PRIVACY POLICY

In compliance with the obligations provided for by the European Privacy Regulation EU/2016/679 (GDPR) we hereby intend to inform you that Polobio s.r.l., in its capacity as Data Controller and manager of the website www.polobio.it, will process your personal data, which may be collected, provided by you and/or by other subjects communicated to us, by filling in forms, browsing web pages and using services.

The processing of data will be carried out in compliance with the privacy regulations in force; marked by the principles of correctness, lawfulness and transparency and carried out in compliance with the principles of relevance, completeness and non-excessiveness.

  1. DATA CONTROLLER:

Polobio s.r.l., via Rossini n.6, 36100 Vicenza (operational headquarters: via del Progresso n.45, 36054 Montebello Vicentino), CF and VAT no. 04196790234, e-mail: info@polobio.it

  1. DATA RETENTION PERIOD:

The data collected will be kept for the period strictly necessary, however, no longer than twelve (12) months from their collection for profiling purposes and ten (10) years from their collection for administrative or legal purposes.

  1. PROCESSED DATA:

In case of newsletter subscription request (newsletter form) you will be asked for the following personal data:

– name

– e-mail address

In addition, the website makes use of cookies that process personal data. All information about cookies is available in the Cookie Policy of the website.

  1. PURPOSE OF PROCESSING:

The data collected will be processed for the following purposes:

(a) For sending newsletters;

  1. b) For operational and organizational needs;
  2. c) To fulfill any type of obligation required by laws, regulations or EU legislation;
  3. d) For requirements to monitor the way services are provided, the progress of relations with suppliers and the analysis and management of risks related to the contractual relationship.
  4. e) To respond to requests that you may forward.
  5. METHODS OF PROCESSING:

Processing will be carried out in a manual or partially automated manner.

Processing may consist of the following operations: collection, registration, organization and storage, consultation and use, processing, modification selection, extraction, comparison, interconnection, transmission and communication, cancellation and destruction, blocking and restriction.

The processing will be carried out both with the use of paper media and with the aid of electronic, computer and telematic tools suitable to guarantee the security and confidentiality of the data themselves in accordance with the provisions of Article 32) of the European Privacy Regulation EU/2016/679 (GDPR).

In the performance of processing operations will, however, always be adopted all technical, computer, organizational, logistical and procedural security measures so that the minimum level of data protection required by law is guaranteed. The above-mentioned methodologies, applied for processing, will guarantee access to the data only to authorized persons.

  1. REQUIRED AND OPTIONAL DATA:

The provision of data is:

– obligatory and does not require Your consent for the achievement of purposes related to obligations provided for by laws, regulations or community norms.

– Indispensable and does not require your consent for personal data essential for the proper functioning of the website (e.g. technical cookies).

– Indispensable and does not require your consent for personal data collected to respond to your requests

– Optional and requires Your explicit consent for certain statistical features, including third-party features such as e.g. Facebook pixels and Google Analytics. You will be asked for your consent via a “banner” and can be expressed by placing a check in the appropriate box.

Any refusal, albeit legitimate, to provide all or part of the above data could make it difficult to access and use the website.

  1. DATA PROCESSORS:

The subjects or categories of subjects who may become aware of the data or to whom the data may be communicated are the following: IT consultants, collaborators, consultants or consulting firms, IT service providers (cloud, hosting, mailing), providers of other services.

Personal data may also be disseminated, but only in aggregate, anonymous form and for statistical purposes.

If the processing could also involve personal data falling within the category of “sensitive” data (i.e., data disclosing racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership in parties, trade unions, associations or organizations of a religious, philosophical, political or trade union nature, as well as personal data disclosing health and sex life) or “judicial” (i.e. data suitable for revealing measures relating to criminal records, the register of administrative sanctions dependent on crime and related pending charges or the quality of defendant or suspect) the processing will be carried out in accordance with the guarantee measures ordered by the Privacy Guarantor and for the purposes strictly necessary for the fulfillment of contractual and/or legal obligations.

Personal data may also be communicated to Public Bodies, Police Forces or other Public and Private Subjects, but exclusively for the purpose of fulfilling legal obligations.

The data in question will not be communicated to other subjects other than those envisaged in this information notice, and the data apt to reveal the state of health of the interested party will not, in any case, be disseminated.

  1. PLACE OF PROCESSING:

The processed data is stored within the European Union. In some cases, our suppliers (e.g. Google, Microsoft, Facebook, etc.) may also transfer it outside the EU, but only on the basis of an adequacy decision of the European Commission and in the presence of adequate privacy guarantees.

  1. RIGHTS OF THE DATA SUBJECT:

In any case, you may always request at any time a copy of your personal data, information regarding the location where your personal data is processed and an updated list with the identification details of all Data Processors and System Administrators authorized to process your data.

At any time, you may freely revoke the consent given, without any burden and prejudice to the lawfulness of the processing carried out up to that moment, and exercise the following rights of the data subject vis-à-vis the Data Controller as provided by the European Privacy Regulation EU/2016/679: Access, Rectification, Cancellation, Limitation, Opposition, Portability.