Privacy Notice for Users
Fosber S.p.A., with registered office at 27/28, via Provinciale per Camaiore, 55064, Pescaglia (LU), VAT no. 00429870462 (hereinafter the “Data Controller”), owner of the Internet site www.fosbergroup.com (hereinafter the “Site”), in its capacity as controller of the personal data of the users that browse and are registered on the Site (hereinafter the “Users”) provides the following privacy notice pursuant to article 13 of (It.) Legislative Decree 196/2003 (hereinafter the “Privacy Code”) and pursuant to article 13 of Regulation (EU) 2016/679 of 27 April 2016 (hereinafter the “Regulation”; the Regulation and the Privacy Code shall collectively be referred to as the “Applicable Rules and Regulations”).
This Site and any services offered through the Site are reserved to persons over the age of 18. The Data Controller does not, therefore, collect personal data relating to minors. On request of the Users, the Controller will promptly erase all personal data unintentionally collected which relate to minors.
The Data Controller shall take utmost account of the right of its Users to privacy and to the protection of their personal data. For any information related to this privacy notice, Users may contact the Controller at any time, in the following ways:
- By sending a registered letter with proof of receipt to the registered office of the Controller
- By sending an e-mail to the address firstname.lastname@example.org
Purposes of the processing
The Users’ personal data will be lawfully processed by the Data Controller pursuant to article 6 of the Regulation for the following purposes:
- a. Navigation of the site, in relation to the possibility of retrieving User data that are necessary on a technical level, such as the IP address, during the navigation of the site.
- b. Registration to the reserved area of the site, for access to the intranet by suppliers/customers/employees
- c. Legal obligations, or for the fulfilment of obligations imposed by law, by an authority, a regulation or EU rules and regulations.
- d. Receipt of CVs used for the selection of personnel, by filling in the special form. A specific notice will be published on the page in question.
The provision of personal data for the aforementioned purposes of processing is optional but necessary, since failure to provide such data will make it impossible for the User to browse the site, to register to the Site and to use the services offered by the Data Controller on the Site.
With reference to the purposes under points 1/a, 1/b, the legal basis for the processing is, in fact, the provision of the services offered through the Site and requested by you (pursuant to article 6, paragraph 1, letter b of the Privacy Regulation 2016/679); with reference to the purposes under 1/c of the previous paragraph, the legal basis for the processing is the fulfilment of a legal obligation of the data controller (pursuant to article 6, paragraph 1, letter c of the Privacy Regulation 2016/679). With regard to point 1/d, please see the specific notice provided on the page from which CVs may be sent.
Methods of processing and terms of data retention
The Data Controller will process the personal data of the Users both manually and electronically, with logic strictly related to the purposes of the processing and in any case, in such a way as to guarantee the security and confidentiality and the data.
The personal data of the Site’s Users will be stored for the time that is strictly necessary for the fulfilment of the purposes of paragraph 1 above or in any case for the time necessary for the protection of the rights of both the Users and the Data Controller in accordance with civil law.
Context of communication and dissemination of the data
Employees and/or associates of the Data Controller who have been tasked with the administration of the Site may become aware of the personal data of the Users. These persons, who are officially appointed by the Controller as “responsible for processing”, will process the data of the User exclusively for the purposes mentioned in this notice and in compliance with the provisions of the Applicable Rules and Regulations.
Third parties may also become aware of the personal data of the Users, when they are called upon to process personal data on behalf of the Data Controller as “External Data Processors”, such as, by way of non-limiting example, suppliers of IT and logistics services fundamental for the operation of the Site, suppliers of outsourced or cloud computing services, professionals and consultants.
The Users have the right to obtain a list of any data processors appointed by the Controller, by requesting it from the Controller with the methods mentioned in paragraph 4 below.
Rights of the data subjects
Users may exercise the rights granted to them by the Applicable Rules and Regulations, by contacting the Data Controller in the following ways:
- By sending a registered letter with proof of receipt to the registered office of the Controller
- By sending an e-mail to the address email@example.com
Pursuant to the Applicable Rules and Regulations, the Data Controller hereby informs the Users that they have the right to obtain information regarding (i) the source of the personal data; (ii) the purposes and methods of processing; (iii) the logic applied in case of processing done with electronic tools; (iv) the identification details of the controller and the processors; (v) the persons or the categories of persons to whom the personal data may be transmitted or who may become aware of the data in their capacity as processors or persons responsible for processing.
