PRIVACY POLICY

INFORMATION NOTICE AND REQUEST FOR CONSENT FOR PERSONAL DATA PROCESSING

Dear User / Interested Party

this information is provided according to Legislative Decree no. 196 of 30 June 2003 and subsequent amendments (so-called Privacy Code), as well as pursuant to art. 14 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.

We inform you that the personal data you provide in the context of the consultation of the website www.trial.it will be processed by Trial Srl in the person of Davide Antonio Di Girolamo as Data Controller (hereinafter also the Data Controller) in compliance with the principles of protection established by the Personal Data Protection Code and subsequent amendments, as well as all European and national legislative interventions and/or measures of the Supervisory Authorities.

The following information is provided only for the website www.trial.it and not for other websites that may be consulted by the User through links.

A. TYPES OF DATA PROCESSED

Anonymous navigation data

The servers and computer systems responsible for the operation of this website acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow Users to be identified.

 

This category of data includes the IP addresses or domain names of the computers used by Users who connect to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the User’s operating system and computer environment.

This data is used for the sole purpose of checking the correct operation of the site. The data could also be used by the Public Security Forces to ascertain responsibility in the event of any computer crimes to the detriment of the site.

Data provided voluntarily by the User

The optional, explicit, and voluntary sending of personal data on this site – for example for a request for information – entails the subsequent acquisition of this information, which is necessary to follow up on the request. No other use will be made of this data.

B. COOKIES

The www.trial.it page does not use technical cookies or carry out user profiling. The purpose of the page is merely to explain the commercial offer and products of Trial S.r.l.

C. OWNER, MANAGERS AND APPOINTEES

The data controller is TRIAL SRL, a registered office in San Giuliano Mil. (Mi), via dei Miller 3.

We inform you that the Data provided may be processed by other subjects involved in the organisation of the Owner, all as data processors, i.e., external subjects (such as third-party technical service providers, hosting providers, translators), appointed as data processors or, if necessary, External Data Processors by the Owner.

D. PROCESSING METHODS

The Personal Data provided will be processed at the Data Controller’s premises or by External Data Processors appointed by the Data Controller. Processing will take place using a computer and/or telematic procedures in the manner and to the extent necessary to pursue the aforesaid purposes and will be stored at the same premises.

The Data Controller uses services provided by leading companies in the sector appointed to carry out development and maintenance activities for management software and technical maintenance of the site.

E. TRANSFER OF DATA TO THIRD COUNTRIES

The Data Controller declares that the data processed are not transferred to third parties.

F. STORAGE PERIOD

We inform you that the Data provided will be processed and stored by the Controller for the purposes indicated above and kept by the Controller for the period strictly necessary to process the requests made by the User. At the end of the storage period, the data will be deleted/destroyed.

Personal Data collected for purposes attributable to the legitimate interest of the Controller will be retained until such interest is satisfied.

When the Processing is based on the User’s consent, the Controller may keep the Personal Data longer until such consent is revoked.

G. RIGHTS OF THE DATA SUBJECT

The Data Subject may at any time exercise his/her rights vis-à-vis the Data Controller under Legislative Decree 193/2006 and Regulation (EU) 2016/679 as referred to in the following articles:

RIGHT OF ACCESS TO THE DATA SUBJECT – Art. 15 Reg. (EU) 2016/679

RIGHT OF WITHDRAWAL – Art. 15 Reg. (EU) 2016/679

RIGHT TO CANCELLATION (“RIGHT TO OBLIGATION”) – Art. 17 Reg. (EU) 2016/679

RIGHT TO LIMITATION OF PROCESSING – Article 18 of Regulation (EU) 2016/679

RIGHT TO DATA PORTABILITY – Art. 20 Reg. (EU) 2016/679

RIGHT OF OPPOSITION – Art. 21 Reg. (EU) 2016/679

GENERAL RULES FOR THE EXERCISE OF RIGHTS

We inform you that the rights set out in the above paragraphs may be exercised at any time by sending an email to the following address: privacy@trial.it together with a digital copy of your valid identity document.

If you wish, the updated list containing the names of the persons responsible for the processing of your data is available to you at the offices of the Data Controller, from whom you may also request it by e-mail by writing to privacy@trial.it

H. INTELLECTUAL PROPERTY

All rights to the content (by way of example only, texts, images, graphic layouts, logos, page construction, site architecture, textual content, etc.) are reserved by current legislation. The contents of the pages of this site may not be – either wholly or in part – copied, reproduced, transferred, uploaded, published, or distributed in any way without prior written consent, except for the possibility of storing them in your computer or printing extracts of the pages of this site solely for personal use.

Any form of linking to this site must be authorised by Trial in advance. Deep linking, i.e. the non-transparent use of parts of the www.trial.it website on third-party websites, is prohibited.

Any non-compliance with these provisions, unless explicitly authorised in writing, will be prosecuted in the competent civil and criminal courts.

I. LIMITS OF LIABILITY

Trial cannot be held liable in any way for damage of any kind caused directly or indirectly by accessing the website or the inability/impossibility of accessing it.

We reserve the right to change the site’s content at any time and without prior notice.

