The following is a description of the management procedures of the L.M. dei F.lli Monticelli S.p.A. website with reference to the processing of personal data of the users consulting it.
L.M. dei F.lli Monticelli S.p.A. is aware of the importance of protecting the confidentiality of personal data and is committed to complying with the directives and regulations in force regarding privacy, which guarantee safe and confidential internet browsing.
The user of the website www.monticelli.it (the "website") is invited to carefully read this privacy policy document governing, in general, the rules that L.M. dei F.lli Monticelli S.p.A. observes when processing the personal data provided by the user through navigation on the website, use of registration forms for the reserved area, and the contact forms present therein.
The policy statement is also provided pursuant to Art. 13 of the Regulation (EU) 2016/679 (GDPR) on the protection of personal data to those who interact with the L.M. dei F.lli Monticelli S.p.A. website accessible by electronic means from the address www.monticelli.it.
The privacy policy is also provided for all websites and services under the domain www.monticelli.it but not for other websites that may be consulted via links.
The policy is also inspired by other existing national and European legislation, including the ePrivacy Directive (Directive 2002/58/EC) concerning the processing of personal data and the protection of privacy in the electronic communications sector, to identify the minimum requirements for the collection of personal data online.
The "data controller" is L.M. dei F.lli Monticelli S.p.A., Via Giuggioli, 30, Osimo (AN), email info@monticelli.it, telephone +39 071 7230252.
L.M. dei F.lli Monticelli S.p.A. has identified a data protection privacy contact point, which can be contacted at: sturari.s@monticelli.it for any information concerning the processing of personal data.
The processing of personal data is governed by the principles of lawfulness, fairness, transparency, limitation of purpose and retention, data minimisation, accuracy, integrity and confidentiality.
Specifically, L.M. dei F.lli Monticelli S.p.A. undertakes to:
'Personal data' means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; (Art 4 of EU Regulation 2016/679).
Therefore, personal data are the name, contact information and contact details, payment data, navigation computer identifiers, such as the data of the device used to access the site, IP address, cookies, as well as any other information of the site user that is, directly or indirectly, derived from navigation.
Some of this data may come from, or be processed by, third parties that the site uses to provide its services.
The voluntary and explicit sending of e-mail messages to the addresses indicated in the different access channels of the L.M. dei F.lli Monticelli S.p.A. website and the completion of the specifically prepared forms entails the subsequent acquisition of the user's address and data, necessary to reply to the requests made and/or provide the service requested.
The sending of this data is done on an optional, explicit and voluntary basis, and involves the subsequent acquisition of the sender's address, which is necessary to respond to requests, as well as any other personal data entered.
L.M. dei F.lli Monticelli S.p.A. shall process these data assuming that they refer to the user or to third parties who have expressly authorised the user to provide them on the basis of a suitable legal basis legitimising their processing. In this case, the user is the autonomous data controller, and assumes all obligations and responsibilities under the law, granting the widest indemnity with regard to any dispute, claim, or request for compensation for damages from processing, etc. that may be received by L.M. dei F.lli Monticelli S.p.A. from third parties whose personal data have been processed through the use of the site in breach of the regulations in force.
L.M. dei F.lli Monticelli S.p.A. in any case invites the user not to send personal and/or confidential data unless strictly necessary: some categories of personal data (e.g., sensitive data) can only be processed with prior consent and with specific security measures aimed at ensuring the confidentiality and integrity of the data. L.M. dei F.lli Monticelli S.p.A. therefore emphasises the need for explicit consent to the processing of special categories of personal data, should the user decide to transmit such information. Otherwise, the data will be deleted immediately.
Therefore, unless expressly provided for, we urge users not to use contact forms for the transmission of sensitive data and, if necessary, to agree to the transmission of such data in advance.
Specific summary information, containing the appropriate legal bases for processing, will be displayed on the pages of the site provided for particular services involving the transmission of personal data.
The registration and access options to the site via the RESERVED AREA function are only available to distributors, extruders and window fitters. The information requested during registration will be used to allow access to online "B2B" (Business To Business) services and to ensure the proper performance of all activities connected with or instrumental to the provision of such services.
For this processing, the data processing notices for customers and suppliers apply, which are available in the respective reserved areas and on the privacy page of the site.
In the course of their normal operation, the computer systems and software procedures used to operate the website acquire certain personal data, the transmission of which is implicit in the use of Internet communication protocols.
