You have no items in your shopping cart.
Privacy Policy
Information provided pursuant to Reg.EU 2016/679 (GDPR), Art.13 and D.Lgs.196/2003, Art.13 (Code)
Introduction
Pandora Alloys Srl considers personal data as a primary asset to be protected, adopting procedures and behaviors aimed to ensure their security and confidentiality. Transparency to data subjects is therefore a primary objective, pursued trough effective communication tools. Pandora Alloys Srl take appropriate measures to provide any information relating to processing to the data subject in a concise, transparent, intelligible and easily accessible form.
In this regard, this privacy policy, produced in accordance with the requirements set out in Reg. EU 2016/679 "General Data Protection Regulation" and Italian Privacy Code, contains specific information referring to the following areas:
1) data processing related to this website;
2) data processing related to contractual agreement with customers and suppliers.
General information
We inform data subject (Art.4, c.1 del GDPR) about the following general items:
- personal data are processed lawfully, fairly and in a transparent manner, according to principles of GDPR, Art.5 and of Code Art.11;
- specific security measures are implemented to prevent the data from being lost, used unlawfully and/or inappropriately, and accessed without authorization, according to GDPR Art.32 and Code Art.31 .
Data Controller, Data Protection Officer and data subject’s rights
- the Data Controller is Pandora Alloys Srl, in the person of the legal representatives, to whom it is possible to apply to exercise all the rights provided for by article 15-22 of the GDPR (right of access, right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object, right to oppose automated individual decision making, including profiling), as well as revoke a previously granted consent; in case of failure to reply to their requests, the data subject can lodge a complaint with a supervisory authority (GDPR - Art.13, paragraph 2, letter d).
Contacts details
Via Galvani, 14 – 20094 Corsico (MI) - Tel: +39.02.45864035 Email: website@pandoralloys.com
1) DATA PROCESSING RELATED TO THIS WEBSITE
1.1 Navigation Data
The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols. Such information is not collected in order to relate it to identified data subjects, however it might allow user identification after being processed and matched with data held by third parties. This data category includes IP addresses and/or the domain names of the computers used by any user connecting with this web site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user's operating system and computer environment.
|
Purposes and lawfulness of processing (GDPR-Art.13, c.1, lett.c) |
These data are only used to extract anonymous statistical information on website use as well as to check its functioning. The data might be used to establish liability in case computer crimes are committed against the website (Controller legitimate interest). |
|
Scope of communication (GDPR-Art.13, c.1, lett.e,f) |
The data may only be processed by internal personnel, duly authorized and instructed in the processing (GDPR-Art.29) or by the Processor of the web platform (appointed Data Processor, Art.28 GDPR) and will not be disclosed to other parties, disseminated or transferred to non-EU countries. Only in the case of an investigation they can be made available to the competent authorities. |
|
Data retention (GDPR-Art.13, c.2, lett.a) |
Data are usually kept for short periods of time, with the exception of any extensions connected to investigations. |
|
Data provision (GDPR-Art.13, c.2, lett.f) |
The data are not provided by the data subject but automatically acquired by the site's technological systems. |
1.2 Cookies
The site uses cookies, lines of text useful to perform automatic authentication, tracking of sessions and storage of specific information about users. The internet browser offers the possibility to prevent the site from saving and using cookies. In this way, however, the complete or correct functioning of the functions offered by the site could be prevented.
The Data Controller uses cookies on the site mainly with the purpose of collecting data that help improve the site and to draw up usage statistics related to navigation, pages viewed, favorite items, clicks made by users, as well as cookies third-party partners or suppliers of the data controller.
