Privacy / Customers and suppliers information / Cookie Policy


· Privacy Notice for Users
· Disclosure To Customers/Suppliers
· Cookie Policy

PRIVACY NOTICE

Pursuant to Article 13 of EU Regulation No. 679/2016 on the protection of natural persons with regard to the processing of personal data (“GDPR”)

With this notice, Fosber S.p.A. provides information regarding the processing of Users’ personal data carried out through this Website, confirming that such processing is based on the principles of fairness, lawfulness, transparency, and protection of the User’s confidentiality and rights

DATA CONTROLLER

The Data Controller is Fosber S.p.A., with registered office at Via Provinciale per Camaiore 27/28, Monsagrati (LU), Italy, contactable at privacy@fosber.it.

TYPES OF DATA PROCESSED

While browsing the Website, the Controller may collect the following data/information:

 

Browsing data:

These are data whose transmission is implicit in the use of Internet communication protocols, such as: the IP address of the device connected to the Website, browser type, name of the Internet Service Provider (ISP), date and time of the visit, and other parameters relating to the User’s operating system and IT environment.

 

Data collected via cookies:

For further information, please refer to the extended Cookie Policy.

 

Identification and contact data:

These are personal data and/or information provided by the User through the forms available on the Website, particularly those accessible in the “Careers”, “Newsletter”, and “Mailing List” sections, through which respectively:

  1. individuals wishing to apply for a job position at Fosber S.p.A. may submit a spontaneous application
    (for this section, please refer to the dedicated privacy notice available at the bottom of the application form);
  2. users wishing to receive informational, commercial, or promotional communications from Fosber S.p.A. may provide their email address;
  3. users wishing to receive informational, commercial, or promotional communications from Fosber S.p.A. may enter their first name, last name, email address and – optionally – the name of their Company.

For the provision of this service, Fosber S.p.A. uses the third-party platform Mailchimp. For information regarding the processing of personal data carried out by Mailchimp, please refer to its Term of Use and Data Processing Policy.

 

Data collected through social buttons:

These are data enabling interaction with social media platforms (LinkedIn, Instagram, YouTube). The use of such buttons may result in the collection of personal data by third parties, even without direct interaction. For further details, please consult the privacy policies of the relevant platforms.

(Hereinafter collectively referred to as “Personal Data”).

PURPOSES AND LEGAL BASES

In compliance with Article 6 GDPR, Personal Data will be processed for the following purposes and legal bases:

  • Ensuring proper functioning of the Website and enabling navigation.

Legal basis: the legitimate interest of the Controller (Art. 6(1)(f) GDPR).

  • Receiving spontaneous applications and applications for open positions submitted via the “Careers – Lavora con noi” section of the Website.

Legal basis: performance of pre-contractual and contractual measures (Art. 6(1)(b) GDPR).

  • Compliance with legal obligations.

Legal basis: compliance with a legal obligation to which the Controller is subject (Art. 6(1)(c) GDPR).

  • Subscription to mailing lists and informational newsletters via dedicated forms.

Legal basis: the data subject’s explicit consent (Art. 6(1)(a) GDPR).

Finally, the Controller may use data collected through the Website for statistical purposes, in a fully anonymous and aggregated form that does not allow identification of the User.

PROCESSING METHODS

The Controller processes Personal Data in compliance with the principles of lawfulness, fairness, and transparency set out in Article 5 GDPR. Processing is carried out by specifically authorized personnel, including through the use of IT and telematic tools designed to ensure data security.

 

DATA RETENTION PERIOD

In accordance with Article 5 GDPR, Personal Data will be retained for the period strictly necessary to achieve the purposes for which they were collected.

With regard to browsing data and data collected through cookies or other tracking tools, please refer to the Cookie Policy.

Regarding data collected through the “Careers – Lavora con noi” section, please refer to the specific Privacy Notice for Job Applicants (link).

Marketing data will be retained until consent is withdrawn or until the User’s interest remains active. Once the purpose has been fulfilled or consent withdrawn, the data will be deleted or anonymized.

 

TRANSFER OF DATA TO THIRD COUNTRIES

If Personal Data are transferred to third parties located outside the European Union, such transfer will take place pursuant to Articles 44 et seq. GDPR on the basis of:

  1. adequacy decisions adopted by the European Commission;
  2. appropriate safeguards provided by the recipient third party;

(c) binding corporate rules.

 

CATEGORIES OF DATA RECIPIENTS

Personal Data will not be disclosed to the public but may be accessed and processed by the Controller’s employees responsible for Website management and/or handling requests received through the contact details provided on the Website.

