Information on the protection of personal data pursuant to art. 13 and 14 of Regulation (EU) 2016/679)

FINDEX FILTRATION S.r.l., with registered office in Via Indipendenza 36 – 20014 Nerviano (MI), VAT number / C.F. n. 12481050156 – Tel. 0331.580336 – e-mail info@findex.it, as Data Controller (hereinafter, the “Company” or the “Data Controller”), provides below the information common to the processing of personal data carried out in the context of its institutional website accessible electronically starting from the address: www.findex.it (hereinafter, the “Site”).

In this regard, it is specified that the information is provided only for the Site and not for other websites that may be consulted through hypertext links or widgets (e.g. social networks) published on the Site, but referring to resources outside the domain of the Owner or to the treatments that may derive from the voluntary sending of messages.

  1. Categories of interested parties and personal data processed

The Data Controller processes the personal data of natural persons (identified or identifiable) who visit and consult the Site or who voluntarily interact with the Data Controller (hereinafter, the “Users”) as part of the same.

The personal data processed are:

  1. Navigation data: the computer systems and software procedures used to operate the Site acquire, during their normal activity, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes: IP addresses or domain names of computers and terminals used by users, URI / URL (Uniform Resource Identifier / Locator) addresses of the requested resources, the time of the request, the method used when submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the users’ IT environment;
  2. Data communicated: the optional, explicit and voluntary sending of messages by filling in and submitting forms on the Site and / or to the contact addresses of the Company or to institutional profiles / pages on social media (where this possibility is foreseen) involves the acquisition of the User’s contact data necessary to respond, as well as all further and any personal data included in the registration form or in communications. Specific information will be published on the pages of the Site bearing the form or prepared for the provision of certain services.
  3. Cookies and other tracking systems: for more information on the type of cookies used, their management of use and purpose, consult the cookie policy on the Site.

(hereinafter, all, the “Personal Data“).

2. Purpose of the processing and legal bases:

The Data Controller processes the Personal Data collected in the context of the Site for the purposes and by virtue of the legal bases indicated in the following table:

What are the PURPOSES of the treatment?

What are the LEGAL BASES of the treatment?

Fulfillment of a legal obligation connected to civil, fiscal and administrative provisions, community legislation, rules, codes or procedures approved by Authorities and other competent institutions, as well as to follow up on requests from the competent administrative or judicial authority and, more in general, of public entities in compliance with legal formalities.

Fulfillment of a legal obligation to which the Data Controller is subject.

Assert and defend your rights, including through out-of-court initiatives and also through third parties, as well as prevent and detect fraudulent activities or abuse of the Site (for potentially criminal purposes, such as for example for identity theft, computer crimes, etc. ).

Pursuit of the legitimate interest of the Data Controller.

To allow Users to access the Site and navigate optimally and manage requests received through the Site.

Execution of pre-contractual measures taken at the request of the User.

Limited to the browsing data of the Users sub par. 1 point a), for the purposes of security of the Controller’s systems and to obtain statistical information on the use of the Site (such as the pages of the Site most frequently visited, the average time spent on each page), as well as to control and administer the functioning of the Site and improve the services provided.

Pursuit of the legitimate interest of the Data Controller.

To manage the contact section of the site and therefore to respond to any user requests received by filling in the appropriate form or by sending communications to the email address of the owner

Execution of pre-contractual measures taken at the request of the User.

3. Obligation to release the requested data and consequences of non-release.

Except as specified for navigation data (and, in the specific policy, for the management of cookies), the user is free to provide their personal data (via forms – on the pages that allow it – or in other ways to contacts of the Data Controller) to send requests for information or to receive commercial communications.

It is understood that failure to provide them, even partial, may prevent the Data Controller from carrying out the User’s requests and communication activities, as well as the fulfillment of any related obligations.

4. Processing methods

Personal Data will be processed by means of both manual and automated IT tools exclusively by authorized and specially trained subjects.