This is information that is not collected in order to be associated with identified data subjects, but which by its very nature could, through processing and association with data held by third parties, enable users to be identified.
This data category includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), the browser and operating system used and other parameters relating to the user's operating system and computer environment, information on your clicks, and on the pages that were shown to you.
When using a mobile device, the site collects data identifying the device and other data on device settings and characteristics, malfunctions (e.g. crashes) and other system activity.
These data are used solely for the purpose of obtaining statistical information not associated with any user identification data on the use of the site and to check the correct operation of same, and they are deleted immediately after processing or within a few days. The data could be used to ascertain liability in the event of hypothetical cybercrime against the site.
These data are stored in the systems of the data controller or in those of the persons in charge of managing the website.
Access to the website, consultation of its contents and use of the services offered enables the web server to automatically record so-called 'system LOGs', i.e. the information that the user's browser sends when browsing the site. This information consists of the web pages requested by the user, the documents consulted, modified or created, the IP address, browser type, browser language, and the date and time of the request.
The site is protected by the Content Delivery Network (CDN) Google Hosted Libraries (https://developers.google.com/speed/libraries?hl=it) a service for traffic optimisation and distribution, DDoS attack mitigation, Internet security, and distributed domain name server services.
This type of service makes it possible to distribute content via servers that filter communication between the site and the User's browser, i.e. communication between the website and the User's browser, also enabling the collection of statistical data.
Data processing takes place in the United States, based on the EU-U.S. Data Privacy Framework.
Privacy policy of Google Inc: https://policies.google.com/privacy?hl=it
This site uses Google reCAPTCHA, a security service operated by Google LLC. that protects the site from fraud and abuse (e.g. spam or phishing) by distinguishing humans from robots. The service collects and analyses various user information (e.g. IP address, cookies, mouse movements, length of time spent on the site).
Data processing takes place in the United States, based on standard contractual clauses approved by the European Commission.
More information: https://www.google.com/recaptcha/about/
Google privacy policy: https://policies.google.com/privacy?hl=it
Statistical analysis services enable the Data Controller to monitor and analyse traffic data, aimed at measuring the operation of the site for the purposes of research, usability assessments and interest. This website uses Google Analytics, a service for the statistical analysis of browsing activity provided by Google Ireland Limited (EU) and Google LLC (USA).
On this site, Google Analytics is configured for anonymous and aggregated data collection by masking the IP address.
Google is, however, able to identify the user by using data provided in connection with the use of other services, and may use the personal data to contextualise and personalise the ads in its advertising network.
Google privacy policy: https://policies.google.com/privacy?hl=it
Google makes an add-on available to deactivate data collection by Google Analytics (https://goo.gl/BdFny5).
Data processing takes place in Europe and the United States, based on standard contractual clauses approved by the European Commission. Google privacy policy: https://policies.google.com/privacy?hl=it.
Google Fonts is a font style display service operated by Google LLC. that allows styles to be integrated into the pages of a website. The service is used through API requests to Google servers and some data (such as IP addresses) may be collected and used for analytical purposes.
For more information on the use of data via google fonts: https://bit.ly/35H4M12.
Google privacy policy: https://policies.google.com/privacy?hl=it
This site uses Google Tag Manager, a solution that allows us to manage the tags of web pages via a dedicated interface. The Tag Manager tool does not collect any personal data. This tool ensures the activation of other tags that in turn acquire data under certain conditions (e.g. Google Analytics services).
L.M. dei F.lli Monticelli S.p.A. processes the personal data provided by users through the pages of social network platforms as part of its activities, for the purpose of managing interactions with users (comments, public posts, etc.), and in compliance with the regulations in force. For the processing of personal data carried out by the operators of social network platforms, please refer to the information provided by them through their respective privacy policies.
Please refer to the documentation of the individual social network platforms for more information on permits and the data acquired.
The activities and services on this site are intended for persons over the age of 18. L.M. dei F.lli Monticelli S.p.A. does not accept registrations from and/or interact with persons under the age of 18 (eighteen), nor will it intentionally collect or use their personal data. Minors are therefore advised not to transmit personal data via the site.
Automated user profiling systems aimed at analysing or predicting aspects of user choices, browsing habits, and consumption choices based on site navigation activities, are not active.
This website uses cookies to offer its users the best possible experience on the site and to optimise their visit.
No use is made of cookies or other tracking tools for user profiling.
