Privacy policy

WHY THIS WARNING

This document is provided pursuant to art. 13 of EU Regulation 2016/679 on the protection and free movement of personal data (so-called  “GDPR”) only for the website www.rhoss.it (hereinafter also simply “website”) and not for other websites that may be consulted by the user through links on the website.

This document is also valid as a so-called “Extended” document with respect to the short text shown in the commercial forms of the Owner “We use -also through external collaborators- the data concerning you for our administrative and accounting purposes. Detailed information, also regarding your right of access and your other rights, can be found on www.rhoss.it”.

THE DATA CONTROLLER

Following consultation of this website, data relating to identified or identifiable natural persons (so-called interested parties) may be processed.

The Data Controller is RHOSS S.P.A. (hereinafter also only the “Data Controller”), in the person of the legal representative pro tempore, with registered office in Via Oltre Ferrovia n. 32 – Codroipo (Ud), E-mail privacy@rhoss.com.

DATA PROCESSING LOCATION

The processing operations connected to the web service of this website take place at the aforementioned office and are handled by the Data Controller and by the consulting firm that assists the Data Controller with website maintenance. The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, required to reply to requests, as well as any other personal data included in the message.

PROCESSING METHOD

The data shall be processed with and without the aid of electronic tools, with partially automated methods, excluding profiling.

TYPES OF DATA PROCESSED

Information automatically collected by browsing the Website

The computer systems and software procedures implemented to run this website acquire, throughout their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This is information that is not collected to be associated with identified interested parties, but which by their very nature may, through processing and association with data held by third parties, enable to identify users, the computers used by users who connect to the website, URI  (Uniform Resource Identifier) addresses of the resources required, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response issued by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT infrastructure.

By visiting the website, the following information is automatically collected:

  1. HTTP and HTTPS header, and the “user agent” string which includes: the type and version of browser used and the operating system with which the browser works.
  2. System date. The date and time of the user’s visit.

Users are invited to avoid entering sensitive and legal data on the website, deemed superfluous with respect to the services and activities of the Data Controller, as this will entail the destruction of the message.

Apart from what is specified below for navigation data, the user is free to provide personal data found in any information request forms. Failure to provide them may result in the impossibility to obtain what is requested.

Personal data are processed with automated tools for the time strictly required to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or misuse and unauthorised access.


DATA PROVIDING

The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, required to reply to requests, as well as any other personal data included in the message.

Apart from what is specified for the information automatically collected, the user is free to provide personal data indicated in the application forms or provided in the contacts to request the sending of information material or other communications. It should be noted that the data required in order to process the request are the name, surname, e-mail address, telephone number and the subject of the request. Failure to provide them may result in the impossibility to obtain what is requested.

In the commercial sector, the provision of data is mandatory for the fulfilment of all relevant legal and contractual obligations, and failure to provide them may result in the impossibility to properly establish or continue the contractual relationship.

PURPOSE OF THE PROCESSING AND LEGAL BASIS

The data processing is carried out by the Data Controller in compliance with the regulations on the confidentiality and protection of personal data in force and the principles of correctness, lawfulness, transparency, relevance, completeness and non-excessive data. Furthermore, the personal data collected, automatically or by voluntary submission by the user, will be processed only for the purposes indicated below and retained for the period strictly necessary for the same purposes.

The processing also concerns data relating to performing economic activities, processed in compliance with current legislation on trade secrets.

Purposes Legal basis
Manage access to the website and preserve its security Legitimate interest.
Fulfil obligations deriving from a contract of which the interested party is part or to fulfil, before the conclusion of the contract, specific requests of the interested party Contract or pre-contract fulfilment.
Provide customer support services and relevant activities Contract and legal fulfilment.
Fulfil the tax and accounting obligations required by law Legal obligation;

Legitimate interest (communication of the data required by professionals or external consultants).

Fulfil in general the obligations of laws, regulations or community legislations resulting from and related to the aforementioned contractual relationship Legal obligation.
Registering to the website Contract fulfilment.
Registering to the newsletter Consent of the interested party.
In order to satisfy the Data Controller’s legitimate interest in maintaining a communication channel with the Customer, Rhoss shall use the Customer’s contact information to occasionally communicate about its products and its business. At any time, the Customer can tell the Data Controller whether they no longer wish to receive such communications. Legitimate interest of the Data Controller.

