FASP SRL PRIVACY POLICY

in accordance with EU Regulation 2016/679

This information is provided pursuant to art. 13 of the Regulation (EU) n. 2016/679 and describes:

 1) the management methods of the website www.faspautomazioni.com (hereinafter, the "Website") and the processing of personal data of users who consult it;

2) the processing of personal data of those who, as customers or suppliers or consultants, potential employees or collaborators, or any other title, maintain relationships or contacts with FASP SRL or otherwise provide FASP SRL with their own personal data, for purposes indicated in this Information.

1. Controller of your personal data and address to contact us

The Controller of personal data is: FASP SRL with registered office in 36075 Montecchio Maggiore (VI) via Chemello 22, VAT: 04093360248, legal representative Mr. Rinaldo Folco. FASP SRL is today the leader in Italy in the design, production and marketing of machinery and production lines of electric stators. If you have any questions regarding our personal data processing, or would like to exercise your rights or withdraw your consent or object to legitimate interests, please contact us at privacy@faspsrl.com. In the present Information  with the term "We" we refer to FASP SRL.

2. Definition of "personal data" and "data subject" (so-called "User")

A "personal data" pursuant to art. 4 paragraph 1 of EU Regulation 2016/679 is: “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”."Data subject" is the natural person to whom the personal data refers. The data subject is therefore the subject protected by the rules on the protection of personal data. In this  Information with the term "you" and "your data", we turn to the data subject. The data of a legal entity are therefore not personal data and are not protected by our legal system. The data subject who accesses our Website is called "User" and the privacy policy is addressed to him  or her.

3. Method of collecting personal data

The treatments connected to the web services of this Website, as well as the treatments that are carried out by FASP SRL for any reason pursuant to this information, take place at the FASP SRL headquarters and are managed by an internal officer with IT technical skills, specifically appointed in writing or by personnel outside the organization of FASP SRL after appointment of external manager pursuant to art. 29 of the 2016/679 Regulations. FASP SRL processes your personal data when you enter personal data when the following situations occur: a) when you request technical assistance by entering your personal data in the "Technical Service Request Form"; b) when you request the sending of the news letter with the insertion of his personal data in the Form "Subscribe to our news letter"; c) when you apply to work for FASP SRL by sending your curriculum vitae via email to work@faspautomazioni.com, as indicated on the page of "Careers" of our Website; d) when you wish to communicate with us by sending a message via the "Contact" form. In the event that you communicate another person’s personal data, before communication you must make sure that the data subject has read our Privacy Policy. In the event that your data are subject to change, please inform us of any changes you have made (e.: a change e-mail address), in order to allow us to keep your personal data up-to-date.

4. Type of personal data collected

The types of personal data that we process can be the following: a) Contact details: name, address, telephone number, email address; b) Information on the use of the Website: information on how you use our Website, including information collected via cookies for this purpose, please refer to the link "insert link to the Fasp srl policy page on cookies".

5. Legal basis for the processing of personal data (Lawfulness of processing)

The processing of personal data in compliance with EU Regulation 2016/679 shall be legitimized by a legitimate "legal basis", and we are obliged to indicate the legal basis for each treatment described in this Information. The processing of your personal data described above is authorized by Regulation EU 2016 / 679 on the basis of the following legal bases: a) Consent: if you have consented to the use of your personal data with the release of consent that may be withdrawn at any time by sending an email to privacy@faspsrl.com; b) Execution of pre-contractual measures or fulfilment of contractual obligations: your personal data are used to conclude a contract (e.g.: sending an offer following a request), or to fulfil a contract (e.g.:  communication that the goods are ready for delivery); c) Legal obligations: your personal data are used to comply with the law; d) Legitimate interest: your personal data are used to pursue a legitimate interest and our motivations are superior to any prejudice to your data protection rights and where it is necessary to defend ourselves, take legal action or make claims in their own, ours or towards third parties.

6. Purposes of the processing of personal data

Personal data will be processed, for the purposes described below, on paper and electronically: a) To respond to your requests: to process your requests (e.g.: requesting a quote, sending order confirmation, sending information material on products, etc.). Legal basis for processing: execution of pre-contractual measures (see Article 5 letter b); b) To perform the technical assistance service. Legal basis: fulfilment of contractual measures (see Article 5 letter b);c) For legitimate interest (marketing activities c.d. "soft spam"): to send by e-mail information and promotional communications similar to that object of the request for information, pursuant to art. 130 paragraph 4 of the Privacy Code (Legislative Decree 196/2003) and pursuant to Recital 47 of EU Reg. 2016/679 (see Article 5 letter d). d) For legal obligations and for legal protection: In compliance with the legally binding requests of your personal data and legal protection of a right in order to comply with legal obligations, regulations or provisions of the judicial authority, as well as to defend a right in court. Where the obligation is fulfilled we will provide information that concerns you to the bodies responsible for the application of the law, regulations and judicial documents anywhere in the world. Furthermore, FASP SRL may process your personal data where it has the need to defend a right in court. Legal basis for processing: legal obligations, legitimate interest (see Article 5 letter c and letter d). It is legitimate interest of FASP SRL to protect and defend its rights. You may object to the processing of your data in the case of legitimate interest, if the conditions are met.