The indication of any links to third-party websites does not imply, moreover, any type of approval or sharing of responsibility in relation to the completeness and correctness of the information contained in the sites indicated.

Definitions

ART. 5 GDPR

For these regulations, the following definitions shall apply:

Personal data: any information concerning an identified or identifiable natural person, also referred to as “data subject”; an identifiable person can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more elements that are characteristic of his or her physical, physiological, genetic, mental, economic, cultural or social identity.

Processing: any operation or set of operations which is performed upon personal data or sets of personal data, whether by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

Limitation of processing: the marking of stored personal data to limit their processing in the future.

Profiling: any form of automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person to analyse or predict aspects of that person’s professional performance, economic situation, health, personal preferences, interests, reliability, behaviour, location, or movements

Pseudonymisation: the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is stored separately and subject to technical and organisational measures to ensure that such personal data is not attributed to an identified or identifiable natural person.

Archive: any structured set of personal data accessible according to specified criteria, regardless of whether that set is centralised, decentralised, or dispersed on a functional or geographical basis.

Data Controller: the natural or legal person, public authority, agency, or other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria applicable to his designation may be established by Union or Member State law.

Data Processor: the natural or legal person, public authority, service, or other body which processes personal data on behalf of the controller.

Addressee: the natural or legal person, public authority, service, or other body receiving communication of personal data, whether a third party or not. However, public authorities which may receive communication of personal data in the context of a specific investigation by Union or Member State law are not considered recipients; the processing of such data by those public authorities is by the applicable data protection rules according to the purposes of the processing.

Third part: the natural or legal person, public authority, agency, or other body other than the data subject, the controller, the processor, and the persons authorised to process personal data under the direct authority of the controller or processor.

Consent of the data subject: any manifestation of the data subject’s free, specific, informed, and unambiguous will, whereby the data subject indicates his/her assent, by way of a statement or unambiguous affirmative action, that personal data relating to him/her being processed.

Personal data breach: a breach of security leading accidentally or unlawfully to the destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed.

Genetic data: personal data relating to hereditary or acquired genetic characteristics of a natural person which provide unambiguous information on the physiology or health of that natural person, and which result from the analysis of a biological sample of that natural person

Biometric data: personal data obtained by specific technical processing relating to the physical, physiological, or behavioural characteristics of a natural person which enable or confirm their unambiguous identification, such as a facial image or dactyloscopy data.

Health-related data: personal data relating to the physical or mental health of a natural person, including the provision of health care services, which reveal information relating to his or her state of health.

Main establishment:

  1. concerning a controller with establishments in more than one Member State, the place of its central administration in the Union, unless decisions on the purposes and means of the processing of personal data are taken in another establishment of the controller in the Union and the latter establishment has the power to order the implementation of such decisions, in which case the establishment which has taken such decisions shall be the main establishment
  2. in relation to a controller with establishments in more than one Member State, the place where its central administration in the Union is located or, where the controller does not have a central administration in the Union, the establishment of the controller in the Union where the main processing activities are carried out in the context of the activities of an establishment of the controller in so far as that controller is subject to specific obligations under this Regulation;

 

Representative: the natural or legal person established in the Union who, designated by the controller or processor in writing according to Article 27, represents them in relation to their respective obligations under this Regulation

 

Enterprise: a natural or legal person, regardless of its legal form, engaged in economic activity, including partnerships or associations regularly engaged in economic activity.

Enterprise group: a group consisting of a parent company and the companies controlled by it.

Binding Corporate Rules: the personal data protection policies applied by a controller or processor established on the territory of a Member State to the transfer or set of transfers of personal data to a controller or processor in one or more third countries, in the context of a business group or a group of undertakings carrying on a common economic activity.

Supervisory authority: an independent public authority established by a Member State by Article 51.

The supervisory authority concerned: a supervisory authority affected by the processing of personal data because:

  1. the controller or processor is established on the territory of the Member State of that supervisory authority.
  2. data subjects residing in the Member State of the supervisory authority are or are likely to be substantially affected by the processing; or
  3. a complaint has been lodged with that supervisory authority.

 

Cross-border processing:

  1. Processing of personal data which takes place during the activities of establishments in more than one Member State of a controller or processor in the Union where the controller or processor is established in more than one Member State: or
  2. processing of personal data which takes place in the context of the activities of a single establishment of a controller or processor in the Union, but which affects or is likely to affect substantially data subjects in more than one Member State.
  3. Relevant and reasoned objection: an objection to the draft decision as to whether there is an infringement of this Regulation, or whether or not the action envisaged in relation to the controller or processor complies with this Regulation, which objection demonstrates the relevance of the risks posed by the draft decision about the fundamental rights and freedoms of data subjects and, where applicable, the free movement of personal data within the Union.

 

Information society service: the service defined in Article 1(1)(b) of Directive (EU) 2015/1535 of the European Parliament and the Council (19).

International organisation: an organisation and bodies governed by public international law subordinate to it or any other body established by or based on an agreement between two or more States.

Richiedi informazioni sul prodotto

* indica un campo obbligatorio.

Request product information

* indicates a required field.