Innovative solutions for construction

✳︎

ICF Italia

Contacts

PRIVACY POLICY

Art. 13 EU Reg. 2016/679

Pursuant to Article 13 of the European Regulation 2016/679 (hereinafter “GDPR”), ICF Italia S.r.l., as the Data Controller, is required to provide users who connect to the domain: www.icfitalia.eu (regardless of the purpose of the connection) with certain information regarding the processing of personal data carried out therein.

This document constitutes the “Privacy Policy” (subject to any appropriate future updates) of this site.

For the purposes of this information notice, without prejudice to the definitions in Art. 4 of the GDPR, the following terms are defined as:

  • The Company: ICF Italia S.r.l., which is the Data Controller
  • Domain “www.icfitalia.eu”: the domain, accessible through the World Wide Web service of the internet network, at the address https://www.icfitalia.eu consisting of data, applications, technological resources, human resources, organizational rules and procedures designated for the acquisition, storage, processing, exchange, retrieval and transmission of information.
  • Collection points: areas within the www.icfitalia.eu domain intended for the collection of personal data.

Reference standards and legal bases for processing

The processing operations, which we will illustrate in detail below, have their legal basis in the rules governing the right to protection of personal data, the right to privacy, and finally in those that allow expressing or revoking, at any time, informed consent to processing operations, namely:

  • The EU General Regulation 679 of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data;
  • Informed consent, expressed in accordance with the current legal provisions on personal data protection (Art. 6 GDPR).
  • The fulfillment of contractual obligations assumed by ICF Italia S.r.l. in favor of the user at the time of subscribing to the Service (Art. 6 GDPR);
  • Compliance with obligations or orders to which the Data Controller is bound by law or by order of the Authority (Art. 6 GDPR).

Nature of data subject to processing

  • The possible sending of emails to the addresses indicated on this site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information notices will be progressively reported or displayed on the site pages set up for particular services on request. In any case – where required by law – you will be asked from time to time for consent to the processing of your personal data.
  • Subject to consent, where necessary, the following categories of personal data concerning the person expressing consent (Data Subject) may be processed for the indicated purposes:
    • Common personal data, identifying data, such as e.g. Name and Surname, Year of birth, Gender, Address, City, Province, Email address, Phone number, ZIP code, Links to profiles on the following social networks: Facebook, Instagram and Twitter (provided, e.g. through the Contact Form)
  • Technical processing Also subject to processing are the IP number and the type of browser used for connection to the www.icfitalia.eu domain (non-identifying data), automatically recorded by the logical devices for protection and control of domain access (LOG FILES). These personal data will be used exclusively for network traffic control purposes towards the domain. This is information that is not collected to be associated with identified Data Subjects, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this eventuality, at present, data on web contacts do not persist for more than seven days.

Cookies For more detailed information on the use of cookies on the www.icfitalia.eu site, you can consult the Cookies Policy.

Special categories of personal data

In case special categories of personal data are collected through the domain www.icfitalia.eu according to art. 9 EU Reg. 679/2016, the user will be previously informed and put in a position to express – in the legal manner – their relative consent.

Nature of data provision, data sources

The provision of personal data is not generally mandatory but, in some cases, it is necessary, and therefore mandatory, to allow the use of the services and functionalities of the website.

Data whose provision is necessary

The provision of certain personal data is necessary, and therefore mandatory, to fulfill specific requests such as, for example, providing a response to a contact request; the user is always free not to provide their personal data, but in this case, it might be impossible for the Data Controller to satisfy the requests, meet the needs or allow the use of all the functions available on the site in their entirety.

The provision of identifying personal data is necessary to potentially register on the site and receive, along with other benefits, the desired information on ICF Italia S.r.l. services.

Such identifying data will be processed both on paper and electronic supports, and will be kept by ICF Italia S.r.l. exclusively until the interested parties have received a response from the company regarding the formulated request, or in any case for a maximum of 5 years from the last action taken within the site itself. At the end of the retention period, the identifying personal data will be automatically deleted.

Data Sources

We will collect data directly from the user, through interactions with the site.

Purpose of Processing

The Company will carry out, if applicable with the user’s consent, where necessary, the operations useful to allow the use of the services and functionalities of the site, and specifically:

  • the management of contact requests;
  • purposes strictly connected and instrumental to the management of the aforementioned relationship (e.g., for the acquisition of pre-contractual information and to execute services and operations, as contractually agreed);
  • purposes related to monitoring the progress of customer relations and controlling credit risks and fraud connected to the services provided;
  • fulfilling specific requests of the interested party.

