Privacy Policy

Dear User,

Pursuant to Art. 13 EU Regulation 2016/679 (hereinafter “GDPR”), we inform you that the processing of the data you provide will be carried out using methods and procedures aimed at ensuring that the processing of personal data is carried out with respect for the fundamental rights and freedoms, as well as the dignity of the data subject, with particular reference to confidentiality and security, personal identity and the right to protection of personal data.

Recall that processing means any operation or set of operations, whether or not by automated means, applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction (Art. 4 GDPR).

1 – Object of treatment

The data processed by SC Management s.r.l. refer to:

• Automatically collected data. The computer systems and applications dedicated to the operation of this website detect, in the course of their normal operation, certain data (the transmission of which is implicit in the use of Internet communication protocols) potentially associated with identifiable users. The data collected include the IP addresses and domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters regarding the operating system, browser and computer environment used by the user. This data is processed, for the time strictly necessary, for the sole purpose of obtaining statistical information on the use of the site and to check its regular operation. The provision of such data is mandatory as it is directly related to the web browsing experience.
• Data voluntarily provided by the user. The processing of data provided by you through the completion of collection forms, is subject to your express and unequivocal consent that you can give against the specific information for the form of reference (insert contact form information link).
• Your voluntary sending of e-mails to our e-mail addresses does not require any further disclosure or request for consent.

Cookies. The site does not use/uses first-party/third-party technical/profiling cookies which may collect users’ browsing data, the provision of which is optional and is done through the expression of free and informed consent. Cookies operate in order to analyze the effectiveness of the site and make it easier and more intuitive over time. A separate cookie policy is available for more information (insert cookie policy link).

2 – Legal basis for processing

The legal basis for such processing is found in. (i) in his express and unequivocal consent (ex Art. 6.1(a) of the GDPR); and (ii) in the legitimate interest of the Data Controller (ex Art. 6.1(f) of the GDPR).

3 – Purpose of processing

Personal data are processed for the sole purpose of improving your browsing experience.

4 – Method of treatment

The personal data you provide, will form the subject of processing operations in compliance with the above-mentioned legislation and the obligations of confidentiality that inspire the activity of the Owner. The data will be processed both by computer and on paper media as well as on any other suitable media, in compliance with the appropriate security measures pursuant to Art 5 par. 1 letter f) of the GDPR.

Processing is limited to the following operations and in the following manner:

• Data collection from the data subject;
• Computer-based recording and processing;
• xOrganization of archives in mainly automated form.

The data in question will not be disseminated, while they will or may be communicated to entities, public or private, operating within the scope of the purposes described above.

5 – Data Retention

Data collected will be kept for a period of time not exceeding the achievement of the purposes for which they are processed (“principle of limitation of storage,” Art. 5 GDPR).

6 – Access to treatment

The data will be made accessible, for the purposes mentioned in point no. 3:

• to employees/collaborators in their capacity as authorized processors, subject to appropriate appointment;
• To third parties, partners of the Data Controller.

7 – Disclosure of data

Data will not be disclosed to unauthorized third parties or disseminated in any way. To this end, processing is conducted with the use of appropriate security measures to prevent unauthorized access to the data by third parties and to ensure their confidentiality.

Without the need for express consent, the Data Controller may disclose your data for the purposes set forth in Section 3 to the following entities:

External collaborators and managers of the company assigned to perform processing operations.

8 – Data Transfer

The management and storage of personal data will take place on servers located within the European Union of the Data Controller and/or third party companies contracted and duly appointed as Data Processors.

Data will not be transferred outside the European Union.

9 – Nature of provision of data and consequences of refusal to respond

The provision of data for the purposes mentioned in Section 3 is mandatory. In their absence, it will not be possible to proceed with the navigation of this site.

10 – Rights of the data subject

According to the provisions of the GDPR, the data subject has the following rights vis-à-vis the Data Controller:

• To obtain confirmation as to whether or not personal data concerning him or her are being processed, and if so, to obtain access to the personal data (Right of Access Art. 15);
• Obtain rectification of inaccurate personal data concerning him/her without undue delay (Right to Rectification Art. 16);
• obtain the erasure of personal data concerning him or her without undue delay, and the data controller has an obligation to erase personal data without undue delay if certain conditions are met (Right to be forgotten Art. 17);
• Obtain limitation of processing in certain cases (Right to limitation of processing Art. 18);
• receive in a structured, commonly used and machine-readable format the personal data concerning him or her that he or she has provided and has the right to transmit such data to another Data Controller, without hindrance from the Data Controller to whom he or she has provided it, in certain cases (Right to Data Portability Art. 20);
• object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her (Right to object art. 21);
• Receive without undue delay notice of the personal data breach suffered by the Data Controller (Art. 34);
• Revoke express consent at any time (Conditions for Consent Art. 7).

Where applicable, in addition to the rights under Articles 16-21 GDPR (Right to rectification, right to be forgotten, right to restrict processing, right to data portability, right to object), the data subject has the right to complain to the Data Protection Authority.

11 – Ways of exercising the right

A data subject who wishes to exercise his or her rights may contact the data controller at the email address: info@sc-management.it

12 – Data Controller

The Data Controller is SC Management s.r.l. – Via XXV Maggio 13, 20040 Cavenago Di Brianza (MB) – P.I. 09874430961.

The list of data controllers and data processors can be consulted at the owner’s office mentioned above.

13 – Updating this policy

This Notice is subject to change. Any substantial changes will be sent to interested parties by notice or publication on the company website.