Privacy Notice on the Processing of Personal Data pursuant to Article 13 of Regulation (EU) 2016/679 relating to the website www.elco.net
ELCO GmbH (hereinafter, the “Controller” or the “Company”), pursuant to Article 13 of Regulation (EU) 2016/679 (hereinafter, the “GDPR”), hereby provides information concerning the processing of personal data (hereinafter, the “Data”) of users carried out in connection with browsing this website (hereinafter, the “Website”).
DATA CONTROLLER
The Data Controller is ELCO GmbH., with registered office at Dreieichstraße 10, 64546 Mörfelden-Walldorf, Germany, Tax Code and VAT No. DE811544605.
DATA PROTECTION OFFICER (“DPO”)
The Controller has appointed a Data Protection Officer, who may be contacted at the following email address: datenschutz@de.elco.net.
CATEGORIES OF DATA PROCESSED
Browsing Data
The IT systems and software procedures used to operate the Website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.
Such information is not collected in order to be associated with identified data subjects; however, by its very nature, it could, through processing and association with data held by the Company or third parties, allow users of the Website to be identified.
This category of personal data includes IP addresses or domain names of users’ computers, URI (Uniform Resource Identifier) addresses of requested resources, request time, method used to submit the request to the server, size of the file obtained in response, numerical code indicating the status of the server response (successful, error, etc.), and other parameters relating to the user’s operating system and IT environment.
Such data are used for the purpose of ensuring the proper functioning of the Website and identifying anomalies and/or misuse. Browsing data may also be used to ascertain liability in the event of potential cybercrime against the Website or third parties.
Data Collected through Cookies
The Website collects and processes Data through cookies or similar technologies. For further information, users are invited to consult the Website’s Cookie Policy.
Data Voluntarily Provided by the User
The Controller may process additional data voluntarily provided by the user. In particular, by completing the relevant contact forms available on the Website, the user may request information and/or a quotation and, where applicable, may also be contacted for marketing purposes. Specific privacy notices are provided for such processing activities directly within the relevant data collection forms.
PURPOSES, LEGAL BASIS AND RETENTION PERIODS
Website Browsing
Purpose: to ensure the proper functioning of the Website and provide users with smooth browsing, as well as to correctly deliver requested services.
Legal basis: processing is necessary for the purposes of the legitimate interests pursued by the Controller (Article 6(1)(f) GDPR).
Retention period: Data shall be retained only for the duration of the User’s visit to the Website.
Improving User Experience on the Website
For further details regarding the use of cookies, please refer to the Cookie Policy.
Establishment, Exercise or Defence of Legal Claims
Purpose: where necessary, the Controller processes Data to establish, exercise or defend its rights before judicial authorities or whenever judicial authorities perform their judicial functions.
Legal basis: legitimate interest of the Controller (Article 6(1)(f) GDPR).
Retention period: Data shall be retained for the period strictly necessary for the duration of legal proceedings, including any appeal periods.
PROVISION OF DATA
Except for browsing data (necessary for the functioning of the Website) and cookies (as specified in the Cookie Policy), the provision of Data is voluntary.
RECIPIENTS OF PERSONAL DATA
Data may be shared with:
AUTHORIZED PERSONS
Data may be processed by employees and other authorized personnel of the Company duly authorized and instructed by the Controller and bound by confidentiality obligations.
TRANSFER OF DATA OUTSIDE THE EUROPEAN ECONOMIC AREA (EEA)
Data collected through the Website are primarily processed within the European Union. However, in certain cases, they may be transferred to countries outside the EEA.
In such cases, the Controller ensures that the transfer is carried out in compliance with applicable legal provisions, including, where necessary, by entering into specific agreements ensuring an adequate level of data protection or by adopting the European Commission’s standard contractual clauses.
DATA SUBJECT RIGHTS
By contacting the Company at DPO.AristonGroup@ariston.com, users may:
request access to their Data;
request erasure or rectification of inaccurate Data;
request that incomplete Data be completed;
request restriction of processing (Article 18 GDPR);
object to processing based on legitimate interest, on grounds relating to their particular situation.
Where processing is based on consent or a contract and carried out by automated means, users have the right to receive their Data in a structured, commonly used and machine-readable format and, where technically feasible, to transmit those Data to another controller.
Users also have the right to lodge a complaint with the competent supervisory authority pursuant to Article 77 GDPR.
UPDATES TO THIS PRIVACY NOTICE
Users are invited to periodically review this Privacy Notice, as its contents may be updated and/or amended in the future.
Each time the User accesses, uses or browses the Website, the User implicitly accepts the Privacy Policy in force at that time.
Unless otherwise specified, any amendments to this Privacy Notice shall take effect upon publication and shall apply exclusively to Data collected from the date of the latest update onwards.