Data may also be communicated to:

  • third parties carrying out processing activities and/or related and instrumental activities on behalf of the Controller, such as technical and/or organizational services, including IT system management, telecommunications networks (including email), advertising and communication services;
  • professional firms or companies providing assistance and consultancy services;
  • competent authorities for compliance with legal obligations and/or upon request by public bodies.

Such parties process Personal Data either as independent Data Controllers or as duly appointed Data Processors. An updated list of Data Processors is available upon request.

 

DATA SUBJECT RIGHTS

At any time, pursuant to Articles 15 et seq. of EU Regulation 2016/679, the User – as data subject – may exercise the following rights, where applicable:

  1. access the data processed by the Controller, obtain information on specific aspects of processing, and receive a copy of the processed data (Art. 15 GDPR – Right of access);
  2. verify the accuracy of personal data and request their update or rectification (Art. 16 GDPR – Right to rectification);
  3. obtain the erasure or removal of personal data (Art. 17 GDPR – Right to erasure);
  4. obtain restriction of processing under certain conditions (Art. 18 GDPR – Right to restriction);
  5. receive personal data in a structured, commonly used, and machine-readable format, where technically feasible (Art. 20 GDPR – Right to data portability);
  6. where applicable, withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

The User also has the right to object to processing where it is based on a legal basis other than consent (Art. 21 GDPR – Right to object).

Users may unsubscribe from the mailing list or newsletter at any time via the link included in each communication or by contacting the Controller at privacy@fosber.it. The Controller will promptly cease such processing.

Rights may be exercised by sending a request to privacy@fosber.it. The User also has the right to lodge a complaint with the competent supervisory authority, which in Italy is the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali).

 

 

 

UPDATES AND CHANGES

This Privacy Notice may be subject to changes over time. Amendments will take effect upon publication on the Website. Users are therefore invited to regularly consult this section to review the most up-to-date version.

 

Disclosure To Customers/Suppliers

Pursuant to Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data

The processing of data relating to legal persons does not fall under the scope of application of the protection regime of personal data afforded by the Regulation. In the interests of clarity and transparency towards its Suppliers, Fosber S.p.A. makes this disclosure also to legal persons, describing the methods and purposes for all processing of personal data carried out or potentially carried out by the Company


Introduction

Pursuant to art. 13 of Regulation (EU) 2016/679, Fosber S.p.A. (hereafter the “Company”), with its registered office in 27/28, via Provinciale per Camaiore, Monsagrati (LU), which may be contacted for the exercise of the rights granted by current regulations at the address of its registered office or via e-mail at privacy@fosber.it, Data Controller of data that have already been provided or that will be provided in the future and by which all personal data have been or will be collected, would like to inform you that the data that concerns you could be processed, pursuant to the aforementioned regulation, by the Company in relation to contractual relationships that it has concluded with you or that may be concluded in the future.

1) Source of the personal data

Personal data that have already been acquired or that will be acquired in contractual relationships are collected directly from the data subject. All personal data collected will be processed in accordance with current regulations and, in any case, with due confidentiality.

 

2) Nature of the collection

In addition to being necessary for the conclusion and performance of the contractual relationship, the collection of personal data is also mandatory as it is required for the fulfilment of fiscal and obligations of law; refusal to provide said personal data shall hinder the establishment of business relations with the Company. Said processing does not require the data subject’s consent.

 

3) Purpose of processing and legal basis for processing

The collection or processing of personal data is aimed toward adequately fulfilling the obligations connected to the performance of the business activities of the Company and in particular for:

a)      pre-contractual activities and the acquisition of preliminary information regarding the conclusion of the agreement;
b)      the management of the contractual relationship and of all administrative, operational and accounting activities related to the contract (management of orders, invoicing, check of suppliers’ reliability);
c)      the management of disputes, breach of contractual obligations, warning notices, transactions, arbitration, litigation;
d)      the fulfilment of obligations arising from the law, regulations, EU legislation and provisions laid down by authorities.

Processing is carried out in fulfilment of contractual/pre-contractual and legal obligations related to your relationship with the Company.

 

4) Nature of the supply and consequences of eventual refusal

Your obligation to supply personal data to the Company applies only to those personal data the supply of which is a legal or contractual obligation, or personal data which is necessary for the acquisition of pre-contractual information following a request by the data subject. Any refusal to supply said “mandatory” personal data may result in the contract not being fully implemented. Any refusal to supply personal data the supply of which is not mandatory but which are necessary for the performance of the contractual relationship shall, in principle, not have any consequence for the current relationship, except for the impossibility to continue operations that are linked to said personal data or the impossibility to establish a new relationship. Any refusal to supply personal data related to further activities, not strictly necessary for the execution of the contractual relationship, may only prevent such further activities from being carried out without other consequences.

