Privacy policy - IGC SRL

INFORMATION NOTICE ON PERSONAL DATA PROCESSING

of users who consult the websites www.igcsrl.eu, www.igcsrl.it pursuant to Article 13 of Regulation (EU) 2016/679

WHY THIS INFORMATION

Pursuant to Regulation (EU) 2016/679 (hereinafter “Regulation”), this page describes the methods of processing the personal data of users who consult the IGC srl website (hereinafter the “Data Controller”) accessible electronically to following addresses: • www.igcsrl.eu • www.igcsrl.it This information does not concern other sites, pages or online services that can be reached via hypertext links that may be published on the sites but referring to resources outside the domain of the owner.

HOLDER OF THE TREATMENT

Following consultation of the sites listed above, data relating to identified or identifiable natural persons may be processed. The data controller is IGC srl, with headquarters in Via Millefonti 24, IT-10126, Turin (Email: info@igcsrl.eu).

TYPES OF DATA PROCESSED AND PURPOSE OF THE TREATMENT

Navigation data. The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes the IP addresses or domain names of the computers and terminals used by users, the URI / URL (Uniform Resource Identifier / Locator) addresses of the requested resources, the time of the request, the method used in submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment. These data, necessary for the use of web services, are also processed for the purpose of: – obtaining statistical information on the use of the services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.); – check the correct functioning of the services offered.

Data communicated by the user.

The optional, explicit and voluntary sending of messages to the Data Controller’s contact addresses, private messages sent by users to institutional profiles / pages on social media (where this possibility is foreseen), involve the acquisition of the sender’s contact data, necessary to respond, as well as all personal data included in communications. Specific information will be published on the pages of the Owner’s sites prepared for the provision of certain services.

Data retention period.

The Data Controller intends to keep personal data for a period of time not exceeding that necessary to achieve the purposes for which they were collected and processed. When it is not possible to accurately determine the retention period of personal data, the Data Controller undertakes from now on to inspire the processing of personal data to the principles of adequacy, relevance and data minimization, as required by the European Regulation, by verifying periodically the need for their conservation. Therefore, once the purposes for which they were collected and processed have been achieved, it will remove them from its systems and registers and / or take appropriate measures to make them anonymous, so as to prevent the data subject from being identified. This, without prejudice to the case in which it is necessary to keep such data to fulfill regulatory obligations, or to ascertain, exercise or defend one’s right in court.

Cookies and other tracking systems

Cookies are not used for user profiling. The only processing carried out concerns the production of statistics, with pseudonymised data, on navigation on the sites www.igcsrl.eu, www.igcsrl.it. The configuration adopted, in order to exclude processing of identification data, collects the following information:

The IP address, which is masked by resetting the last 2 bytes (xxx.xxx.0.0
The operating system used
The type of browser
The type of device (PC, smartphone, etc.)

Technical session cookies (non-persistent) are used, strictly limited to what is necessary for the safe and efficient navigation of the sites. Regarding the processing of personal data carried out by the managers of the Social Media platforms used by the Data Controller, please refer to the information provided by them through their respective privacy policies. The Data Controller processes the personal data provided by users through the pages of dedicated Social Media platforms, exclusively to manage interactions with users (comments, public posts, etc.) and in compliance with current legislation.

RECIPIENTS OF THE DATA

The recipients of the data collected following consultation of some of the services listed above are the subjects designated by the Data Controller, pursuant to Article 28 of the Regulation, as data processors. The list is available on request. The personal data collected are also processed by the Data Controller’s staff, who act on the basis of specific instructions provided regarding the purposes and methods of the processing itself.

RIGHTS OF THE INTERESTED PARTIES

Interested parties have the right to obtain from the Data Controller, in the cases provided for, access to their personal data and the correction or cancellation of the same or the limitation of the processing that concerns them or to oppose the processing (articles 15 and following of the Regulation). The application is submitted by contacting the Data Controller using one of the following methods: • email: info@igcsrl.eu• letter: IGC srl Via Millefonti 24, IT-10126, Turin

RIGHT OF COMPLAINT

Interested parties who believe that the processing of personal data referred to them through this site is in violation of the provisions of the Regulation have the right to lodge a complaint with the Guarantor, as required by art. 77 of the Regulation itself, or to take appropriate judicial offices (Article 79 of the Regulation).

EVENTS AND COURSES – REGISTRATION

INFORMATION FOR THE PROCESSING OF PERSONAL DATA FOR THE PURPOSE OF REGISTRATION TO EVENTS OR COURSES IGC SRL

Pursuant to EU Regulation 2016/679 (hereinafter GDPR) and in relation to the personal data that IGC SRL will get hold of, following your request for information through the online form “Information Request” or “Let’s Talk” of the website www.igcsrl.eu, We inform you of the following:

1. Data Controller

The Data Controller is IGC SRL, with registered office in Via Millefonti n.24 – 10126 Turin (TO) – VAT number 06731130016.

For information, the Data Controller can be contacted at the email address igc@igcsrl.eu.

2. Purpose and legal basis of the processing

Your personal data (name, surname, e-mail address, region and, for courses, also address, postcode, city, province, telephone, fee and billing data if payment is required) will be used, subject to your explicit consent communicated. on this page, for the following purposes:

a) registration for the chosen IGC SRL event or course;

b) sending by email or other means (computer, electronic, paper) of promotional communications regarding the activities that the company carries out and the services offered, including for statistical and survey purposes.

It should be noted that the consent given can be revoked at any time by clicking on the link in each email sent, without prejudice to the lawfulness of the processing carried out up to the time of revocation.

3. Recipients and transfers outside the European Union

Your personal data will not be disclosed to third parties or resold for any reason. The electronic archive relating to promotional communications is stored on the Italian territory and consequently no transfer of personal data takes place outside Italy.

4. Retention period

The personal data collected for the purpose of this information will be kept until the consent referred to in point 2 is revoked, unless the same information is not subject to other processing by the Data Controller. In any case, upon withdrawal of consent, the data will no longer be processed for the purpose described in point 2.

5. Rights of the interested party

As an interested party, you have the rights referred to in Chapter III of the GDPR and, in particular, the rights referred to in Articles 15 to 22 in order to obtain in an intelligible, concise, transparent and easily accessible form:

a) confirmation as to whether or not your personal data is being processed and, in this case, to obtain access to it (right of access);

b) the correction of inaccurate personal data or the integration of incomplete personal data (right of rectification);

c) the deletion of the data, if one of the reasons provided for by the Regulation exists (right to be forgotten)

d) the limitation of processing, when one of the hypotheses provided for by the Regulation occurs (right of limitation);

e) to receive in a structured format, commonly used and readable by a computer device, the personal data you have provided to the Data Controller and to transmit such data to another Data Controller (right to portability).

Furthermore, you may object to the processing of your personal data at any time and exercise the right not to be subjected to decisions based on automatic decision-making processes including profiling.

Finally, we wish to inform you that you have the right to lodge a complaint with the supervisory authority (Art. 77).

6. How to exercise the rights

You can exercise your rights at any time by sending an email to igc@igcsrl.eu, indicating which ones you intend to obtain.

7. Obligation to communicate

The consent to the processing for the purposes referred to in point 2 is not mandatory and does not affect the provision of other services by IGC SRL

8. Existence of automated decision-making processes

No automated decision-making process will be based on the data communicated for the processing that is the subject of this information.

Contact info Data Controller

IGC SRL – IGC SRL Via Millefonti n. 24 – 10126 Turin Owner contact email: igc@igcsrl.eu