The types of cookies in particular used on the site are as follows:
- session management cookies: they facilitate access to the site and browsing it;
- performance monitoring cookies: allow to verify site performance by monitoring users' use; the data collected through these cookies are processed anonymously and aggregated and therefore provide mere statistical information on the number of visitors to the site, their origin and the pages visited;
- functionality cookies: allow to memorize the settings selected by users on the site in such a way as to improve the usability and functionality for the user; On the site you can at any time choose which cookies you want to receive and which block, using the settings panel of your browser. However, if you decide not to accept certain cookies, you may not be able to properly use certain features of the site.
THIRD PARTY TECHNICAL COOKIES
The site uses Google Analytics, a third-party web analytics service provided by Google that sends cookies to the user's device. The information generated by the cookie on the use of the Site (including the IP address, which indicates the user's identifier on the Internet) is transmitted to Google and stored by Google on servers in the United States. Google uses this information to detect the use of the Website, to prepare reports on website activity for website operators, and to provide other services relating to website activity and internet usage. Google may also transfer this information to third parties if required by law, or in the case of third parties processing this information on behalf of Google. Google does not associate the user's IP address with any other data that Google owns. For more information on Google Analytics, you can consult Cookies and Analytics and the related privacy policy for Google Analytics.
1.3 Page “Sign-up”
Registration allows the creation of the user to be used to access the reserved contents of the site (mainly request quotes on products)
|
Purposes and lawfulness of processing (GDPR-Art.13, c.1, lett.c) |
The data are requested in order to create the profile useful to request quotes on products. The sending of requests is subordinated to the specific, free and informed consent (GDPR-Art.6, para.1, lett. a), documented through the specific checkbox (GDPR-Art.7, para. 1). |
|
Scope of communication (GDPR-Art.13, c.1, lett.e,f) |
The data may only be processed by internal personnel, duly authorized and instructed in the processing (GDPR-Art.29) or by the Processor of the web platform (appointed Data Processor, Art.28 GDPR, only for maintenance service) and will not be disclosed to other parties, disseminated or transferred to non-EU countries. |
|
Data retention (GDPR-Art.13, c.2, lett.a) |
The data is kept for periods compatible with the purpose of the gathering. |
|
Data provision (GDPR-Art.13, c.2, lett.f) |
Submission of data in the obligatory fields is needed in order to be able to receive an answer, while the optional fields are used to furnish the staff with further useful elements to facilitate contact. |
1.4 Newsletter subscription
The newsletter provides useful information related to our market sector, events and initiatives, products / services offered, as well as any promotional offers.
|
Purposes and lawfulness of processing (GDPR-Art.13, c.1, lett.c) |
Only the e-mail address is requested, for the purpose of sending the newsletter. Registration is subject to acceptance of specific, free and informed consent (GDPR-Art.6, c.1, lett.a) documented through a special check-box (GDPR-Art.7, c.1). |
|
Scope of communication (GDPR-Art.13, c.1, lett.e,f) |
The data may only be processed by internal personnel, duly authorized and instructed in the processing (GDPR-Art.29) or by the Processor of the web platform (appointed Data Processor, Art.28 GDPR, only for maintenance service) and will not be disclosed to other parties, disseminated or transferred to non-EU countries. |
|
Data retention (GDPR-Art.13, c.2, lett.a) |
The data (email) are kept until the possible "Unsubscription", freely available at any time through the link at the bottom of each message sent. |
|
Data provision (GDPR-Art.13, c.2, lett.f) |
Failure to provide the email address and consent will make it impossible to obtain the newsletter service. |
1.5 Request contacts or informations
The page allows the interested party to request information. Identification and contact data are requested.
