Pursuant to articles 13 and 14 of the GDPR (General Data Protection Regulation) 679/2016
BASIS PLANT SERVICES SRL (single shareholder company), with registered office in Florence (50127), Via Panciatichi n.40 (Building B11) and administrative office in Prato (59100), Via Valentini n.14, plant@basisgroup. com, in its capacity as Data Controller and of the website www.basispant.it, in the person of its pro tempore Legal Representative, hereby informs on how to manage the site in relation to the processing and protection of the personal data of the subjects ( Interested parties) who browse the site, with direct access from the home page or from internal pages, and interact with it.
Basis Plant Services Srl undertakes to protect the confidentiality of the personal data of the interested party and to guarantee the necessary protection from what could put them at risk of violation. In any case, all data is processed in compliance with the law and the confidentiality obligations imposed by it.
Data processing is based on principles of correctness, lawfulness, transparency and protection of the privacy and rights of the interested parties.
This information is valid only and exclusively for the website of which the company is the owner and not for other sites consulted by the user through links that may be activated on the pages of the aforementioned.
DATA PROCESSED AND PURPOSE
Basis Plant Services Srl may process the data of the interested party for the following activities.
1 – Activities related to navigation on the site by the interested parties
The computer systems and software procedures used to operate the website indicated above acquire, during their normal operation, some personal data relating to navigation, the transmission of which is implicit in the use of Internet communication protocols.
This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.
The data collected in this way could be used to ascertain responsibility in the event of any computer crimes against the site.
3 – Respond to requests for information and contact
The processing of personal data is aimed at following up and providing feedback to the requests of the interested party sent by e-mail to the company mail addresses present on the various pages of the site (e.g. spontaneous sending of the curriculum vitae), by direct telephone calls to company numbers, through the social media pages on which the company is present (e.g. Linkedin) and by sending faxes.
The sending/communication of data is optional, explicit and voluntary.
NATURE OF THE PROVISION OF DATA AND LEGAL BASIS OF THE TREATMENT
Navigation data, cookies and requests for information are processed as necessary to implement IT and telematic protocols, to comply with the legal obligations to which the Data Controller is subject, as well as to respond to requests from the interested party.
The provision of personal data by the interested parties is free and optional.
The processing of personal data carried out by Basis Plant Services Srl is necessary to fulfill the pre-contractual measures and carried out at the request of the interested party (expressed during the browsing experience and manifested when consulting the website).
DATA COLLECTION AND PROCESSING METHODS
Basis Plant Services Srl, as Data Controller, collects and/or receives the information concerning the interested party, released while browsing the site www.basispant.it.
The data collected through the website indicated above are processed through IT and telematic procedures. The technical data are stored on the company’s servers to which all the technical and organizational security measures provided for by EU Regulation n. 679/2016.
The processing of such information is necessary for the Owner to manage the site and to respond to requests for information from interested parties.
Any refusal to provide personal data will make it impossible for the Data Controller to manage and respond to the communication or request for information.
DATA COMMUNICATION, AUTHORIZED APPOINTMENTS AND EXTERNAL MANAGERS
The data collected will not be disclosed, sold or exchanged with third parties without the express consent of the interested party, except for any communications to third parties, for the performance of the activities necessary to fulfill the aforementioned purposes, authorized and committed to confidentiality, or in the case appointed data processors (such as, for example, IT support companies and hosting companies), ex. art. 28 of the GDPR 679/2016. The data may be communicated to the competent authorities, according to the terms of the law.
The updated list of appointed internal authorized personnel and appointed data processors is kept at the operational headquarters of the Data Controller.
PLACE OF PROCESSING AND DATA STORAGE TIMES
The data is processed and archived at the headquarters of the Data Controller and by companies in charge of carrying out technical IT and development activities located within the European Union.
The personal data provided by the interested party with navigation as well as cookies (which are available to the user who can autonomously delete them) are kept for a period strictly necessary for the fulfillment of legal obligations, after which they are automatically deleted, except for the need to keep them for a longer period following requests from the competent authorities regarding the prevention and prosecution of crimes or, in any case, to assert or defend a right in court. They can be disabled at any time
The data provided for the purposes connected to point 3, requests for information and contact, will be kept for the time necessary to fulfill the purposes of the treatment and in any case no later than 5 years from the communication of the same by the interested party, with the exception of cases in which events occur that involve the intervention of the competent Authorities, also in collaboration with the third parties/recipients responsible for the IT security activity of the Data Controller’s data, to carry out any investigations into the causes that led to the event.
RIGHTS OF THE INTERESTED PARTY
The interested party, compatibly with the above all temporal limits established for the processing of personal data, will be able to exercise your rights towards the Data Controller, pursuant to articles from 15 to 22 of the GDPR 679/2016, namely:
request access to the data available to the Data Controller;
request the rectification/updating of inaccurate or incomplete data;
request the deletion of data; The personal data provided with navigation as well as the cookies (which are available to the user who can autonomously delete them) are kept for a period of seven days, after which they are automatically deleted. request the limitation of the treatment;
oppose the treatment;
request direct transmission from one holder to another (portability);
withdraw consent, where required (the withdrawal of consent does not affect the lawfulness of the treatment based on the consent before the withdrawal);
request not to be subjected to a decision based solely on automated processing, including profiling.
For any further information and in any case to send your request, you can contact Basis Plant Services at the address email@example.com.
Without prejudice to any other administrative or judicial action, if the interested party believes that the processing of the data provided violates the legislation on the protection of personal data, he has the right to lodge a complaint with the supervisory authority for data protection personal (Privacy Guarantor).