Users Section

Our company, Integhra S.R.L. (VAT 06517620487), acting through its Legal Representative, with office at Via Arnolfo, 32, 50121 Florence (FI), email: info@integhra.it – certified email: integhra@legalmail.it  – Tel. 055-5520168., the owner of the website https://www.integhra.it/ (hereinafter, the “Website”), as controller of the personal data of the Website users (hereinafter, the “Users”) provides below the privacy policy under Art. 13 of EU Regulation 2016/679 of 27 April 2016 (hereinafter, “Regulation”, or “Applicable Law”).

This Website and any services offered on the Website are reserved for individuals who are eighteen years of age or older. Therefore, the Controller does not collect personal data concerning persons under the age of 18. At the Users’ request, the Controller will promptly erase any personal data involuntarily collected concerning persons under the age of 18.

The company has specifically appointed a Data Protection Officer (DPO), pursuant to Art. 37 of the GDPR, namely Atty. Clementina Baroni (VAT 02001880356 and tax code BRNCMN73T50L826B), with registered office at Via Domenico Francesco Cecati, 1/1, 42123 Reggio nell’Emilia (RE), email: info@studiolegaleavvbaroni.it – certified email: clementina.baroni@ordineavvocatireggioemilia.it – Tel. 0522506307.

The Controller takes its Users’ right to privacy and to the protection of personal data into the utmost consideration. For all information in relation to this privacy policy, Users may contact the Controller at any time, by:

• Sending a registered letter with return receipt to the registered office of the Controller, Integhra S.R.L., at Via Arnolfo, 32, 50121 Florence (FI);
• Sending an email to the following addresses:

certified email integhra@legalmail.it;

email info@integhra.it

or by sending a registered letter with return receipt to the

• DPO: Atty. Clementina Baroni, with registered office atVia Domenico Francesco Cecati, 1/1, 42123 Reggio nell’Emilia (RE);
• certified email:  clementina.baroni@ordineavvocatireggioemilia.it;
• email:info@studiolegaleavvbaroni.it

1. Category of data processed:

The data processed are:

a) all personal data whose transmission is implicit in the use of Internet communication protocols, acquired by the IT systems and software procedures used to operate the Website in the course of their normal operation: IP addresses or domain names of the computers used by Users, URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the User’s operating system and computer environment;

b) personal identification data (e.g. name, surname, email address, telephone number, IP address, log files, etc.);

c) data voluntarily entered by the User in the Contact form on the Company’s website, such as: name, business name, email;

2. Purposes of processing

Users’ personal data will be lawfully processed by the Controller under Art. 6 of the Regulation for the following purposes:

1. service supply, i.e. to allow Users to browse the Website. Users’ data collected by the Controller for this purpose include all data used solely to obtain anonymous statistics on Website usage and to ensure its proper operation. Without prejudice to any other provisions of this privacy policy, under no circumstances will the Controller make Users’ personal data accessible to other Users and/or third parties.
2. fulfilment of Users’ requests: Users’ personal data are collected and processed by the Controller solely to fulfil their requests in the Contact form and in the Access to HR services. No other processing will be carried out by the Controller in relation to Users’ personal data. Without prejudice to any other provisions of this privacy policy, under no circumstances will the Controller make Users’ personal data accessible to other Users and/or third parties.
3. administrative-accounting purposes, i.e. to carry out activities of an organisational, administrative, financial, and accounting nature, such as internal organisational activities and activities functional to compliance with the agreement and pre-contract obligations.
4. legal obligations, i.e. to comply with obligations imposed by law, authority, regulation or legislation and to ascertain liability in the event of computer crimes to the detriment of the Website.
5. performance of an agreement, if processing is necessary for the performance of an agreement to which the User is party or in order to take steps prior to entering into an agreement;

In any event, the Controller may always be asked to clarify the concrete legal basis of each processing operation.

Provision of personal data for the processing purposes indicated above is optional but necessary, since failure to provide said data will prevent the User from submitting his or her request to the Controller.

