THE DATA CONTROLLER
Following consultation of the Site, data relating to identified or identifiable individuals may be processed. The owner of individuals processing is Raffineria di Milazzo S.C.p.A., based in Milazzo (ME), Contrada Mangiavacca, 98057.
PLACE OF DATA PROCESSING
Processing related to the web services of the Site takes place at the aforementioned premises of the Refinery.
AUTHORISED SUBJECTS AND RECIPIENTS OF DATA
The processing of personal data deriving from interaction with the Site is handled by authorised parties pertaining to the company’s Information Systems and Personnel and Organisation departments.
Where necessary, the data may be communicated or otherwise made accessible to third parties such as i) public bodies or judicial authorities in compliance with a legal obligation or to prevent or prosecute the commission of a crime, ii) consultants of the Data Controller bound to confidentiality such as, for example, lawyers or persons occasionally appointed to carry out IT assistance operations iii) forwarding agents for the dispatch of documentation or material that may be requested by the data subject. Under no circumstances shall personal data be disclosed. Further information on the subjects who may process the personal data covered by this policy may be requested by e-mail from the Data Controller.
TYPES OF DATA PROCESSED
The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the Site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment. These data are used for the legitimate interest of the Data Controller consisting in the need to obtain anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used for the legitimate interest of the Owner related to ascertaining responsibility in the event of hypothetical computer crimes to the detriment of the Site: except for this possibility, at present the data on web contacts do not remain for more than seven days.
DATA PROVIDED VOLUNTARILY BY THE USER
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on the Site entails the subsequent acquisition of the sender’s address, which is necessary to reply to requests, as well as any other personal data included in the message. The legal basis of the processing is the legitimate interest of the Data Controller to reply to the communications received. Personal data will be kept for the time necessary to satisfy any requests made by the sender or matters submitted to the Controller and, in any case, for the time required by specific legal provisions. The sender has, however, the right to request the deletion of the same in accordance with the terms, conditions and limits provided for in Article 17 of EU Regulation 679/2016.
OPTIONAL PROVISION OF DATA
Apart from what has been specified for navigation data and cookies, the user is free to provide personal data through the addresses on the site. With regard to the web forms that can be filled in on the Raffineria di Milazzo S.C.p.A. site, please refer to the specific information made available on the relevant pages.
METHODS OF PROCESSING
Personal data are processed using automated tools. Specific security measures are observed to prevent loss of data, unlawful or incorrect use and unauthorised access.
RIGHTS OF THE INTERESTED PARTIES
The data subject has the right to ask the data controller for access to, rectification, erasure of data, restriction of processing or to object to the processing of data under the conditions set out in Articles 15,16,17,18,21 of EU Regulation 2016/679. Finally, the data subject has the right to lodge a complaint with a Supervisory Authority if he/she considers that the processing concerning him/her violates the legislation applicable to the protection of his/her data.
To request information on data processing or to exercise your rights over your data, please contact us at firstname.lastname@example.org
The information provided herein may be subject to revision as a result of:
– changes in the legislation on the protection of personal data, for the aspects of interest herein;
– technological implementations adopted by the Controller that impact the current processing methods;
– organisational changes in the Controller’s structure that may affect the data subject.
Users are invited to periodically consult this policy in order to remain informed about the characteristics of the processing.