PRIVACY POLICY OF WWW.CONCETTI.COM

This portal collects various personal data of its users. We understand the importance of careful and respectful use of personal data. Following is an explanation of how such data is collected and used by Concetti S.p.A.

SUMMARY OF PRIVACY POLICY

Personal data collected for the following purposes and using the cited services:

Contact the User

“Request an offer” / “Request information” / “Download catalogue” contact forms

Personal data: first name, last name, company, country, address, telephone number, email and other data

Spontaneous candidature / Work with us form

Personal data: first name, last name, address, telephone number, email and other data regarding the open position, such as title of study, knowledge of languages, types of interests, availability for transfers, etc...

Mailing list / Newsletter

Personal data: first name, last name, email, address, telephone number and other data

Management of email addresses and mail-outs

Mailchimp, Microsoft CRM

Personal data: first name, last name, email, address, telephone number, company name

Interaction with social networks and third-party platforms

AddThis

Personal data: cookies and use data

Protection against spam

Google reCAPTCHA

Personal data: cookies and use data

Statistics

Google Analytics with anonymised IP

Personal data: cookies and use data

Contact information

Data Controller: Concetti S.p.A.

Email address of Data Controller: Diese E-Mail-Adresse ist vor Spambots geschützt! Zur Anzeige muss JavaScript eingeschaltet sein!

COMPLETE PRIVACY POLICY

Data Controller: Concetti S.p.A.

Email address of Data Controller: Diese E-Mail-Adresse ist vor Spambots geschützt! Zur Anzeige muss JavaScript eingeschaltet sein!

TYPE OF DATA COLLECTED

The personal data collected by means of the portal, either anonymously or through third parties, includes: cookies, type of device used, use data, email, first name, last name, city, date of birth, telephone number, IP address and other types of data relative to the search for employment.

Complete details regarding each type of data collected can be found in the dedicated sections of this privacy policy or in the specific informative texts viewed before the data itself is collected.

The personal data may be freely provided by the User, or in the case of use data, collected automatically when using this application.

Unless otherwise specified, all data requested by this portal is mandatory. If the User refuses to provide said data, it may be impossible for this application to provide the service or materials (catalogues, brochures) requested. If this application counter-marks certain data as optional, Users are free to refrain from providing said data without this having any consequences on the availability of the service or its operation.

Should Users have any doubts regarding which data is mandatory, they are advised to contact the Data Controller.

The eventual use of cookies or other tracking tools by this application or by the Data Controllers of third-party services used by this web portal, where not otherwise specified, is for the purpose of providing the service requested by the User, in addition to the other purposes described in this document and in the cookie policy.

The User assumes responsibility for third-party data obtained, published or shared using this application and guarantees to have the right to provide or disseminate said data, freeing the Data Controller from any liability toward third parties.

MODE AND PLACE OF PROCESSING THE DATA

Methods of processing

The Data Controller adopts the necessary security measures intended to prevent the unauthorised access, disclosure, modification or destruction of the personal data.

The data processing is carried out using computer and/or IT enabled tools, following organisational procedures with logics strictly related to the purposes indicated. In addition to the Data Controller, in some cases the data may be accessible to certain types of persons involved in the organisation of this application (administration, sales, marketing, legal, system administration, human resources and after-sales assistance) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communication agencies) appointed, if necessary, as Data Processors by the Data Controller. The updated list of Data Processors can be requested from the Data Controller at any time.

Moreover, the personal data may be transferred to meet the administrative and/or organisational needs of Concetti S.p.A., to other controlled or affiliated companies, even if established outside the European Union. In these cases Concetti S.p.A. guarantees that security measures shall be adopted to guarantee interested parties a suitable level of protection of their personal data.

LEGAL BASIS OF PROCESSING

The Data Controller processes personal data relative to the User if any of the following conditions arise:

  • The User has provided their consent for one or more specific purposes;
    (Note: in certain legal systems the Data Controller may be authorised to process personal data without the need for User consent or another legal basis specified below, until such time as the User “opts out” of such processing. However, this does not apply if data processing is regulated by European legislation regarding personal data protection);
  • processing is necessary to fulfil a contract with the User and/or to fulfil pre-contractual measures;
  • processing is necessary to fulfil a legal obligation to which the Data Controller is subject;
  • processing is necessary to pursue the legitimate interest of the Data Controller or third parties.
  • In any case, it is always possible to request the Data Controller to clarify the actual legal basis of each type of processing, and in particular to specify whether the processing is based on the law, required by contract or necessary to finalise a contract.

