Cookie Policy – Website Users
Who are we and what do we do with your personal data?
Sisma S.p.A., with registered office in (36013) Piovene Rocchette (VI), via dell’industria 1, in the person of its pro tempore legal representative, hereinafter the Data Controller, protects the confidentiality of your personal data and provides it with the necessary protection from any event that may put it at risk of violation.
For the Pixel cookie, Sisma S.p.a. and Facebook Limited headquartered at, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland act as Co-Processors,
For this purpose, the Data Controller implements policies and practices regarding the collection and use of personal data and the exercise of your rights under applicable law. The Data Controller is responsible for updating the policies and practices adopted for the protection of personal data whenever necessary and in any case in the event of regulatory and organisational changes that may affect the processing of your personal data.
Sisma S.p.a. and Facebook have a specific internal Privacy Office and have also appointed pursuant to EU Regulation 679/2016 a Data Protection Officer who can be contacted at the following email addresses:
Facebook provides the following link to contact the DPO: https://www.facebook.com/help/contact/540977946302970
How does Data Controller collect and process your data?
Your personal information will be processed for:
- Browsing the site www.sisma.com
The processing of your personal data, such as navigation data e.g. the IP address and cookies issued by browsing the website www.sisma.com are processed by the Data Controller to manage the website and to collect information of an aggregate nature.
Your personal data will not be in any way disseminated or disclosed to unspecified subjects.
- Communication to third parties and recipients
The communication of your personal data takes place mainly towards third parties and/or recipients whose activity is necessary for the performance of the activities related to the aforementioned purposes, and also to meet certain legal obligations. Any communication that does not respond to these purposes will be subject to your consent.
In particular, your data will be disclosed to third parties / recipients for:
- the performance of the service (e.g. IT service provider);
- communications to the financial administration, and public supervisory bodies and control towards which the Data Controller must fulfill specific obligations deriving from the specificity of the activity carried out;
The personal data that the Data Controller processes for this purpose are:
- browsing data (IP address)
- IT Security
The Data Controller processes, also through its suppliers (third parties and/or recipients), your personal data (e.g. IP address) or traffic data collected or obtained in the case of services displayed on the website, to the extent strictly necessary and proportionate to ensure the security and capacity of a network or its servers to withstand, at a given level of security, unforeseen events or unlawful or malicious acts that compromise the availability, authenticity, integrity and confidentiality of retained or transmitted personal data.
For these purposes, the Data Controller envisages procedures for the management of personal data breach.
What are cookies and what are they used for
A “cookie” is a small text file created by certain websites on your computer when you access a particular website for the purpose of storing and transporting information. Cookies are sent from a web server (which is the computer on which the website you are visiting is running) to your browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and stored on your computer; they are then re-sent to the website at the time of subsequent visits.
Some operations could not be carried out without the use of cookies, which, in some cases, are therefore technically necessary. In other cases, the website uses cookies to facilitate your browsing or to allow you to take advantage of specifically requested services.
Cookies may remain in the system for long periods and may also contain a unique identification code. This allows the sites that use them to keep track of your browsing within the website itself, for statistical or advertising purposes, to create your personalised profile from the pages you visited and show and/or send you targeted advertising (known as Behavioural Advertising).
Which cookies are used and what are their main purposes
The www.sisma.com website uses different types of technical, functional and analytical cookies.
For more information, you can consult the Joint Controllers Agreement at the following links
Facebook: https://www.facebook.com/legal/controller_addendum
The Data Controller shows below the specific categories of cookies used, the purpose and the consequence that derives from their deselection:
|
TYPE OF COOKIE |
FIRST/ THIRD PARTY |
PURPOSE |
RETENTION TIMES |
CONSEQUENCE IN CASE OF DESELECTION |
|
Technical Cookies |
FIRST PARTY |
Site management. They allow the operation and safe and efficient exploration of the website |
Valid for the browsing session |
These are necessary cookies for the use of the site, block them does not allows them to function |
|
Functional Cookies |
FIRST PARTY |
Facilitate navigation and the service rendered to the user according to a set of criteria selected by the user |
Valid for the browsing session |
It would not be possible to maintain the choices made by users during browsing |
|
Analytics cookies (Misurazione) |
FIRST PARTY |
Collect information in aggregate form on the users browsing for optimize the browsing experience and services themselves |
14 months |
It wouldn’t be possible for the Data Controller acquire the aggregate information |
|
JOINT CONTROLLERS |
||||
|
TYPE OF COOKIE |
PURPOSE |
RETENTION TIMES |
CONSEQUENCE IN CASE OF DESELECTION |
|
|
Facebook cookie pixel (Marketing) |
Used for advertising campaigns |
Established by Facebook |
Retargeting would not be possible |
|
Retargeting cookies do not allow the acquisition of data that can directly identify you, such as your first and last name, mailing address, plain text email address, etc.
