data provided while browsing the site https://www.webratio.com/.
The information notice is also inspired by the provisions of Directive 2002/58/EC, as updated by Directive 2009/136/EC, on the subject of Cookies as well as the Provision of the Italian Data Protection Authority for the protection of personal data of 08.05.2014 and by the Guidelines on cookies and other tracking tools of 10.06.2021 of the same Authority.

The information notice is provided pursuant to art. 13 GDPR and is not to be considered valid for other websites that may be consulted through links on this website in the domain of the Data Controller, which is not to be considered in any way responsible for the websites of third parties. 

PROCESSED PERSONAL DATA

Personal data

Any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. 

Browsing data

Computer systems and software procedures used to the operation of this website acquire, during their normal operation, some personal data whose transmission is implicit in the internet communication protocols. This information is not collected to be associated with identified data subject, but by their nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.  

Personal data provided by data subject

In some sections of the website you may be asked to provide additional personal data; in this case you can always refer to this information notice in relation to the pursued purposes.
To find out how WebRatio s.r.l processes the personal data you provide when submitting any job applications or registering in the reserved area, you can instead consult the specific information notice available in the dedicated sections of the website.

Cookies

For more information on the cookies used by this website, please read the cookie policy by clicking here: https://www.webratio.com/site/content/en/cookie-policy

 

DATA CONTROLLER, pursuant to articles 4 and 24 GDPR, is WebRatio Srl, with registered office in 20126 Milano, Italy – Viale Piero e Alberto Pirelli n. 6 and operational headquarter in 22074 Lomazzo (CO), Italy – Via Cavour n. 2, at ComoNext Science and Technology Park, in person of its legal representative, e-mail: privacy@webratio.com, ph: (+ 39) 02 3671 4280.

 

PURPOSES AND LEGAL BASIS OF THE PROCESSING. DATA RETENTION.

The personal data provided will be processed in compliance with the conditions of lawfulness pursuant to art. 6 GDPR for the following PURPOSES:

A) Website browsing 

LEGAL BASIS: legitimate interest - art. 6, lett. f), Recital no. 47 GDPR): the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties, provided that the interests or fundamental rights of the data subject who require the protection of personal data do not prevail, considering the reasonable expectations of the data subject based on his relationship with the Data Controller. Activities strictly necessary for the running of the website and the provision of the browsing service on the platform.

DATA RETENTION: browsing session.

B) Provide feedback to requests received by the "Contact Us" form on the website 

LEGAL BASIS: execution of pre-contractual measures adopted at the request of the data subject.

DATA RETENTION: until the request is processed and in any case no later than 2 years.

C) Send the requested document by e-mail by filling in the "Infographic" and "Whitepaper" forms on the website 

LEGAL BASIS: execution of pre-contractual measures adopted at the request of the data subject.

DATA RETENTION: until the request is processed and in any case no later than 2 years.

D) Send newsletters (commercial / advertising nature) to the e-mail address you provided by filling the form 

In order to compare and possibly improve the results of communications, the Data Controller uses systems for sending newsletters and promotional communications with reports. Thanks to the reports, the Data Controller will be able to know, for example: the number of readers, openings, unique "clickers" and clicks; the devices and operating systems used to read the communication; details on the activity of individual users; the details of the e-mails sent, e-mails delivered and not, of those forwarded; All these data are used for the purpose of comparing, and possibly improving, the results of communications.

LEGAL BASIS: consent of the data subject.

DATA RETENTION: until withdrawal of consent (opt-out).

E) “Soft-spam”

The Data Controller may use your e-mail address for promotional and commercial communications on goods and services similar to those purchased.

LEGAL BASIS: legitimate interest of the Data Controller, provided that the interests or fundamental rights of the data subject who require the protection of personal data do not prevail, a condizione che non prevalgano gli interessi o i diritti e le libertà fondamentali dell'interessato art. 6, lett. f), Recital no. 47 GDPR) and art. 130, paragraph 4, of the Leg. Decree n. 196/2003.

DATA RETENTION: until withdrawal of consent (opt-out).

 

RECIPIENTS OR CATEGORIES OF RECIPIENTS

The personal data provided may be disclosed to subjects who will process the data as Data Processor (art. 28 GDPR) and/or as individuals acting under the authority of the Data Controller and Data Processor (art. 29 GDPR), for the purposes listed above. In particular, the data may be disclosed to recipients belonging to the following categories: 

- Subjects that provide services for the management of the information system and communication networks, including e-mail, website management and web platforms, in particular the platform for sending newsletters (Rocket Science Group, LLC (MailChimp®); 

- Studies or companies within assistance and consulting relationships;

- Companies connected to or controlled by the Data Controller;

- Competent authorities for the fulfilment of legal obligations and/or provisions of public bodies, upon request; 

The list of Data Processors is available at the registered office of the Data Controller.  

DATA TRANSFER TO THIRD COUNTRIES AND/OR INTERNATIONAL ORGANIZATION. GUARANTEES.

Personal data collected will be transferred to countries outside the EEA, in order to comply with purposes related to data processing.

In particular, for sending newsletters, the Data Controller uses the services offered by an American Data Processor. In this case, the data transfer is carried out within the limits and under the conditions set out in art. 46 EU Reg. 2016/679 (GDPR).

In this case, the data subject may obtain a copy of the conditions underlying the transfer by contacting the Data Controller at the contacts listed above.

 

NATURE OF DATA PROVISION

Except for browsing data, the data subject is free to provide personal data in dedicated areas on the website.

The provision of personal data for the purposes indicated in the aforementioned areas is necessary to complete the requests and use the services offered by the Data Controller through the webite. Failure to provide personal data may make it impossible to obtain the requested service or to use the services offered by the website.

The consent to receive newsletters is necessary to receive the Data Controller information / promotional material. Failure to provide consent will make it impossible to receive newsletters without compromising the use of additional services.

You can also object, at any time, to the processing of data for sending "Soft-spam", easily and free of charge, including by unsubscribing from the aforementioned service through our automatic cancellation systems provided for e-mails only. Any opposition to the processing will make it impossible to use your personal data for the aforementioned purpose.

 

EXISTENCE OF AUTOMATED PROCESS

Personal data will be subjected to traditional manual, electronic and automated processing. It is specified that fully automated decision-making processes are not carried out.

 

DATA SUBJECT’S RIGHTS

You may exercise your rights as expressed in Articles 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR, by contacting the Data Controller at the email address privacy@webratio.com.

You have the right, at any time, to request the data Controller to access, rectify, cancel your personal data or limit their processing and the right to the portability of your data. In addition, you have the right to object, at any time, to the processing of your data based on legitimate interest and, in the cases provided, you have the right to revoke the consent given without affecting the lawfulness of the processing based on the consent before revocation. 

To stop receiving automated direct marketing communications (e.g. e-mail) it will be sufficient to write an e-mail at any time to privacy@webratio.com with the subject "cancellation from automated" or use our automatic cancellation systems provided for e-mails only. 

Without prejudice to any other administrative and judicial remedy, if you believe that the processing of data concerning you violates the provisions of the GDPR, you have the right to lodge a complaint with the Italian Data Protection Authority (https://www.garanteprivacy.it/web/guest/home_en). 

 

This Privacy Policy is effective from the "update date" indicated at the bottom of the document. The Data Controller may modify this Privacy Policy; in this case, the Data Controller will publish the updated version here and change the date of the last update (the effective date) indicated.

 

LAST UPDATE: 10th of October 2023