Privacy policy

Privacy Policy
Information for users browsing the website
https://www.desys.it
regarding the processing of personal data
pursuant to Article 13 of the General Data Protection Regulation (GDPR 2016/679)

WHY THIS NOTICE
This notice describes the methods of processing personal data of users who visit the website https://www.desys.it/en , owned by Desys s.r.l., concerning the processing of personal data of identified or identifiable natural persons who browse and interact with it. This notice applies solely to this website and not to any external websites that users may
visit via links.

DATA CONTROLLER
Desys s.r.l., with registered office in Viareggio (LU), Via Vetraia, 11 - Centro Italmaco 1.
Contacts: info@desys.it – PEC: pec@desys.it - Tel: +39 0584 389169

PURPOSE AND LEGAL BASIS OF PROCESSING
Personal data provided through the website will be processed for the following purposes:

Purpose	Legal Basis
A - To provide a service or respond to a request made by the user (contact request via the Contact form)	Execution of a contract to which the user is a party or the execution of pre-contractual measures taken at their request
B - To receive invitations to events organized by the controller	Consent
C - To conduct research/statistical analyses on aggregated or anonymous data, without the possibility of identifying the user, to measure website performance, traffic, and assess usability and interest	Legitimate interest
D - To establish, exercise, or defend legal claims, or whenever judicial authorities exercise their jurisdictional functions	Legitimate interest

TYPES OF DATA PROCESSED AND RETENTION PERIODS

Data provided by the user

Voluntary, explicit, and optional sending of messages to the contact addresses on the website, as well as filling out and submitting forms, entails the acquisition of the sender’s contact details, necessary to respond to requests, as well as all personal data included in the communications. In general, we will delete user-related data when it is no longer
necessary to fulfill the stated purposes.

Browsing data
The IT systems and software procedures used to operate this website acquire, during normal operation, certain personal data whose transmission is implicit in Internet communication protocols. This category of data includes IP addresses or domain names of users' computers and terminals, URI/URL (Uniform Resource Identifier/Locator) addresses
of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the response status from the server (success, error, etc.), and other parameters related to the user’s operating system and IT environment. These data are used to obtain anonymous
statistical information on website usage and to ensure its proper operation; to enable the correct provision of requested functions considering the architecture of the systems used; for security reasons; and to ascertain liability in the event of hypothetical cybercrimes against the website or third parties. Browsing data are generally not retained for more than
seven days (except when needed to ascertain crimes by judicial authorities).

Cookies and other tracking technologies
Our website uses third-party analytical cookies to collect aggregated and anonymous information on the number of users and how they visit the website; session and technical (non-persistent) cookies strictly necessary for safe and efficient website navigation. For information on cookie usage and the ability to choose which specific cookies to authorize,
please refer to the extended cookie policy available at: https://www.desys.it/en/cookies. Our website does not use technologies other than cookies for user profiling (e.g., pixel tags, web beacons, etc.).

DATA RECIPIENTS

The following parties are recipients of the data collected through website browsing:

The hosting service provider and email service provider, designated as Data Processors under Article 28 GDPR;
Google Ireland Limited, for the creation of aggregated and anonymous statistics via the Google Analytics platform;
Our authorized personnel, acting based on specific instructions (e.g., employees and collaborators of the controller).

TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANIZATIONS
For statistical analysis using cookies provided by Google, data may be transferred to the USA. Google adheres to the Data Privacy Framework and therefore lawfully transfers data to the United States under the adequacy decision. For further details, please refer to: https://policies.google.com/privacy/frameworks?hl=en.

AUTOMATED PROCESSING
The Data Controller does not carry out processing based on automated decision-making processes, including profiling, that produce legal effects concerning the user or significantly affect them.

DATA SUBJECT RIGHTS
As a data subject, you may exercise your rights under Articles 15-21 of GDPR 2016/679, briefly summarized below, at any time by contacting the data controller. Specifically, you may access your personal data, obtain rectification or deletion, restrict processing, and exercise data portability rights. You may exercise your rights by using the form provided by
the Data Protection Authority at: https://www.garanteprivacy.it/home/modulistica-e-servizi-online, or by sending an email to the controller’s contact details provided in the first section of this policy. You may also withdraw consent at any time without affecting the lawfulness of prior processing. Consent withdrawal can be exercised by clicking the "unsubscribe" button at the bottom of event invitation emails or by writing to the controller’s contact email addresses listed in the first section.

RIGHT TO LODGE A COMPLAINT
If data subjects believe that the processing of their personal data via this website violates GDPR, they have the right to lodge a complaint with the Data Protection Authority under Article 77 of the Regulation or to seek judicial remedies (Article 79 of the Regulation).