Privacy

PRIVACY POLICY ON THE PROCESSING OF PERSONAL DATA PURSUANT TO REGULATION (EU) 2016/679 (“GDPR”)

CONTROLLER

SIAD Società Italiana Acetilene & Derivati S.p.A.
Via S. Bernardino, 92 – 24126 Bergamo BG – IT
siad_privacy@siad.eu
(“SIAD” or “Company”).

 

DATA PROTECTION OFFICER (DPO)

The Data Protection Officer can be contacted at the following e-mail address: siad_dpo@siad.eu

 

COLLECTION AND PROCESSING OF DATA

Browsing data
The IT systems and software dedicated to the operation of this website routinely acquire certain personal data, the transmission of which is inherent to the use of Internet communication protocols. This information is not gathered for association with identified data subjects but, by its nature, could enable them to be identified as a result of processing and association with data held by third parties.
This category of data includes the IP addresses or domain names of computers employed by users visiting the website, the URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the result given by the server (successful, error, etc.), and other parameters relating to the operating system and the IT environment of the user.
Such data, used solely to obtain anonymous statistical information about usage of the website and verify its correct operation, is deleted immediately after processing. Potentially, the data could be used to establish responsibility for cyber crimes committed against the website, should that occur.
Usually, however, the data is deleted immediately after processing.

 

PERSONAL DATA PROCESSED

In addition to browsing data (see the Cookie Policy), the Company processes the following personal data:

  • personal identification details (name and surname), e-mail address, telephone number, business name.

 

PURPOSE OF PROCESSING

LAWFULNESS OF PROCESSING

DATA RETENTION PERIOD

Technical administration and management of website operations.

Execution of the contract to which the data subject is party, or of pre-contractual activities (art. 6, para. 1.b) GDPR).

Entire duration of the browsing session.

Reserve products.

Execution of the contract to which the data subject is party, or of pre-contractual activities (art. 6, para. 1.b) GDPR).

Subject to normal time-expiry rules (10 years for administrative-accounting requirements).

Respond to requests about the feasibility of calibration gas mixtures submitted by Users.

Execution of the contract to which the data subject is party, or of pre-contractual activities (art. 6, para. 1.b) GDPR).

For the time needed to respond to the request, with subsequent deletion.

Respond to requests for information submitted to the Company by Users via addresses published on the website.

Execution of the contract to which the data subject is party, or of pre-contractual activities (art. 6, para. 1.b) GDPR).

24 months

Comply with applicable national and supranational legislation and regulations (tax and administrative requirements, etc.).

Need to satisfy legal obligations imposed on the Company (art. 6, para. 1.c) GDPR).

The specific period of time envisaged for each obligation.

Send information and promotional materials via newsletters (marketing) or other automated means of contact (e.g. e-mail, text/multimedia messages) about the products/services offered by the Company, market surveys and statistical analyses.

Legitimate interest of the Controller (art. 6, para. 1.f) GDPR).

Personal contact details, until opt-out by the data subject. Data relating to marketing activities: 2 years from collection of the specific data.

If necessary, to determine, exercise or defend the rights of the Controller in judicial and/or out-of-court proceedings.

Legitimate interest of the Controller (art. 6, para. 1.f) GDPR).

In the event of litigation, for the entire duration of the proceedings, until all deadlines for lodging appeals have expired.

Once the above retention periods have expired, the data will be erased or anonymized, depending on the relevant technical backup and deletion procedures and the accountability requirements to which the Controller is subject. In particular, following an opt out, the Company will still process relevant personal data in order to evidence the fact that no further marketing and promotional information must be sent to the User.

 

MANDATORY PROVISION OF DATA

The browsing data is needed in order to use IT and telematic protocols; accordingly, refusal to provide such data would make it impossible to use this website.
Data is provided for marketing purposes at the same time as it is provided for commercial contact purposes. Data subjects may object to the processing of such data at any time, without consequences (except that marketing communications will no longer be received), by following the instructions provided in the “Rights of Data Subjects” section of this Privacy Policy.

 

RECIPIENTS OF THE DATA

The data may be processed by external parties acting as independent controllers, such as supervisory and control authorities and bodies.
The data may also be processed, on behalf of the Company, by external parties designated as processors (pursuant to art. 28 GDPR), to which adequate operating instructions are given. Such parties may include companies that administer and/or maintain the website for the Company.

 

PARTIES AUTHORIZED TO PROCESS DATA

The data may be processed by employees and/or collaborators of the Controller and/or the Processor assigned to pursue the above purposes, who have been expressly authorized to process the data and who have received adequate operating instructions.

 

TRANSFER OF PERSONAL DATA TO NON-EU COUNTRIES

The personal data gathered via the website will not be transferred to third countries and/or international organizations outside of the European Union.

 

RIGHTS OF DATA SUBJECTS - COMPLAINTS TO THE SUPERVISORY AUTHORITY

By contacting the Privacy Office by post at Via S. Bernardino 92 – 24126 Bergamo (BG), for the attention of the Data Protection Officer, or by e-mail at siad_privacy@siad.eu, data subjects may ask the Controller for access to their data and its erasure, its correction if inaccurate or its completion, as well as for the restriction of processing in the cases envisaged in art. 18 GDPR. They may also object to processing, for reasons related to their particular situation, even if the Controller has a legitimate interest.
In addition, when processing based on consent or a contract is carried out using automated tools, data subjects are entitled to receive their data in a structured, commonly-used and machine-readable format and, if technically feasible, to transfer it to another controller without impediment.
Data subjects may exercise their opt-out right for marketing purposes at any time by contacting the Controller at the following e-mail address siad_privacy@siad.eu. This right may also be exercised via the “unsubscribe” link provided at the foot of each electronic communication.
Data subjects are entitled to lodge a complaint with the competent Supervisory Authority in the Member State in which they normally reside or work, or in the State where the alleged infringement has occurred.

Our services

Do you have doubts about the mixtures to use?