The Data Controller is – Ingegneria dei Sistemi S.p.A., Via E. Calabresi, 24 – Loc. Montacchiello
56121 Pisa – Italia C.F. 00672210507 – P. IVA IT 00672210507. The contact email is email@example.com.
Information we collect
This section details the information we may collect about you. We explain why, and how, we use it in later sections.
If you decide to create an account or enquire about one of our products or services, we’ll ask you to provide us with some specific information, for example:
- Basic personal details – such as name, title and date of birth;
- Personal contact details – such as home address, delivery address, home phone number, mobile phone number, and email address;
- Work details – such as job title, department, company name, company address, work email address and office phone number;
- Log in details – such as username and password;
- Payment details – such as your bank account and payment card information.
Information we obtain through cookies and similar tools
Lawful basis for processing
We only process personal information where we have a lawful basis for doing so, such as the following:
- User consent – This is where you have given us explicit permission to process personal information for a given purpose. For example, if you register on our website(s) we would ask for your consent if we wanted to use your personal information for any other purpose. You have the right to withdraw this consent at any time.
- Legitimate interests– This is where we have a legitimate interest, as a business, to process personal information. For example, where we are aware of copyright infringements on our Site, it is in our legitimate interests as a business to identify those responsible. We take due care to balance our interests against your fundamental rights.
- Contractual necessity – This is where we have to process personal information to meet our contractual obligations.
- Legal obligation – This is where we have to process personal information in order to comply with the law.
Purposes of data processing
We collect personal information for the following main reasons:
- To provide our service – We require some of your basic personal information so our services work as you would expect. This is based on contractual necessity lawful basis.
- To improve and maintain performance – In order to provide you with the best possible user experience and value, we need to make sure that our products and services work as they should. Using personal information helps us understand how our readers experience our Sites and services, so we can make improvements. This is based on legitimate interest lawful basis.
- To monitor compliance with our policies and terms – We monitor for breaches of our terms and conditions and copyright policies. This is based on legal necessity lawful basis.
- To personalise our products and services – We improve your experience of our products and services by personalising parts of our Sites and apps with the information you give us and what we learn about you. Where our Sites have such functionality, you can manage elements of personalisation in your account. This is based on user consent lawful basis.
- Recruitment – If you apply for a role via one of our Sites, we will process your information in order to facilitate the application process. This is based on contractual necessity lawful basis.
Who we share your personal information with
The processing will be carried out by IDS, by collaborators, Data Processors and persons in charge of the processing.
We disclose personal information to facilitate the running of our business or to provide specific services you have requested. Commonly, we will disclose information to:
- Service providers – We engage service providers who help to support our business and improve our products. These service providers include, for example, fulfilment providers for delivery of our digital content and marketing; customer service agencies; hosts, organisers and sponsors of our events; organisations that host our Sites or databases; and providers of online surveys.We also work with a number of distribution partners to deliver subscriptions. We have contracts in place with these data processors and they can only use your personal information under our instruction. For example, if you have a print subscription with us, we will disclose your information (address, contact details) to our distribution partners to facilitate delivery of the newspaper or magazine.
- Social media providers – Information will be shared with social media platforms where you log in to our Sites via a social media account, or use components on our Sites provided by social media platforms (e.g. the “Facebook Recommend” function).
- Other users – Our Sites are publicly accessible and anyone around the world who accesses our Sites will be able to see anything you post, such as comments about an article. We encourage you to use a pseudonym when commenting on our Sites if you do not wish to be identifiable to other readers.
- IDS group – We share your information within the IDS group to provide our services and to better understand the relationship between our products.
Processing methods and storage period
The processing will be carried out using electronic means and paper supports. Where we don’t need to keep all of your information in full, we will obfuscate or aggregate it, for example, web activity logs and survey responses. This is to ensure that we do not retain your information for any longer than is necessary.
It is sometimes necessary for us to keep your personal information for longer periods of time, for example:
- If there is a statutory requirement to retain it;
- If we require the information for legal reasons or there is a legitimate business need for us to retain it;
- To ensure we do not contact you if you have asked us not to.
How we keep your personal information secure
We have appropriate technical and administrative security measures in place to help ensure that our users’ information is protected against unauthorised or accidental access, use, alteration, or loss. We use encryption technology, such as Transport Layer Security (TLS), to protect your personal information when you order products or services from us. We operate a global business, so your personal information may be processed and stored outside the European Economic Area (EEA).
Moreover, the personal information you entered in the website is not stored in any server exposed to internet but sent internally to our network that is not public and is protected by the most advanced security technology.
Under data protection laws, you have rights as an individual in relation to the personal data we hold about you. These rights include:
- The right to object to direct marketing – your preferences, including in relation to direct marketing, can be found in your account;
- The right to access the personal data that we process about you;
- The right to request the deletion of your personal data;
- The right to request the rectification of your personal data – you can manage some of this information in your account.
You can exercise these rights through your account or by contacting customer services.
At any time, you can exercise the right to request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability in accordance with Articles 15–20, GDPR. You can exercise these rights by sending a written notice to: firstname.lastname@example.org.
You also have a right to lodge a complaint with the supervisory authority in the country of the data controller (www.garanteprivacy.it) according to Article 77 GDPR.
Personal information is collected by IDS Ingegneria dei Sistemi.
Our Sites are not intended for children under 14 years of age. We do not intentionally collect or use any information from children.
If you have a query in regards to the processing of your personal information, please contact
– Ingegneria dei Sistemi S.p.A., Via E. Calabresi, 24 – Loc. Montacchiello
56121 Pisa – Italia C.F. 00672210507 – P. IVA IT 00672210507 email@example.com.
This policy is effective from 24/06/2019.