Privacy policy

I. INFORMATION RELATING TO PRIVACY

This section contains information on Federlegno’s management methods with reference to the processing of personal data in its possession.

This information is also valid for the purposes of Article 13 of EU Regulation no. 2016/679 (hereinafter the “Regulation”), relating to the protection of individuals with regard to the processing of personal data as well as the free circulation of such data, for those who interact with Federlegno
The purpose of this document is to provide information on the methods, timing and nature of the information that the data controllers must provide to users with personal data.

II. DATA PROCESSING

1 – Data Controller
Federlegno (Foro Buonaparte 65, 20121 – Milan) is the owner of the processing of personal data, determining the purposes and means of the processing of personal data. It also deals with safety profiles. For any clarification or exercise of the user’s rights, he can contact him at the following email address: [email protected]

2 – Place of data processing
The processing of data generated by the use by Federlegno takes place at Foro Buonaparte 65, 20121 – Milan.

III. USER RIGHTS

The art. 13, c. 2 of the Regulation lists the user’s rights.
Federlegno therefore intends to inform the user about the existence:
– the right of the interested party to ask the owner for access to personal data (Article 15 of the Regulations), their updating (Article 7, paragraph 3, letter a) of Legislative Decree 196/2003), the correction (Article 16 of the Regulation), the integration (Article 7, paragraph 3, letter a) of Legislative Decree 196/2003) or the limitation of the processing concerning him (Article 18 of the Regulation) or to oppose, for legitimate reasons, to their processing (Article 21 of the Regulation), in addition to the right to data portability (Article 20 of the Regulation);
– the right to request cancellation (Article 17 of the Regulation), transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed (Article 7, paragraph 3, letter b) of Legislative Decree 196/2003);
– the right to obtain the attestation that the updating, rectification, data integration, cancellation, data blocking, transformation operations have been brought to the attention, also as regards their content, of those to whom the data have been communicated or widespread, except in the case in which this fulfillment proves impossible or involves the use of means manifestly disproportionate to the protected right (Article 7, paragraph 3, letter c) of Legislative Decree 196/2003);
Requests can be addressed to the data controller, without formalities or, alternatively, using the model provided by the Guarantor for the Protection of Personal Data, or by sending an email to: [email protected].
If the treatment is based on art. 6, paragraph 1, lett. a) – express consent to use – or on art. 9, paragraph 2 lett. a) – express consent to the use of genetic, biometric, health-related data, revealing religious or philosophical beliefs or trade union membership, revealing racial or ethnic origin, political opinions – the user has the right to revoke consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation.
Likewise, in case of violation of the law, the user has the right to lodge a complaint with the Guarantor for the Protection of Personal Data, as the authority responsible for monitoring the processing in the Italian State.
For a more in-depth examination of the rights that compete with you, see articles 15 and ss. of the Regulation and art. 7 of Legislative Decree 196/2003.

IV. DATA TRANSFER TO NON-EU COUNTRIES

This site may share some of the data collected with services located outside the European Union area. In particular with Google and Facebook through social plugins and the Google Analytics service. The transfer is authorized and strictly regulated by article 45, paragraph 1 of the Regulation, for which no further consent is required. The companies mentioned above guarantee their adherence to the Privacy Shield.
Data will never be transferred to third countries that do not comply with the conditions set out in article 45 and following of the Regulation.

V. SECURITY OF THE DATA PROVIDED

Federlegno processes user data in a lawful and correct manner, adopting appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data, including antivirus and firewall protection systems in relation to the website www.c- farms.eu.
In addition to the owner, in some cases, categories of employees involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external subjects (such as suppliers of third party technical services, postal couriers) may have access to the data. hosting providers, IT companies, communication agencies).

VI. PERSONAL DATA OF NEWSLETTER SUBSCRIBERS

1 – Data category
The personal data processed by the Data Controller include only contact data (e-mail), considered personal data by the European Commission itself to the extent that the name and surname of the natural person concerned appear.

2 – Purpose and legal basis
Personal data will be processed for the purpose of sending electronic communications of an informative and promotional nature relating to the progress of the C-farms project.
The legal basis of the processing is the consent to the processing for the aforementioned purpose, which is mandatory for subscription to the newsletter. The provision of data is optional. Failure to provide or the subsequent refusal to process will not allow you to receive the aforementioned communications via the Federlegno Newsletter.