5. Recipients or categories of recipients of personal data

For the purposes indicated in this statement, the Personal Data of Users may be disclosed to:

  • people authorized by process the Data Controller (employees or collaborators);
  • third party service providers by the Data Controller (including IT service providers, hosting providers, web editors, as well as companies or entities that perform legal and insurance services) who will operate, if necessary, as data processors;
  • third party companies and professionals appointed to assert the rights, interests and claims of the owner arising from the relationship with the Users;
  • the State Administrations, Judicial or Administrative Authorities, Public and Private Bodies, also following inspections and verifications;
  • subjects who can access the data under the provisions of law or secondary or community legislation.

Only the category of recipients is indicated, as it is subject to continuous updates. To find the updated list of recipients, Users can contact the Owner directly, by writing to the contact details indicated in par. 9 of this information.

6. Personal data retention periods

Personal Data will be kept by the Data Controller for the time strictly necessary for the purpose for which they were collected; precisely, the Owner will keep:

  • the browsing data of the Users (indicated in paragraph 1, letter a) for the duration of the browsing session and in any case not more than seven days, except in the case of malfunctions in the systems, in which case they will be kept until the problem is resolved;
  • the data communicated by the Users (indicated in paragraph 1, letter b): 
  • with regard to personal data communicated by filling in the forms on the website, for the time necessary to process the related request;
  • Personal Data whose processing is necessary in relation to legal obligations for the duration of the law;

and in any case, for the purposes indicated in par. 2, no. 2, for a maximum of a period equal to the limitation period of the relevant actions increased by a prudential period of six months, in order to ensure the right of defense of the Company with reference to future possible disputes in court or administration.

In all cases, once the respective terms have elapsed, all Personal Data will be deleted or made anonymous. It is understood that the terms indicated may be extended in cases where storage for a further period is required in the event of any disputes, requests from the competent authorities or pursuant to applicable legislation.

7. Transfer of personal data to a third country or an international organization 

Within the scope of the aforementioned purposes, it is possible that your data will be transferred to countries belonging to the EU.

8. Rights 

Users, if the circumstances apply, will be able to exercise the following rights towards the Owner: 

  • Right of access: allows Users to obtain from the Data Controller confirmation as to whether or not Personal Data concerning them is being processed and, in this case, to obtain access to their personal data;
  • Right of rectification: allows Users to obtain the rectification / integration of inaccurate / incomplete Personal Data;
  • Right to cancellation: allows Users to obtain, in the cases provided for by law, the cancellation of their personal data;
  • Right to limitation of treatment: allows Users to obtain, in the cases provided for by art. 18, paragraph 1 of the GDPR, the limitation (i.e. the marking of personal data stored with the aim of limiting their processing in the future) of the processing of their personal data; 
  • Right to data portability: allows Users – in the event that the processing is carried out by automated means on the legal basis of the contract or consent – to receive in a structured format, commonly used and readable by an automatic device, limited to the data provided to the Data Controller, the personal data concerning him and similarly the right to transmit such data to another data controller. 

Furthermore, Users are entitled: 

  • to oppose the processing of their Personal Data for the purposes indicated in paragraph 2;
  • as well as, if they believe that the processing of their Personal Data carried out through this Site is in violation of the provisions of the GDPR, to lodge a complaint pursuant to art. 77 of the GDPR, to the National Supervisory Authority of the member state of the European Union in which the interested party has his habitual residence or place of work or where the alleged violation of his right has occurred (in the case that this State is the Italy, the subject to which you can contact is the Guarantor Authority for the protection of personal data) or to take the appropriate judicial offices (Article 79 of the GDPR).

9. Contacts

To exercise all rights, the interested party may submit a specific request by contacting the Data Controller in the following ways:

  • by mail c/o FINDEX FILTRATION S.r.l. at Via Indipendenza 36 – 20014 Nerviano (MI);
  • by sending an e-mail to the ordinary e-mail inbox  info@findex.it

10. Modifications

This privacy statement entered into force on 01/02/2022

The Company reserves the right to partially or fully modify this information or update its content, eg. following changes in the applicable law. Therefore, the Company invites the User to regularly consult the information in order to know the latest updated version in order to always be informed about the method of collection and use of Personal Data.