This section includes information about how Lomac processes its users’ data.
- This policy complies with article 13 of EU Regulation No. 2016/679, on the protection of individuals with regard to the processing of personal data and on the free movement of such data, applicable to subjects who interact with Lomac, and is accessible from the home page:
- The policy applies only to Lomac’s website and not to other websites the user may reach via links published therein.
- The objective of this policy is to provide information regarding the methods, times and nature of the information that the Data Controller must provide users who access Lomac’s website, regardless of the purpose of their visit, in compliance with Italian and European regulations.
- The policy may be amended to comply with regulation changes, therefore, users are advised to check this page regularly.
- Pursuant to article 8, parag. 1, EU Regulation 2016/679, and article 2-Quinquies of Legislative Decree 196/2003, as modified by Legislative Decree 181/81, users younger than 14 years old need authorisation from their parents or a legal guardian to use the site.
II - DATA TREATMENT
1 - Data Controller
- The Data Controller is the natural or juridical person, public authority, service, or other body, who singularly or together with others, defines data processing purposes and methods. The Data Controller is also responsible for data protection.
- With reference to this website, the Data Controller is: Fabrizio Lo Manto, who can be contacted via email for queries and to exercise data subject rights, at the following address: firstname.lastname@example.org.
2 - Data Processor
- The Data Processor is the natural or juridical person, public authority, service, or other body that processes personal data on behalf of the Data Controller.
- Pursuant to article 28 of EU Regulation No. 2016/679, the Data Processor appointed by the Data Controller for Lomac’s website is: ________.
3 - Data Processing Location
- The data in Lomac’s possession are processed in Via Bruno Buozzi 26, 20097 San Donato Milanese (MI), Italy.
If necessary, data in connection with the newsletter service may be processed by the Data Processor or by subjects appointed by them for this purpose at their relevant locations.
III - COOKIES
1 - Types of Cookies
- Cookies consists of a small amount of data transferred to users’ browsers by a web server and can be read exclusively by the server who transferred them. They do not contain executable code or viruses.
- Cookies do not memorise any personal information and any identifiable data will not be saved. You may prevent the use of all or specific cookies. However, this may affect the usability of the website or the services offered. To proceed without modifying cookie settings, simply continue browsing.
Please find a list of the different types of cookies used by the website:
2 - Technical Cookies
- There are many different types of technologies used to save information on users’ computers and then collected by websites. HTML cookies are one of the most used. They are used to help users to access and navigate the website and make their browsing experience easier. They are essential to internet communications, to allow the provider to offer services to their customers.
- Instructions on how to manage and disable cookies vary depending on the browser used. In any case, users can manage or request to disable or delete cookies by changing the settings of their browser. By disabling cookies, access to certain parts of the website could be prevented or become slower.
- The use of technical cookies allows to access the website efficiently and securely.
- Cookies saved by the browser and sent back via Google Analytics or blogger statistics services or similar, are considered technical only if used to optimize the website directly by the Data Controller, who may collect information on the number of visitors and on their browsing patterns in aggregate format. At these conditions, the data processing and consent rules applicable to technical cookies are also applicable to analytical cookies.
- In terms of the time for which cookies are saved, a distinction can be made between temporary session cookies, automatically deleted at the end of a session – used to identify the user and avoid asking them to log into every page they visit – and permanent cookies, which are saved on users’ devices until they expire or are deleted by the user.
- Session cookies may be used to authenticate users and allow them to access and browse a restricted area of the website.
- They are not saved indefinitely but stored only during visits to the website, until users close their browser, at which point they disappear. Their use is limited to transmitting session IDs made of numbers generated randomly by the server to ensure a secure and efficient browsing experience of the website.
3 - Third-Party Cookies
- Based on origin, cookies can be categorised as first-party cookies, sent directly by the website the user is visiting, and third-party cookies, sent by websites other than the one the user is visiting.
- Permanent cookies are often third-party cookies.
- Most third-party cookies are tracking cookies used to record browsing activities and preferences, in order to personalise advertising.
- Third-party analytical cookies may be installed. These are sent by third-party websites.
- Third-party analytical cookies record users’ browsing information on the Lomac website. The data collected is anonymous and is required to verifying that users can interact with the website as expected and to improve its usability. Third-party profiling cookies are used to create user profiles in order to offer advertising messages in line with the choices previously made by the users.
- The use of these cookies is subject to rules set by the third parties who own them, therefore, users are advised to read the privacy policies and information on how to manage or disable cookies published on the relevant third-party web pages.
4 - Profiling Cookies
- Profiling Cookies are used to create user profiles in order to send marketing messages in line with the preferences expressed by users browsing the website.
- When these cookies are used, users will be asked to provide their explicit consent.
- Article 22 of EU Regulation 2016/679 and article 122 Data Protection Code will apply.
IV - DATA PROCESSED
1 - Data Processing Method
- Like all websites, this website saves information collected automatically during users’ visits in log files. The information collected may include the following:
- IP address;
- type of browser and parameters of the device used to visit the site;
- name of the internet service provider (ISP);
- date and time of the visit;
- web pages from which the user reaches (referral) and leaves the website;
- number of clicks.