Users also have the right to obtain:
- a) access to, update, rectification or, if they have a legitimate interest, the integration of the data;
- b) the erasure, anonymisation of the data or they may request that they be blocked, if processed in violation of the law, including data the storage of which is not necessary for the purposes for which the data were collected or subsequently processed;
- c) certification that the operations referred to in letters a) and b) were made known, also with regard to their content, to the persons to whom the data were communicated or disseminated, except in the event where the fulfilment of this obligation is impossible or requires the use of means that are manifestly disproportionate to the right protected.
Users also have:
- a) the right to withdraw consent at any time, if the processing is based on their consent;
- b) the right to the portability of data (the right to receive all the personal data that concern them in a structured, commonly used format that may be read by automatic means), the right to the restriction of the processing of the personal data and the right to erasure (the “right to be forgotten”);
- c) the right to object:
- i. in whole or in part, for legitimate reasons to the processing of the personal data that concern them, even if they are pertinent to the purpose of the collection;
- ii. in whole or in part, to the processing of the personal data that concern them for the purposes of sending advertising material or direct sale material or for market research or sales communication purposes;
- iii. if the personal data are processed for the purpose of direct marketing, at any time, object to the processing of their data for this purpose, including profiling, to the extent that it is related to said direct marketing.
- d) if they believe that the processing that concerns them violates the Regulation, the right to lodge a complaint with a Supervisory Authority (in the Member State in which they usually reside, in which they work or in which the alleged violation took place). The Italian Supervisory Authority is the Authority for the protection of personal data, with registered office at 121, piazza di Monte Citorio, 00186 - Rome (http://www.garanteprivacy.it/).
Disclosure To Customers/Suppliers
Pursuant to Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data
The processing of data relating to legal persons does not fall under the scope of application of the protection regime of personal data afforded by the Regulation. In the interests of clarity and transparency towards its Suppliers, Fosber S.p.A. makes this disclosure also to legal persons, describing the methods and purposes for all processing of personal data carried out or potentially carried out by the Company.
Pursuant to art. 13 of Regulation (EU) 2016/679, Fosber S.p.A. (hereafter the “Company”), with its registered office in 27/28, via Provinciale per Camaiore, Monsagrati (LU), which may be contacted for the exercise of the rights granted by current regulations at the address of its registered office or via e-mail at firstname.lastname@example.org, Data Controller of data that have already been provided or that will be provided in the future and by which all personal data have been or will be collected, would like to inform you that the data that concerns you could be processed, pursuant to the aforementioned regulation, by the Company in relation to contractual relationships that it has concluded with you or that may be concluded in the future.
1) Source of the personal data
Personal data that have already been acquired or that will be acquired in contractual relationships are collected directly from the data subject. All personal data collected will be processed in accordance with current regulations and, in any case, with due confidentiality.
2) Nature of the collection
In addition to being necessary for the conclusion and performance of the contractual relationship, the collection of personal data is also mandatory as it is required for the fulfilment of fiscal and obligations of law; refusal to provide said personal data shall hinder the establishment of business relations with the Company. Said processing does not require the data subject’s consent.
3) Purpose of processing and legal basis for processing
The collection or processing of personal data is aimed toward adequately fulfilling the obligations connected to the performance of the business activities of the Company and in particular for:
- a) pre-contractual activities and the acquisition of preliminary information regarding the conclusion of the agreement;
- b) the management of the contractual relationship and of all administrative, operational and accounting activities related to the contract (management of orders, invoicing, check of suppliers’ reliability);
- c) the management of disputes, breach of contractual obligations, warning notices, transactions, arbitration, litigation;
- d) the fulfilment of obligations arising from the law, regulations, EU legislation and provisions laid down by authorities.
Processing is carried out in fulfilment of contractual/pre-contractual and legal obligations related to your relationship with the Company.
