PRIVACY POLICY

POLICY PURSUANT TO ARTICLE 13 OF REGULATION (EU) 2016/679 AND ITALIAN LEGISLATIVE DECREE 196/2003 (AS AMENDED)

This policy is provided pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (known as the GDPR – General Data Protection Regulation) on the protection of individuals with regard to the processing of personal data and on the free movement of such data (and repealing Directive 95/46/EC – General Data Protection Regulation) as well as pursuant to Italian Legislative Decree no. 196/2003 (as amended).
Therefore, following consultation of this website and/or use of its services, we hereby inform you that data relating to persons identified or identifiable according to the aforementioned legislation may be processed.
The computer systems and software procedures implemented to render this website functional will, during normal operation, acquire personal data for which transmission is implicit in the use of internet communication protocols. This information is not gathered in order to be associated to specific Data Subjects, but, for its very nature, could allow the identification of the user through processing of, and association with, data held by third parties. This category of data includes: IP addresses or the domain names of computers used by users who connect to the website, URI (Uniform Resource Identifier) addresses for the requested resources, the time of the request, the method used to make the request to the server, the size of the file received in response, the numerical code indicating the status of the response provided by the server and other parameters relating to the operating system and the user’s computing environment. These data are used solely to gather anonymous statistical information regarding the use of the website and in order to monitor its correct functioning and are cancelled immediately after being processed. The data may be used to ascertain responsibility in the event of possible computer crimes committed against the site.
The user is not required to provide any personal data in order to consult the site. The user can also decide to contact us at any time by filling in the contact form https://www.decodecking.it/contatti/. The provision of data is optional. However, failure to provide the data deemed mandatory (marked with an *) will hinder use of the services indicated and therefore entail the impossibility of obtaining the services requested. The Data Controller processes personal data, identifying data (contact information such as name, surname, sector of activity, postal address, email, telephone number, website) and non-sensitive data both communicated and provided, including when filling in forms on the Data Controller’s website. The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, which is necessary in order to respond to requests, as well as any other personal data included in the communication.
We collect personal data processed by third parties, for example, data you wish to share with us on publicly accessible social networks such as Facebook, You Tube, Instagram, Pinterest.
Therefore, pursuant to the aforementioned regulations and in relation to the personal data that THE ITALIAN DECKING COMPANY S.P.A. will have at its disposal, we hereby communicate the following:


DATA CONTROLLER

The Data Controller is THE ITALIAN DECKING COMPANY S.P.A. (Tax Code and VAT No. 03702400163) with registered office in Urgnano (BG), Via Provinciale n. 2763.
The Data Controller may be contacted by certified email at theitaliandeckingcompany@pec.it or by ordinary email at privacy@decodecking.it. The updated list of data processors and persons in charge of processing is kept at the Data Controller’s registered office.


PURPOSE OF PROCESSING

The processing of personal data is limited to the purposes for which they were collected.
The processing of the acquired data is carried out in order to allow the use of the content on the website and to carry out requested services.
In particular, your personal data may be processed in order to respond to your requests for information, to send you information material (catalogues, brochures, price lists, etc.), to process orders and to manage the business relationship (deliveries, invoices, customer service), as well as – subject to your specific consent – to receive our newsletters and/or advertising material. We hereby advise you that if you are already a customer, we may send you commercial communications relating to services and products provided by the Controller similar to those you have already used, unless you ask us not to do so.
The data will also be processed in order to comply with and fulfil the obligations of THE ITALIAN DECKING COMPANY S.P.A. provided for by national and community regulations, as well as to comply with requests from Authorities.


METHOD OF PROCESSING

This processing is based on the principles of correctness, lawfulness, transparency and protection of the confidentiality and rights of the user.
The data collected are relevant and limited to that deemed to be strictly necessary for the purposes of processing.
The aforementioned data will be processed for the time necessary to achieve the purposes for which they were collected and stored for the time THE ITALIAN DECKING COMPANY S.P.A. is subject to storage obligations for purposes provided for by law or regulations.
Personal data are processed by both electronic and paper-based means for the time necessary to achieve the purposes for which they were collected and in any case for no longer than the time limits laid down by law.
Specific security measures are observed to prevent loss of data, unlawful or incorrect use and unauthorised access.
Personal data are recorded and stored on databases located in Italy.
Personal data will be processed within the European Union.
It is important for the user to ensure that their electronic devices are equipped with appropriate software for the protection of both incoming and outgoing network data transmission, (such as up-to-date antivirus systems) and that the Internet service provider has taken appropriate measures for the security of network data transmission.
Personal data are not subject to distribution, or to any automated decision-making, including profiling.


