Privacy Policy

Last modified: May 25, 2018

Thank you for relying on us!
We believe in protecting your information in the best possible way!

Protecting your privacy and personal data is important to us.
Accordingly with the new European Regulation on Data Protection (GDPR), below you will find explained how Glifo Technology s.r.l. handles collected information.

If you have any questions about this Privacy Policy, please feel free to contact us through our website.

INFORMATION ON PROCESSING OF PERSONAL DATA (Artt. 13 - 14 Reg. UE 2016/679)
DATA CONTROLLER

GLIFO TECHNOLOGY S.R.L. – Registered Office: 35131 Padova (PD), via Rezzonico n. 6.

PURPOSES OF DATA PROCESSING

The Controller will only process the Personal Data for the following purposes:

  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
  • processing is necessary for compliance with a legal obligation to which the controller is subject;
  • processing is necessary in order to protect the vital interests of the data subject or of another natural person;
  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
  • processing is necessary for marketing action and promotion of new products or services or quality assessments such as to value client satisfaction.
PROCESSING METHODS

Your data will be processed ensuring encryption and ongoing confidentiality, integrity, availability and resilience of systems and services. All Contract Personnel that are authorized by Controller to process the personal data are bound by a duty of confidentiality and have undertaken training appropriate to their roles in Controller’s organization. Your data may be transferred or stored in Google or Microsoft’s cloud systems or server that may be located in a third country.The Controller promptly take appropriate actions to identify and mitigate effects of any Data Breach, and will be provide assistance reasonably necessary and required. Your data will be stored for the period necessary according to the purpose of processing, at most for 5 years from the end of the contract.

DATA PROCESSOR AND RECIPIENTS. 
DATA PROTECTION OFFICER

Your data will not processed without prior specific or general written authorisation of the controller. In the case of general written authorisation, the Processor shall inform the controller of any intended changes concerning the addition or replacement of other processors, thereby giving the controller the opportunity to object to such changes.
The controller also designated a Data Protection Officer according to art. 37 Reg. EU 2016/679, monitoring compliance with this Regulation, with other Union or Member State data protection provisions and with the policies of the controller or processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of staff involved in processing operations.Names and e-mail addresses of data processor and data protection officer will be provided on your request.

YOUR RIGHTS ON DATA PROCESSING

Right to access or copy (art. 15 Reg. UE 2016/679): to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access and obtain a copy of personal data and related information.
Right to rectification, erasure and restriction of processing (artt. 16 e 17 Reg. UE 2016/679): to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her or to obtain the erasure of personal data.
Right to data portability (art. 20 Reg. UE 2016/679): to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.
Right to object to processing or withdraw consent (artt. 7 e 21 Reg. UE 2016/679): the Controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
Right to lodge a complaint with a supervisory authority (art. 77 Reg. UE 2016/679): to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement.
Right to compensation and liability (art. 82 Reg. UE 2016/679): to receive compensation from the controller or processor for the damage suffered.
Right to receive communication of a personal data breach (art. 34 Reg. UE 2016/679): to receive communication of any personal data breach without undue delay.

CONTACT DETAILS

Any request on processing of personal data shall be send to: glifotech@pcert.it.To make contact with the Data Protection Officer, Avv. Alberto Giuliani, please write to: dpo@glifotech.it.