 

5) Methods of processing

The processing of the data shall be carried out in a lawful and honest manner and in any case in compliance with the abovementioned regulation, by means of instruments apt to guarantee security and confidentiality and may also be performed through automatic devices capable of memorising, managing and transmitting said data.

Processing shall mainly be performed by the company’s internal organisation under the management and control of the company departments in charge of the handling of data and for the purposes stated above, and by Companies belonging to the group or by third parties, as mentioned under point 7 below.

The data shall be stored in such a way as to enable the identification of the data subject for a time period not exceeding the time necessary for the purposes for which said data were collected and processed.

 

6) Duration of processing

The personal data that are processed will be stored for the period of time that is strictly necessary for the contractual relationship and, subsequently, for the fulfilment of all legal obligations linked to or arising from the contract that has been concluded by and between you and the Company.

 

7) Recipients of the personal data

In addition to disclosure for the purpose of fulfilling an obligation of law, regulation or European Community standard as well as intra-group standards, your data may be disclosed—even via simple reference to them or by rendering them available—to the following subjects:

a)      supervisory authorities and bodies or public institutions;
b)      Companies belonging to the Group Guangdong Donfang Precision & Science & Technology Co., Ltd., controlled by or linked to our Company, whether in Italy or abroad;
c)      natural or legal entities that provide specific services: data processing, logistics and postal services, Customer satisfaction surveys, legal, administrative, tax and/or accounting consultancy, organisation of fairs and communication events;
d)      commercial middlemen, banks and credit institutes, financial brokerage firms, individual persons or corporate bodies in charge of credit collection, auditing and/or certification of balance sheets and quality system certification, independent collaborators of the Company, agents and procurers, insurers and brokers;
e)      natural and/or legal persons under the implementation of supply contracts to its clients by Fosber S.p.A.

The subjects under points a), d) and e) act as independent Data Controllers.

In any case, we assure you that the data that may be disclosed to the abovementioned subjects will be only aggregate data or anonymous data and/or data necessary and pertinent to the purpose of the processing they need to carry out.
The list of said subjects will be constantly updated and be made available to you on simple request to the Company. Due to the existence of links to the aforementioned subjects via electronic, IT means or correspondence, the personal data may be transferred abroad, even to non-EU countries.
 In any case, personal data will not be disclosed.

 

8) Rights of the data subject

You retain your right to exercise the rights of access to the personal data stipulated by article 15 of Regulation (EU) 2016/679 and the rights stipulated by articles 16, 17, 18, 21 of Regulation (EU) 2016/679 regarding the rectification, erasure, limitation of processing and the right to object, with the arrangements laid down in article 12 of Regulation (EU) 2016/679.

 

9) Right to lodge a complaint with the Authority for the protection of personal data pursuant to article 77 of the Regulation (EU)

If our Company does not respond within the deadlines set by the law or you do not deem said response regarding the exercise of your rights to be adequate, you may lodge a complaint with the Authority for the protection of personal data.

at the following address:

Authority for the protection of personal data
11, Piazza Venezia - 00186 Rome
www.gpdp.it www.garanteprivacy.it email: garante@gpdp.it
Fax: (+39) 06.69677.3785 Switchboard: (+39) 06.69677.1

 

Cookie Policy

The website of FOSBER SPA, Data Controller of your personal data pursuant to the Applicable Privacy Rules and Regulations, refers to this Cookies Policy. With regard to the aforementioned processing, the Data Controller provides you with the following additional information on the website’s Privacy Policy.  Here you will find the description of various types of Cookies and of the technologies used on the website of FOSBER SPA, in light of the provisions of the Decree of the Authority for the protection of personal data of May 2014, “Identification of the simplified procedures for the notification and obtaining consent for the use of cookies - 8 May 2014 (Published in Government Gazette no. 126 of 3 June 2014)” that may be consulted at the address www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/3118884, to describe the configuration methods and the terms of use of cookies.

 

What are cookies

Cookies are small text files that sites send to the navigation device of the user (usually a browser). They are stored in the corresponding file of the browser while the user visits a website, to be retransmitted to the website at future visits. They are used in order to improve navigation, save the preferences that the user has already entered (username, password and similar), trace the tastes and preferences of the user, allowing the management of targeted marketing initiatives or the provision of services related to the activity of the Data Controller, such as newsletters, communications regarding the service on the site, etc. If restrictions are placed on the use of cookies, they will have an impact on the usability of the contents of the site during navigation. The user may always preventively block or remove cookies from the browser’s cache; these actions, however, could cause the incomplete use of the services offered by the web application.