Please refer to the specific cookie policy
Personal data voluntarily provided by website users are processed for different purposes, specified below, for which consent may be required:
| Purpose of the processing | Legal basis and consent to processing |
|---|---|
|
1. REQUEST MANAGEMENT AND SERVICE DELIVERY a) for the creation of the user account and purposes related to its management, in case of possible registration on the site; b) to verify the identity of the user, also in case of support in restoring access c) to handle any type of technical, commercial or administrative support request, and to provide further services requested by the user |
Processing is carried out in the context of the performance of a contract to which the user is party or the execution of pre-contractual measures taken at the user's request (Art. 6(1)(b) GDPR). |
| d) to follow up any requests made to us, e.g. by spontaneously sending messages, by electronic or traditional mail to the addresses indicated on the site, which entail the subsequent acquisition of the sender's address, including email address, or the relevant telephone number necessary to respond to requests, as well as any other personal data included in the relevant communications. | Processing is carried out in the context of the performance of a contract to which the user is party or the execution of pre-contractual measures taken at the user's request (Art. 6(1)(b) GDPR). |
| e) for the fulfilment of obligations laid down in laws, regulations and national and/or EU legislation, as well as provisions issued by authorities empowered to do so by law or by supervisory and control bodies; | The processing is necessary to fulfil a legal obligation to which it is subject (Art. 6(1)(c) GDPR). |
| f) for cybersecurity, the prevention or detection of any fraud or abuse in the use of the site, or any fraudulent activity, and thus to enable the Controller to protect itself in court, for the detection and notification of data breaches | Processing is based on the legitimate interest of the Controller (Art. 6(1)(f) GDPR). |
|
2. MARKETING AND SALES PROMOTION ACTIVITIES a) within the scope of performance of the contract with the user: for marketing purposes, by sending by email (or also by paper mail, telephone and instant messaging services, when requested and specified), communications, commercial offers, advertising, promotional and informative material concerning products and/or services similar to those offered by the Controller |
Processing is carried out in the pursuit of the Data Controller's legitimate interest, (Art. 6(1)(f) of the Regulation and ePrivacy Directive 2002/58/EC), unless expressly refused or subsequently revoked by the user. when any communication is sent, the user will be able to express their opposition to the processing of the data, in accordance with their rights. |
One or more consents given may be revoked at any time by contacting the Data Controller in the manner indicated for the exercise of rights at the end of this privacy policy.
Personal data, the transmission of which is implicit in the use of Internet communication protocols and system LOGs, are processed solely for the purpose of obtaining statistical information on the use of the site, to check its correct operation and to protect the computer systems that enable it to function.
Such data, such as the user's IP address, could also be used to ascertain liability in the event of hypothetical cybercrimes against the site.
Apart from what is specified above for navigation data, the user is free to provide personal data in the forms or registration procedures. Failure to provide these data may make it impossible to obtain what has been requested or to perform certain services, as specified below with reference to the above-mentioned purposes:
1. REQUEST MANAGEMENT AND SERVICE DELIVERY
the provision of data (possibly marked as necessary in the forms) is necessary for the pursuit of the purposes referred to in point 1 and any refusal to provide such data will make it impossible for L.M. dei F.lli Monticelli S.p.A. to satisfy users' requests and for users to take advantage of the services available through the website.
Furthermore, the processing of data for these purposes is necessary in order to fulfil any legal obligations: personal data must be processed in accordance with applicable law, including their storage and communication to the authorities for accounting, tax or other obligations.
2. MARKETING AND SALES PROMOTION ACTIVITIES
the provision of data is optional for the pursuit of the purposes set out in point 2 and failure to provide said data, or withdrawal of consent, will not allow the sending of commercial and promotional communications. Failure to provide this information will have no consequences for the provision of services.
Personal data are processed by automated means, methods and procedures for the time strictly necessary to achieve the purposes for which they were collected and for the pursuit of the aims set out in this information sheet.
In particular, processing is carried out by specially appointed staff, mainly with the aid of electronic, computerised or otherwise automated means, using electronic mail or other remote communication techniques.
Data are kept for the time strictly necessary to provide the requested service or for the time stipulated by applicable regulations (e.g. tax and fiscal law obligations)
In general, personal data provided by users and which are no longer necessary for the pursuit of the purposes for which they were collected are immediately deleted or anonymised, except in the case of the storage obligations indicated herein, prescribed by law or indicated otherwise by the person concerned.
