Security and processing of personal data
Personal Data Processing Information (Article 13 of Regulation (EU) 2016/679)
Pursuant to Article 13 of Regulation (EU) 2016/679, IRCA S.p.A. wishes to notify you that the personal data collected with reference to existing contractual relations will be processed in compliance with the aforementioned regulation; IRCA S.p.A. provides the following information in relation to this processing:
The Information We Collect
As a general rule you do not need to disclose personal data to use our online services. If personal data (name, postal address or email address) are collected in relation to our online services, this is done as far as possible on a voluntary basis. If, for example, you wish to receive the newsletter, we would ask for your email address and information that enables us to check that you are the owner of that email address.
The personal data collected with your freely given express consent pertains solely to:
We also collect non-personal data in connection with the use of our online services for reasons of data security and for the purposes of optimising user experience. For example, this information may include your internet browser, operating system, the domain name of the website you last visited before accessing our website, the number of visits, the average amount of time spent on our website, and the pages you browsed.
These data are collected automatically and are not associated with data from other sources. However, we reserve the right to retrospectively check such data if any indications of unlawful usage are brought to our attention.
Personal Data Controller and Processor
The personal data controller is IRCA S.p.A., and you may contact IRCA S.p.A. at any time using one of the methods described on the website (for example, by email at [email protected]) to exercise your rights under points (b), (c), and (d) of Article 13(2) of Regulation (EU) 2016/679.
Why and How We Use the Information
In principle, the personal data you provide are processed and used solely for the following specified purposes. The purposes of processing your personal data are as follows:
The personal data will be processed in printed, computerised and telematic format and entered into the relevant databases which can only be accessed by the data controller and the data controller’s representatives. With regard to electronically processed data, we wish to emphasise that all the appropriate security measures have been taken to protect your rights and freedoms and legitimate interests as set forth in Article 22(3) of Regulation (EU) 2016/679.
Possible Data Recipients
Depending on the type of interaction requested (for example, enquiries or requests for materials, services, the newsletter, etc.), your data may be shared with third parties involved in the performance of services, such as service providers, event organisers, etc. We may also be required to disclose personal data to fulfil legal requirements or enforce rights or agreements.
With regard to the purposes stated in the previous paragraph, the data may also be disclosed to the following entities or categories of entity listed below:
How Long Do We Store Your Data?
Once a service has been performed or supplied, your personal data are only stored for historical or statistical purposes in compliance with the law, regulations, Community legislation and codes of ethics and conduct agreed to under to Article 40 of Regulation (EU) 2016/679 for a period specified by law (usually ten years), or, if they are not covered by law, for no longer than five years. After this period, your personal data will be stored in anonymised format or destroyed. The contact details provided for marketing purposes will be stored until you ask them to be removed or unsubscribe from such communication services.
Data Subject Rights
You have the right to request information in writing about your personal data stored by us. Furthermore, with regard to the use of your personal data, you have the right to rectify or erase personal data or restrict or object to processing. You also have the right to lodge a complaint with the data protection authority.
If you have subscribed to our newsletter, you may stop receiving our newsletters whenever you wish by clicking on the unsubscribe link at the bottom of our newsletter. If you wish to withdraw your consent to your data being saved or used, please email us at [email protected]
The Right to Withdraw Consent
Where the processing is based on consent, the data controller wishes to notify you that you have the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
The Right to Lodge a Complaint
The data controller wishes to notify you that you have the right to lodge a complaint with a supervisory authority.
The Obligatory or Voluntary Nature of Providing the Requested Data
The provision of data and its processing are obligatory for purposes nos. 1 and 2 concerning fiscal obligations; this means that refusal to provide the data for these purposes may make it impossible for the controller to pursue professional relations or perform legal obligations.
The provision of data and its processing are voluntary in other cases without any consequences.
There is no fully automated decision-making as the profiling performed by IRCA S.p.A. is done by an operator, specifically creating user profiles and analysing consumer habits and choices in order to improve the commercial offering and available services.
This website uses only technical, profiling and third-party cookies.
You may disable the cookies in your browser at any time without negatively impacting your browsing experience on this website. If you would like to know more about cookies, please visit the following section of our website: http://irca.eu/cookie.php.
IRCA S.p.A. employs an extensive range of data security measures to ensure the confidentiality and integrity of personal information. However, given the nature of the internet, we wish to bring to your attention that, despite the best efforts of IRCA S.p.A. in implementing the tightest security measures to minimise risk, there may be some lapses in security when transmitting information via the internet (for example, communicating via unencrypted emails) and that it is not possible to guarantee that data is completely protected against access by third parties.
Via Degli Orsini 5