Sira Radio Systems S.r.l. with registered office at Via Senatore Simonetta no. 26, 20867 Caponago (MB) ITALIA, VAT NO. 10901840966 (hereinafter referred to as “Owner”), as Data Controller, hereby informs you, pursuant to Art. 13 of EU Regulation No. 2016/679 (hereinafter referred to as “GDPR”), that your data collected through the Website shall be processed in the following manner and for the following purposes:
1) Subject matter of the data processing
The Owner processes personal, identifying and non-sensitive data (including, but not limited to, name, surname, company name, address, telephone, e-mail – hereinafter referred to as “personal data” or even “data”) communicated by you when filling in contact forms through the Website, requesting online clarifications or requests for support.
2) Purposes of the data processing
Your personal data is processed:
A) without your express consent in accordance with Art. 6 letter b), e) of the GDPR), for the following purposes:
- to perform the operations connected with and instrumental to the acquisition of preliminary information for the conclusion of the agreement;
Legal basis: Execution of pre-contractual measures
- to fulfil the obligations established by laws or regulations in force, including those of a Community nature;
Legal basis: Legal obligation.
- to manage and maintain the Website, to process a contact request, to process a registration request on the site and/or the Owner’s app;
Legal basis: Execution of pre-contractual measures.
B) Only after obtaining your specific, distinct consent (Art. 7 of the GDPR), for the following marketing purposes:
- to send you via e-mail, mail, text message and/or telephone contacts, newsletters, commercial communications and/or advertising material regarding products or services provided by the Owner.
Legal basis: Consent (optional and revocable at any time).
3) Method of treatment
The processing of your personal data is carried out by means of the operations indicated in Art. 4 of the Privacy Code and Art. 4 no. 2) GDPR and precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subjected to both paper and electronic and/or automated processing.
4) Data retention period
Personal data belonging to Website users who send a request for information through the contact form shall be retained for the time strictly necessary to fulfil the request. Following this retention period, said data shall be destroyed.
Data collected for the subscription to the newsletter service shall be entered into the company database and retained for the duration of the service, at the end of which shall be either deleted or made anonymous within the time limit established by law.
Should the data subject withdraw consent to specific processing, the data shall be either deleted or made anonymous within 72 hours after receiving notification of withdrawal.
Pursuant to Art. 13, paragraph 2, letter (f) of the Regulation, we hereby inform you that all the data collected shall not be subject to any automated decision-making process, including profiling.
5) Processing of connection data
The computer systems and software procedures used to operate this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified interested parties; however, by their very nature, it could reveal the identity of users, after being processed and associated with data held by third parties.
This category of data includes the IP addresses or domain names of the computers utilised by users who connect to the website, addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time the request was sent, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) as well as other parameters relating to the operating system and the user’s computer environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check its correct operation. Data could also be used to ascertain responsibility in case of hypothetical computer crimes against the site.
6) Safety measures
The Owner has adopted a variety of security measures to protect your data against the risk of loss, misuse or alteration.
7) Access to data
Your data may be made accessible for the purposes referred to in Articles 2.A) and 2.B):
- to the Owner’s employees and collaborators in their capacity as persons in charge and/or internal data processing managers;
- to third-party companies or other data subjects that carry out outsourced activities on behalf of the Owner, in their capacity as data processing managers.
- to affiliated companies of Sira Radio Systems S.r.l.
8) Data communication
Without the need for your express consent (ex-Art. 24 letters a), b), d) Privacy Code and Art. 6 letters b) and c) GDPR), the Owner may communicate your data to Supervisory Bodies, Judicial Authorities, as well as to those subjects to whom the communication is mandatory by law for the accomplishment of said purposes. Your data shall not be disseminated.
9) Data transfer
Personal data is processed and stored in Europe, on servers located in Italy belonging to the Owner and/or third-party companies charged and duly appointed as Data Processors.
10) Nature of providing data and consequences of refusing to answer
The provision of data for the purposes referred to in Art. 2.A) is mandatory, as it is necessary to correctly establish, execute and manage the contractual relationship. Therefore, not providing the data makes it impossible to establish the collaboration relationship and perform the requested services.
The provision of data for the purposes referred to in Art. 2.B) is optional. You can therefore decide not to give any data or to subsequently deny the possibility of processing data already provided: in this case, you shall not be able to receive newsletters, commercial communications and advertising material concerning the Services offered by the Owner. However, you shall continue to be entitled to the Services referred to in Art. 2.A).
11) Rights of the interested party
In compliance with the provisions of Chapter III, Section I, GDPR, you can exercise the rights indicated therein and in particular:
Right of access – To obtain confirmation as to whether or not personal data concerning you is being processed and, in this case, to receive information relating, in particular: purposes of the processing, categories of personal data processed and the retention period, recipients to whom this data may be disclosed (Art. 15, GDPR);
Right to rectification – To obtain, without undue delay, the rectification of inaccurate personal data concerning you and the integration of incomplete personal data (Art. 16, GDPR);
Right to erasure – To obtain, without undue delay, the erasure of personal data concerning you, in the cases provided for by the GDPR (Art. 17, GDPR);
Right to restriction of processing – To obtain the restriction of processing from the Owner, in the cases provided for by the GDPR (Art. 18, GDPR);
Right to data portability – To obtain the personal data concerning you that you provided to the Owner, in a structured, commonly used form that can be read by an automatic device and to obtain that the same is transmitted to another holder without any impediments, in the cases provided for by the GDPR (Art. 20, GDPR);
Right to object – To be able to object to the processing of personal data concerning you, unless there are legitimate reasons for the Joint Controllers to continue the processing (Art. 21, GDPR);
Right to lodge a complaint with the supervisory authority – To lodge a complaint to the Data Protection Authority.
12) How to exercise your rights
You can exercise your rights at any time by sending:
- a registered letter with return receipt to Sira Radio Systems S.r.l. with registered office at Via Senatore Simonetta no. 26, 20867 Caponago (MB)
- an e-mail to: privacy@siraradiosystems.com
13) Data Protection Officer (DPO)
Pursuant to Article 37 et seq. of EU Regulation 679/2016, we inform You that the Data Controller has appointed a “Data Protection Officer” for the managed data. You may address any request regarding access to Your personal data, rectification, cancellation of those, opposition to processing or portability by sending written communication to the following contacts: dpo@siraradiosystems.com.
14) Changes to this privacy policy
This privacy policy may be subject to change. It is therefore recommended to check this privacy policy regularly and refer to the most updated version. The updated version of the privacy policy, in any case, is published on this page, indicating the date of its last update.
Last updated on 19th January 2021.