Types of data collected
The Personal Data collected through this website, on our own or through third parties, include: name, last name, company, position in company, e-mail and telephone contacts, Utilization Data, username, website, profession, State, company name, VAT number, address, fax number, province, zip code, various types of Data, town, taxpayer ID, business area, User ID. Users may submit their Personal Data voluntarily or, in the case of Utilization Data, their data may be collected automatically while browsing this website. Specific informative notices containing full details about each category of Data collected are displayed before the data are collected.
Form of processing
The Controller has taken appropriate security measures to prevent the unauthorized access, disclosure, modification or destruction of the Personal Data. The Data are processed by means of computerized and/or online systems, with organization patterns and methods strictly related to the purposes specified. Apart from the Controller, in certain cases other parties involved in the administration of this website might access the Data (e.g., administration, sales or marketing staff, legal department staff, system administrators), as well as third parties in charge of tasks strictly related and instrumental to the operation of our services (e.g., third-party technical services providers, mail couriers, hosting providers, IT companies, communication agencies). If necessary, these will be appointed as Data Processors by the Controller. An updated list of the Processors may be requested from our privacy department at any moment.
The Data are processed and stored for as long as it is necessary according to the purposes they were collected for. Therefore:
- The Personal Data collected for purposes related to stipulating an agreement between the Controller and the User will be kept until the performance of such agreement is completed.
- The Personal Data collected for purposes related to the legitimate interests of the Controller will be kept until such interests have been satisfied. Users may obtain further information about the legitimate interests pursued by the Controller in the corresponding sections of this document, or from our privacy department.
When the processing is based on user consent, the Controller is entitled to keep the Personal Data for a longer term, until such consent is revoked. The Controller might also be bound to keep the Personal Data for a longer term due to a statutory requirement or to an order issued by any authority. At the end of the storage term, the Personal Data will be deleted. Therefore, upon expiration of the storage term, the right to access, delete, correct the Data and the right to Data portability may no longer be exercised.
Purposes of the processing
The specific purposes and forms of processing of our customers' Personal Data are listed below:
- Purchase orders: The Controller collects and processes the Customers' personal data in connection with the collection and processing of purchase orders and the handing of possible complaints after the purchase, and in order to provide the services available to the Customers. These Data are necessary in order to manage purchase orders, also with our business partners (e.g., logistic services providers, couriers, banks, etc.). We recommend entering a delivery address and a correct telephone number when placing a purchase order, so as to allow the Controller to process the order promptly and accurately. A telephone number is also required in order to allow the Controller to reach the Customers for possible questions or requests for explanations, and in order to allow the Controller's business partners to process the Customers' purchase orders promptly and accurately. Last but not least, an e-mail address is also required by the Controller to confirm receipt of the order to the Customers, and for any other communication. The e-mail address is also used to identify Customers and allow them to access their account.
- Personal area / Customer login (where applicable): the Personal Data regarding the Customers and their purchase orders are saved in the Controller's system but will not be freely accessible, for security reasons. The Controller guarantees that each Customer may access to its personal area through a safe password. In that area, Customers may view all the Data concerning their purchase orders, delivered and in process, and may also edit their Personal Data and the data about their subscription to our newsletter service. The Customers are required to use their access data responsibly and in compliance with the laws in force, and refrain from disclosing them to third parties. The Controller will by no means be responsible for any incorrect or unappropriate use of the passwords by the Customers.
- Business development: the Controller uses the Customers' Data for promotional purposes, to send them information about the products offered in its website www.iemca.com. The Customers' e-mail addresses will always be used subject to the restrictlons provided for in the applicable regulations or, where necessary, subject to the Customers' express consent. The Customers will regularly receive advertisements by e-mail. The mailing of these advertisement may be suspended free of charge by sending a request by e-mail to email@example.com or by calling the toll-free number +39 0546 698000 or also by clicking on the “Click here if you do no longer wish to receive this newsletter” option available in all the advertising e-mails.
- Mailing List or Newsletter: When the Users subscribe to the mailing list or to the newsletter, their e-mail address is automatically entered in a list of contacts eligible for receiving e-mail messages containing information, including of commercial and advertising nature, about this website. The Users' e-mail addresses may also be added to the said list as a result of their registering with the website or making a purchase. Personal Data collected: last name, Cookies, Utilization Data, e-mail, State, name, telephone number, profession, company name.
- Contact form (website): Whenever Users enter their Data in our contact form, they consent to the use of their Data for the purpose of answering to their requests for information, requests for quotations, or other requests indicated in the heading of the form. Personal Data collected: zip code, town, taxpayer ID, last name, e-mail, User ID, address, State, fax number, telephone number, VAT number, profession, province, company name, business area, various types of Data.
