PRIVACY POLICY AND COOKIE POLICY

This policy describes the procedures followed by Sirti Digital Solutions S.p.A. (hereinafter "Sirti Digital" or the "Controller") in relation to the processing of personal data collected through the Trouble Ticket Management Portal "sirtisupport.com" (hereinafter the "Portal").

Where not otherwise specified, this policy also applies as a disclosure - pursuant to Article 13 of Regulation (EU) N. 2016/679 (hereinafter the "GDPR") - made to those who interact with the Portal (hereinafter the "Data Subject").

Data controller. Data Processors

The Data Controller is Sirti Digital Solutions S.p.A., with registered office in Viale Thomas Alva Edison, 110 - 20099 Sesto San Giovanni (MI), tel. 02/95881, e-mail privacy@sirti.it. The updated list of any data processors is available at the Controller's registered office.

Data Protection Officer

The Data Protection Officer of the Sirti Group may be contacted by:

Data categories

Contact data (e-mail addresses) may be collected and processed through the Portal.

Cookie

Cookies are small text files that visited sites send to the user's terminal, where they are stored, and then transmitted back to the same sites on the next visit.
The Portal uses technical cookies, both its own and those of third parties. Such cookies, being of a technical nature, do not require the User's prior consent to be installed and used.
Specifically, the cookies used in the Portal can be attributed to the following subcategories:

these are the cookies that serve to perform navigation or provide a service requested by the user. They are not used for any further purposes and are normally installed directly by the website owner. Without the use of such cookies, some operations could not be performed or would be more complex and/or less secure.

The third-party cookies installed on the Portal are listed below. For each of them there is a link to the relevant policy on the processing of personal data carried out and on how to deactivate the cookies used, if any. With regard to third-party cookies, the Controller is only obliged to include the link to the third-party site in this policy. It's the responsibility of that party, on the other hand, the obligation of the information and the indication of the modalities for the eventual consent and/or deactivation of the cookies.

The use of cookies can be turned off through the appropriate function on the site itself.

Purpose and legal basis of processing

Personal data collected through the Portal will be processed for the management of requests for intervention or periodic reports to be forwarded to the User.
The processing of personal data for the above purpose doesn't require the User's consent as the processing is necessary to fulfill specific requests from the data subject pursuant to Article 6, c. 1, lett. b) of the GDPR. The provision of personal data for the above purpose is optional and failure to provide them will result, as the only consequence, in the impossibility for the Data Controller to manage and process the requests of the interested party.

Method of processing

Personal data will be processed by electronic means, including by entering and organizing them in databases, in accordance with the provisions of Legislative Decree 101/2018 and the GDPR on security measures.

Recipients or categories of recipients

Data may be made accessible, disclosed or communicated to the following persons, to be appointed by the Controller, depending on the cases, as processors or persons authorised to process: Except in case of processing for the purposes under g), your Data shall in no event be disseminated.

Retention Period

Personal data will be stored for a period of time not exceeding that necessary to fulfill the purposes for which they are processed.

Rights of access, deletion, limitation and portability

Data subjects shall have the rights set out in Articles 15-20 of the GDPR such as, inter alia:

a) the right to obtain confirmation as to whether personal data concerning them is being processed;
b) if Data is being processed, the right to obtain access to their personal data and information on processing as well as to ask for copy of the personal data;
c) the right to obtain rectification of inaccurate personal data and completion of incomplete personal data;
d) the right to obtain, if any of the conditions under Article 17 of the GDPR exist, the erasure of their personal data;
e) the right to obtain restriction of processing, in the cases provided for by Article 18 of the GDPR;
f) the right to receive the personal data in a structured, commonly-used and machine-readable format and have it directly transmitted to another controller, where technically feasible.

Right to object

Each data subject has the right to object at any time to the processing of his or her personal data carried out in pursuit of a legitimate interest of the Data Controller. In the event of opposition, his or her personal data will no longer be processed, unless there are legitimate grounds for processing that override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of a legal claim.

Right to propose complaint to the Guarantor

In addition, each data subject may lodge a complaint with the Guarantor for the Protection of Personal Data if he or she believes that his or her rights under the Code and the GDPR have been violated, in the manner indicated on the Guarantor's website accessible at: www.garanteprivacy.it.

Updates

This Privacy Policy will be subject to updates. Therefore, the Owner invites Users who wish to know how personal data collected through the Portal are processed to periodically visit this page.