Privacy - Piteco

INFORMATION AND CONSENT ON THE PROCESSING OF PERSONAL DATA (Art. 13 and 14 of EU Regulation 2016/679)

Pursuant to Articles 13 and 14 of the EU Regulation 2016/679, PITECO S.r.l. informs you that the personal data collected, with reference to the contractual relationships established, shall be processed in compliance with the aforementioned regulation; in relation to the aforementioned processing, PITECO S.r.l. provides the following information:

TYPE OF PERSONAL DATA COLLECTED

The personal data collected, with your free and express consent, are exclusively related to:

identification data (e.g. name, surname, address, company role, telephone, fax, e-mail; photos; video recordings);
tax data (if required by law – e.g. tax code, VAT number etc.).

HOLDER

The data controller of personal data is PITECO S.r.l. with registered office in Milan, Via Imbonati 18. The role of Data Processor has been conferred to the Function Managers, whom the interested party may contact at any time, at the number: 02-3660931 or at the e-mail address: privacy@pitecolab.it to exercise the rights stated in this information notice.

PURPOSES, LEGAL BASES AND METHODS OF PROCESSING

The purposes of the processing of personal data are as follows:

Customer data collection/management of requests for contact and/or information material (these are all activities preliminary to the signing of contracts, sending information or providing information). The legal basis for this type of processing is the possibility of being able to provide the requested information and compliance with legal obligations.
Contract management, orders and invoicing (this is the fulfilment of legal obligations connected to the contractual relationship and its organisation: order management, invoicing, payment management; handling of communications; complaints; sending of communications of any kind). The legal basis for the processing is represented by the obligation to fulfil the contract signed and compliance with legal obligations.
Promotional activities for services similar to those already subscribed to (processing of the data of the data subject for the proposal of other services and projects similar to those already subscribed to). The legal basis is the legitimate interest of the Data Controller to promote its services and products, taking into account the rights of the data subject.
Promotional activities for services offered by the companies belonging to the group or by other business partners (processing of the data of the data subject for the proposal of other services offered by companies belonging to the Zucchetti Group or legal entities outside the economic group to which the data subject belongs for collaborative activities). The legal basis is represented by the legitimate interest of the Data Controller to promote its services and products, taking into account the rights of the data subject.
Training activities and promotional events (processing of the data of the data subject in order to propose participation in training or in-depth events on issues related to the services provided). The legal basis is represented by the legitimate interest on the part of the Data Controller to promote awareness of the portfolio of offerings or of the specific skills and abilities of the company, taking into account the rights of the data subject.
Collection of market information through surveys and questionnaires. The legal basis is represented by the legitimate interest of the Controller to promote the evolution and improvement of the software products and services offered to both customers and potential customers.
Master data collection for project purposes (processing of data of data subjects involved in project activities, such as users and staff of the client’s various offices). The legal basis for this type of processing is the fulfilment of project obligations following the signing of the contract.
Data collection for the purpose of post-project customer support activities (processing of data of the data subject for the purpose of assistance, support, maintenance and Application Management System services). The legal basis is the fulfilment of contractual obligations.
Defending a right in or out of court (defence of a right of the Data Controller to defend against the claims of others). The legal basis is the legitimate interest of the Controller in respecting the rights of the data subject.

Personal data will be processed in paper, computerised and telematic form, and entered in the relevant databases that can only be accessed by the data controller and its appointed staff. With regard to the data processed in electronic form, it is emphasised that all appropriate security measures have been taken to protect the rights, freedoms and legitimate interests of the data subject as per Art. 22 para. 3 of EU Reg. 2016/679.

POSSIBLE RECIPIENTS OF THE DATA

In connection with the purposes set out in the preceding paragraph, the data may be disclosed to the following parties or categories of parties listed below:

Firms of recognised accountants and/or labour consultants, relating to the profession of assisting companies when the communication is required by law, or is in the interest of the subject (natural or legal person);
Other recognised firms or professionals related to the business assistance profession when the communication is required by law, regularly entrusted with this form of processing in full compliance with the minimum measures in force, or when the communication is in the interest of the subject (natural or legal person);
Public bodies for various obligations such as INPS, INAIL;
Possible subcontractors for ticketing/service and maintenance;
Companies in the legal group to which it belongs and/or business partners;
External suppliers for organising training or promotional events.

The controller also informs that it may transfer part of the customers’ personal data to a third EU country or an international EU organisation.

DATA RETENTION PERIOD

Upon termination of the performance or provision of the service, personal data will be retained solely for historical or statistical purposes, in accordance with the law, regulations, EU legislation and codes of ethics and good conduct signed pursuant to Article 40 of EU Reg. 2016/679, for a period as per applicable legislation (usually 10 years), or, if not subject to any law, for a period not exceeding five years. Beyond this period, the personal data will be kept anonymously, or will be destroyed.

RIGHTS OF THE INTERESTED PARTIES

In relation to the aforementioned processing operations, the data subject has the right to request access to his or her personal data and the rectification or deletion thereof or the restriction of the processing concerning him or her or to object to its processing, as well as having the right to data portability. To exercise these rights, please contact Piteco s.r.l. by writing to privacy@pitecolab.it.

RIGHT OF WITHDRAWAL OF CONSENT

If the processing is based on consent, the controller shall inform the data subject that he/she has the right to withdraw it at any time without prejudice to the lawfulness of the processing based on the consent given before the withdrawal.

RIGHT TO LODGE A COMPLAINT

The data controller informs the data subject that he/she has the right to lodge a complaint with a supervisory authority (Data Protection Authority) as provided for in Article 77 of the Regulation, as well as to take legal action in accordance with Articles 78 and 79 of the Regulation.

COMPULSORY OR OPTIONAL NATURE OF PROVIDING DATA

The provision of data and the processing thereof are compulsory in connection with the management of contractual aspects relating to tax obligations; it follows that any refusal to provide data for such purposes may result in the impossibility for the data controller to carry out the same professional relationships and legal obligations.

The provision of data and the processing thereof is optional in other cases, without any consequences.

POSSIBLE EXISTENCE OF AN AUTOMATED DECISION-MAKING PROCESS

The holder informs the data subject that there is no automated decision-making process in this company; therefore, in particular, there is no profiling system.

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Request a demo