The technology used allows the same to collect a limited amount of data related to your browsing, such as the products you have viewed. This browsing data is linked to a unique identifier, i.e. an identification cookie or any other similar technology (such as mobile advertising identifiers and non-cookie technologies) depending on your browsing environment.
For any further information on data usage with respect to the Facebook Pixel here the link https://www.facebook.com/legal/terms/businesstools/
Third-party cookies
This website doesn’t use third-party cookies
Social buttons
The website www.sisma.com contains special “buttons” (called “social buttons/widgets”) that represent the icons of social networks (e.g. Facebook, LinkedIn) and other web services (e.g. Youtube). These buttons allow users who are browsing the websites to interact with a “click” directly with the social networks represented there. In this case, the social network acquires data relating to the user’s visit, while the Data Controller will not share any browsing information or user data acquired through its website with social networks accessible through Social buttons/widgets. These services release “third-party cookies”. Below are the links to the privacy policies of the most used social networks and websites to which the buttons refer:
- for Facebook: https://www.facebook.com/help/cookies
- for Linkedin: https://www.linkedin.com/legal/cookie_policy
- for Youtube: https://policies.google.com/technologies/cookies?hl=it
Deselecting and activating cookies “review your cookies choices”
What happens if you do not provide your data?
We invite you to take a look at the consequences of deselecting individual cookies, as shown in the table above.
How, where and for how long are your data stored?
How
Data processing is carried out through IT procedures by internal subjects authorized and trained for this purpose. They are granted access to your personal data to the extent and within the limits required for carrying out the processing activities that concern you.
The Data Controller periodically checks the tools by means of which your data is processed and its security measures, which it constantly updates; it makes sure, also through the subjects authorized to process data, that personal data for which processing is not necessary is not collected, processed, stored or retained; it makes sure that the data is retained with the guarantee of integrity and authenticity of its use for the purposes of the processing actually carried out.
Where
The data are stored in computer and telematic archives also located outside the European Economic Area. In particular:
US – Adhesion Data Privacy Framework.
How long
-Cookie:
We invite you to read the terms of retention of personal data as indicated in the table above.
-Site navigation:
Personal data are kept for the time necessary to allow navigation of the site, in any case no later than 2 months, except in cases where events occur that involve the intervention of competent Authorities, also in collaboration with third parties / recipients to whom the activity of IT security of the Data Controller’s data, to carry out any investigations on the causes they have determined the event, as well as to protect the interests of the Data Controller relating to a possible liability related to the use of the site and related services.
What are your rights?
In substance, at any time and free of charge and without any special charges or formalities for your request, you can:
- obtain confirmation of the processing carried out by the Data Controller;
- access your personal data and know its origin (when the data is not obtained directly from you), the purposes of the processing, the data of the subjects to whom it is communicated, the period of retention of your data or the criteria used to determine it;
- update or rectify your personal data so that it is always accurate and correct;
- erase your personal data from the databases and/or files, including backup files, of the Data Controller, if, among other things, it is no longer necessary for the purposes of the processing or if this is deemed unlawful, and provided that the conditions laid down by law are met; and in any event if the processing is not justified by another equally legitimate reason;
- limit the processing of your personal data in some circumstances, for example if you have contested its accuracy, for the period required for the Data Controller to check its accuracy. You must also be informed, in reasonable time, of when the period of suspension has ended or the cause of the restriction of processing has ceased to exist, and therefore the restriction itself withdrawn;
- obtain your personal data, if received or processed by the Data Controller with your consent and/or if its processing is carried out on the basis of a contract and with automated tools, in electronic format also in order to transmit it to another data controller.
The Data Controller must do so without delay and, in any case, at the latest within one month of receipt of your request. The time limit can be extended by two months, if necessary, taking into account the complexity and the number of requests received by the Data Controller. In such cases, the Data Controller will inform you of the reasons for the extension within one month of receipt of your request. For any further information and to send your request, please contact the Data Controller at privacy@sisma.com
How and when can you oppose the processing of your personal data?
For reasons relating to your specific situation, you may oppose at any time the processing of your personal data if this is based on legitimate interest, by sending your request to the Data Controller at the address privacy@sisma.com
You have the right to have your personal data erased if there is no legitimate reason overriding the one that gave rise to your request.
Who can you complain to?
Without prejudice to any other administrative or judicial action, you may submit a complaint to the competent supervisory authority or to the authority that carries out its tasks and exercises its powers in Italy where you have your habitual residence or work or, if different, in the Member State where the violation of Regulation (EU) 2016/679 occurred.