The methods of management of the website with regard to processing of the data of users who visit it are described on this page. When this website is consulted, data relating to identified or identifiable people may be processed.
This policy is directed at those who interact with the web services of the Controller, accessible electronically from the address:
The policy is provided for said website and not for any other website that the user consults through the links.
This document may be revised periodically.
The Controller is FITT USA Inc., with registered office in 3526 N. California Ave. Suite 201 61603 Peoria – Illinois – US, e-mail email@example.com
The company has decided not to appoint a DPO/RPCT (Data Protection Officer or Data Protection Manager), as this is not considered necessary based on Regulation EU 2016/679. The company has nonetheless identified an internal privacy contact person to whom any requests concerning privacy may be submitted, as indicated below.
TYPES OF DATA PROCESSED, PURPOSES AND LEGAL BASIS OF PROCESSING
Web browsing data
The computer systems and software procedures used for functioning of this website acquire certain personal data during their normal operation, the transmission of which is implicit in use of Internet communication protocols.
This information is not collected in order to be associated with identified data subjects but, due to its nature and as a result of processing and association with data held by third parties, could allow users to be identified.
This data category includes IP addresses or domain names of the computer used by users visiting the website, URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the digital code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.
The data is used solely in order to obtain statistical information on use of the website and to check correct functioning and is erased immediately after processing. The data may be used to ascertain liability in the case of possible computer crimes damaging the website: with the exception of this case, the data on web contacts currently does not persist for more than one month.
The legal basis of processing is therefore a legitimate interest of the controller for performance and improvement of the web services provided.
Data provided voluntarily by the user
Optional, explicit and voluntary sending of e-mails to the addresses indicated on this website or compiling of specific data entry formats to receive services/information or submit requests leads to subsequent acquisition of the sender’s address, which is necessary to respond to requests, together with any other personal data entered.
The personal data provided by users who submit requests (contact requests, sending of CV, sending of newsletter, etc.) is processed for the sole purpose of supplying the service requested, unless otherwise envisaged in any further specific policies on processing of the data present on the specific login or registration pages.
Specific summary policies and any requests for consent, if necessary, will be progressively reported or displayed on the pages of the website serving for particular services on request.
The legal basis of processing is therefore fulfilment of contractual obligations (requests) of the user/consent.
The website uses technical cookies/profiling cookies/third-party cookies.
Cookies for transmission of personal information are not used.
The legal basis of processing is therefore the legitimate interest of the processor in the case of technical cookies and the data subject’s consent for profiling cookies.
DISCLOSURE OF DATA TO THIRD PARTIES AND TRANSFER TO THIRD COUNTRIES
No data deriving from the web service is disclosed.
No browsing data is communicated to third parties.
Browsing data and personal data provided by the user and the other types of data processed are not transferred to third countries
METHODS OF PROCESSING, DATA STORAGE PERIODS AND AUTOMATED PROCESSES
The personal data is processed electronically.
The personal data provided by the user is stored for the period necessary to achieve the purpose(s) indicated.
Browsing data is stored for the period necessary to achieve the purpose(s) indicated and for a maximum 30 days from obtaining it.
The automated decision-making process / profiling process is based on a logic of affinity clustering of online behaviour.
In order to prevent data loss, illicit, or incorrect use of data and unauthorised access, specific security measures are adopted.
PROVIDING OF DATA
With the exception of what is specified for browsing data, the user is free to provide the personal data indicated on the request forms or indicated in contacts with the Controller.
It may be impossible to obtain what is requested if the data is not provided.
The undersigned company, which is the owner of the website and the Controller, reserves the right to cancel the registration and suspend supply of the services if the data provided to access specific services proves to be untrue.
RIGHTS OF DATA SUBJECTS, RIGHT TO LODGE A COMPLAINT AND WITHDRAWAL OF CONSENT
The subjects to whom the personal data refers have the right of access to their personal data, at any moment, the right to rectification, erasure, restriction of processing, the right to object to processing and the right to data portability. In any case, the data subject has the right to withdraw the consent given at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
To exercise your rights under current personal data protection regulations and to obtain a complete list of the external processors appointed for each area and activity, or to obtain information on transfer of the data to non-EU countries and the related guarantees, write to firstname.lastname@example.org.
The data subject also has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement.