Privacy policy and data processing statement

CUSTOMERS AND SUPPLIERS POLICY PURSUANT TO EU 2016/679 REGULATION AND TO PERSONAL DATA PROTECTION IN FORCE LAW


P.M. Italia S.r.l., as Data Controller, provides you information concerning Your personal data processing pursuant to in force law, particularly referring to Article 13 of EU Regulation 2016/679 (GDPR), relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data.


Personal data collected, administrative, fiscal, accounting, commercial, identification and judicial directly referred to the Customer/Supplier (when natural person) or, for the identification and judicial data, to other related subjects (collaborator, employee, representative) communicated in execution of relationship with the Controller and in observance and respect of disposition about processing and protection of personal data, are utilized by the Controller in compliance with the principles of decency and … and the regulation to fulfill purposes related to the execution of pre-contractual or contractual relationship. The legal reference of data processing is reacheable into the execution of precontracual negotiation or into the execution of agreement in which the Customer/Supplier has a role, or into the fulfillment of legal obligation to which the Controller is subjected.
Personal data won’t be object of automated processing. The processing of personal data for the purposes mentioned above does not require Yours written consent (Article 6 letters B and E of GDPR).


Personal data collected won’t be divulged or propagated; communication to third parties different to Controller, to Processors and Recipients pointed and nominated ex artt. 28 of 2016/679 EU Reg. is established to public authority for legal compliance and fulfillment and, if necessary for the above purposes, to third subects and companies like accounting or fiscal consultants, legal consultants, business consultants, accounting auditors, banks, third parties for IT supplying and services, involved intro the correct and regular pursue of the above described purposes. In any case the third parties processing will take place into the principles of decency and respecting in force law.


Personal data provision is compulsary to the purpose of precontracual negotiation, to agreement stipulation and management, to the fulfillment of legal obligation. The deny to provide personal data will determine partial or total impossibility to stipulate the agreement.


Personal data won’t be transferred to third countries non belonging to EU and which don’t guarantee an adeguated personal data protection level. In the case, to grant the contract execution, it is necessary to transfer personal data to non EU countries or countries which don’t guarantee an adeguated personal data protection level, it will be performed only after the settlement of an agreement between the Controller and third part subjects with appropriate protection clauses and warranties for personal data protection (ex. Standard agreement clause approved from EU Commission) or only with specific requirement in compliance to Italian and EU in force law.


The Controller of data processing is P.M. ITALIA S.r.l. legal head office in Via Bizzarri n. 31, 40010 Sala Bolognese (BO), P.I. 03446781209, mail [email protected], website www.pm-italia.com, in person of Mr. DEGLI ESPOSTI VENTURI ROBERTO legal representative.
Data Protection Officer is Mr. RIGHI MATTIA.


Acting as interested part, You have the rights of art. 15 GDPR, specifically:
1. obtain the confirmation of the existance or not of Your personal data, also if not already registered, and their communication in an intelligible way;
2. obtain the indication of:

a) personal data origin;
b) data processing purpose and modality;
c) the applicated logic in case of data processing with electronical instruments;
d) identifying information of Controller, of person in charge and designated representative in force of art. 5, clause 2 Codice Privacy and art. 3, clause 1, GDPR;
e) person and categories of individuals to which presonal data could be communicated or that could be aware of in quality of designated representative or authorized person;

3. obtain:

a) data update, rectification or, when You have interest, integration;
b) erasure, transformation to anonymous status or to block processed data in violation of law, included data for which conservation is not necessary in relation to the purpose they have been collected or successively processed;
c) the attestation that for operation mentioned al letters a) and b) are made aware to whose whom data have been communicated, except for the case that fulfillment reveals to be impossibile or need an excessive amount of resources in relation to the protected right;

4. object, entirely or in part:

a) for legitimate reasons, to Your personal data processing, even if pertinent to the purpose of the collection;
b) to Your personal data processing for the purpose of sending advertising material, direct selling, market researches, commercial communications, using automated phone call systems without operator intervention, using e-mail and/or using traditional marketing methods using phone and/or postal service. The right of objection of Data Subject, exposed at above point b), for direct marketing purposes using automated methods, is extended to traditional methods and remains valid the right to object even only partially. So Data Subject could decide to receive communications only by traditional methods or only by automated ones or neither. Where applicable, Data Subject has the rights specified in art. 16-21 GDPR (the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object processing), and also the right to complain to supervisory authority.


Data will be stored for the necessary time to fulfill administrative, accounting, fiscal purpose due to the contractual relationship and due to legal duties, anyway into the prescriptional terms fixed for rights and duties of the processing. Criteria to estabilish the period of storage are setted by Italian prescription law, civil and fiscal law concerning administrative-accounting data, also in legal protection of Controller lawful interests. Processed data will be stored by the Controller at the legal head office of P.M. Italia S.r.l..


Cookies placement and application policy

EXTENDED COOKIES POLICY PURSUANT TO EU 2009/136 REGULATION AND TO PERSONAL DATA PROTECTION IN FORCE LAW


Pursuant to personal data protection in force law, including EU 2016/679 Regulation (“GDPR”), 25 november 2009 2009/136/CE Directive, adopted in Italy with 2012 n. 69 Legislative Decree, and personal data protection supervisory authority Injunction n. 229/2014 about simplified modality to inform and acquire consent for cookies placement, P.M. Italia S.r.l., as Data Controller, provides below information about cookies setted on www.pm-italia.com domain.