LEGAL BASIS OF PROCESSING

THE ITALIAN DECKING COMPANY S.P.A. processes personal data lawfully in accordance with one of the following situations:
– processing necessary for the fulfilment of a contract or to follow up on the user’s requests (for example use of the contact service, management of and response to any communications from the user).
– processing necessary to fulfil a legal obligation of THE ITALIAN DECKING COMPANY S.P.A.
– processing based on consent granted by the data subject (for example, for the sending of newsletters).


ACCESS TO DATA AND PERSONS TO WHOM DATA MAY BE DISCLOSED

Data may be made available, for the purposes set out, to employees and collaborators of the Data Controller and to third parties who perform outsourcing activities on behalf of the Data Controller, as well as to the competent Authorities to enable the Data Controller to ascertain, exercise or defend a right in court and/or for other reasons related to the protection of the rights and freedom of others.
The personal data provided may be communicated to third parties, who operate completely independently as separate data controllers. Such third parties belong to the following categories:
– entities responsible for the shipping, delivery and return of purchased products, therefore transport and logistics companies (in execution of contractual obligations)
– companies that provide collection and payment services (banks, insurance and credit institutions in general)
– accountants, for accounting and tax compliance
– consultants – including legal and IT consultants – or other subjects that provide related services
– companies, businesses and professionals in execution of contractual or regulatory obligations
– competent authorities for the fulfilment of legal obligations.
These entities are obliged to use the data in accordance with the legal requirements.


RIGHTS OF THE DATA SUBJECT

Without prejudice to the limitations provided for in Articles 2-undecies and 2-duodecies of Italian Legislative Decree 196/2003, and pursuant to Articles 15 et seq. of the GDPR, the Data Subject has the right, at any time, to obtain access (Art. 15), rectification (Art. 16), portability (Art. 20) and erasure of data (Art. 17), as well as the restriction of (Art. 18) and opposition to processing (Art. 21). In particular, the User has the right:
– to obtain confirmation as to whether or not personal data concerning them are being processed and, if so, to obtain access to such data and their communication in intelligible form.
– to obtain the updating and rectification of inaccurate data or, where interested therein, the integration of incomplete data, also by providing a supplementary declaration.
– to obtain information on the portability of the data, i.e. promptly receive them in a commonly used and machine-readable structured format and transmit them to another data controller without hindrance.
– to obtain the erasure of data concerning them without undue delay if the conditions set out in Art. 17 apply.
– to obtain the limitation of data concerning them if the conditions set out in Art 18 apply.
– to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them, pursuant to Article 6, paragraph 1, letters e) or f), including profiling on the basis of said provisions. Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such purposes, which include profiling to the extent that it is related to such direct marketing.
Where processing is based on consent, the data subject shall have the right to withdraw consent at any time without prejudice to the lawfulness of the processing based on consent given before said withdrawal.
The data subject has the right to lodge a complaint with the Data Protection Authority (www.garanteprivacy.it), pursuant to Article 77 of Regulation (EU) 2016/679 and Article 141 of Italian Legislative Decree 196/2003.


METHODS OF EXERCISING RIGHTS

The Data Subject may exercise their rights at any time by sending:
– a registered letter with receipt of delivery to THE ITALIAN DECKING COMPANY S.P.A. Via Provinciale n. 2763, Urgnano (BG).
– una e-mail all’indirizzo privacy@decodecking.it


MINORS

This site and the Data Controller’s Services are not intended for minors under the age of 18 and the Data Controller does not intentionally collect personal information regarding minors. If information on minors is unintentionally recorded, the Data Controller will delete it promptly at the request of users.


MODIFICATIONS TO THE POLICY

The evolution of the regulatory framework on privacy, as well as the constant review and updating of services to the user, may lead to the need to change the way in which personal data are processed. It is therefore possible that our Privacy Policy may undergo modifications over time, and we therefore invite you to consult this page periodically.

REQUEST INFORMATION