PLACE

The data is processed at the Data Controller’s operations offices and in any other place where the parties involved in the processing are located. For more information, contact the Data Controller.

The User’s personal data may be transferred to a country other than the country where the User is located. For more information regarding the place of processing, the User is invited to refer to the section providing details on the processing of personal data.

The User has the right to obtain information regarding the legal basis of the transfer of their data outside the European Union or to an international organisation constituted under public international law, or consisting of two or more countries, for example the UN, also in regards to the security measures adopted by the Data Controller to protect the data.

Should any of the above-described transfers occur, the User is invited to refer to the respective sections of this document or request information from the Data Controller, which can be contacted using the contact details reported at the start of this document.

RETENTION PERIOD

The data is processed and stored for the period of time required to fulfil the purposes for which it was collected.

When processing is based on User consent, the Data Controller may store the personal data for longer until such time as consent is revoked. Moreover, the Data Controller may be obliged to store the personal data for a longer period of time in order to comply with legal obligations or following a request by public authorities.

At the end of the retention period, the personal data shall be deleted. Therefore, at the end of said period, the right to access, delete, rectify said data, and the right to data portability shall no longer be available.

PURPOSE OF PERSONAL DATA PROCESSING

User data is collected to allow the Data Controller to provide its services and therefore for the following purposes: administration, statistics, management of email addresses and mail-outs, protection against spam, to contact the User, product evaluation and improvement, claims management, marketing and interaction with social networks and third-party platforms.

For more detailed information regarding the purpose of processing and the personal data actually relevant to each purpose, the User is invited to refer to the relative sections of this document.

DETAILS OF PERSONAL DATA PROCESSING

Personal data is collected for the following purposes and using the following services:

To contact the User

Contact forms

By filling in the contact form with their personal details, the User provides their consent to respond to requests for information, quotes, or any other type of request indicated in the header of the form.

Personal data collected: city, last name, date of birth, email, name and various types of data.

Mailing list / Newsletter

By subscribing to the mailing list or newsletter, the User’s email address is automatically inserted in a list of contacts to which emails may be sent containing information, also of a commercial and promotional nature. The User’s email address may also be added to this list as a result of their subscription to this website, or after making a purchase or after a visit during a trade fair.

Personal data collected: last name, email, first name and telephone number.

Management of email addresses and mail-outs

This type of service makes it possible to manage a database containing email contacts, phone contacts or any other type of contacts used to communicate with the User.

Moreover, these services may allow the collection of data relative to the date and time messages are viewed by the User, and regarding the User’s interaction with said messages, such as information regarding clicks on the links inserted in the messages.

Mailchimp

Mailchimp is an online marketing platform managed by The Rocket Science Group LLC, with headquarters in Georgia, USA.

The personal data collected includes: first name, last name, email, company and other data.

Place of processing: USA - Privacy Policy.

Interaction with social networks and third-party platforms

This type of service makes it possible to interact with social networks, or other third-party platforms, directly from the pages of this application.

Interactions and data acquired by this application are in any case subject to the User’s privacy settings for each social network.

If a social network interaction service is installed, it may be possible, even if Users do not use the service, for said service to collect traffic data relative to the pages on which it is installed.

AddThis

AddThis is a service provided by Oracle Corporation, which displays widgets allowing interaction with social networks and third-party platforms and the sharing of contents of this website.

Depending on its configuration, this service displays third-party widgets, for example of social network managers, on which interactions can be shared. In this case, the third parties providing the widgets shall also be informed of the interaction that took place and use data relative to the pages in which this service is installed.

Personal data collected: Cookies and use data.

Place of processing: United States - Privacy Policy.

Protection against spam

This type of service analyses the traffic of this website, potentially containing Users’ personal data, in order to filter the traffic of messages and contents recognised as spam.

Google reCAPTCHA (Google Inc.)

Google reCAPTCHA is a spam protection service provided by Google Inc.

Personal data collected: Cookies and use data.

Place of processing: USA - Privacy Policy.