Art. 130, paragraph 4, It. Legislative Decree 196/2003.

CATEGORIES OF RECIPIENTS

The data provided may only be known by the employees and collaborators of the data controller specifically authorised to process such data as data processors and officers, for the sole purpose of perfecting the activities requested by the supplier, by the customer or more simply by the user of the website. These subjects are bound by secrecy and confidentiality also based on specific internal regulations.

The subjects or categories of subjects who, as part of the pursuit towards the purposes outlined in this document, may become aware of the data or to whom they may be communicated are:

  • internal resources (administrative, technical, sales, etc.);
  • external subjects (third party technical service providers, IT consultancy companies, consultants, banks, couriers/shipping agents, insurance agencies for any insured risks) appointed even as Processing Managers if required.

The data may also be communicated to Public Bodies, Police Forces or other Public and Private Subjects, but exclusively for the purpose of fulfilling legal obligations, regulations or community directives. For further information, it is possible to make a specific request to the Data Controller also through the contacts form on this Website.

RETENTION PERIOD

The data are processed and stored for the time required for the purposes for which they were collected. Therefore:

  • Personal data collected for purposes related to the execution of a contract or a pre-contractual request between the Data Controller and the User/Customer shall be stored until the complete execution of this contract and also subsequently by law (e.g. 10 years for invoices) or to protect or enforce or defend a right of the Data Controller.
  • When processing is based on the User’s consent, the Data Controller can retain personal data for longer, until such consent is revoked or until the service is suspended by the Data Controller. Furthermore, the Data Controller may be obliged to store Personal Data for a longer period in compliance with a legal obligation or by order of an Authority.
  • Data processed by legal obligation are processed for the entire duration required by the legal regulations applicable to each individual processing.
  • Data processed on the basis of a legitimate interest are subject to processing as long as the interested party does not express their opposition (e.g. sending customers communications on their products and on their business – Art. 130 paragraph 4 of It.Legislative Decree 196/2003), provided the Data Controller has evaluated this activity as not overriding the rights of the interested parties.
  • Personal data will be destroyed and/or deleted at the end of the retention period. Therefore, at the end of this term, the right of data access, cancellation, rectification and the right to portability can no longer be exercised.

The Data Controller is available to the interested party to provide any further information.

RIGHTS OF THE INTERESTED PARTIES

At any time, the interested party (the legal person whom the personal data refer to) may exercise their rights towards the Data Controller, pursuant to articles 15 and following of the GDPR, in particular to receive confirmation by the data controller of the existence or not of a data processing concerning them, to know its origin, to request access to personal data, update, rectification, cancellation, to request to limit the processing of personal data or to express opposition to their processing, to request their portability. These articles also provide the data subject with the right to lodge a complaint with a European supervisory authority (in Italy this is the Italian Data Protection Authority) or to judicial appeal.

Requests should be addressed to privacy@rhoss.com or to the address of the Data Controller’s office, also using the following FORM drafted by the Data Controller.


COOKIES

  1. What are Cookies?

Cookies are small text strings that the sites visited by the user send to their terminal (usually the browser), where they are stored before being re-transmitted to the same sites at the next visit of the same user. While browsing a site, the user may also receive cookies on their terminal that are sent by different sites or web servers (so-called “third party”), on which some elements (such as, for example, images, maps, sounds, links to specific pages in other domains) present on the same site that the user is visiting may reside. Cookies, usually present in users’ browsers in very large numbers and sometimes even with characteristics of wide temporal persistence, are used for different purposes: execution of computer authentication, session monitoring, storage of information on specific configurations concerning users who access the server, etc.

  1. What are the main types of Cookies?

For the purposes of this provision, two categories of cookies are therefore identified: “technical” cookies and “profiling” cookies.

  1. Technical Cookies. Technical cookies are those used for the sole purpose of “carrying out the transmission of a communication over an electronic communications network, or as strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide this service”. They are not used for other purposes and are usually installed directly by the owner or manager of the website. They are divided into navigation or session cookies, and allow normal navigation and use of the website (such as purchases or accesses); analytics cookies, like technical cookies if used directly by the site manager to collect information on the number of users and how they visit the site; functionality cookies, which allow the user to browse according to a series of selected features and options (such as the language, products selected for purchase) in order to improve the service provided. To install these cookies, the user’s prior consent is not required.
  2. Profiling cookies. Profiling cookies are used to create user profiles and are used to send advertising messages based on the preferences expressed by the user while surfing the net. Since they are quite invasive in the private sphere of users, the European and Italian legislation provides that the user must be informed about the use of the same and thus express their consent. Our website does not use specific cookies aimed at profiling the user.