 

Types of cookies

Session cookies are temporary files that are only present for the duration of the user’s navigation session. Session cookies expire when the browser is shut down.
They are usually used to identify users when they access a site, to remember the user and his/her preferences as he/she navigates the website’s pages, to offer him/her specific, previously collected information. The most common example is the functionality of an e-commerce site’s “shopping cart”. When the user visits a website and selects certain items, session cookies record said selections and place these items in a virtual shopping cart where they remain ready for checkout. Without session cookies, when the user clicks on checkout, the new page would not be able to recognise the activities in previous pages and the cart would stay always empty.


Persistent cookies are files that remain active even after the browser has been shut down and help sites remember the information and settings of the user for future visits. This makes for faster and more convenient access in terms of time, since new access is not required. Other than authentication, persistent cookies make possible other functionalities of the website, such as: the selection of language, the selection of theme, menu preferences, bookmarks or favourites, and many others. Preferences expressed during a visit will be memorised with the use of persistent cookies on subsequent visits.

 

Third-party cookies

There are various types of cookies, some of which are called third-party cookies. They are used, for example, by the part of the site first selected by the visitor and which contains announcements originating from another server or third-party website. The browser collects information originating from various sources so that all elements may be viewed on the same page consulted by the user, thus creating more cookies in the corresponding file of the browser.

All these cookies may be removed directly from the browser settings or with the use of specific (free) software. It is also possible to preventively block their creation; in this last case, however, some services of the site may not function properly or may not be accessible.

Google Analytics is a service offered by Google Inc. that generates detailed statistics on a website’s traffic and its sources. It is the most widely used statistics tool. Google Analytics may monitor visitors coming to the site from all external links via search engines and social networks, direct visits and reference sites. It also views advertising, pay per click, email marketing, and links inside PDF documents. You can find the related information notice at: www.google.it/analytics/learn/privacy.html.


Privacy and security regarding cookies

Cookies are not a virus; they are text files that are not interpreted by the browser or executed by the memory. As a consequence, they cannot duplicate themselves, spread to other networks and there duplicate themselves again. Since they do not operate this way, they do not fall under the standard definition of viruses.
Cookies, however, may be used for harmful purposes. Since they are used to store information on preferences, the history of a user’s actions, the specific navigation between more than one sites, cookies may be used as a form of spyware. 
That’s why many anti-spyware programmes single out cookies as potential threats. 

 

Cookies on the FOSBER SPA website

The responsible and ethical policy adopted by FOSBER SPA regarding all aspects of Privacy, to which this page is dedicated, means that the company will include clear descriptions of the ways in which cookies are distributed by its own website. The majority of browsers have a privacy settings functionality, which provides various levels of acceptance of cookies, their expiry and elimination when the user visits a particular site.

In line with the standard practices of many websites, the website of FOSBER SPA may install cookies on the computer used by the user.  By using the site, the user accepts the use of the technologies used by cookies, but he/she may also make choices via the personalisation panel of this page.

 

Types of cookies and choice of user and activation methods

Technical cookies

Some cookies are indispensable for the correct operation of our Website. Without them, users would not be able to navigate inside the site and use some of its functions. This type of cookies are called “technical”, or session cookies or permanent cookies, and they allow the site to remember the information provided by the user from one page to the next of the booking process.  Since these cookies are essential, disabling them could compromise the use of the contents of the site and make it impossible or severely limit it.

These cookies do not collect information that allows the identification of a visitor, unless the user registers on the website and successfully navigates to the login in a reserved area.

 

Analytics cookies (statistics and optimisation of the website)

We use third-party profiling cookies by Google Analytics, in order to analyse the way in which visitors use the site and to monitor their access. This allows us to offer a high-quality experience, by personalising our offer based on the pages that are actually visited by users.

For example, we may use this type of cookies to trace the most popular pages, to identify the most efficient method of linking pages and to establish the causes of the appearance of error messages on some pages.

These cookies do not collect information that allows the identification of a visitor. All data that are collected and shared with Google Inc. are anonymised (by the removal of significant components of the IP address, be it IpV4 or IpV6) and are used only to improve the operation of our Website. For the purposes of the law, third-party anonymised Analytics cookies are equal to technical cookies and do not need an information banner or informed consent.