Contact data, if relevant to the performance of a contract to which the user is a party or to the performance of pre-contractual measures taken at the user's request (Art. 6(1)(b) GDPR), will be retained until the performance of said relationship is completed, and in any case for a maximum period of 10 years.
Navigation logs will be stored for a maximum period of 90 days, after which they will be erased or anonymised (e.g. for statistical purposes).
L.M. dei F.lli Monticelli S.p.A. may process personal data for a further period, i.e. as long as may be necessary to protect its interests against possible litigation or claims relating to the services provided.
The data controller implements specific, appropriate and preventive security measures in order to safeguard the confidentiality, integrity, completeness and availability of the personal data of the data subject, as well as to prevent the loss, unlawful or incorrect use, and unauthorised access of data.
Specifically, to protect the personal data of the person concerned, the site uses an encrypted https protocol with SSL (Secure Sockets Layer) technology, which guarantees protection by encrypting the information transmitted and exchanged.
In any case, L.M. dei F.lli Monticelli S.p.A. shall not be held responsible for any untruthful or incomplete information sent directly by the user (e.g.: correctness of email address, identification data or credit card details or postal address), as well as information concerning the user that has been provided by a third party, even fraudulently.
Personal data may be communicated to persons who have access to the data by virtue of legal provisions, regulations or EU legislation, within the limits set out in these rules.
For the provision and management of the services requested, the user's personal data may be communicated to other subjects in their capacity as data processors (for example, to subjects who provide assistance and consultancy in the creation and development of the site, in accounting, administrative, legal, tax accounting, administrative, legal, tax, financial and debt collection matters relating to the provision of services) and autonomous data controllers (such as providers of web services, email or technical services that provide services necessary for the operation of the site and the provision of services), and internal and external staff authorised to process data and bound by obligations of confidentiality to the extent necessary to carry out their duties in our organisation.
Data may also be disclosed to persons, entities or authorities for legal obligations, protection against misuse or fraud, or by order of the authorities.
The full list of the aforementioned subjects, in addition to what is indicated in the various sections of this policy statement, can be requested directly from the Data Controller. The personal data collected are not disseminated without specific authorisation.
The processing operations connected to the web services of this site take place at the premises of L.M. dei F.lli Monticelli S.p.A., which avails itself of external providers for the web site hosting service, and are carried out by technical staff authorised to the processing and, occasionally, by external and internal staff for maintenance operations.
Personal data will be stored on servers of the Data Controller or its suppliers located within the territory of the European Union. Unless stated otherwise, data will not be transferred outside the European Union.
Some of your personal data may be transferred to recipients outside the European Union, as indicated in the different processing purposes. L.M. dei F.lli Monticelli S.p.A. ensures that the electronic and paper processing of personal data by these recipients is performed in compliance with the requirements of current legislation, i.e. by basing the transfer on a decision of suitability or, alternatively, on standard contractual clauses approved by the European Commission.
More information on the transfer and the agreements that legitimise it can be found in the different sections of this privacy policy and from us by reaching out to the contacts in this privacy policy.
The users of the site to whom the personal data refer, in their capacity as data subjects and within the limits of the legislation in force, are granted the rights set out in Articles 15 to 22 of EU Regulation 2016/679, i.e., in short, the right to ask L.M. dei F.lli Monticelli S.p.A., at any time for the following:
The user may also:
Pursuant to and within the limits of current legislation, the user has the right to lodge a complaint with the competent privacy authority (for Italy: Garante per la Protezione dei Dati Personali, email urp@gpdp.it) if you consider that your personal data is being processed in violation of the law or your rights.
The rights listed above may be exercised by the interested party at any time, by contacting the Data Controller at Via Giuggioli, 30, Osimo (AN), email info@monticelli.it, telephone +39 071 7230252.
Please also note that registered users of the site may view and change their personal data at any time by accessing the data edit mask within their personal account.
This privacy policy is effective as of 24 May 2018. L.M. dei F.lli Monticelli S.p.A. reserves the right to modify or update the contents also in relation to changes in applicable legislation. All changes and updates will be binding as soon as they are published on the site.
L.M. dei F.lli Monticelli S.p.A.
Via Giuggioli, 30
60027 Osimo (AN) - Italy
Phone: +39 071 7230252
Email: info@monticelli.it
Privacy: sturari.s@monticelli.it