ENG

Privacy Statement & Cookie Policy

On 25th May 2018, the new General Data Protection Regulation 2016/679 (GDPR) is fully applicable. In order to correctly comply with the provisions and be compliant with the new Regulations, Etea S.r.l. and all their subordinated Companies (the “Etea Group”) are particularly dedicated to protecting its Customers, Suppliers, Partners and Employees (or potential)' privacy and data processing.

In compliance with the provisions of Articles 13 and 14 of EU Regulation 2016/679 (hereafter "GDPR"), as part of the protection of personal data, Etea Group provides users with the following information:

Data controller
The data controller is Etea S.r.l., legally established in Via Monviso, 2 – 12037 Saluzzo (CN).

Data processor
The updated and complete list of external data processor, with which Etea Group has signed an agreement to treatment, is kept at Etea S.r.l. registered office. The designation of a DPO is not currently foreseen. When necessary, the current information will be updated promptly with the contact details of the appointee. For additional information on personal data protection, please: etea@businesspec.it

The purpose of processing
In compliance with the articles 13 and 14 of the Regulations, in relation to the personal data which will come into its possession as Data Controller, Etea S.r.l. provides the following information.
Personal data, as defined by art. 4 n. 1) of the GDPR provided by the user and by the Customer will be processed in compliance with this article and in any case in compliance with the current legislation on the protection of personal data. The data will be processed for institutional purposes, connected or instrumental to the activity of Etea Group and in particular:
a. a. for purposes strictly related to the management of contractual relationship, the processing of which is necessary for the execution of the Contract in which the interested party is involved (Article 6, b) of the GDPR) and the prosecution of a legitimate interest of the Data controller (art. 6, f) of the GDPR). Such legitimate interest is related to the economic activity of Etea Group (contractual purposes);
b. b. for the fulfillment of the obligations established by laws or by regulations to which the Data Controller is subjected to (Article 6 letter c) of the GDPR) (legal obligations).

Personal data recipients or categories of recipients
The categories of recipients of personal data are:
• Etea Group employees, as they are entrusted with the processing;
• External data processor with whom Etea Group has a working relationship on a contractual basis.

Data communication and distribution
a. Data may be shared inside Etea group with persons responsible for coordinating activities inherent to the services or products offered by Etea group, or with third parties (e.g. banks, consulting firms, agents) for credit risk protection, market research, economic and statistical analysis, and commercial information and communication.
b. Personal data will be shared only when strictly necessary in order to perform the duties assigned by us to these third parties within the purposes of the lett. a) and b), with the express consent of the Customer. Data may also be shared with public authorities requiring it in exercising their powers.
c. Etea Group provided the necessary designations and appointments of the external data processor pursuant to art. 28 of the GDPR.

Data processing
a. Data are processed electronically and/or automatically and/or via the third parties listed above.
b. Data are processed and organized in databases; they are archived for the time required to provide the requested services and functions and to provide technical and operational assistance. They are kept for the purposes set out in the GDPR Regulation.
c. Data are processed for the organization and elaboration of personal data, including data from access logs and the use of services available via Internet, related to the purpose indicated, and in any case, in such a way as to guarantee the security and privacy of the data and of the electronic communications with regard to risks of data loss, illegal use and unauthorized access.

Nature of the provision of data
Certain types of data are essential to the establishment of a contractual relationship to the continuation of an existing relationship. Other data are not required for these purposes. In the first case, data must be provided, while this is optional in the second. Therefore, data must be provided when required by law or when indispensable for organizational needs and to provide the requested services and/or supplies. Refusal to provide this data would prevent the establishment of a contractual relationship and the provision of the related services. The consent for the processing of data referred to in lett. a), b) of the item "Purpose of processing" is not necessary according to art. 6 of the GDPR.

Data transfer
Personal data can be stored both on servers located within the European Union and on servers located in third countries. In this case, Etea Group ensures from now on that the transfer of non-EU data will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission.

Data retention period
a. The retention period of the data for contractual purposes coincides with the duration of the contractual relationship, while that related to the fulfillment of legal obligations is prescribed by law.
b. All of the data listed above may also be processed in order to fulfill legal obligations for the times required by the Regulations. Processing may also be done to determine liability in the event of computer crimes causing damage to the site, which are investigated by the judicial authorities. In this case, archiving times will depend on the duration of the investigation.