In pratical and not specialized terms, a cookie is similar to a small file stored into pc by websites during browsing, useful to save preferences and to improve website performances. In this way users browsing experience is optimized. Into details, a cookie is a small dimension test string sent by a web sercver to a web client (usually a browser) and after sent back from client to server without being modified every time client access to the same portion of the same web domain. Every domain or its portion which would be browsed could set cookies. A typical internet page, for example a newspaper one, contains objects from many different doamins and each one could set/place cookies, it is normal to store in our browser many hundreds of cookies.
Cookies were often wrongly considered as real softwares and this generate wrong beliefs. Truly they are simple blocks of data, unable, by theirselves, to execute any kind of action on a computer. Specifically the can not be spyware or virus. Modern browsers allow users to decide if accept on decline cookies, but the eventual deny makes certain object unusable. For example, cookies implemented shopping cart won't work in case of deny.
Cookies are not used only on pc or similar, but also on smartphone and tablet.


Source: Wikipedia


The large variety of existing cookie on the web makes their classification difficult. Anyway it is possible to draw up a general taxonomy dividing them in different categories.
The main attribute through which we could distinguish cookie is their life cycle, which allow to separe them in:

- Session cookie: a session cookie, also known as an in-memory cookie, transient cookie or non-persistent cookie, exists only in temporary memory while the user navigates the website.[18] Web browsers normally delete session cookies when the user closes the browser.[19] Unlike other cookies, session cookies do not have an expiration date assigned to them, which is how the browser knows to treat them as session cookies.
- Persistent cookie: instead of expiring when the web browser is closed as session cookies do, a persistent cookie expires at a specific date or after a specific length of time. This means that, for the cookie's entire lifespan (which can be as long or as short as its creators want), its information will be transmitted to the server every time the user visits the website that it belongs to, or every time the user views a resource belonging to that website from another website (such as an advertisement). For this reason, persistent cookies are sometimes referred to as tracking cookies because they can be used by advertisers to record information about a user's web browsing habits over an extended period of time. However, they are also used for "legitimate" reasons (such as keeping users logged into their accounts on websites, to avoid re-entering login credentials at every visit).


È possibile poi classificare i cookie in base alla provenienza in:

- First-party cookie: normally, a cookie's domain attribute will match the domain that is shown in the web browser's address bar; these are the cookie sent to the browser directly from the visiting website. This is called a first-party cookie. They could be either persistent or session; they are managed directly from the website owner or responsible and are used, for example to guarantee technical functionality or to trace website use expressed preferences.
- Third-party cookie: a third-party cookie belongs to a domain different from the one shown in the address bar. This sort of cookie typically appears when web pages feature content from external websites, such as banner advertisements. This opens up the potential for tracking the user's browsing history and is often used by advertisers in an effort to serve relevant advertisements to each user. As an example, suppose a user visits www.example.org. This website contains an advertisement from ad.foxytracking.com, which, when downloaded, sets a cookie belonging to the advertisement's domain (ad.foxytracking.com). Then, the user visits another website, www.foo.com, which also contains an advertisement from ad.foxytracking.com and sets a cookie belonging to that domain (ad.foxytracking.com). Eventually, both of these cookies will be sent to the advertiser when loading their advertisements or visiting their website. The advertiser can then use these cookies to build up a browsing history of the user across all the websites that have ads from this advertiser.
Most modern web browsers contain privacy settings that can block third-party cookies.


At least it is possible to distinguish cookie by aim into:

- Technical cookie : are necessary for web surfing and to make user website access and navigation easier. Technical cookie are essential, for example, to access to Google or Facebook without log in every sesssion. They are essential also in really thorny operations like home banking ones or in credit card and other systems methods.
- Statistical or “analytics” cookie : were used for website optimization directly by the website owner, which could collect information in aggregated form about the number of visitors and how they act on the website. In this condition, for “analytics” cookie, are valid the same rules, in terms of policy and consent, provided for technical cookie.
- Preferences cookie: they are cookie useful to facilitate users website correct use. They are used, for example, to trace the choosen language.
- Advertising cookie: these cookie have the purpose to fournish advertising space. They could be installed by the website owner or third parties. Some are used to recognize each single banner and to know which ones have been selected and when. Some other are used to suppose a surfing user profile, to submit banner fmiliar to his behaviour and interest on the web. This “profile” is anonymous and the information collected through these cookie don't consent to identify users. In this case cookie lead to a "behavioural targeting" system.
- Social network cookie: regards cookie that consent to share browsed site content to other users. These are the cookie tipically used to activate functions like "Follow" or "Like" on Twitter or Facebook social networks. These functions consent to social network to identify their users and collect information also while surfing other websites.


Fonte: Wikipedia


This website uses only technical cookie and include components transmitted by Google Analytics, a web traffic analysis service fournished by Google, Inc. ("Google"). These cookie are used with the only aim to monitor and improve website performances.
For further information refer to: https://www.google.it/policies/privacy/partners/.
User could disable selectively Google Analytics action installing the opt-out browser add-on provided by google. To disable Google Analytics action refer to: https://tools.google.com/dlpage/gaoptout.


At the firs access to every page of the website, a short policy banner will appear on the screen. Proceeding with navigation, through the access to another part of the website or an element selection ( for example a link or an image), you are giving consent to the use of cookie.
Consent to the use of cookie is registered with a technical cookie.
User could decide to accept or deny cookie using own browser settings. Furthermore browsers consent to define different settings for first-party cookie and for third-party cookie. Attention: partial or total technical cookie disabilitation could compromise website optimal usability while third-party cookie disabilitation have no effect on website navigation. Settings could be defined specifically for each website and web application. Disabilitation procedure for most common browser could be easily found on most of web search engines tipyng the text "How to disable cookie on browser", followed by the name of the used browser.




For any doubt regarding privacy or cookie you are invited to consult Supervisory Authority website.