Information for users of the www.fisspa.it website in relation to the processing of personal data pursuant to article 13 of Legislative Decree 196/2003 (Personal Data Protection Code)
This page describes the methods used to manage the website in relation to the processing of the personal data of persons consulting it. The information relates solely to the FIS Full Integrated Solutions Spa website and not to any other sites that may be accessed via links.
The optional, explicit and voluntary sending of emails to the addresses indicated on this website leads to the subsequent acquisition of the sender’s address, which is required in order to provide a response, and any other personal data contained in the communication.
A. Purpose of data processing
FIS Full Integrated Solutions Spa (hereinafter the “Comany” or “FIS” or the “Data Controller”) with registered office in della Moscova 3, Milan, informs users that, pursuant to art. 13 of Legislative Decree no. 196 of 30 June 2003 (hereinafter the “Privacy Code”), containing rules concerning protection of individual and other entities with regard to the processing of personal data, personal data will be processed for purposes strictly related to the services provided/information requested by the person providing their personal data via access to www.fisspa.it.
Without prejudice to the data subject’s personal independence or to paragraph D below, the transfer of personal data by the user, for the purposes indicated in paragraph A, is obligatory, since, in their absence, FIS would be totally or partly unable to deal with the request of the user him/herself. The processing of personal data, for the above purposes, does not require consent under art. 24, letter b) of the Privacy Code.
B. Data processing location and methods
Processing connected to web services takes place at FIS’s offices, and is overseen by FIS, also through Mathesis s.r.l., a company formally appointed to carry out the technical maintenance of the site.
Personal data are processed using electronic tools for the time strictly necessary to achieve the purposes for which they are collected. Specific security measures are adopted to prevent the loss of data, unlawful or incorrect use of data or unauthorised access.
C. Area of communication of personal data
Personal data provided by users sending requests for information are processed for the purposes indicated in paragraph A “Purpose of data processing” and therefore only to provide the service requested by subjects identified by the Data Controller as “Persons in charge of processing”, belonging to the sales and administration departments.
Data may also be communicated:
- to Studio Associato Servizi Professionali Integrati, Antex Srl, Antex Point Lombardia S.r.l.
- to third parties commissioned by FIS to carry out activities directly related or instrumental to the supply of services/information requested via the www.fisspa.it website.
D. Navigation data
During their normal operations, the IT systems and software procedures used to run this website acquire some personal data whose transmission is inherent in the use of internet communication protocols.
This refers to information that is not gathered to be associated with identified data subjects, but which due to their nature could, through processing and association with data held by third parties, allow the user to be identified.
The IP addresses or domain names of the computers used by users connecting to the site fall into this category, as do the URI (Uniform Resource Identifier) addresses of the resources requested, the time of request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the response provided by the server (successful, error, etc.) and other parameters relating to the operating system and the IT environment of the user.
These data are used solely to obtain anonymous statistical information on use of the website and to check it functions correctly, and are deleted immediately after processing.
No personal data belonging to users will be purposefully acquired by the website. No cookies are used to transmit personal information, nor are ‘persistent cookies’ of any kind used, i.e. user tracking systems. The use of ‘session cookies’ (which are not persistently stored on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of the session identifiers (made up of random numbers generated by the server) necessary to ensure safe and efficient navigation of the website.
F. Data Controller and Data Processor
The Data Controller is FIS, represented by its pro tempore legal representative, with registered office in Via della Moscova, 3 – 20121 MILANO- telephone 02.409031, fax 02.40914959, website www.fisspa.it email: firstname.lastname@example.org, to which you may refer to exercise your rights under article 7 of the Privacy Code, as reproduced in full below
G. Rights under art. 7 of the Privacy Code:
Art. 7. Rights to access personal data and other rights
1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.
2. A data subject shall have the right to be informed a) of the source of the personal data; b) of the purposes and methods of the processing; c) of the logic applied to the processing, if the latter is carried out with the help of electronic means; d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2); e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing
3. A data subject shall have the right to obtain a) updating, rectification or, where interested therein, integration of the data; b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
4. A data subject shall have the right to object, in whole or in part, a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection; b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.