3 – Methods
The operations that we foresee necessary in relation to the purpose described are (pursuant to Article 4, GDPR): collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and data destruction. Personal data will be subjected to both paper and electronic processing, including automated, in such a way as to ensure high levels of security and confidentiality for processing, including storage (if foreseen).

4 – Recipients
The personal data processed may be known only by personnel specifically responsible for the processing operations and may be disclosed to third parties – possibly appointed as Data Processors, pursuant to Article 28 of the GDPR – to whom specific processing activities may be entrusted, such as sending communications. electronic and related operations to protect the confidentiality, integrity and availability of information. The updated list of appointed data processors can be requested at any time from [email protected].
Personal data will not be disclosed for other purposes nor, much less disseminated.

5 – Rights and methods of exercise
Interested parties may exercise the rights referred to in Articles 15 and following of the GDPR at any time and precisely:
a) have access to personal data that are being processed;
b) always obtain the rectification, integration or cancellation of the same or, under certain conditions, the limitation of processing;
c) in the cases provided for, oppose the processing;
d) revoke the consent (any revocation does not affect the lawfulness of the treatments already performed);
e) know the updated list of data processors;
by sending a request to the person in charge for the processing of personal data, at the headquarters of Federlegno, Foro Buonaparte 65, 20121 – Milan or to the e-mail address [email protected].
Interested parties can also lodge a complaint with the Supervisory Authority (“Privacy Guarantor”).

6 – Retention terms
The personal data collected will be kept for the time necessary to fulfill the promotional purposes indicated above, subject to compliance with any other rights, obligations or protection requirements under the law. Any subscriber to the newsletter has the right to unsubscribe from it by clicking on “modify your subscription” at the bottom of each email.

VII. PERSONAL DATA TRANSMITTED VIA MESSAGE FORM

1 – Data category
The personal data processed by the Data Controller include only contact data (e-mail), considered personal data by the European Commission itself to the extent that the name and surname of the natural person concerned appear. Additional data entered in the form are voluntarily provided by the user at the time of the request for service provision. By inserting them, the user expressly accepts the privacy policy, and in particular agrees that the contents inserted are freely disseminated to third parties. The data received will be used exclusively for the provision of the requested service and only for the time necessary for the provision of the service.

2 – Purpose and legal basis
Personal data will be processed for the purpose of responding to requests and questions communicated through the form itself.
The legal basis of the processing is the consent to the processing for the aforementioned purpose, which is mandatory for sending the message. The provision of data is optional. Failure to provide or the subsequent refusal to process will not allow you to receive the desired services or answers.

3 – Methods
The operations that we foresee necessary in relation to the purpose described are (pursuant to Article 4, GDPR): collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and data destruction. Personal data will be subjected to both paper and electronic processing, including automated, in such a way as to ensure high levels of security and confidentiality for processing, including storage (if foreseen).

4 – Recipients
The personal data processed may be known only by personnel specifically responsible for the processing operations and may be disclosed to third parties – possibly appointed as Data Processors, pursuant to Article 28 of the GDPR – to whom specific processing activities may be entrusted, such as sending communications. electronic and related operations to protect the confidentiality, integrity and availability of information. The updated list of appointed data processors can be requested at any time from [email protected].
Personal data will not be disclosed for other purposes nor, much less disseminated.

5 – Rights and methods of exercise
Interested parties may exercise the rights referred to in Articles 15 and following of the GDPR at any time and precisely:
a) have access to personal data that are being processed;
b) always obtain the rectification, integration or cancellation of the same or, under certain conditions, the limitation of processing;
c) in the cases provided for, oppose the processing;
d) revoke the consent (any revocation does not affect the lawfulness of the treatments already performed);
e) know the updated list of data processors;
by sending a request to the person in charge for the processing of personal data, at the headquarters of Federlegno, Foro Buonaparte 65, 20121 – Milan or to the e-mail address [email protected].
Interested parties can also lodge a complaint with the Supervisory Authority (“Privacy Guarantor”).

6 – Retention terms
The personal data collected will be kept for the time necessary to fulfill the aforementioned purposes, without prejudice to compliance with any other rights, obligations or protection requirements under the law.