Session and Persistent Cookies.

Session Cookies are limited to your current browser session. These cookies are deleted when the browser is closed. Nothing is stored on your computer beyond the time of use of the website.

Persistent Cookies, which are used to maintain the information that is used in the period between accesses to the website, or used for technical purposes and to improve navigation on the website. This data allows websites to recognise that you are a known user or visitor and adapt accordingly. “Persistent” cookies have a duration that is set by the website and which can vary from a few minutes to several years. Our website does not use this type of cookies. However, the anti-tracking setting of any browser does not invalidate consultation of our website.

First-party and third-party cookies It is required to take into account the different subject that installs cookies on the user’s terminal, depending on whether it is the same manager of the website that the user is visiting (so-called “first party”) or a different website that installs cookies via the former (so-called “third party”). First-party cookies are created and readable by the website that created them. Third-party cookies, on the other hand, are created and readable by domains outside the website and whose data are stored at the third party subject’s premises. This website uses first-party cookies of a technical nature; therefore, as mentioned, consent is not required, but only this document is.

For further information on this type of advertising based on users’ tastes, deriving from third-party cookies, you can visit the third-party websites at the links below. At www.youronlinechoices.com and www.aboutads.info/choices/ you will also find information on how behavioural advertising works and a lot of information on cookies as well as the steps to follow to protect your privacy on the internet.

If you want to know more about cookies and how to manage them, you can also visit the website www.aboutcookies.org.

Third party cookies

Analytics cookies: these are cookies that collect information on the number of users and on how they visit the site, for example information on which pages or sections of pages are viewed the most and from which pages reports of malfunctions are received. The information is collected in an aggregated and anonymous form

This Website uses Google Analytics, a web analysis service provided by Google, Inc. (“Google”). For more information, you can visit the Google page on the use of Analytics cookies (Link).

The website manager has set up Google Analytics so that your IP address is partially anonymised. This information is transmitted to Google, which processes it in order to draw up reports on your activities on the website. However, Google does not associate your IP address with any other data held by Google nor does it attempt to connect an IP address with the identity of a computer user. In any case, in order to offer website visitors the option to prevent their data from being used by Google Analytics, Google has developed a browser add-on to disable the Google Analytics JavaScript (https://tools.google.com/dlpage/gaoptout?hl=it).

The website allows the use of YouTube, owned by Google Inc., only to allow users of the website to enjoy the content provided through the Rhoss S.p.A. YouTube channel. (LINK). Further information on how Google uses cookies can be found at http://www.google.com/policies/technologies/types/.

The website allows the use of Facebook only to allow users of the website to enjoy the content provided through the Rhoss S.p.A. Facebook page. (LINK). Further information on how Facebook uses cookies can be found at http://it-it.facebook.com/about/privacy/https://www.facebook.com/help/cookies.

The website allows the use of LinkedIn only to allow users of the website to enjoy the content provided through the Rhoss S.p.A. LinkedIn page. (LINK). Further information on how LinkedIn uses cookies can be found at https://it.linkedin.com/legal/cookie-policy.

The Data Controller does not guarantee that the links to the aforementioned policies are always active, and this is due to any updates that do not depend on the data controller. Therefore, the user is required to personally consult and verify the current text. The data controller is not responsible for any malfunctions or conditions that do not enable to consult the policies of the aforementioned applications.

The duration of cookies, therefore, ranges from a single session to two years from the visit to the page.

COOKIE MANAGEMENT IN THE CONFIGURATION OF THE MOST POPULAR BROWSERS USED

Manage cookies in Google Chrome

Manage cookies in Internet Explorer

Manage cookies in Mozilla Firefox

Manage cookies in Safari

Manage cookies in IOS

The following website is provided once more to analyse, more generally, and manage your preferences in terms of “online behavioural advertisinghttp://www.youronlinechoices.com.

Please note that disabling or blocking some cookies may compromise the complete use of the website or, more generally, its consultation. However, most browsers available on the internet have an “anti-tracking” function.