PRIVACY POLICY
Information notice pursuant to Article 13 of Regulation (EU) 2016/679 (GDPR)
WHY THIS INFORMATION
Pursuant to Regulation (EU) 2016/679 (hereinafter “GDPR”), this page describes the methods of processing personal data. This information notice is provided in accordance with Article 13 GDPR. It does not apply to other third-party websites that may be accessed via links on this website, for which no responsibility is assumed.
Processable Personal Data
Personal data: any information relating to an identified or identifiable natural person (“data subject“); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more elements specific to their physical, physiological, genetic, mental, economic, cultural or social identity (C26, C27, C30 GDPR).
Data of customers/users.
Browsing data
The computer systems and software procedures used to operate this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes IP addresses or domain names of the computers and terminals used by users, the URI/URL addresses (Uniform Resource Identifier/Locator) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the response status from the server (successful, error, etc.) and other parameters related to the user’s operating system and IT environment.
Data provided voluntarily
The optional, explicit and voluntary sending of messages to the contact addresses listed on this site and/or the completion of data collection forms entails the subsequent acquisition of the sender’s address, necessary to respond to the requests, as well as any other personal data included.
Information on the processing of personal data through Social Media platforms
With regard to the processing of personal data carried out by the operators of the Social Media platforms used by the Controller, reference is made to the information provided by them through their respective privacy policies. The Controller processes the personal data provided by users through the pages of the Social Media platforms for the purpose of managing interactions with users (comments, public posts, etc.) and in compliance with applicable regulations.
Specific notices
Specific information notices may be available on the Site’s pages in relation to particular services or data processing operations provided.
Cookies and other tracking systems. What are they? What are they for?
For information on Cookies and other tracking systems, see the cookie policy available in the website footer and at the following link.
1. WHO IS THE DATA CONTROLLER? HOW TO CONTACT THEM?
The Data Controller is Lubra S.P.A. Via EDISON, 4 – 20007 Cornaredo (MI), represented by its Legal Representative pro tempore, who can be contacted for any information via telephone +39 02 9361171, e-mail info@lubra.com
3. PURPOSE OF PROCESSING, LEGAL BASIS, DATA RETENTION PERIOD AND NATURE OF DATA PROVISION
PURPOSE OF PROCESSING
Browsing this website.
The data necessary to use the web services is also processed for the purpose of:
- obtaining statistical information on the use of the services (most visited pages, number of visitors by time band or day, geographic areas of origin, etc.);
- checking the proper functioning of the services provided.
The data will be used to establish liability in case of potential computer crimes against the website.
LEGAL BASIS
Processing is necessary for the purposes of the legitimate interests pursued by the data controller or by a third party, provided that such interests are not overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, taking into account the reasonable expectations of the data subject and the activities strictly necessary for the operation of the site and for browsing.
(Art. 6, par. 1 lett. f and Recital 47 of the GDPR)
DATA RETENTION PERIOD
Browsing data is stored for the duration of the browsing session and, in any case, for no longer than seven days (except where necessary to ascertain crimes by the Judicial Authority).
NATURE OF DATA PROVISION
The provision of data is necessary for browsing the website.
CONTACT FORMS
PURPOSE OF PROCESSING
A) CONTACT – sending contact requests and information
LEGAL BASIS
Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Recital 44) Art. 6 par. 1 lett. b) GDPR
DATA RETENTION PERIOD
Maximum 12 months
NATURE OF DATA PROVISION
The provision of data is necessary.
Failure to provide the necessary data will make it impossible to be contacted and receive information.
4. WHO WILL PERSONAL DATA BE DISCLOSED TO? DATA RECIPIENTS
Personal data will be disclosed, depending on the purposes set out in specific areas, to subjects who will process the data as independent data controllers or as Data Processors (Art. 28 GDPR) and to individuals (Art. 29 GDPR) acting under the authority of the Controller and Processors based on specific instructions provided regarding purposes and methods of processing, for specific purposes according to the relevant area. The data will be disclosed to recipients belonging to the following categories:
- Entities providing website and communication network services, including email, hosting, and website management;
- For the “Work with Us” section, to entities managing recruitment activities;
- Competent authorities for legal obligations and/or orders from public authorities, upon request;
The list of Data Processors is available by writing to info@lubra.com or the other contact details indicated above.
5. WILL DATA BE TRANSFERRED TO NON-EEA COUNTRIES?
Personal data will not be transferred to non-EEA countries.
6. IS THERE AN AUTOMATED PROCESS?
Personal data will be processed using traditional manual, electronic, and automated means. Please note that no fully automated decision-making processes are carried out.
7. WHAT ARE YOUR RIGHTS? HOW CAN YOU EXERCISE THEM?
You may exercise your rights as set out in Articles 15 et seq. of the GDPR by contacting the Data Controller at the e-mail address info@lubra.com or using the other contact details provided above. You have the right, at any time, to request access to your personal data (Art. 15), rectification (Art. 16), erasure (Art. 17), and restriction of processing (Art. 18). The Data Controller shall inform (Art. 19) each recipient to whom the personal data has been disclosed of any rectification or erasure or restriction of processing. The Data Controller shall inform the data subject about those recipients if requested. In applicable cases, you have the right to data portability (Art. 20) and the data will be provided in a structured, commonly used, machine-readable format. You have the right to object (Art. 21), at any time, to the processing of your data based on legitimate interests.
If you believe that the processing of personal data carried out by the Controller violates Regulation (EU) 2016/679, you have the right to lodge a complaint with the Supervisory Authority, particularly in the Member State where you habitually reside, work, or where the alleged violation occurred (Garante Privacy https://www.garanteprivacy.it/), or to take legal action.
8. CHANGES TO THIS POLICY
You may exercise your rights as set out in Articles 15 et seq. GDPR by contacting the Data Controller at info@lubra.com
The Controller reserves the right to amend, update, add or remove parts of this notice. To make tracking changes easier, the notice will include the update date.
Last update: 22-02-2023