Methods of processing your personal data

In relation to all the purposes indicated in the previous paragraphs, personal data will be subject to computer and/or paper processing and processed with pseudonymization and anonymization techniques in order to personalize the services that the Company is able to offer. The data processing will be carried out in such a way as to guarantee its logical and physical security and confidentiality, and may be carried out through manual, computer and telematic tools designed to store, transmit and share the data itself. The processing logic will be strictly correlated to the purposes pursued.

Data security and storage

Personal data will be stored within the European Union, the related security policies are revised in accordance with the Best Practices in the field.

Traceability of Accesses and operations. Audit Log

Every access to the data will be recorded in appropriate Log tables. The related information will contain the timestamp of the access, the identifier of the user who accessed the data; the type of data accessed, the user owning the data, the operation performed, the application from which the access was made.

Profiling, automated decision-making process

We do not carry out, except as possibly specified in our cookie policy, profiling operations, in relation to the data collected through this website, other than what is necessary to allow us to perform the services that allow the use of the services offered on the site itself.

Scope of communication and dissemination

The following may become aware of the personal data, referred to in this information, as external Data Processors and/or internal Data Processors:

  • the qualified personnel of the Company, limited to their respective competences and/or duties and based on the assigned tasks and instructions given;
  • third parties external to the Company, specifically designated as external Data Processors, which the Company uses for the performance of specific services, limited to their respective competences and/or duties and based on the assigned tasks and instructions given.

The Company, for ordinary management, accounting, commercial, and administrative activities, may communicate personal data, subject to possible consent acquisition in accordance with the law, respecting security measures, to third-party service providers for the sole purpose of executing the requested service, such as: postal service companies, legal and notary offices, consultants, including in associated form, other service companies, as well as to additional subjects in compliance with any legal obligations (such as insurance institutions, police forces, judicial authorities, etc.). The list of such subjects to whom the data may be communicated is available at the Data Controller’s headquarters.

Transfer of personal data abroad

The Company does not transfer personal data outside the EU on its own initiative. However, some third-party service providers might have their servers physically located in territories outside the Union (as in the case of email providers). In such cases, the transfer of data abroad will take place exclusively within the framework and in compliance with EU Reg. 679/2016 Art. 44 et seq.

Rights of the data subject

Articles 15-22 GDPR grant data subjects the exercise of specific rights. Article 15 GDPR recognizes the right of data subjects to access their personal data and obtain a copy. The right to obtain a copy of the data must not harm the rights and freedoms of others.

With the access request, the data subject has the right to obtain from the Data Controller confirmation of whether or not processing of their personal data is in progress and to know the purposes and categories of data processed, the third parties to whom the data are communicated, and whether the data are transferred to a non-EU country with adequate safeguards. The Data Subject also has the right to know the retention time of their personal data and has the right to request the rectification of inaccurate data and the integration of incomplete data, the erasure (right to be forgotten) under the conditions indicated in Art. 17 GDPR, the limitation of processing, the withdrawal of consent, data portability, and the right to object, at any time and without having to provide justifications, to processing for direct marketing purposes.

The data subject who believes that the processing of their personal data violates the provisions of the GDPR or national legislation on personal data protection has the right to lodge a complaint with the Data Protection Authority based in Rome, pursuant to Art. 77 GDPR and/or to take legal action.

Rights can be exercised by sending a request to the email address info@icfitalia.eu, or by registered mail to the address, Via XXV Aprile 10/12, 06039, Trevi (PG). The Data Controller and/or its DPO might need to identify the data subject by requesting a copy of their identity document.

Withdrawal of Consent – Privacy Questions – Access and Response

The Data Subject is recognized at any time the right to withdraw consent to the processing of personal data by communicating the intention via email to the address info@icfitalia.eu, or by registered mail to the address Via XXV Aprile 10/12, 06039, Trevi (PG).

Information regarding the processing of personal data can be requested using the same methods.

Before the Company can provide or modify any information, it may be necessary to verify your identity and answer some questions. A response will be provided as soon as possible.

Data Controller

The Data Controller is ICF Italia S.r.l. with headquarters at Via XXV Aprile 10/12, 06039, Trevi (PG).

Data Processors

The complete list of Data Processors is available at the Company’s headquarters. This mandatory information is subject to updates, depending on any changes in applicable legal provisions.