VIII. PERSONAL DATA OF EMPLOYEES, EMPLOYEES AND COLLABORATORS

1 – Data category
The Data Controller will process the data that fall within the definitions referred to in Articles. 4 and 9 of the Regulations collected during the management of the employment or collaboration relationship, including the following common Personal Data: (i) identification data (name and surname, place and date of birth, tax code), (ii) contact details (address of residence or domicile and postal address, telephone / mobile phone, e-mail), (iii) photographic image, (iv) information on the qualification and professional experience, (v) data on work performance and other necessary ” possible establishment and management of the employment relationship.
Particular data: only if strictly necessary for the correct selection and possible establishment and management of the employment relationship for the specific role / assignment (eg information on the state of health).
In relation to the data processed for occupational medicine purposes, it is specified, as of now, that such data are processed under the responsibility of a professional subject to the obligation of professional secrecy and that the data concerning the state of health will be processed in the fulfillment of the obligations pursuant to Legislative Decree 81/2008 and other provisions on hygiene and safety, by the competent doctor, as independent data controller. Only judgments relating to work suitability will be communicated by the competent doctor to the employer.

2 – Purpose, legal basis and optional nature of the processing
The processing of personal data, even particular ones, provided during the recruitment, is aimed solely at the establishment and management of the employment relationship, the management of tax, social security and insurance data, as well as the fulfillment of work safety and what established by laws, contracts and company regulations.
In particular, the Personal Data will be processed, without the need for specific consent on the basis of the provisions of art. 9 of the Regulation ([…] “the processing is necessary to fulfill the obligations and exercise the specific rights of the data controller or of the data subject in the field of labor law and social security and social protection, to the extent that authorized by the law of the Union or of the Member States or by a collective agreement pursuant to the law of the Member States, in the presence of appropriate guarantees for the fundamental rights and interests of the data subject “) and of the current pro tempore authorization of the Guarantor for the protection of personal data, for the following purposes:
to. accounting-administrative purposes, for the purposes of managing relations with social security and assistance institutions, relations with the financial administration and with credit institutions for the payment of salaries and to fulfill any legal obligation connected with the service performed for the Holder;
b. data and network security purposes and purposes of preventing and combating possible computer crimes: these controls have been defined, in any case they have no purpose of remote control of the employees’ working activities and are carried out in full compliance with the protection of workers, with specific reference to the provisions of art. 4 of law 300/70 Workers’ Statute.
The personal data of family members, where eventually conferred to the Data Controller, will be processed only for the purpose of recognizing tax deductions, benefits or other indemnities required, such as for example the provisions of law no. 104 o tax deductions, family allowances, sick leave for children, permits for assistance to the handicapped, scholarships, etc. Any Personal Data of other subjects that have been freely given will be processed only for the specific purposes indicated (eg emergencies, in the absence of other family members).
The legal bases of the processing for the purpose a) are the articles. 6), letters b) and c) and 9), letter b), of the Regulations and any authorization from the applicable pro tempore Control Authority.
The legal bases of the processing for the purposes b) are the art. 6, letters c) and d), of the Regulations, as well as the pursuit of legitimate interest aimed at safeguarding the integrity of company assets and of the people who perform their duties at the Data Controller pursuant to art. 6), letter f), of the Regulation.

3 – Methods
The operations that we foresee necessary in relation to the purposes described are (pursuant to Article 4, GDPR): collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and data destruction.
Personal Data will be subjected to both paper and electronic processing, including automated, in such a way as to ensure high levels of security and confidentiality in processing, including storage (if provided).

4 – Recipients
Personal Data will not be disclosed and may only be shared with:
– natural persons, subject to clear confidentiality obligations, authorized by the Data Controller to process personal data;
– public bodies (INPS, INAIL, ITL, Agenzia delle Entrate, etc.), funds or private pension and assistance funds, supplementary funds, credit institutions, any insurance companies, trade unions to which the employee or collaborator has conferred mandate, business organizations to which the company may adhere, external subjects to which the company relies, for the performance of legal obligations and in particular, the study of labor consultants / payroll processing, the accountant office, the competent doctor, any lawyers and, in general, the professionals used by the company, subject to the collection of suitable guarantees, contractual and otherwise, concerning the correctness and safety of the processing by these subjects and, finally, always with the guarantees already expressed, clients and contractors, in the context of procurement / subcontracting contracts involving the Data Controller and the job position in the company of the employee or collaborator;
– subjects, bodies or authorities to which Federlegno is obliged to communicate personal data by virtue of legal provisions or orders of the authorities.
The Data Controller does not transfer Personal Data outside the European Economic Area. Only if needs strictly related to the performance of work duties arise (e.g. travel), some personal data may be disclosed to entities and companies in third countries, always in compliance with the rules referred to in Chapter V of the Regulation and in particular pursuant to art. 49 paragraph 1.

