INFORMATION ON PERSONAL DATA PROCESSING
pursuant to art. 13 of Regulation (EU) 2016/679 (“GDPR”)
This information notice is not a contract, and it does not bind you in any way. It is only provided for the sake of transparency: it serves to clarify, pursuant to the law (art. 13 of the GDPR), which processing operations concerning your personal data we perform when you connect to our website and navigate through our pages.
To quickly read the individual sections of this document, you can click on the direct links below. You can also download this information notice in .pdf format.
The Data Controller is Rivacold s.r.l., with registered office in Fraz. Montecchio, Vallefoglia (PU), via Sicilia, no. 7, 61022, VAT no. and Tax Code 00956400410. Rivacold is the subject that decides the purposes for and the means by which your data, which are collected during your interaction with the website, are processed.
For all questions regarding the processing of your personal data, you may contact the Data Controller (also referred to just as “Controller” in this document) by writing to the e-mail address email@example.com (recommended solution) or by post to the addresses above or by calling the contact numbers indicated in the website.
The Controller is not obliged to appoint a DPO (Data Protection Officer), as the mandatory legal requirements are not met.
Through our website, we perform the following processing operations with regard to your personal data:
Purpose: to make it possible for you to view the website correctly and navigate its pages. In fact, for intrinsic reasons to the use of IT protocols, viewing the website and navigating through it involve an exchange of technical information between the Controller’s IT system and yours. The following information is sent, by way of example: operating system used, browser and its version, time of the request, size of the information flows.
Legal basis: use of a service requested by the User who connects to our website to view and navigate it. The legal basis is art. 6, para. 1, letter b) of the GDPR.
Period of retention of the personal data: the personal data collected for this purpose are erased immediately when the navigation session ends, unless they are necessary for the exercise or defence of rights, see point 2.e) below: this, for example, happens if you have committed or are part of a cyber attack against our website or if you used our contact form to libel or commit offences, etc.
2.b) Processing for website optimisation purposes (analytics)
Purpose: performance of statistical research/analysis on aggregated or anonymous data, which does not entail the processing of personal data by the Controller. To know how many Users visit our website and other significant statistical elements in order to improve its efficiency, we use the analytics service provided by Google, which, among other things, collects the IP (Internet Protocol) address of your device. As a guarantee to you, we have set the analytics service to only collect anonymised IP addresses.
Legal basis: not applicable, as this is anonymised information that is aggregated for our company, therefore not entailing the processing of personal data.
Period of retention of the personal data: not applicable for the same reason above.
2.c) Processing for marketing purposes (newsletter)
Purpose:marketing by sending newsletters via e-mail. Subscribing to the newsletter service is your free choice: it requires your consent. If you do not subscribe, you will not receive any newsletters. You can withdraw the consent granted at any time, free of charge and easily, by writing to us or by using the link “unsubscribe” (or other similar terms) that you can find in all our e-mails. In the same way, you can at any time object to the marketing processing, free of charge and easily, by contacting us (see Data controller and contact details). The withdrawal of consent and/or the objection to marketing do not compromise the lawfulness of the processing performed previously. Your information will not be transmitted to “third parties”, as they are defined in art. 4, para. 10 of the GDPR. You will only receive promotional information from Rivacold relating to news, events or commercial communications/offers.
Legal basis: consent, articles 6, para. 1.a) of the GDPR and 130, para. 2 of It. Legislative Decree 196/03. However, notwithstanding the possibility permitted by law to send promotional emails to natural persons even without consent, provided they refer to products and services similar to those already purchased. In that case the legal basis is articles 6, para. 1.f) of the GDPR (legitimate interest) and 130, para. 4 of It. Legislative Decree 196/03.
Retention period of the personal data: 24 months from the time consent is granted or, in the cases under art. 130, para. 4 of It. Legislative Decree 196/03, since the last purchase of a Rivacold product or service. Always without prejudice to the purpose under point 2.3) below.
2.d) Processing for replying to requests (form, CV and access)
Purpose: replying to/fulfilling requests you made on the website. Currently, the website supports two types of direct requests:
2.e) Processing for the establishment, exercise and/or defence of a right
Purpose: defence of rights. The Controller’s legitimate interest is to exercise rights and defend itself both in court (including the pre-litigation stage) and out of court against third parties (including public entities) and the data subjects. For example, this may refer to the activation of our self-protection in case of a cyber-attack against our website.
Legal basis: legitimate interest, art. 6, para. 1, letter f) of the GDPR.
Retention period of the personal data: the personal data collected for this purpose are retained for 10 years, as envisaged by the ordinary limitation period (art. 2946 of the It. Civil Code) unless the limitation period is interrupted.
2.f) Sending verification communications
Purpose 4: sending verification communications. Specifically, this refers to the procedure for verifying the e-mail provided in the website’s registration areas and sending any communications/reminders for the management of CVs, as well as reminders warning of the expiry of the consent granted for marketing activities.
Legal basis: legitimate interest, art. 6, para. 1, letter f) of the GDPR. You may object at any time, freely and without consequences.
Personal data retention period: e-mail evidence of the authentication procedure performed is retained in compliance with purpose 3; the reminders are not stored.
The provision of your personal data during your interaction with us through the website constitutes your free and voluntary choice. The only consequence in case of failure to provide your personal data will be the impossibility to navigate the website or receive the services requested. For example, if you do not register for access to Select, you will not be able to access that section.
The following subjects may become aware of your personal data, in their capacity as data controllers, data processors or persons authorised to perform processing operations:
For your guarantee, we do not transmit the personal data you have provided outside the European Union.
Have no fear: we do not perform this type of processing (cf. art. 22 of the GDPR) on your personal data.
You have the following rights: access, rectification, erasure (being forgotten), restriction, objection and portability as per articles 15, 16, 17, 18, 20, 21 and 23 of the GDPR.
Complaint: you also have the right to lodge a complaint with the competent Supervisory Authority (for Italy: Italian Data protection Authority) regarding any violation of the regulatory framework on the processing of personal data (GDPR).
Withdrawal of consent: consent may be withdrawn at any time, without formalities. For example, you can always withdraw consent to the newsletter.
Cookies are text files stored on the user’s device. They are temporary markers that contain information that makes it possible to keep track of the activities carried out by the user until they are deleted.
Cookies may be ours (so-called “first-party cookies”) or belong to third parties.
Other cookies are just technical, i.e. they are required for functions you have requested. For example, they serve to keep track of your login so that you do not have to repeat it on every page.
We only need your consent for profiling cookies. Not for technical ones.
8.b) Characteristics, purposes, legal bases, storage
To opt out (i.e. object to the processing) with regard to this type of cookies: https://tools.google.com/dlpage/gaoptout/
8.c) How to manage the browser’s settings to prevent the installation of cookies
It is possible to disable the installation of cookies by managing the settings of your browser. below please find instructions for the main browsers (non-exhaustive list):