- Business development - marketing: The Users' Data will be used, subject to their express authorization given through the “Consent to data processing for commercial purposes” option, for the mailing of information and marketing offers also from third parties, to whom the Controller will be allowed to disclose the Personal Data submitted by the Users.
Legal basis of the processing
The Data collected for commercial purposes may be assigned to third parties also for purpose of making sales or selling attempts, or for all legitimate commercial and/or statistic purposes. The list of parties to which the Users' Personal Data may have been given may be requested from the Controller at the e-mail address indicated in paragraph c). Our privacy department is ready to answer to any question or doubt about which Data are mandatory.
Users are responsible for any third-party Personal Data obtained, published or shared by means of this application, and guarantee that they are entitled to disclose or communicate them, releasing the Controller from any liability in respect of third parties.
Users are entitled to exercise certain rights with respect to the Data processed by the Controller. In particular, Users have the right to:
- Withdraw their consent at any time. Users may revoke the consent to the processing of their Personal Data that they may have previously given.
- Oppose to the processing of their Data. Users may oppose to the processing of their Data if such processing is made on other legal basis than their consent. For further details on opposition rights please see the section below.
- Access their Data. Users have the right to be informed about the Data processed by the Controller and about certain aspects of the processing, and to receive a copy of the Data processed.
- Verifiy the Data and request their rectification. Users are entitled to check the accuracy of their Data and request their update or correction.
- Obtain restricted processing. On certain conditions, Users may request the restricted processing of their Data. In that case, the Controller will refrain from processing the Data for any other purpose than their storage.
- Obtain the deletion or removal of their Personal Data. On certain conditions, Users may request the deletion of their Data by the Controller.
- Receive their Data or have them transferred to another controller. Users are entitled to receive their Data in structured, commonly used and machine-readable format and, where technically feasible, to obtain their seamless transfer to another controller. This provision applies where the Data are processed by automated means and based on user consent, under an agreement with a user or under contractual provisions related thereto.
- File a complaint. Users may file complaints with the competent privacy authority or start an action in Courts.
Procedure for exercising the rights. In order to exercise their rights, Users may send a request to our privacy department. All requests will be processed by the Controller as soon as possible, and however within one month.
Additional information on the processing
Defence in Court. A User's Personal Data may be used by the Controller in a trial or in the preparation of a trial, by way of defence from an abusive use of this website or of its services by that User. Users declare that they are aware that the Controller might be compelled to disclose their Data by order of any public authority.
System login and maintenance. For requirements tied to their operation and maintenance, this website and any third-party services used by it may collect system logins, i.e. files where interactions with users are recorded and that may also contain Personal Data, such as the Users' IP addresses.
Information not contained in this policy. Any other information about the processing of Personal Data may be requested at any time from the Controller by sending an e-mail to our privacy department.
Reply to “Do Not Track” requests. This website does not support “Do Not Track” requests. In order to find out whether any third-party service used by this website supports such request, Users are encouraged to review those third-party providers' respective policies.
Definitions and reference regulations
Personal Data (or Data). An element of personal data is any piece of information capable of identifying or making identifiable a natural person, directly or indrectly and also by cross-reference with any other information including a personal ID number.
Utilization Data. SThis is the information that is collected automatically by this website (and by any third-party application embedded in this website), such as: IP addresses or computer domain names of Users logging on to the website, URI (Uniform Resource Identifier) addresses, time of a request, method used to submit a request to the server, size of the file obtained in reply, numeric code showing server reply status (e.g., successful, error, etc.), country of origin, characteristics of the browser and OS used by visitors, time features of the visits (e.g. time of permanence on each webpage) and details of the itinerary followed within the application, in particular the sequence of pages visited, and other parameters of the Users' OS and IT environment.
User. Any natural person using this website. Unless otherwise specified, a User is the same as a Data Subject.
Data Subject. The natural person whose Personal Data are processed.
Data Controller (or Controller). The natural or legal person, public administration, service or other organization that, on its own or jointly with others, establishes the purposes and means of, and the tools used for, the processing of personal data, including the security measures related to the operation and utilization of this website. Unless otherwise specified, the Data Controller is the owner of this website.
This Website (or this Application). The hardware or software tool by which the Users' Personal data are collected and processed.
Service. The Service provided by this Website as defined in the relevant terms and conditions (as the case may be) available in this website/application.
European Union (or EU). Unless otherwise specified, any reference to the European Union contained in this document is intended to cover all the States that are presently Member States of the European Union and of the European Economic Area.
Cookie. Small piece of data stored on the Users' devices.
Last updated on: 01/04/2019.