This page describes how Gapi S.p.A., as Data Controller, collects and processes your personal data through this website.
For Gapi S.p.A. attention to confidentiality and protection of customers' personal data have always been an absolute priority.
This being said, in accordance with the provisions of art. 13 of Regulation (EU) 2016/679 on the Protection of Personal Data, we provide this information to the Dear Users, describing the following elements of the Treatment.
PURPOSE OF THE TREATMENT
Gapi S.p.A. informs that the processing of personal data collected directly from the website http://www.gapigroup.com/ and from the e-mail addresses of Gapi SpA, is aimed at satisfying the specific request submitted by the User (e.g. request for information, etc.).
The User is free to provide personal data through online forms to forward requests for information, contact, request the sending of informative material or send other communications of various kinds.
Filling in the contact form and / or sending e-mails to the addresses indicated in the various areas of the site, as well as to any e-mail address of Gapi SpA, may involve the subsequent acquisition of the sender's address, necessary to reply to requests, as well as any other personal data included in the message. This treatment is based on the principle expressed by Art. 6 of the Regulation, according to which the processing of personal data is lawful if necessary, to perform the service requested by the data subject.
The provision of the aforementioned data is optional, however it is necessary to satisfy your request: without your data, in fact, we could not provide you with the service indicated.
TYPES OF PERSONAL DATA COLLECTED
The personal data collected through the website may be those provided by the user through a contact form or an e-mail address and usually concern the personal and contact data, as well as the message that the user intends to send to the Data Controller.
In addition to the common data provided directly and intentionally by the user, the computer systems and software procedures used to operate this website acquire, during their normal operation, some personal navigation data whose transmission is implicit in the use of protocols communication network. This is information that is not collected for the purpose of association with the identity of the interested party, but which by their very nature would allow users to be identified through processing procedures and associations with data held by third parties. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site and other parameters relating to the operating system and the User's IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the website.
METHOD OF TREATMENT
The data is processed using mainly automated tools and for the time strictly necessary to achieve the purposes for which they were collected. The appropriate security measures, as provided by the European Regulation on the protection of personal data 2016/679, are observed to prevent data loss, illicit or incorrect use and unauthorized access.
The treatments connected to the services of the site http://www.gapigroup.com/ are handled by the internal staff authorized for the treatment or by persons in charge of occasional maintenance operations.
The data that you will provide us with by voluntary insertion in the dedicated form, will be used by Gapi S.p.A. in its capacity as Data Controller and in full compliance with the provisions of EU Regulation 679/2016, in order to transmit the answer to your request for information.
We also inform you that the recipients of your data may be the subsidiaries of the Gapi S.p.A. group. by virtue of an intra-group Joint Controller Agreement and to respond to the specific and legitimate request of the user. The parties have transparently determined their respective responsibilities regarding compliance with the obligations deriving from the Regulation, through an internal agreement stipulated pursuant to Art. 26 of the EU Regulation. In particular, the parties agree that the respective areas of joint control concern the processing of your data in the following areas:
· Website management;
· Intergroup management and coordination activities.
COMMUNICATION OF DATA TO THIRD PARTIES
The communication of data to third parties will take place - if necessary - for sending information and commercial offers on our behalf, as well as for the provision of the services requested by the user.
The updated list of subjects to whom the data may be communicated is available from the Data Controller.
Your personal data will also be processed by subjects to whom the Data Controller relies for the performance of specific services, such as companies that carry out maintenance and IT assistance.
No data collected through the website is disclosed.
LINKS WITH THIRD PARTY SITES
RETENTION OF DATA
Your personal data provided to the dedicated email addresses or through this website will be stored by Gapi S.p.A. for the duration necessary to fulfill your request.
RIGHTS OF THE DATA SUBJECT
Pursuant to EU Regulation 679/2016, the following rights are recognized: the right to ask the Data Controller to access to personal data (art.15), rectification (art.16), cancellation or oblivion ( art.17), the limitation of the processing of personal data concerning you (art.18), the right to data portability (art.20) or to oppose their processing (art.21), in addition to the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or which significantly affects your person (art.22). If the processing of personal data is based on the consent given by you, pursuant to art. 7 paragraph 3 of the Regulations, you are entitled to withdraw this consent at any time.
Requests can be exercised against the Data Controller whose registered office is located in Via Molinaretti n. 2, 24060 Castelli Calepio, Bergamo, Italy.
It is also recognized the right to lodge a complaint with the supervisory authority in charge (art.77 of the Regulation) if it considers that the treatment carried out by the Data Controller is not compliant.
CHANGES TO THIS POLICY
Gapi S.p.A. reserves the right to modify this information as necessary.
We encourage you to check this page periodically in case you want to monitor changes.