COOKIES AND PRIVACY

INFORMATION ON PERSONAL DATA PROCESSING

PRIVACY AND COOKIE POLICY

Pursuant to EU Regulation No. 679/2016 (GDPR)

This information is provided pursuant to Regulation (EU) 679/2016 (hereinafter “Regulation” or “GDPR”) and describes the methods of processing personal data of users who consult and use this website, accessible at www.nuovavm.it (“Site”). It does not concern other external websites or online services that may be accessible through links present on the Site.

Following consultation of the Site, data relating to users who access the site may be processed (defined as “data subjects”, as natural persons identified or identifiable).

The data controller is VM S.P.A. with headquarters in Sassuolo (MO) at via Pordoi 6/8, ZIP 41049 – VAT No. 01778370369 email: nuovavm@nuovavm.it, PEC: vm@pec.confindustriamodena.com

1. Why do we process your data?

VM S.P.A. guarantees that personal data provided by the user during site navigation will be used exclusively for the following purposes:

1. a) access and use of services and functionalities present on the site;
2. b) compliance with obligations possibly required by law and European regulations;
3. c) compliance with operational and management requirements internal to the Controller and related to services offered through the site;
4. d) in completely anonymous and aggregated form, for statistical purposes.

In the event that the use of collected data occurs for other purposes, the user must be previously informed and provide, for each possible additional processing intended to be carried out, an express and explicit manifestation of consent.

2. What data do we process?

Depending on the service provided, personal data of different types may be processed, as specified in this article.

Navigation data

The computer systems and software procedures responsible for the operation of this site acquire, during their normal operation, some personal data whose transmission is implicit in web site navigation. This information is not collected to be associated with identified data subjects; however, by their very nature they could, through processing and associations with data held by third parties, allow users to be identified. These include IP addresses or domain names of computers used by users connecting to the site, URL addresses of requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server and other parameters relating to the operating system and platform used by the user.

The above data is used solely for the purpose of obtaining anonymous statistical information on site usage and to monitor its correct functioning; it is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this possibility, currently the data on web contacts does not persist for more than seven days. Regarding cookies, reference is made to art. 6 that follows.

Data voluntarily provided by the user (communications)

The optional, explicit and voluntary sending of communications by means of contact forms present on the page https://nuovavm.it/contatti/ or by email to the addresses indicated on the Site, involves the subsequent acquisition of data communicated by the user, including their email address, and consent to receive any response messages to their requests.

Personal data thus provided is used solely for the purpose of satisfying or responding to transmitted requests and is communicated to third parties only if this is necessary for such purpose.

3. Provision, processing methods and data retention period

The provision of personal data is mandatory only for the purposes referred to in art. 1, paragraph 1, as the legal basis for processing is the execution of the services requested by the user, namely the use of the site and services made available through the site. Any refusal to such processing may therefore prevent the execution of requested services; it will however be possible to consult the Site without providing any personal data, although in this case, some functionalities or characteristics of the site may be disabled.

2. The provision of personal data for processing activities for the purposes referred to in art. 1, paragraph 2, conversely is not mandatory, as the legal basis for processing in this case will always be the user’s informed, free and optional consent. In the absence of explicit consent, such possible services will not be provided without further consequences. Should the user not intend to provide their consent for such purposes, where introduced by the Controller, they may still use the Site and services for the purposes referred to in art. 1, paragraph 1.
3. Personal data is processed lawfully and fairly and used only for the purposes indicated in art. 1 paragraph 1. Processing will be carried out using suitable tools to guarantee the security and confidentiality of personal data and with automated tools suitable for storing, managing and transmitting the data itself. Specific security measures are adopted to prevent data loss and contain the risks of illicit or incorrect use and unauthorized access.
4. Personal data will be retained for the times prescribed by legal provisions and, in any case, for the time strictly necessary to follow up on the activities for which they were collected and/or until revocation of consent given in the case where processing is carried out for the purposes referred to in art. 1, paragraph 2.
5. To whom can the collected data be communicated?
6. Processing connected to the web services of this site is handled only by technical personnel expressly appointed for processing, internal and/or external to the Controller. In particular, where necessary only with prior consent, data may be communicated to third parties whose collaboration VM S.P.A. may and/or must use for the performance of services offered. Data acquired via web, or otherwise deriving from web services, may be communicated to technological and instrumental partners that the Controller uses for the provision of services requested by users always in compliance with the purposes indicated in the art. 1. For this purpose, subjects who will have access to personal data will be specifically authorized for processing by the Controller and, if required, appointed as Data Processors, pursuant to arts. 28 and 29 of the GDPR.
7. Data collected for the purposes set out above may also be communicated to companies connected or belonging to the same corporate group as the Controller and to subjects authorized for this purpose by legal provisions and European regulations.
8. A list of subjects to whom the Controller communicates personal data collected for the aforementioned purposes is available and can be consulted at the Controller’s headquarters and may be requested at the indicated contacts.
9. What are your rights?
10. The data subject is the natural person, identified or identifiable, to whom the personal data subject to processing refers and, therefore, the user who accesses the site and who uses the services made available through the site itself.
11. Each data subject is recognized the right to access at any time the data concerning them in order to verify their correctness and to verify the lawfulness of the processing carried out. The data subject may also exercise all rights recognized by current national and European legislation on the protection of personal data: in particular, they may request at any time the correction and updating of incorrect or inaccurate data, limitation of processing carried out and deletion of the same (right to be forgotten), as well as file a complaint with the Data Protection Authority.
12. With reference to personal data processed by automated means, the data subject may also receive in structured and commonly used format the data concerning them and transmit them, if necessary, to another data controller (right to data portability).
13. Each data subject is also recognized the right to revoke at any time the consent given, without prejudice to the lawfulness of processing carried out by the Controller before such revocation, as well as the possibility to object to the processing of data concerning them should it be carried out for direct marketing purposes by the Controller; in this case their data will no longer be subject to processing for such purposes, depending on the specific consent previously given, by the Controller or any third parties (right of objection).

