Dear user/visitor, welcome to the privacy policy page of our website shop.plastivar.com (hereinafter, the “Site”).

Your privacy is very important to us, and to best protect it, we provide you with these Privacy Policy notes in which you will find guidance on the type of information collected through the Site and the various options you have to intervene in the collection and use of that information. Please read this document (hereinafter, “Privacy Policy”) carefully, which applies in any case in which you access the Site and decide to navigate within it and use its services, regardless of registration. This is a disclosure that is made pursuant to Art. 13 of the General Data Protection Regulation 2016/679 (hereinafter, “Regulation”). This information is provided only for this Site and not also for other websites that may be consulted by the user through links. Browsing the Site and/or accessing certain sections of the Site and/or any requests for information or services by users of the Site may involve the processing of personal data. By using or consulting the Site, visitors and users explicitly approve this Privacy Policy and consent to the processing of their personal data in the manner and for the purposes described below, including possible disclosure to third parties if necessary for the provision of a service.

The user/visitor acknowledges that any indication of personal and contact data of any third party other than the user himself (e.g. in filling in the data entry form on the Site) represents a processing of personal data with respect to which he stands as an autonomous data controller, assuming all the obligations and responsibilities provided for by the regulations in force. As such, the user warrants that any third party data that will be so indicated by the user (and which will consequently be processed as if the third party had provided informed consent to processing in its own right) has been acquired by the user in full compliance with applicable laws. The user confers on this point the widest indemnity with respect to any dispute, claim, request for compensation for damages from processing that may be received from any third party concerned due to the provision of the data indicated by the user in violation of the applicable data protection regulations.

Holder

The data controller is Plastivar s.r.l., with registered office in Viale Rimembranze, 1 – 23879 Verderio (LC), whom you may contact to assert your rights.

What data do we collect and use?

We collect all information provided by users in the submission of contact forms. If users contact us by e-mail, we will keep track of that correspondence. We use personal information for marketing activities only if this option has been accepted in the relevant personal data entry form. We collect browsing data, information that is not collected in order to be associated with identified data subjects, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes, for example, the IP addresses or domain names of the computers used by users connecting to the Site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user’s operating system and computer environment. The above information is processed automatically and collected in aggregate form only for the purpose of verifying the proper functioning of the site and for security reasons. For security purposes (spam filters, firewalls, virus detection), the IP address, could be used, in accordance with the relevant laws, in order to block attempts to damage the site itself or to harm other users, or otherwise harmful or criminal activities. This data is never used for user identification or profiling, but only for the purpose of protecting the site and its users.

Purpose and legal basis for processing

‍According to the needs expressed from time to time by the user who accesses the various sections of the Site (and subject to special rules and notices for individual operations involving the provision of specific personal data, published from time to time on the Site), the main purposes of the processing of personal data conferred directly by users or acquired automatically through browsing are indicated below:

  1. Adherence to services offered by the Site (e.g., the online check-up booking service);
  2. to follow up any requests made by the users themselves, for example, by spontaneously sending applications, e-mail or traditional mail messages to the addresses indicated on the Site, which entail the subsequent acquisition of the address, including e-mail, of the sender or the relevant telephone number necessary to respond to the requests, as well as any other personal data included in the relevant communications;
  3. Direct marketing and profiling if the user has selected that option;
  4. Improve the quality of services offered through the Site after anonymization;
  5. Fulfilling obligations required by law, regulation or EU legislation;
  6. ascertain, exercise or defend a right of ours in court;
  7. To obtain anonymous statistical information about the use of the Site and to monitor its proper functioning;
  8. managerial, administrative, accounting and tax fulfilment.The processing of such data is permitted by the Regulations, as:
    1. necessary to follow up on requests made by the users themselves;
    2. necessary for our legitimate interests in pursuing the above purposes (e.g. to verify the proper functioning of the site and for security reasons, needs of an organizational and productive nature to constantly improve the services rendered to users, the quality and effectiveness of customer care). Such interests in any case do not conflict with the users’ right to privacy;
    3. in some cases, necessary to fulfill a legal obligation, such as in the case of reporting to authorities, governmental or regulatory bodies;
    4. necessary to initiate, pursue or defend in legal actions;
    5. is based on the user’s consent.We have the right to process personal data for reasons other than those made explicit in this privacy policy, if such further processing is compatible with the purpose for which the data were initially collected or against the user’s consent and, in any case, subject to the issuance of appropriate information.