7. Security measures taken to protect your personal data

FASP SRL uses technical and organizational measures to protect your data and our security measures are constantly updated on the basis of technological development. In particular in our internal procedures, we adopt security measures such as: a) restriction of access to your personal data, based on the need and for the sole purposes communicated in this Information; b) the transfer of data electronically only in encrypted form; c) use of firewalls and antivirus to prohibit unauthorized access. All your personal data is stored on our secure servers (or securely stored paper copies).

8. Retention of your personal data

Your personal data are kept only for the time necessary to achieve the purposes for which they were collected or for any other legitimate related purpose (for example, where they are relevant to a defence against claims made against us or in the presence of a legitimate interest). Therefore, if the personal data are processed for two different purposes, we will keep this data until the end with the longer term expires. Your personal data that are no longer necessary, or for which there is no longer a legal requirement for its conservation, are irreversibly anonymised (and thus can be stored) or permanently deleted. To this end, personal data will be kept for the time necessary to achieve the purposes for which they were collected. For greater clarity, we report the retention periods related to the main purposes: a) Purpose of supplying technical assistance service: data may be kept for the entire duration of the service.b) Marketing purposes: personal data processed for marketing purposes may be stored for 10 years from the date on which we have obtained your last consent for that purpose (except in the case where you have subsequently denied consent and with the exception of soft spam activity referred to in Article 6 letter c) of this Disclosure). c) Fulfilment of contractual obligations: the data processed to fulfil any contractual obligation with you, may be kept for the entire duration of the contract as well as for subsequent 10 years from the end of the fiscal year following that of competence, to face any investigation and / or a tax and / or legal dispute.d) In the case of disputes: in the event that it is necessary to defend or act or even make claims against you or third parties, we may retain personal data that we will reasonably need to process for such purposes, for the time when such claim can be prosecuted.

9. Communication of your personal data

No data is subject to disclosure or transfer to third parties. If communication is necessary to third-party suppliers for organizational, administrative or support needs for the services provided, FASP SRL shall be responsible for appointing these responsible parties pursuant to art. 28 of the 2016/679 EU Regulation. The data may be communicated to the reference holding company, as the co-owner for the purposes referred to in the previous art. 6.

10. Transfer of personal data abroad

Personal data may be transferred to subjects in countries outside the area of ​​the European Economic Area (EEA) for one of the purposes set out in art. 6, whose data protection laws may be of a lower standard than those of the EEA. In the latter case, we will ensure that all personal data accessible outside the EEA are processed with appropriate safeguards. Countries outside the EEA may have been authorized by the European Commission because they provide similar protection to that of the EEA data protection legislation, and therefore additional legal safeguards are not required. In the case of foreign countries that have not obtained such authorization, you will be asked to consent to the transfer or your personal data will be transferred using the contractual clauses approved by the European Commission. Such clauses impose similar obligations in the protection of data directly to the recipient, unless it is granted by the applicable law on protection.

11. Your Rights with regard to the protection of personal data

According to current legislation, you have the right to ask us about your data: a) access; b) rectification; c) cancellation; d) acceptance of the withdrawal of consent, if the processing has its legal basis in consent as in marketing activity; e) to oppose any treatment based on legitimate interests unless the reasons for which we are obliged to perform such treatment exceed any prejudice to your data protection rights. The exercise of these rights is subject to certain exceptions aimed at safeguarding the public interest (for example the prevention or identification of crimes) and our interests. In the event that you exercise any of the aforementioned rights, it will be our responsibility to verify that you are entitled to exercise it and we will give you feedback as a rule within a month. In the event that you, subject to the conditions, withdraw your consent or exercise the right to cancel it will be necessary to consider that this operation will require a technical processing time that will be our best to minimize, but during which it could still be contacted. Scope of the marketing activities already carried out. If you are not satisfied with the way in which we process your personal data, or of our feedback, you will have the right to propose a complaint to the supervisory authority, competent according to the art. 77 of EU Regulation 2016/679 (in particular, in the Member State in which he resides habitually or working or in the place where the alleged violation has occurred).