5 – Rights and methods of exercise
As an interested party, the employee or collaborator may, at any time, exercise the rights referred to in art. 7 of the Privacy Code and art. 15 GDPR and precisely the rights of:
– obtain confirmation of the existence or not of personal data concerning him / her, even if not yet registered, and their communication in an intelligible form;
– obtain the indication:
to. the origin of the data;
b. the purposes and methods of the processing;
c. of the logic applied in case of treatment carried out with the aid of electronic instruments;
d. of the identification details of the owner, of the managers and of the designated representative pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, c.1, Regulation and of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or agents;
– get:
to. updating, rectification or, when interested, integration of data;
b. the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed;
c. the attestation that the operations referred to in lett. a and b have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment proves impossible or involves the use of means manifestly disproportionate to the protected right;
– object, in whole or in part:
to. for legitimate reasons, to the processing of personal data concerning the employee or the collaborator himself, even if pertinent to the purpose of the collection;
b. to the processing of personal data concerning the employee or the collaborator himself for the purpose of sending newsletters, information and communications of a promotional nature;
– withdraw consent to data processing at any time (Article 7 c.3 of the Regulation), where provided: the withdrawal of consent does not affect the lawfulness of the processing based on the consent given before the revocation;
– exercise, where applicable, the right to data portability;
– exercise the right of complaint to the Supervisory Authority (Privacy Guarantor).
The exercise of the rights may take place by sending a request to the person responsible for the processing of personal data, at the headquarters of Federlegno, Piazza Università, 1 – 06121 Perugia or to the e-mail address [email protected].

6 – Retention terms
Personal Data will be kept for the time necessary to manage the employment or collaboration relationship. Federlegno may keep data after the termination of the contractual relationship to fulfill regulatory and / or post-contractual obligations and / or to protect the legitimate interests of the employee or collaborator; In particular, the Data relating to the payment of the emoluments required by law will be kept for a period of five years after the conclusion of the employment relationship (except for the receipt of acts interrupting the prescription or the existence of the conditions for the suspension of the prescription; or, in any case , for the different period provided by law for the proof of the fulfillment of legal or fiscal obligations or that necessary in order to allow the Company to possibly protect its rights in the judicial, administrative office or in any case before a Public Authority). Subsequently, once the aforementioned reasons for the processing cease to exist, the Data will be deleted, destroyed or simply stored anonymously.

IX. SOCIAL NETWORK PLUGIN

1. This site also incorporates plugins and / or buttons for social networks, in order to allow easy sharing of content on your favorite social networks. These plugins are programmed so as not to set any cookies when accessing the page, to safeguard user privacy. Eventually cookies are set, if so provided by social networks, only when the user makes effective and voluntary use of the plugin. Please note that if the user browses being logged into the social network then he has already consented to the use of cookies conveyed through this site at the time of registration to the social network.
2. The collection and use of information obtained through the plugin are governed by the respective privacy policies of the social networks, to which please refer:
Facebook: https://www.facebook.com/help/cookies
Twitter: https://support.twitter.com/articles/20170519-uso-dei-cookie-e-di-altre-tecnologie-simili-da-parte-di-twitter
Google+: http: //www.google.com/policies/technologies/cookies
Pinterest: https://about.pinterest.com/it/privacy-policy
AddThis: http://www.addthis.com/privacy/privacy-policy
Linkedin: https://www.linkedin.com/legal/cookie-policy

CHANGES TO THIS DOCUMENT
This document, published at:
www.c-farms.eu/privacy-policy
constitutes the privacy policy of www.c-farms.eu.
2. It may be subject to changes or updates. Users are invited to periodically consult this page to keep up to date on the latest legislative news.
3. The previous versions of the document will still be available on this page.
4. The document was updated on 09/02/2022 to comply with the relevant regulatory provisions, and in particular in compliance with the Regulations.

You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.