General Data Protection Regulation – GDPR
REDI S.p.A. is committed to collecting, maintaining, and using personal information about our clients and business contacts responsibly. This Privacy Notice explains how we may collect, use and disclose personal information about you and describes the rights you may have in respect of your own personal information.
This Privacy Notice only applies to personal information that we collect through our website at http://www.redi.eu (“Website”).
If you have any questions or concerns about our use of your personal information, please contact us using the firstname.lastname@example.org
- The personal information we collect and why
- The legal basis for processing personal information
- Who do we disclose your personal information to and how?
- Data retention
- Your data protection rights
- Will your personal information be transferred abroad?
- Security measures for your personal information
- Links to third party websites
- Changes to our Privacy Notice
- How to contact us
1. The personal information we collect and why
The personal information that we may collect about you through the Website broadly falls into the following categories:
Information that you provide voluntarily
We collect personal information that you provide voluntarily through our Website, for example when completing online form to contact us subscribing to our newsletter. The information we collect about you may include some or all of the following:
- first and last names;
- country of residence;
- personal contact information (phone, email, etc.);
- name of a company that you represent (if any) and your function within this company;
- newsletter subscriptions; and
- any other information that you may enter on the Website (e.g.: content that you fill into an online form).
Information that we collect automatically
When you visit our Website, we may collect certain information automatically from your device. In some countries, including countries in the European Economic Area, this information may be considered personal information under applicable data protection laws.
Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification number, browser-type, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your device has interacted with our Website, including the pages you have accessed and links clicked.
Collecting this information enables us to better understand the visitors who come to our Website, where they come from, and what content or products on our Website are of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Website to our visitors.
2. The legal basis for processing personal information
Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only (i) where the processing is in our legitimate interests and not overridden by your rights, or (ii) where we have your consent to do so. We will notably process your personal information for any of the purposes below:
- administering, operating, maintaining and improving the Website;
- answering your questions and responding to your requests;
- providing you with information about the REDI, its members, our products and services through our newsletter;
- creating statistical data about use of our Website;
- complying with applicable laws, regulations, court orders, government and law enforcement agencies’ requests, to operate our systems properly and to protect ourselves, our users and customers and to solve any customer disputes;
- complying with legal obligations, prevent unlawful uses of the Website, resolve disputes, and enforce our agreements; and
- other purposes that you have specifically agreed to; and otherwise as permitted by applicable law.
If we wish to use your personal information for a new or different purpose that is not compatible with the purpose for which we collected or received it, we will notify you and will only make such other use if it is required or permitted by applicable law or if you have consented to it.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using email@example.com
3. Who do we share your personal information with and how?
For the purposes mentioned above, we may share your personal information to the following categories of recipients:
- members of the REDI S.p.A.; and
- the following parties:
– our providers and suppliers, including those who provide services to us such as data analytics, website hosting and technical support;
– our professional advisors and auditors;
– any competent law enforcement body, regulator, government agency and/or court; and
– any person for which you have given your consent regarding the disclosure of your personal information.
4. Data retention
We retain personal information we collect from you for the period required by law and where we have an ongoing legitimate business need to do so (for example, to respond to your question or to provide you with a service you have requested).
When we have no ongoing legitimate business need to process your personal information, your personal information will (where possible and practical) be deleted or rendered anonymous through the removal, substitution or blocking of details which enable you to be identified.
5. Your data protection rights
You have the following data protection rights:
- the right to obtain confirmation as to whether or not your personal information is being processed and, where that is the case, the right to access and/or to receive a copy of your personal information;
- the right to rectify or update any inaccurate or incomplete your personal information;
- the right to obtain the erasure of your personal information;
- the right to restrict the processing of your personal information on certain legal grounds;
- the right to object to the processing of your personal information on grounds relating to your particular situation, where such processing is necessary for the purposes of a Company’s legitimate interest;
- the right to opt-out of marketing communications we send to you, at any time;
- the right to receive your personal information in a structured, commonly used and machine-readable format and to have your personal information transmitted to another controller;
- the right to withdraw your consent at any time where the processing of your personal information is based on your consent. Withdrawing consent will not affect the lawfulness of any processing conducted prior to such withdrawal, nor will it affect the processing of personal information conducted in reliance on other legal basis; and
- the right to lodge a complaint with a competent data protection authority.
If you wish to exercise any of the rights described above, please contact us using firstname.lastname@example.org
6. Will my personal information be transferred abroad?
The REDI S.p.A. operates at a global level and, as a result, we may need to transfer your personal information to members of the REDI S.p.A. or to third-party service providers located in countries other than the ones in which our personal information was originally collected.
In such case, we will implement appropriate safeguards to ensure that an adequate level of protection for any personal information transferred.
Where the transfer relates to personal information of European residents to countries outside the European Union (EU) and European Economic Area (EEA), we will take the required measures to provide an adequate level of data protection under EU law, such as entering into EU standard contractual clauses with the party who is receiving the data
7. Security measures for your personal information
We are committed to protecting the confidentiality and security of the information that you provide to us and we put in place appropriate technical, physical and organisational security measures to protect against any unauthorised access or damage to, or disclosure or loss of, the personal information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information.
You should also be aware that communications over the internet, such as e-mails, are not secure unless they have been encrypted.
8. Links to third party websites
This privacy notice does not apply to third party websites which our Website link to or which advertise on our Website. These third-party websites operate their own privacy notice or policy which we encourage you to read.
9. Changes to our Privacy Notice
We may amend this Privacy Notice from time to time for example, to keep it up to date or to comply with changing legal, technical or business requirements.
You can see when this Privacy Notice was last updated by checking the date displayed at the top of this Privacy Notice.
10. How to contact us
If you have any questions or concerns about our use of your personal information, please contact us using email@example.com