For us, data protection is an important issue, so we would like to inform you about the way in which your data is processed and the rights you can exercise under the current data protection regulations, in particular the EU Regulation 2016/679 (hereinafter also referred to as “GDPR”).
MIFAR S.r.l.
Via Valtellina n. 18/20, 20027, Rescaldina (MI)
E-mail: privacy@mifar.com
Phone: + 39 0331 515037
The categories of “personal data” (ex-art. 4.1 of the GDPR) processed by the Data Controller can be, as a non-exhaustive example:
Personal data can be processed for specific purposes for which the data subject has to consent to.
The retention period for personal data for the above listed purpose is
For purposes a: until the request has been answered. unless the feedback provided and the information exchanged, are necessary to demonstrate the fulfillment of any contractual obligations or arising from any legal relationships established (in which case the retention period will be equal to that indicated in the appropriate notices, issued within the framework of the forementioned relationships).
In relation to the above listed purpose, the Data Controller could communicate your data to:
* More information regarding recipients (ex-art. 4.9 of the GDPR) are available by contacting the Data Controller through the address above listed.
The Controller does not intend to transfer personal data to Countries which are not member of the EU or the SEE for the above-mentioned purpose.
The data subject can exercise the following rights, in relation to personal data mentioned in this privacy policy, as stated by the GDPR:
Regarding those purposes which require consent, the data subject can revoke his/her consent at any time, and it will affect processing from the moment of revocation, safe for conservation periods established by law. Generally, revocation of consent affects only future processing.
The above-mentioned rights can be exercised, as established by the GDPR, contacting the Data Controller to the above-mentioned contacts.
MIFAR S.r.l., in compliance to art. 19 of the GDPR, when it is possible, communicate to the recipients, to which personal data has been transferred, any corrections, cancellations or limitation of processing as requested by the data subject.
If the data subject considers that his/her right has been compromised, he/she has the right to lodge a complaint to the supervisory authority (or Data protection Supervisor), according to the methods indicated by the same authority.
If you are Italian, you can refer to the following link: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524 or by lodging a complaint by mail to the Italian Authority for the Protection of Personal Data.
8.1 In case of processing based upon consent
We inform you that the above-mentioned purposes have as lawful base the consent, and that in relation to such purposes, the data subject can revoke his/her consent at any time, and that the revocation’s effects will affect only from the time of revocation, safe for conservation periods established by law. Generally, the revocation of consent will only affect future processing. Thus, the processing which has been performed before the consent’s revocation will not be affected and will maintain its lawfulness.
The complete or partial lack of consent will not guarantee the complete performing of services, in relation to the individual purposes for which it will be negated
It must be known that, regarding the request of information, even if the consent is free and optional, it is necessary to satisfy the request. Thus, sending the request or an equivalent manifestation of will, will be considered as giving consent, which will be always revocable with the above listed consequences.
When data is no longer needed, it will be deleted. If its deletion is impossible or only possible with a disproportionate effort due to a particular storage method, the data cannot be processed and must be stored in inaccessible areas.
The use of a purely automated decision-making processes as detailed by Article 22 of the GDPR is currently excluded. Should it be decided in the future to establish such processes on a case-by-case basis, the data subject will be notified separately if this is required by law or if this information notice is updated.
Personal data will be processed both in analog and electronic format and entered in the applicable data bases which can be consulted and processed by operators and processors designated by the Data Controller who will be able to carry out the consultation, use, handling, comparison and any other appropriate operation, direct or automatic, respecting the legal requirements necessary to guarantee the confidentiality and the security of the data, as well as their accuracy, updating, and their relevancy to the declared purposes.
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.
Among the information that can be collected we have the IP addresses, the type of browser or the operating system used, the addresses in notation URI (uniform resource identifier), the domain name and the addresses of the websites from which the access or exit (referring / exit pages), the time at which the request was made to the server, the method used and information on the response obtained, further information on the user’s navigation on the site (see also the related section to cookies) and other parameters relating to the operating system and the user’s computer environment.
These same data could also be used to identify and ascertain responsibilities in case of any computer crimes against the website.
Children under 14 cannot provide personal data MIFAR S.r.l. will not be in any way responsible for any collection of personal data, as well as false statements, provided by the minor, and in any case, if you notice its use, the Controller will facilitate the right of access and cancellation forwarded by the legal guardian or by those who exercise parental authority.
This privacy policy presents its date of last update in its heading.
MIFAR S.r.l. could modify or implement changes to the privacy policy also as a consequence of future legislative changes or amedments.
The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
The controller shall communicate any rectification or erasure of personal data or restriction of processing carried out in accordance with Article 16, Article 17(1) and Article 18 to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The controller shall inform the data subject about those recipients if the data subject requests it.