Nature of data provision and consequences of refusal

The provision of personal data, which are requested on the various occasions of collection, may be necessary for the pursuit of the purposes identified in the appropriate statement, or optional. The compulsory or optional nature of the provision is specified by the symbol (*) placed beside the information of a compulsory nature.Where the processing is based on your consent, such consent is required.Any refusal to communicate certain personal data marked as compulsory or to give your consent where necessary, makes it impossible to pursue the main purpose of the specific collection: such a refusal could, for example, result in the impossibility of providing the services available on the Site (application for open job positions; processing of data belonging to the special categories referred to in Art. 9 of the Regulation such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data relating to the health or sex life or sexual orientation of the person; support services of our customer service; booking a check – up, sending commercial communications). On the other hand, the provision of additional personal data, other than those marked as essential, is optional and has no consequences with regard to the pursuit of the main purpose of the collection.

Automated decision making

‍We do not make decisions solely on the basis of automated decision-making, including profiling, which produces legal effects on you or has other similar consequences.

Mode of treatment

Data are processed with or without the aid of electronic or, in any case, automated, computerized or telematic instruments, with logic strictly related to the purposes expressed above. The data will be processed lawfully and fairly, and in any case in accordance with the aforementioned regulations, by means of instruments suitable for guaranteeing their security and confidentiality, and may also be carried out by means of automated instruments designed to store, manage and transmit the data.

Retention period

‍We will retain users’ personal data for the period necessary to fulfill our legal obligations. The retention period of personal information depends on the purpose for which the data is processed and the means by which such personal information is processed. Whenever possible, we indicate in individual disclosures the period of data retention. In each case, the criteria used to determine the applicable retention period are: (i) time necessary to achieve the relevant purpose, (ii) time necessary for the completion of the business relationship with the user, (iii) time accepted by the user and/or (iv) time required by relevant applicable laws. When the retention period expires, the data will be deleted, or securely destroyed where possible, or anonymized.

Communication and dissemination of data

Users’ personal information will not be disseminated, that is, it will not be made known to unspecified parties. On the other hand, they may be communicated, if the communication is necessary or functional for the performance of our activity, in the manner and for the purposes set out above, to external parties who may carry out processing activities as autonomous data controllers or as managers, belonging to the following categories:

(a) freelancers to acquire opinions about the correct way to apply labor law regulations;

(b) companies, private or public, entities or professionals that perform consulting and/or evaluation activities in the personnel selection process;

(c) companies, private or public, entities or professionals for the purpose of possible training activities preparatory to the establishment of the employment relationship;

(d) companies that provide marketing and advertising services, market research;

(e) IT service providers (who provide a host or support the Companies’ IT systems that include personal data of applicants);

(f) public and private entities, including as a result of inspections, audits, handling of damage claims, for fulfillment of legal obligations and/or provisions of public bodies (e.g., financial administration, police bodies, judicial authorities, insurance companies).

Third parties who process data on our behalf and under our authority, have been adequately selected and are found to be experienced, capable and reliable, and offer suitable guarantees of full compliance with applicable processing provisions, including the data security profile, are formally appointed as data controllers pursuant to Art. 28 of the Regulations and are subject to contractual and regulatory obligations in order to maintain data confidentiality. We periodically verify that those responsible have fulfilled their assigned duties on time and continue to provide appropriate assurances of full compliance with data protection provisions. They will, moreover, only have access to that information necessary to carry out their functions. A detailed and up-to-date list of these individuals, as well as those acting as data processors, can be obtained by sending a request to the Controller.