4) Nature of the supply and consequences of eventual refusal
Your obligation to supply personal data to the Company applies only to those personal data the supply of which is a legal or contractual obligation, or personal data which is necessary for the acquisition of pre-contractual information following a request by the data subject. Any refusal to supply said “mandatory” personal data may result in the contract not being fully implemented. Any refusal to supply personal data the supply of which is not mandatory but which are necessary for the performance of the contractual relationship shall, in principle, not have any consequence for the current relationship, except for the impossibility to continue operations that are linked to said personal data or the impossibility to establish a new relationship. Any refusal to supply personal data related to further activities, not strictly necessary for the execution of the contractual relationship, may only prevent such further activities from being carried out without other consequences.
5) Methods of processing
The processing of the data shall be carried out in a lawful and honest manner and in any case in compliance with the abovementioned regulation, by means of instruments apt to guarantee security and confidentiality and may also be performed through automatic devices capable of memorising, managing and transmitting said data.
Processing shall mainly be performed by the company’s internal organisation under the management and control of the company departments in charge of the handling of data and for the purposes stated above, and by Companies belonging to the group or by third parties, as mentioned under point 7 below.
The data shall be stored in such a way as to enable the identification of the data subject for a time period not exceeding the time necessary for the purposes for which said data were collected and processed.
6) Duration of processing
The personal data that are processed will be stored for the period of time that is strictly necessary for the contractual relationship and, subsequently, for the fulfilment of all legal obligations linked to or arising from the contract that has been concluded by and between you and the Company.
7) Recipients of the personal data
In addition to disclosure for the purpose of fulfilling an obligation of law, regulation or European Community standard as well as intra-group standards, your data may be disclosed—even via simple reference to them or by rendering them available—to the following subjects:
- a) supervisory authorities and bodies or public institutions;
- b) Companies belonging to the Group Guangdong Donfang Precision & Science & Technology Co., Ltd., controlled by or linked to our Company, whether in Italy or abroad;
- c) natural or legal entities that provide specific services: data processing, logistics and postal services, Customer satisfaction surveys, legal, administrative, tax and/or accounting consultancy, organisation of fairs and communication events;
- d) commercial middlemen, banks and credit institutes, financial brokerage firms, individual persons or corporate bodies in charge of credit collection, auditing and/or certification of balance sheets and quality system certification, independent collaborators of the Company, agents and procurers, insurers and brokers;
- e) natural and/or legal persons under the implementation of supply contracts to its clients by Fosber S.p.A.
The subjects under points a), d) and e) act as independent Data Controllers.
In any case, we assure you that the data that may be disclosed to the abovementioned subjects will be only aggregate data or anonymous data and/or data necessary and pertinent to the purpose of the processing they need to carry out.
The list of said subjects will be constantly updated and be made available to you on simple request to the Company. Due to the existence of links to the aforementioned subjects via electronic, IT means or correspondence, the personal data may be transferred abroad, even to non-EU countries.
In any case, personal data will not be disclosed.
8) Rights of the data subject
You retain your right to exercise the rights of access to the personal data stipulated by article 15 of Regulation (EU) 2016/679 and the rights stipulated by articles 16, 17, 18, 21 of Regulation (EU) 2016/679 regarding the rectification, erasure, limitation of processing and the right to object, with the arrangements laid down in article 12 of Regulation (EU) 2016/679. For a guide on the rights granted by Regulation (EU) 2016/679, please refer to http://www.garanteprivacy.it/diritti-degli-interessati
9) Right to lodge a complaint with the Authority for the protection of personal data pursuant to article 77 of the Regulation (EU)
If our Company does not respond within the deadlines set by the law or you do not deem said response regarding the exercise of your rights to be adequate, you may lodge a complaint with the Authority for the protection of personal data.
at the following address:
Authority for the protection of personal data
121, Piazza di Monte Citorio - 00186 Rome
E-mail: Fax: (+39) 06.69677.3785 - Switchboard: (+39) 06.69677.1
What are cookies
Types of cookies
Session cookies are temporary files that are only present for the duration of the user’s navigation session. Session cookies expire when the browser is shut down.