Data subjects rights
a. At any time, the concerned parties may exercise their rights to the data processor, in accordance to Article 15 of GDPR. Each data subject has the right to access personal data, to correct or cancel data, to limit the data processing or to oppose their processing, in addition to the right to data portability. Furthermore, the interested party is entitled to withdraw the consent at any time without prejudice to the lawfulness of the treatment based on the consent given before the revocation.
b. The concerned party has the right to make a complaint to the Authority for the Protection of Personal Data.

Procedures for the exercise of any right
The concerned party may exercise the rights at any time by calling or sending:
• a registered letter with aknowledgment of receipt to: Etea S.r.l – Via Monviso, 2 – 12037 Saluzzo (CN)
• a PEC to the e-mail address: etea@businesspec.it

Categories of personal data involved
The data processed by Etea Group are personal data and, on some occasions, sensitive data. Data are processed by Etea Group in a lawfully, fairly and transparent manner in relation to the data subject.

Specific information on the use of the website

Etea Group is dedicated to protecting privacy and wants its site's visitors to feel safe, both while browsing the site and when providing their personal data to use specific functions or services. We ask each visitor to keep in mind that the pages of our website may contain links to the websites of other, independent, subjects, for which this security declaration does not apply.

Browser and user data

Browser data
While browsing, our systems collect a number of data (e.g. access date and time, pages visited, Internet Service Provider name and IP address used for Internet access, the Internet address from which our site was accessed, etc.), the transmission of which uses web communication protocols and which may be useful to improve the management and optimize the data sending and e-mail system.
These data may also be used to collect anonymous statistical data on site use, to monitor its proper functioning, and are kept only for the time required for these purposes.

Data provided voluntarily by the use
In order to access certain services or functions, or to send requests, people browsing the site may send personal data to Etea Group (e.g. e-mail address, login data). Etea Group will process these data only to permit the provision of the services or functions and to manage requests.

Cookie

What is a cookie?
Websites use cookies to recognize users during a session. According to the Privacy Commissioner, they are "small bits of text file" composed of letters and numbers that "are sent by the sites visited by users to the computer (generally the browser) where they are saved in order to be sent back to the sites at the next visit by the same user".

Etea Group web site cookies
Etea Group uses session cookies (not saved on the user's computer but deleted when the browser is closed) limited to sending session identifiers (composed of random numbers generated by the server to which you are connected) necessary to use the site and correctly display its contents.

Third party cookies
Etea Group uses services offered by Google and Google Analytics to collect, aggregate and analyze data in order to better understand how the site is used. Etea Group uses these cookies to collect anonymous and aggregated data for a limited time. The data is used, for example, to monitor and analyze site use, improve its functions and more accurately choose content and graphic design, in order to meet visitors' expectations.
Information on how Google Analytics is used and its privacy policy are available on this link. To deactivate these specific cookies, Google provides a free plugin that can be installed on major browsers. If you do not accept these cookies, certain functions on the site may not be available.

Consent to cookie installation
Users/visitors may decide whether to allow the installation of cookies on their computer. Cookie settings can be controlled and modified using the browser's "Preferences". By default almost all web browsers are set to automatically accept cookies. You can modify the settings and disable cookies in your browser's settings:
Chrome
Firefox
Internet Explorer
Opera
Safari
If you deactivate cookies, certain site functions may be disabled. However, even with the cookies disabled, the browser will still save a small amount of data. These data are necessary for the site's basic functions. If the user does not interact with the consent forms and exits the consent message by closing it or continuing to browse the site, consent is considered to have been given for all cookies.

Processing required by law
All of the data listed above may also be processed in order to fulfill legal obligations for the times required by the Privacy Code. Processing may also be done to determine liability in the event of computer crimes causing damage to the site, which are investigated by the judicial authorities. In this case, archiving times will depend on the duration of the investigation.

Optional data
Except as indicated for browser data, the provision of personal data is free and optional. Regarding the use of cookies, anyone browsing the site may make choices using the browser functions listed above.

This privacy policy applies from 25 May 2018, date from which the European General Data Protection Regulation is fully applicable.

Updated on Wednesday, May 23rd, 2018