INFORMATION ON THE PROCESSING OF PERSONAL DATA

In compliance with the obligations arising from national (Legislative Decree 30 June 2003 No. 196, Code for the Protection of Personal Data) and Community legislation, (European Regulation for the Protection of Personal Data No. 679/2016, GDPR) and subsequent amendments, the Company Soleto S.p.A., with registered office in Milan, Via Don Giovanni Minzoni 1, P. IVA 10640540158, in its capacity as Data Controller, informs about the methods and purposes of the processing of personal data, collected during the navigation on the site www.soletospa.it.

Data will be processed in full compliance with legal obligations and principles, ensuring full protection of the fundamental rights and freedoms of Data Subjects.

1. Scope, sources

This policy covers only data collected while browsing www.soletospa.it.

The applications dedicated to the operation of the above site may collect, in the course of navigation, certain data, not directly associated with the person concerned, the transmission of which is implicit in the use of Internet communication protocols.

2. Owner, managers and appointees

The Data Controller is Soleto S.p.A. with registered office in Milan, Via Don Minzoni 1 P.IVA 10640540158.

The Data Protection Officer (or, Data Protection Officer-DPO) is Lawyer. Silvia Mantelli, who can be contacted by certified mail: silvia.mantelli@milano.pecavvocati.it or regular email: dpo@soletospa.it, to whom the data subject can turn for all matters relating to the processing of his or her personal data and for the exercise of the rights provided by the GDPR.

The updated list of data processors and processors is kept at the registered office of the Data Controller.

3. Data Subject of Processing

The data collected may include, but are not limited to, the IP address, the type of computer browser used for the connection, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request and other parameters regarding the operating system and thus also the device you are using.

Such data do not, in any case, allow Soleto S.p.A. to arrive at your identity and are therefore to be considered anonymous.

This site does not use Cookies.

4. Legal basis and purpose of processing

Data collected by the Site are used to ensure continuity of service and for the improvement of the website and are deleted immediately after processing.

Legal basis for processing is the legitimate interest of the Owner in the proper management of its website.

The data could be used to ascertain liability in case of hypothetical computer crimes against the site.

5. Mode and duration of treatment

The data collected for the above purposes are processed by automated means, anonymously and in aggregate for the above purposes and will be processed only for the time strictly necessary for the pursuit of the above purposes.

6. Nature of data provision and consequences of failure to provide data

If the data subject does not agree to the processing of data as described above, he or she may leave the Site, ceasing to browse immediately.

Please note that, for the purpose of browsing the site, the disclosure of personal data is not required, except for the anonymous data described above, which is strictly necessary for the above purposes.

7. Data access.

Direct access to the data collected by the Site is permitted only to the Data Controller and the personnel expressly appointed by and authorized by the Data Controller.

Please remember that the Data Controller cannot in any way link the collected data with the identity of users, either directly or indirectly.

8. Disclosure of data without the need for express consent (ex art. 6 lett. (b) and (c) GDPR)

The Holder may disclose the data collected for the purposes of Art. 2 to judicial authorities, as well as to those subjects to whom communication is obligatory by law for the fulfillment of the said purposes. These parties will process the data in their capacity as autonomous data controllers.

9. Data dissemination

The data will not be disseminated.

10. Data transfer.

Personal data collected through the Site are stored on servers located at the Controller’s headquarters within the European Union. It is in any case understood that the Holder, should it become necessary, will be entitled to move the servers outside the EU as well. In such a case, the Data Controller hereby ensures that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission.

11. Rights of the data subject

In relation to the purposes of processing, each data subject is granted the exercise of the rights provided for in Articles 15 et seq. of the GDPR, in particular the right to:

• access, i.e. to obtain confirmation of the existence or non-existence of personal data concerning him/her, to know their origin, as well as the logic and purposes on which the processing is based, the recipients or categories of recipients to whom the data may be communicated, the determination of the storage period if it is possible to define it;
• Rectification of inaccurate data;
• deletion (so-called right to be forgotten), where the data are no longer necessary in relation to the purposes of collection, or where the data subject has withdrawn consent to the processing (where said consent is provided as optional or where there is no other legal basis for the processing);
• limitation, the right to obtain from the Controller the restriction of access to personal data by all individuals who have a service contract or employment contract with the Controller. In any case, the Owner guarantees access to special and judicial personal data to a limited number of people in order to still guarantee the security, integrity and correctness of said data;
• portability, the right to receive in a structured, commonly used, machine-readable format personal data concerning the data subject, with the possibility of transmission to another Data Controller. This right does not apply to non-automated processing (e.g., paper-based archives or records); furthermore, only data processed with the consent of the data subject and only if the data have been provided by the data subject are subject to portability;
• opposition, i.e., the right to object to processing for reasons related to your particular situation;
• complaint to be sent to Garante per la Protezione dei dati personali, Piazza Venezia no. 11 – 00186 Rome (garante@gpdp.it; telephone + 39 06 69677.1; fax + 39 06 69677.3785).

In addition, according to Art. 7(3) of the GDPR is recognized the right to revoke consent at any time; revocation of consent does not affect the lawfulness of processing based on consent before revocation.

12. Ways of exercising rights

You may exercise your rights under 11 above at any time by sending:

– A registered letter with return receipt to Soleto S.p.A., Via Don Minzoni 1, 20158 Milan, Italy.

– an e-mail to diritti.interessati@soletospa.it.

