This page describes how the newsletter service is managed in regards to the processing of subscribers’ personal data.
The policy is drawn up in accordance with articles 13 and 14 of the GDPR 2016/679 and national legislation, and is intended for all those who interact with the informative and promotional newsletter services of IMPERTEK SRL, accessible using electronic means.
Data Controller
The Data Controller is IMPERTEK SRL, with registered office in Via Po, 507 - 30022 Ceggia (VE).
Third-party Data Processor
Visualcom Srlu has been appointed a third-party Data Processor pursuant to art. 28 of GDPR 2016/679 and national legislation, insofar as the supplier of services for the development and maintenance of the web platform, as well as the provision and operational management of the technological platforms used.
Purpose and legal basis of processing
Personal data is collected and processed to carry out the following:
- Following specific subscription to the service by the Data Subject, the sending of the newsletter for informative and promotional purposes (art. 6 para. 1 let. b) GDPR 2016/679)
Data shall be collected and recorded for specific, explicit and legitimate purposes using methods compatible with said purposes, as part of the processing necessary for the operation of the business. Said data shall be processed in accordance with the principle of accuracy and, where necessary, shall be properly updated to ensure it is always relevant, complete and not excessive with regard to the purposes of collection, and to ensure its storage respects the period of time necessary for the purpose for which it has been collected and subsequently processed in accordance with the GDPR 2016/679 and national legislation.
The personal data may be processed using both paper-based and electronic tools and nonetheless in such a way as to guarantee the Data Subject’s security and protect their utmost confidentiality. Specific security measures are observed to prevent data loss, unlawful or incorrect use of data, and unauthorised access in full compliance with Article 32 of the GDPR 2016/679 and national legislation.
Mandatory or optional nature of data provision and consequences of refusal
Apart from that specified for navigation data, the Data Subject is free to provide the personal data contained in the request forms or in any case provided as part of general correspondence to follow up on the sending of the newsletter. Consent is optional and, if provided, can be revoked at any time without prejudice to the legitimacy of the processing based on the consent given before the revocation.
Failure to provide said data may make it impossible for the request to be fulfilled.
Disclosure of data
Without prejudice to the disclosure and dissemination of personal data for the purpose of fulfilling legal obligations, all collected and processed data may be disclosed to:
- Subjects to which the data must be disclosed in order to fulfil a contract of which the Data Subject is party, or to fulfil pre-contractual measures taken at the request of said Data Subject and, in general, to achieve the purposes identified in this privacy policy;
- Subjects that process the data on behalf of the Data Controller in the capacity of Data Processors as per art. 28 of the GDPR 2016/679, such as, but not limited to: subjects that provide services for the management of the IT system and telecommunications network (including email). The complete and up-to-date list of Data Processors can be consulted by entitled users upon request, at the Data Controller’s registered office
- Subjects authorised to access the data by current legislation and/or to which the data must be disclosed in order to fulfil legal obligations.
The personal data may be processed by employees and collaborators appointed by the competent departments of the Undersigned, who are explicitly authorised for processing in accordance with the provisions of art. 29 of the GDPR 2016/679 and national legislation.
International data transfer
The personal data may be disclosed and/or transmitted abroad only to fulfil the purposes set out in this privacy policy, that is, for solely technical reasons tied to the structure of the company’s IT system and/or the application of technical and organisational security measures deemed appropriate by the Data Controller (art. 32 GDPR 2016/679) and exclusively in compliance with article 44 as amended and updated of the GDPR 2016/679.
Data retention period:
The data provided will be stored in our archives according to the following parameters:
- Data processed for the newsletter service: until a request is made to cancel the service;
In relation to specific statutory limitation periods, data required for the ascertainment, exercise or defence of a legal right may be subject to longer retention periods. The obsolescence of stored data in relation to the purposes for which it was collected is periodically checked.
Rights of the Data Subject
With regard to personal data, the Data Subject may exercise their rights within the limits and under the conditions set out by articles 15 to 22 of the GDPR 2016/679 and by national legislation. In particular, the GDPR attributes the following rights to the Data Subject:
- Right of access (art. 15 GDPR 2016/679);
- Right to rectification of inaccurate personal data and right to integration of incomplete personal data (art. 16 GDPR 2016/679);
- Right to erasure (art. 17 GDPR 2016/679);
- Right to restriction of processing (art. 18 GDPR 2016/679);
- Notification obligation regarding rectification or erasure of personal data or restriction of processing (art. 19 GDPR 2016/679);
- Right to data portability (art. 20 GDPR 2016/679);
- Right to object (art. 21 GDPR 2016/679);
- Right not to be subject to a decision based solely on automated processing (art. 22 GDPR 2016/679).
In the event any form of consent for processing is provided, note that it may be revoked at any time by the Data Subject without prejudice to the mandatory fulfilments provided for by the legislation in force at the time of the revocation request, by contacting the Data Controller at the following email address: This email address is being protected from spambots. You need JavaScript enabled to view it..
Right to Lodge a Complaint
If you believe that your personal data has been processed through this website in breach of the provisions of the GDPR 2016/679, you also have the right to lodge a complaint with the Data Protection Authority, as provided for by art. 77 of the GDPR 2016/679 itself, or take appropriate legal action (art. 79 del GDPR 2016/679).
For more information please contact the Data Controller:
IMPERTEK SRL
Via Po, 507 - 30022 Ceggia (VE)
Tel. +39 0421 322525 a.s. - Fax +39 0421 322756 - eM.: This email address is being protected from spambots. You need JavaScript enabled to view it.
For further details, please also refer to the privacy policy of the IMPERTEK SRL website www.impertek.com.
CANCELLATION OF SERVICE
If you no longer wish to receive the newsletter, please click on the link at the foot of any email relating to the newsletter service, or, in case of problems, send a request to: This email address is being protected from spambots. You need JavaScript enabled to view it..