UNDER ARTICLE 13 OF LEGISLATIVE DECREE 196/2003 (THE PRIVACY CODE) AND ARTICLE
13 OF REGULATION (EU) 2016/679 (THE GDPR)
personal data private and secure is important for us at IVELA SPA. IVELA is a single-member company with VAT no. 10889890157 headquartered at Via Bruno
Buozzi 15, Liscate (Mi), Italy (the Data Controller), and we comply with the current data protection
and -security laws. We trust that the information below will help to explain the
kind of data that we usually collect via the website www.ialux.it
(the Website), how we use and protect that data, and whom we share it with.
be advised, under article 13 of Legislative Decree 196/2003 (the Privacy
Code) and article 13 of Regulation (EU) 2016/679 (the GDPR), that
your personal data will be processed in a lawful, transparent, proportionate
way in compliance with the applicable personal-data protection and security
legislation to protect your privacy and rights, as detailed below.
The information systems and computer programs
used to operate the Website collect some personal data that is sent to us as an
inevitable result of communicating via the internet. This type of data
includes: the IP addresses or domain names of computers that you use when
visiting the Website; URI (Uniform Resource Identifier) addresses of the
resources requested; the time of the request; the method used to send the
request to the server; the size of the file obtained in response; the numeric
code for the response status from the server (success, error, etc.); and other details
of your operating system and computing environment. When collecting this
information, we do not seek to associate it with identified individuals. By its
nature, though, it could potentially be used – by processing it and linking it
with data held by third parties – to identify you.
This data is used only to obtain statistical
information on use of the Website and to ensure that the Website works
properly; the data is deleted immediately after processing and is not
associated with any data that could identify you. The data could be used to
investigate who is responsible for any cybercrimes that damage the Website.
- WHERE YOUR PERSONAL DATA COMES FROM
“Processing” means any operation or set of operations
carried out on personal data, aggregated or otherwise, with or without the use
of automated processes. Types of processing include collecting, recording,
organising, structuring, keeping, adapting, modifying, extracting, consulting,
using, and communicating by sending, disseminating or any other means of making
it available, comparing, linking, restricting, deleting or destroying.
personal data that we hold is essentially:
identification details (name, surname, email
provide this data when sending a request for information about our
products/services by filling in the dedicated forms on the Website.
personal data is processed in line with the Privacy Code, the GDPR and the principles
and obligations of confidentiality, to which the Data Controller has always been
- LAWFUL BASIS AND PURPOSES OF PROCESSING
We shall process your data for the following
c.1) To deal with your requests
We process the data that
you provide in order to
respond when you ask to be contacted or when you request information or
assistance in carrying out a project.
The lawful basis for processing your data is
to take pre-contractual steps at your request.
c.2) To send catalogues and
sales and marketing messages
With your prior consent, we
may process the data that you provide to send you information about what we do,
including our products/services, special offers, catalogues or other marketing
materials, and invitations to trade fairs or company events. We do that
manually or via automated systems, using email and/or telephone and/or instant messaging
and/or the postal service.
may withdraw your consent at any time to receive material sent automatically or
material sent in the traditional ways, or both, by contacting the Data
Controller, as stated in point l) below, and asking to opt out.
you opt out, you will receive an acknowledgement from the Data Controller.
note that you may continue to receive a few more marketing messages after opting
out, for technical and operational reasons (e.g. if the mailing list is
finalised just before your opt-out reaches us). If you continue to receive
marketing messages after opting out, please alert the Data Controller using the
contact details in point l) below.
lawful basis for processing your data is the consent that you gave when you
filled in the forms in the dedicated section of the Website.
- HOW YOUR DATA IS PROCESSED
data will be processed using suitable manual and electronic means to keep it
secure for the purposes for which it was provided and collected, to safeguard
it from unauthorised access by third parties, and to comply with European and
WHY YOUR DATA IS NEEDED AND WHAT HAPPENS IF YOU DO NOT PROVIDE IT
must provide your data for the purposes in points c.1) and c.2), because it is
essential to fulfil your requests and/or to fulfil the contract between the
Data Controller and the agent or the agency that the user represents. If you do
not provide your data, then we shall be unable to respond when you ask to be
contacted or when you request information and/or assistance in carrying out a
project, or you will be unable to access the reserved area on the Website or
use the features in it.
using our interactive services, please do not send any sensitive/special data.