INFORMATION ON THE PROCESSING OF PERSONAL DATA

In compliance with the obligations arising from national (Legislative Decree 30 June 2003 No. 196, Code for the Protection of Personal Data) and Community legislation, (European Regulation for the Protection of Personal Data No. 679/2016, GDPR) and subsequent amendments, the Company Soleto S.p.A., with registered office in Milan, Via Don Giovanni Minzoni 1, P. IVA 10640540158, in its capacity as Data Controller, informs about the methods and purposes of the processing of personal data, collected during the navigation on the site www.soletospa.it.

Data will be processed in full compliance with legal obligations and principles, ensuring full protection of the fundamental rights and freedoms of Data Subjects.

1. Scope, sources

This policy covers only data collected while browsing www.soletospa.it.

The applications dedicated to the operation of the above site may collect, in the course of navigation, certain data, not directly associated with the person concerned, the transmission of which is implicit in the use of Internet communication protocols.

2. Owner, managers and appointees

The Data Controller is Soleto S.p.A. with registered office in Milan, Via Don Minzoni 1 P.IVA 10640540158.

The Data Protection Officer (or, Data Protection Officer-DPO) is Lawyer. Silvia Mantelli, who can be contacted by certified mail: silvia.mantelli@milano.pecavvocati.it or regular email: dpo@soletospa.it, to whom the data subject can turn for all matters relating to the processing of his or her personal data and for the exercise of the rights provided by the GDPR.

The updated list of data processors and processors is kept at the registered office of the Data Controller.

3. Data Subject of Processing

The data collected may include, but are not limited to, the IP address, the type of computer browser used for the connection, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request and other parameters regarding the operating system and thus also the device you are using.

Such data do not, in any case, allow Soleto S.p.A. to arrive at your identity and are therefore to be considered anonymous.

This site does not use Cookies.

4. Legal basis and purpose of processing

Data collected by the Site are used to ensure continuity of service and for the improvement of the website and are deleted immediately after processing.

Legal basis for processing is the legitimate interest of the Owner in the proper management of its website.

The data could be used to ascertain liability in case of hypothetical computer crimes against the site.

5. Mode and duration of treatment

The data collected for the above purposes are processed by automated means, anonymously and in aggregate for the above purposes and will be processed only for the time strictly necessary for the pursuit of the above purposes.

6. Nature of data provision and consequences of failure to provide data

If the data subject does not agree to the processing of data as described above, he or she may leave the Site, ceasing to browse immediately.

Please note that, for the purpose of browsing the site, the disclosure of personal data is not required, except for the anonymous data described above, which is strictly necessary for the above purposes.

7. Data access.

Direct access to the data collected by the Site is permitted only to the Data Controller and the personnel expressly appointed by and authorized by the Data Controller.

Please remember that the Data Controller cannot in any way link the collected data with the identity of users, either directly or indirectly.

8. Disclosure of data without the need for express consent (ex art. 6 lett. (b) and (c) GDPR)

The Holder may disclose the data collected for the purposes of Art. 2 to judicial authorities, as well as to those subjects to whom communication is obligatory by law for the fulfillment of the said purposes. These parties will process the data in their capacity as autonomous data controllers.

9. Data dissemination

The data will not be disseminated.

10. Data transfer.

Personal data collected through the Site are stored on servers located at the Controller’s headquarters within the European Union. It is in any case understood that the Holder, should it become necessary, will be entitled to move the servers outside the EU as well. In such a case, the Data Controller hereby ensures that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission.

11. Rights of the data subject

In relation to the purposes of processing, each data subject is granted the exercise of the rights provided for in Articles 15 et seq. of the GDPR, in particular the right to:

• access, i.e. to obtain confirmation of the existence or non-existence of personal data concerning him/her, to know their origin, as well as the logic and purposes on which the processing is based, the recipients or categories of recipients to whom the data may be communicated, the determination of the storage period if it is possible to define it;
• Rectification of inaccurate data;
• deletion (so-called right to be forgotten), where the data are no longer necessary in relation to the purposes of collection, or where the data subject has withdrawn consent to the processing (where said consent is provided as optional or where there is no other legal basis for the processing);
• limitation, the right to obtain from the Controller the restriction of access to personal data by all individuals who have a service contract or employment contract with the Controller. In any case, the Owner guarantees access to special and judicial personal data to a limited number of people in order to still guarantee the security, integrity and correctness of said data;
• portability, the right to receive in a structured, commonly used, machine-readable format personal data concerning the data subject, with the possibility of transmission to another Data Controller. This right does not apply to non-automated processing (e.g., paper-based archives or records); furthermore, only data processed with the consent of the data subject and only if the data have been provided by the data subject are subject to portability;
• opposition, i.e., the right to object to processing for reasons related to your particular situation;
• complaint to be sent to Garante per la Protezione dei dati personali, Piazza Venezia no. 11 – 00186 Rome (garante@gpdp.it; telephone + 39 06 69677.1; fax + 39 06 69677.3785).

In addition, according to Art. 7(3) of the GDPR is recognized the right to revoke consent at any time; revocation of consent does not affect the lawfulness of processing based on consent before revocation.

12. Ways of exercising rights

You may exercise your rights under 11 above at any time by sending:

– A registered letter with return receipt to Soleto S.p.A., Via Don Minzoni 1, 20158 Milan, Italy.

– an e-mail to diritti.interessati@soletospa.it.