|
Purposes and lawfulness of processing (GDPR-Art.13, c.1, lett.c) |
The identification and contact data is requested in order to be able to answer the visitor’s requests. The sending of requests is subordinated to the specific, free and informed consent (GDPR-Art.6, para.1, lett. a). |
|
Scope of communication (GDPR-Art.13, c.1, lett.e,f) |
The data may only be processed by internal personnel, duly authorized and instructed in the processing (GDPR-Art.29) or by the Processor of the web platform (appointed Data Processor, Art.28 GDPR, only for maintenance service) and will not be disclosed to other parties, disseminated or transferred to non-EU countries. |
|
Data retention (GDPR-Art.13, c.2, lett.a) |
The data is kept for periods compatible with the purpose of the gathering. |
|
Data provision (GDPR-Art.13, c.2, lett.f) |
Submission of data in the obligatory fields is needed in order to be able to receive an answer, while the optional fields are used to furnish the staff with further useful elements to facilitate contact. |
1.6 Work with us
The page allows the visitor to propose his own professional candidature for a job at Pandora Alloys. Identification and addresses of the applicant are requested, besides the candidate’s CV.
|
Purposes and lawfulness of processing (GDPR-Art.13, c.1, lett.c) |
The data is requested for the correct management of the staff selection procedures, assessment of the requests and also for the subsequent response. The sending of the request is subordinated to a specific, free and informed consent (GDPR-Art.6, para. 1, lett. a). At the time of the possible hiring, the candidate will receive a regular notice connected to the professional relationship established. |
|
Scope of communication (GDPR-Art.13, c.1, lett.e,f) |
The data may only be processed by internal personnel, duly authorized and instructed in the processing (GDPR-Art.29) and will not be disclosed to other parties, disseminated or transferred to non-EU countries. |
|
Data retention (GDPR-Art.13, c.2, lett.a) |
Personal data is processed for no longer than is necessary to achieve the purposes for which it has been collected. |
|
Data provision (GDPR-Art.13, c.2, lett.f) |
Submission of data in the specific fields (marked by *) is needed in order to be able to propose one’s candidature, while the optional fields are finalised in furnishing the staff with further elements needed to facilitate the selection. |
1.7 Data provided voluntarily by users
Sending e-mail messages to the addresses mentioned on this website, which is done on the basis of a freely chosen, explicit, and voluntary option, entails acquisition of the sender's address, which is necessary in order to reply to any request, as well as of such additional personal data as is contained in the message(s).
2) DATA PROCESSING CONNECTED TO THE RELATIONSHIPS WITH CUSTOMERS AND SUPPLIERS
2.1 Object of the processing
The company processes personal identifying data of customers / suppliers (for example, name, surname, company name, personal / fiscal data, address, telephone, e-mail, bank and payment details) and its operative contacts (name surname and data contact information) acquired and used for managing the services provided by the company.
2.2 Purposes and legal basis of the processing
Data are processed to:
- manage contractual / professional agreements, as well as manage the necessary communications connected to them;
- fulfill the obligations established by law, by a regulation, by the community legislation or by an order of the Authority;
- exercise a legitimate interest of the Controller (for example: the right of defense in court, the protection of credit positions; the ordinary internal operating, management and accounting needs).
Failure to provide the aforementioned data will make it impossible to establish the relationship with the Controller. The aforementioned purposes represent, pursuant to Article 6, commi b, c, f, suitable legal bases for the lawfulness of the processing. If it is intended to carry out treatments for different purposes, it will be required a specific consent from the data subjects.
2.3 Methods of the processing
The processing of personal data is carried out by means of the operations indicated in Art. 4 n. 2) GDPR and exactly as: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data. Personal data are subjected to both paper and electronic and / or automated processing. The Data Controller will process personal data for the time necessary to fulfill the purposes for which it was collected and related legal obligations.
2.4 Scope of the processing
The data are processed by internal regularly authorized subjects and instructed pursuant to Article 29 of the GDPR. It is also possible to request the scope of communication of personal data, obtaining precise indications on any external subjects operating as managers or independent data controllers (consultants, technicians, banks, transporters, etc.).
3) POLICY UPDATING
It should be noted that this information may be subject to periodic review, also in relation to the relevant legislation and jurisprudence. In the event of significant changes, appropriate evidence will be given in the home-page of the site for a suitable time. In any case, the interested party is invited to periodically consult the present policy.