That means any details that could reveal your racial or ethnic origin, state of
health, religious beliefs, political opinions or membership of political
parties, trade unions or religious, philosophical, political or trade-union
associations and organisations, among other things. We shall immediately delete
any sensitive/special data that we receive.
HOW LONG WE KEEP YOUR DATA
The data that you provide will be kept:
for purpose c.1) for as long as is necessary
to fulfil your request for information and then for as long as is necessary to
fulfil any contract entered into after that request and then for 10 years in
accordance with articles 2214 et seq. of the Italian Civil Code and other legal
requirements. Your data may be kept for longer to
assert or defend IVELA’s rights in court or elsewhere until those rights
- for purpose c.2) for 24 months from the date when you gave your
consent. (You can always opt out of receiving marketing messages by using
the unsubscribe link in each message.)
WHO MAY RECEIVE AND PROCESS YOUR DATA
personal data may be seen by our employees and/or contract staff whom the Data
Controller appoints to perform tasks that are necessary for the purposes in c.1),
may also be seen by suppliers of IT and logistics services involved in
operating the Website, outsourced service suppliers, freelancers and
consultants, and companies that send the promotional emails and text messages,
newsletters or marketing content (with your prior consent).
parties – formally designated by the Data Controller as appointed/authorised
people, data supervisors and/or system administrators – will process your data in
line with and exclusively for the purposes stated in this notice, under the
Data Controller’s oversight and supervision.
data may also be disclosed to third-party suppliers, e.g. shippers and/or
agents, which will process it as data supervisors appointed by the Data
Controller or, as appropriate, as independent data controllers, for the sole
purpose of shipping products and/or promotional samples and/or contacting you, with
your prior consent.
a full, up-to-date list of the parties that have received your data, please
contact the Data Controller at the email address in point l).
DISSEMINATING YOUR DATA
Data Controller will not disseminate your data.
TRANSFERRING DATA ABROAD
Your personal data will not be sent outside the European Economic Area or
EEA (i.e. the
European Union plus Iceland, Norway and Liechtenstein).
Subject to the limits and conditions under the
applicable data protection law, you are entitled:
to be told
whether or not data about you exists;
to access your
iii) to be told about the content of the data, where it
came from, how (if at all) it is processed using computerised tools, the
purposes of processing it, the types of personal and sensitive/special data
involved, who (or what kind of recipient) has received or will receive your
personal and sensitive/special data, for how long the data is kept or the
criteria used to determine that, and the particulars of the data controller,
the data supervisors and the people appointed/authorised/designated to process
it and the Data Protection Officer, where appointed;
iv) to place limits on how your data is processed, to
obtain a portable extract of your data, to have your data deleted, anonymised
or frozen where processed unlawfully, and to have your data updated, corrected
and added to;
to object to
your data being processed;
vi) to withdraw your consent, if given (without affecting
the lawfulness of the processing carried out based on your consent before you
vii) to complain to
the supervisory authority (the Italian Data Protection Commissioner or Garante Privacy).
If you would like to exercise your rights, please
contact IVELA SpA, single-member company, at Via Bruno Buozzi 15, Liscate (Mi),
Italy or via email at firstname.lastname@example.org.
m. AMENDMENTS TO OUR PRIVACY
Website was last updated on 25 November 2019.
The Data Controller reserves the right to alter this policy at any time
without notice. We advise all Website users and visitors to review this page
from time to time, to see if changes have been made and to read any new
information. In any event, your data will not be processed for purposes other
than those stated in the policy that was current when you provided your data
and for which you gave any consent.
You can view any earlier versions of this policy by sending
an email at email@example.com.