Welcome to sophiaplatform.com (the “Website”).
1. Data Controller
The party that collects and processes the Personal Data in the capacity of Data Controller (hereinafter “Data Controller”) is Biesse S.p.A., with registered office in Via della Meccanica, 16, Pesaro, Italy, telephone number: +39 0721 439100, Tax Code and VAT number IT 00113220412, registered in the Companies Register of Pesaro Urbino under No. 1682.
2. Purposes and legal basis of the processing, and storage times
3. METHODS OF THE PROCESSING
When processing Personal Data that can either directly or indirectly identify the Data Subject, we strive to uphold the principle of strict necessity. For this reason, we have configured the Website in such a way as to ensure that the use of the Personal Data is minimised and to limit the processing of the same which enables the Data Subject to be identified, only processing them in case of necessity or upon the request of the authorities and/or police forces (such as, for example, in the case of data regarding traffic and your visit to the Website or your IP address).
Your Personal data will be processed using automated tools and only for the time necessary in order to fulfil the purposes for which they have been collected. They will be processed in compliance with the principle of necessity and proportionality, and we will refraining from processing the Personal Data in cases where the operations can be performed using anonymous data or other methods. We have implemented specific security measures to prevent the loss of the Personal Data as well as any unlawful or inappropriate uses of and unauthorised accesses to the same. However, please note that to ensure the security of your data, your device must be fitted with tools such as constantly updated anti-virus software, and that the provider of your internet connection must guarantee the secure transmission of the data by implementing firewalls, anti-spam filters and other similar protections.
4. Data conferral
Apart from the terms set forth applicable to browsing data, the conferral of data for any additional processing purposes is optional. However, the failure to provide these data may make it impossible for said additional processing purposes to be fulfilled.
5. Recipients of the PERSONAL DATA
Pursuant to Article 28 of the GDPR, the Data Controller must appoint the third party companies which process the Personal Data on its behalf as External Data Supervisors and provide them with adequate operating instructions (hereinafter collectively referred to as “Data Supervisors" or “Supervisors”). These parties can essentially be classed as follows:
Your data can also be processed by third parties, independent data supervisors, and specifically:
Your personal data will under no circumstances be disseminated except to the categories of parties mentioned above.
6. parties authorised to process the data
The Personal Data will be processed by employees and collaborators of the Data Controllers/Supervisors who have received adequate operating instructions and have been expressly authorised to perform the processing by the latter; Any additional indications about the scope of the communication and dissemination of your Personal Data will be provided in the individual sections of the Website.
7. Transfer of data outside the European Union
The data can be transferred abroad to countries outside the EU and in particular to the Republic of San Marino subject to the signing of the so-called Standard Contractual Clauses as drafted by the EU Commission in light of Article 46 paragraph 2 letter (c) of the GDPR.
8. YOUR RIGHTS
In relation to the processing of the personal data performed by the Data Controller, you can ask the Data Controller to access the data concerning you and to have them deleted, corrected if incorrect and integrated if incomplete. You can also request that the processing be limited in the cases envisaged by Article 18 of the GDPR, and object to the processing in cases of legitimate interest of the Data Controller.
When the processing is based on consent or a contract and is performed using automated means, you are entitled to receive your data in a structured, commonly used and machine-readable format, and if technically feasible, to freely send them to another Data Controller. Without prejudice to your right to submit any other administrative or legal claim, you are entitled to submit a complaint to the competent supervisory Authority in the member state in which you live or in the country in which the alleged breach occurred.
To exercise your rights you can send a written request, addressed to the Data Controller, to the following email address: email@example.com.
Updated on 08/06/2018.