Any personal data that are necessary for the pursuit of the processing purposes described in this point 2) are indicated with an asterisk in the request form.

3. Processing methods and period of data storage

The Controller will process Users’ personal data using manual and IT tools, with logics appropriate for the purposes of processing and, in any case, in such a way as to ensure data security and confidentiality.

The personal data of Website Users will be kept for the time strictly necessary to fulfil the primary purposes illustrated in point 2) above or in any case as required to legally safeguard the interests of both Users and the Controller.

4. Scope of data communication and dissemination

Users’ personal data may be communicated to the persons in charge of managing the Website and Users’ requests. Said parties, who have been instructed in this respect by the Controller under Art. 29 of the Regulation, will process Users’ data solely for the purposes indicated in this policy and in compliance with the Applicable Law.

Users’ personal data may also be communicated to third parties processing personal data on behalf of the Controller as “External Data Processors” including, but not only limited to, providers of IT and logistical services functional to Website operation, providers of outsourcing or cloud computing services, professionals, and consultants.

Users have the right to obtain a list of any data processors appointed by the Controller by submitting a request to the Controller using the methods indicated in point 6) of this policy.

5. Transfer of data

The data collected for the aforesaid purposes shall not be transferred to non-EU countries.  However, the Controller may use cloud services; in which case, the service providers will be selected from amongst those providing appropriate safeguards, as laid down in Article 46 of EU Regulation 2016/679.

6. Rights of the Data Subjects

Users may exercise the rights granted thereto by the Applicable Law, contacting the Controller by:

• Sending a registered letter with return receipt to the registered office of the Controller, Integhra S.R.L., at Via Arnolfo, 32, 50121 Florence (FI);
• Sending an email to the following addresses:

certified email integhra@legalmail.it;

email info@integhra.it

or by sending a registered letter with return receipt to the

• DPO: Atty. Clementina Baroni, with registered office atVia Domenico Francesco Cecati, 1/1, 42123 Reggio nell’Emilia (RE);
• certified email:  clementina.baroni@ordineavvocatireggioemilia.it;
• email:info@studiolegaleavvbaroni.it

Users have the right:

• to access personal data to know (“responsive transparency”) the purposes of the processing, the categories of personal data collected, the recipients of data communication, in particular recipients in third countries or international organisations, the envisaged period for which the personal data will be stored (Art. 15);
• to obtain the rectification of data (Art. 16);
• to obtain the erasure of personal data if they are no longer necessary in relation to the purposes for which they were collected and if there is no further legal need for their storage (Art. 17 GDPR);
• to request restriction of processing (Art. 18);
• to request data portability (Art. 20);
• to object, on grounds relating to their particular situation, to processing (Art. 21 GDPR). In this case, we will no longer process your data unless compelling legitimate grounds for the processing are demonstrated (e.g. for the defence of legal claims).
• not to be subject to automated decision-making, including profiling (Art. 22).
• to withdraw consent at any time without this affecting the lawfulness of processing based on consent before its withdrawal (Art. 7).

Lastly, the data subject has the right to lodge a complaint with a supervisory authority under Art. 13 (2) (d) and Art. 77 of the Regulation.

The Italian Supervisory Authority is the Garante per la protezione dei dati personali, with office at Piazza Venezia 11, 00186 – Rome (http://www.garanteprivacy.it/).

Any issue not provided for herein shall be governed by Regulation (EU) 2016/679, Legislative Decree no. 196/03, as amended by Legislative Decree no. 101/18 as amended and supplemented, and by any other measure issued by the Supervisory Authority (“Authority”).

***

The Controller is not responsible for updating all the links provided in this Policy, therefore whenever a link is not operating or is not updated, Users acknowledge and accept that they shall always refer to the document and/or section of the websites indicated by said link. Should the User not accept possible changes to this privacy policy, the User shall cease using the Websitehttps://www.integhra.it/ and may request the Data Controller to remove its Personal Data. Unless otherwise specified, the previous privacy policy shall continue to apply to the Personal Data collected until then.