6.1 Cookies – General information

What are they? Cookies are information stored through the browser when a website is visited with any suitable device (such as a PC, tablet or smartphone). Each cookie contains different data (e.g., the name of the server from which it comes, a numerical identifier, etc.), can remain in the system for the duration of a session (or until the browser is closed) or for long periods and can contain a unique identification code.

What are they used for? Cookies are used for different purposes depending on their type: some are strictly necessary for the correct functionality of a website (technical cookies), while others optimize its performance to offer a better user experience or allow the acquisition of statistics on site usage, such as analytical cookies or allow the display of personalized advertising, such as profiling cookies.

Consent: any provision of user consent may be stored by controllers, as far as their competence is concerned, through a technical cookie.

How to disable them? It is possible to disable cookies both through browser settings (see the paragraph “How to disable cookies? General information”) and through mechanisms made available by some third parties.

6.2 General types of cookies used on the site

Technical cookies (first party): they are essential for correct functioning, site display and storage of user consent to cookie usage.

Technical cookies (third party): they are essential for correct functioning and site display, to indicate user authentication and for payment service management.

Analytical cookies (third party): they are used for aggregate analysis purposes of site visits, through recourse to a third-party service.

Profiling cookies (third party): they are used to create profiles relating to the user and are used for the purpose of sending advertising messages in line with preferences expressed by the same in the context of web navigation, through recourse to a third-party service.

6.3 Cookies used on the site

First-party cookies: technical cookies are used for the following purposes: storing user preference regarding cookies, session authentication (for the staff-only reserved area).

Technical cookies

These cookies allow the site to function correctly and improve your browsing experience within our site. These cookies are necessary for site operation.

Third-party cookies: various third-party cookies are used. Below are the links to the privacy policies of the respective third parties, also for their specific disabling (without prejudice to what is provided in the paragraph “How to disable cookies?”):

Analytical Cookies

Privacy Policy: http://www.google.com/intl/it_ALL/analytics/learn/privacy.html

Opt out link: https://policies.google.com/technologies/partner-sites?hl=it

Profiling cookies

Privacy Policy: http://www.google.com/intl/it_ALL/analytics/learn/privacy.html

Opt out link: https://policies.google.com/technologies/partner-sites?hl=it

Furthermore, through the related “Google Maps” function, the geographical location of the Controller is indicated. The privacy policy of “Google Maps” can be consulted at the following link: https://maps.google.it/intl/it/maps/about/behind-the-scenes/streetview/privacy/.

6.4 How to disable cookies? General information

Browser control: Commonly used browsers (e.g., Internet Explorer, Firefox, Chrome, Safari) accept cookies by default, but this setting can be modified by the user at any time. This applies to both PCs and mobile devices such as tablets and smartphones: it is a generally and widely supported function.

Therefore, cookies can easily be deactivated or disabled by accessing the options or preferences of the browser used and generally only third-party cookies can also be blocked; in general, such options will have effect only for that browser and on that device, unless options are active to unify preferences on different devices. Specific instructions can be found on the options or help page of the browser itself. The disabling of technical cookies, however, may affect the full and/or correct functioning of various sites, including this site.

Normally, browsers used today:

• offer the “Do not track” option, which is supported by some websites (but not all). In this way, some websites may no longer collect certain browsing data;
• offer the option of anonymous or incognito browsing: in this way no data will be collected in the browser and browsing history will not be saved, but browsing data will still be acquirable by the manager of the visited website;
• allow deletion of stored cookies in whole or in part, but on a new visit to a website they are normally installed where this possibility is not blocked.

The links to the support pages of the most widely used browsers are indicated (with instructions on disabling cookies on such browsers):

• Firefox (https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie);
• Internet Explorer (https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies);
• Safari (iOS) (https://support.apple.com/kb/ph21411?locale=it_IT);
• Chrome (https://support.google.com/chrome/answer/95647?hl=it).

Third-party cookies: third-party cookies can be disabled both with the method described above and by referring to each third party (following the links indicated in the previous paragraph).

Online tools: it should be noted that from the site http://www.youronlinechoices.com/it/ it is possible not only to acquire information on cookies, but also to verify the installation of numerous cookies on your browser/device and, where supported, also to disable them.

7. Changes to the information notice

This Privacy policy may be modified, including as a result of legislative or regulatory changes, technological developments and provision of new services or modifications to those already provided. Users/visitors/customers are therefore invited to periodically consult the Privacy policy of VM S.P.A.