Statistics

The services contained in this section allow the Data Controller to monitor and analyse traffic data and are used to track User behaviour.

Google Analytics with anonymised IP (Google Inc.)

Google Analytics is a web analysis service provided by Google Inc. ("Google"). Google uses the personal data collected to track and examine the use of this application, prepare reports and share them with other services developed by Google.

Google may use the personal data to contextualise and personalise the advertisements published on its own network.

This integration of Google Analytics makes your IP address anonymous. Anonymity is achieved by shortening the IP addresses of Users located within the confines of European Union member states or in other countries adhering to the European Economic Area agreement.

Personal data collected: Cookies and use data.

Place of processing: USA - Privacy Policy- Opt Out.

USER’S RIGHTS

Users may exercise certain rights in regards to the data processed by the Data Controller.

In particular, the User has the right to:

  • be informed. The User must be constantly informed on how their data is processed.
  • revoke their consent at any time. The User may revoke any consent previously expressed for the processing of their personal data.
  • oppose the processing of their personal data. The User may oppose the processing of their personal data when this occurs on a legal basis other than their consent. Further details regarding the right to oppose are provided in the section below.
  • access their personal data. The User has the right to obtain information regarding the data processed by the Data Controller, regarding certain aspects of the processing and to receive a copy of the data processed.
  • check and request corrections. The User may check the correctness of their data and request it to be updated or corrected.
  • request the limitation of processing. When certain conditions are satisfied, the User may request a limitation of processing of their personal data. In this case, the Data Controller shall not process the data for any purpose other than for its storage.
  • request the deletion or removal of their personal data. When certain conditions are satisfied, the User may request that their personal data be deleted by the Data Controller.
  • receive their personal data or have it transferred to another Data Controller. The User has the right to receive their personal data in a format that is structured, of common use and legible by automatic devices, and, where technically feasible, to have their data transferred to another Data Controller without obstruction. This provision is applicable when the personal data is processed using automated tools and processing is based on User consent, on a contract of which the User is part, or on contractual measures related thereto.
  • submit a claim. The User may submit a claim to the competent Data Protection Authority or take legal action.

Details on the right to oppose

When personal data is processed in the public interest, to exercise the public powers vested in the Data Controller or to pursue a legitimate interest of the Data Controller, Users have the right to oppose processing for reasons connected to their particular situation.

Users must be aware that, if their data is processed for direct marketing purposes, such processing may be opposed without needing to provide any reasons. To ascertain whether or not the Data Controller is processing data for direct marketing purposes, Users are invited to refer to the respective sections of this document.

How to exercise rights

To exercise their rights, Users may send a request to the Data Controller using the contact details provided in this document. Requests are submitted free of charge and are processed by the Data Controller in the shortest possible time, and in any case within one month.

Cookie Policy

This application uses cookies. To find out more and view the detailed information, the User may consult the Cookie Policy.

ADDITIONAL INFORMATION ON PROCESSING

Legal action

The User's personal data may be used by the Data Controller in court or in the stages leading up to possible legal action to defend itself against improper use of this application or its related services by the User.

The User declares to be aware that the Data Controller may be obliged to reveal the User’s personal data further to a request by public authorities.

Specific information

Upon request of the User, in addition to the information contained in this privacy policy, this application may provide the User with additional and contextual information regarding specific services, or the collection and processing of personal data.

System logs and maintenance

For operation and maintenance purposes, this application and any third-party services it uses may collect system logs, that is, files that record interactions and which may contain personal data, such as the User’s IP address.

Information not contained in this policy

Additional information regarding the processing of personal data may be requested at any time from the Data Controller using the contact details provided in this document.

CHANGES TO THIS PRIVACY POLICY

The Data Controller reserves the right to make changes to this privacy policy at any time, giving notice to its Users on this page, and, if possible, on this application. Where technically and feasibly possible, the Data Controller may also send a notification to its Users using the contact details in its possession.

Should changes concern processing, the legal basis of which is consent, the Data Controller shall re-obtain the User’s consent, if necessary.

LEGAL INFORMATION

This privacy policy has been prepared based on multiple legislative systems, including articles 13 and 14 of Regulation (EU) 2016/679.

Where not otherwise specified, this privacy policy relates exclusively to this portal.