They may also know and process the data, all employees and collaborators of the Companies specifically authorized, each within the limits of the functions and duties performed and according to the instructions indicated in the act of designation, such as persons in charge of the management and maintenance of computer systems, databases, system administrators, as well as employees of the offices entrusted with activities involving the processing of data for the purposes set forth in this Privacy Policy and in the additional information provided in correspondence with the data collection sections.

‍Data transfer outside the European Union.

Personal data may be transferred outside the EU to be stored on the servers upon entering into standard contractual clauses, adopted by the European Commission, with the providers of the servers and/or services entrusted to third parties, or verification of the registration of the data controller under the system called “Privacy Shield.”

‍Security measures.

‍We take appropriate security measures in order to minimize the risks of destruction or loss – even accidental – of data, unauthorized access, or processing that is not permitted or not in accordance with the purposes of collection set out in our Privacy Policy. The transfer, storage, and processing of data collected through the Site are ensured through appropriate technical measures. However, we cannot guarantee users that the measures taken to secure the Site and the transmission of data and information on the Site will limit or exclude any risk of unauthorized access or data leakage from devices pertaining to the user: we recommend that you ensure that your computer is equipped with appropriate software to protect network transmission of data, both incoming and outgoing (such as up-to-date antivirus systems) and that your Internet service provider has taken appropriate measures to secure network transmission of data (such as firewalls and spam filters).

‍His rights.

  • Right to access and obtain a copy of personal data
    ‍You have the right to request confirmation that we are processing any of your personal data. In some cases it may require us to provide you with an electronic copy of its data.
  • ‍Rightto rectify personal data.
    ‍If the data we hold is incorrect, you have the option of requesting us to update such data or correct it.
  • Right to restriction of processing and right to be forgotten
    ‍In certain circumstances you have the right to request a restriction on the processing of your personal data and/or its deletion. You have the option to submit this request at any time, and we will consider granting it. However, this right is subject to legal rights or obligations and, therefore, we may have to retain the data in question. In situations where we ascertain that under the law your request for deletion of personal data can be granted, we will immediately do so without undue delay.
  • ‍Right ofopposition.
    ‍He has the right to object at any time, on grounds relating to his particular situation, to the processing of personal data concerning him, including profiling. In such a case, we will refrain from further processing your personal data unless there are compelling legitimate grounds for processing that override your interests, rights and freedoms or for the establishment, exercise or defense of a legal claim. You have the right to object at any time to processing for direct marketing purposes, including profiling insofar as it is related to such marketing.
  • Right to portability
    ‍Under certain prerequisites, you have the right to receive, in a structured, commonly used, machine-readable format, personal data concerning you and you have the right to have such data transmitted directly to another data controller.
  • Right to file a complaint with the Supervisory Authority
    ‍You may file a complaint with the Italian Regulatory Authority where necessary, or apply to it for information regarding the exercise of your rights.
  • Withdrawal of consent
    You may, at any time, revoke the consents given. However, revocation will not affect the lawfulness of the processing based on consent prior to revocation of consent.
  • Ways of exercising rights
    You may, at any time, exercise your rights by sending a certified e-mail message to: [email protected] When we send marketing communications by e-mail, you can opt out of receiving further communications by clicking “unsubscribe.”

Revision clause

‍We reserve the right to revise, amend or simply update, in whole or in part, in any manner and/or at any time, without prior notice, this Privacy Policy, including in consideration of changes in data protection laws or regulations. Changes and updates will be notified on the Home Page of the Site section as soon as they are adopted and will be binding as soon as they are posted on the Site. Therefore, we kindly ask users to regularly access this section to check the publication of the most recent and updated Privacy Policy.

This item is also available in: Italiano (Italian)