- The information above is processed in an automated manner and collected in an aggregate format to verify that the website works as expected, as well as for security purposes. This information will be processed in the legitimate interest of the Data Controller.
- For security reasons (anti-spam filters, firewalls, virus checks), data recorded automatically may include personal data, such as the IP address, which may be used, in compliance with applicable regulations, to block attempts to cause damage to the website or other users, or carry out other malevolent or criminal activity. Data will be never used to identify or profile users, but only to protect the website and its users, and will be processed in the legitimate interest of the Data Controller.
- The information that users make public via the services and tools available to them on the website are provided by users consciously and voluntarily. This website shall not be liable for any breaches or violations in connection with such information. Users are responsible for making sure they have the authorisation to publish personal data belonging to third parties or content protected by national or international laws.
2 - Data Processing Purposes
- The data collected by the website during its operation are used for the purposes mentioned above and for the following purposes:
data requested for marketing and/or advertising via newsletter
- Data are stored for the time strictly necessary to achieve the purposes mentioned above, and, in any case, for no longer than 10 years.
- Data used for security purposes (to block attempts to cause damage to the website) are saved only for the time necessary to achieve the aforementioned purpose.
3- Data Provided by Users
- As mentioned above, by optionally, voluntarily and explicitly sending emails to the addresses published on this website, the receiver automatically acquires the users’ email addresses, required to reply to their requests, and any other details included in their emails.
- Information summaries will be provided or displayed on the relevant pages of the website dedicated to specific services on demand.
4 - Help Configuring your Browser
- Users can manage cookies via the settings of their browser. However, deleting cookies from the browser may affect the preferences set for the website.
- For further information and support, you may visit the help page specific to the browser you are using:
- Internet Explorer: http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies
- Firefox: https://support.mozilla.org/en-us/kb/enable-and-disable-cookies-website-preferences
- Safari: http://www.apple.com/legal/privacy/it/
- Chrome: https://support.google.com/accounts/answer/61416?hl=it
- Opera: http://www.opera.com/help/tutorials/security/cookies/
DATA SUBJECT RIGHTS
Article 3 of EU Regulation 2016/679 lists the rights of data subjects.
- Lomac’s website informs users of their rights based on the following articles of EU Regulation 2016/679:
- a) data subjects have the right to request the Data Controller to access their data (article 15); the right to rectify the data provided (article 16); the right to integrate or limit the use of their data (article 18); the right to object to the use of their data, for legitimate reasons (article 21); and also have data portability rights (article 20);
- b) pursuant to article 17, data subjects may request the cancellation, anonymization or blocking of data that was processed unlawfully, including data whose retention is unnecessary for the purposes for which it was collected or subsequently processed.
- c) data subjects have the right to obtain certification to the effect that the operations to update, rectify, integrate, erase and block their data have been notified, also in relation to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
- Requests can be made informally to the Data Controller or, alternatively, using the model set by the Data Protection Authority, or sending an email to the address: email@example.com
- When data processing is based on article 6, parag. 1, letter a) – express consent to use data – or on article 9, parag. 2, letter a) – express consent to use genetic, biometric, or medical data, data revealing religious or philosophical believes, membership to union organisations, race or ethnicity, political opinions – users have the right to revoke their consent at any time, without prejudice to the processing occurred before the consent was revoked.
- Data subjects may report violations of the Regulation to the Data Protection Authority, competent on the matter within Italian territory.
- For further information on your rights, please see articles 15-22 of EU Regulation 2016/679.
VI - DATA TRANSFER TO NON-EU COUNTRIES
This website may share some of the data collected via third-party services based outside the European Union. Specifically, Google, Facebook and Microsoft (LinkedIn) via social plug-ins and the Google Analytics service. Data transfers are authorised and strictly regulated by article 45, parag. 1, of EU Regulation 2016/679, therefore, no additional consent is required. The above-mentioned companies all adhere to the Privacy Shield.
- Data will never be transferred to third-party countries who do not meet the requirements set by article 45 et seq. of the EU Regulation.
VII. DATA SAFETY
This website processes users’ data lawfully and fairly, adopting the necessary security measures aimed at preventing unauthorised access, diffusion, change or destruction of data. Data processing is carried out with electronic and/or telematic data, with organizational methods and logics appropriate for the above-mentioned purposes.
- In addition to the Data Controller, in some cases your data may be accessed by Data Processors involved in the organization of the website (administration, sales, marketing, legal and system administration staff), or external subjects (suppliers of technical services, postal carriers, hosting providers, IT companies, communication agencies).
VIII. AMENDMENTS TO THIS POLICY
- It is subject to amendments and updates. Users are advised to regularly visit this page to keep up to date with the latest legislation applicable.
- The previous versions of the policy will remain accessible from this page.
- The policy was updated on 27/07/2020 in compliance with the applicable regulations, and particularly EU Regulation 2016/679.