They are usually used to identify users when they access a site, to remember the user and his/her preferences as he/she navigates the website’s pages, to offer him/her specific, previously collected information. The most common example is the functionality of an e-commerce site’s “shopping cart”. When the user visits a website and selects certain items, session cookies record said selections and place these items in a virtual shopping cart where they remain ready for checkout. Without session cookies, when the user clicks on checkout, the new page would not be able to recognise the activities in previous pages and the cart would stay always empty.
Persistent cookies are files that remain active even after the browser has been shut down and help sites remember the information and settings of the user for future visits. This makes for faster and more convenient access in terms of time, since new access is not required. Other than authentication, persistent cookies make possible other functionalities of the website, such as: the selection of language, the selection of theme, menu preferences, bookmarks or favourites, and many others. Preferences expressed during a visit will be memorised with the use of persistent cookies on subsequent visits.
There are various types of cookies, some of which are called third-party cookies. They are used, for example, by the part of the site first selected by the visitor and which contains announcements originating from another server or third-party website. The browser collects information originating from various sources so that all elements may be viewed on the same page consulted by the user, thus creating more cookies in the corresponding file of the browser.
All these cookies may be removed directly from the browser settings or with the use of specific (free) software. It is also possible to preventively block their creation; in this last case, however, some services of the site may not function properly or may not be accessible.
Google Analytics is a service offered by Google Inc. that generates detailed statistics on a website’s traffic and its sources. It is the most widely used statistics tool. Google Analytics may monitor visitors coming to the site from all external links via search engines and social networks, direct visits and reference sites. It also views advertising, pay per click, email marketing, and links inside PDF documents. You can find the related information notice at: http://www.google.it/analytics/learn/privacy.html.
Privacy and security regarding cookies
Cookies are not a virus; they are text files that are not interpreted by the browser or executed by the memory. As a consequence, they cannot duplicate themselves, spread to other networks and there duplicate themselves again. Since they do not operate this way, they do not fall under the standard definition of viruses.
Cookies, however, may be used for harmful purposes. Since they are used to store information on preferences, the history of a user’s actions, the specific navigation between more than one sites, cookies may be used as a form of spyware.
That’s why many anti-spyware programmes single out cookies as potential threats.
Cookies on the FOSBER SPA website
The responsible and ethical policy adopted by FOSBER SPA regarding all aspects of Privacy, to which this page is dedicated, means that the company will include clear descriptions of the ways in which cookies are distributed by its own website. The majority of browsers have a privacy settings functionality, which provides various levels of acceptance of cookies, their expiry and elimination when the user visits a particular site.
In line with the standard practices of many websites, the website of FOSBER SPA may install cookies on the computer used by the user. By using the site, the user accepts the use of the technologies used by cookies, but he/she may also make choices via the personalisation panel of this page.
Types of cookies and choice of user and activation methods
Some cookies are indispensable for the correct operation of our Website. Without them, users would not be able to navigate inside the site and use some of its functions. This type of cookies are called “technical”, or session cookies or permanent cookies, and they allow the site to remember the information provided by the user from one page to the next of the booking process. Since these cookies are essential, disabling them could compromise the use of the contents of the site and make it impossible or severely limit it.
These cookies do not collect information that allows the identification of a visitor, unless the user registers on the website and successfully navigates to the login in a reserved area.
Analytics cookies (statistics and optimisation of the website)
We use third-party profiling cookies by Google Analytics, in order to analyse the way in which visitors use the site and to monitor their access. This allows us to offer a high-quality experience, by personalising our offer based on the pages that are actually visited by users.
For example, we may use this type of cookies to trace the most popular pages, to identify the most efficient method of linking pages and to establish the causes of the appearance of error messages on some pages.
These cookies do not collect information that allows the identification of a visitor. All data that are collected and shared with Google Inc. are anonymised (by the removal of significant components of the IP address, be it IpV4 or IpV6) and are used only to improve the operation of our Website. For the purposes of the law, third-party anonymised Analytics cookies are equal to technical cookies and do not need an information banner or informed consent.