Sotras - filtri per compressori a vite, filtri per pompe a vuoto, microfiltri, filtri per oleodinamica, separatori standard

We want to inform you that we process your personal data in our organisation, in compliance with current national and European Union legislation on the processing of personal data.

Pursuant to Articles 13 and 14 of EU Regulation 2016/679 we inform you as follows:

1. Data Controller Sotras srl with registered office in Via Donatello 13 - 10071 Borgaro T.se (TO), Telephone: 011 262.22.22 E-Mail: privacy@sotras.com

2. Data Processor Alessandro Quaglino, Telephone: 011 262.22.22– E-Mail: privacy@sotras.com

3. Legal basis of the processing: the processing of personal data carried out by our organisation is based on the respect of the conditions of lawfulness defined by Art. 6 of Reg. 2016/679, of which we provide evidence below:
- Consent provided by the data subject for one or more of the purposes contained in point 4 of the Notice;
- Necessary for the purposes of the performance of a contract or pre-contractual measures taken at the request of the data subject;
- Necessary in order to comply with a legal obligation to which the Data Controller is subject;
- Necessary in order to safeguard the vital interests of the data subject;
- Necessary for the performance of a task carried out in the public interest or in connection with the exercise of public authority vested in the Data Controller;
- Necessary for the pursuit of the legitimate interest of the Data Controller.

4. Purposes of the processing: Personal data are processed in the course of the company's normal business activity, for the following purposes:
a) directed exclusively to the management of information relating to the data subject's requests for supplies and services;
b) for communication activities, also of a commercial nature.

5. Category of data collected: The data collected fall within the category of personal contact identification data (personal details, e-mail address) strictly connected with and instrumental to the management of relations with website users (e.g. acquisition of information prior to the fulfilment of requests).

6. Data processing methods: Data processing is carried out by means of computerised and telematic tools with logic strictly related to the purposes themselves and, in any case, in such a way as to guarantee the security and confidentiality of the data. In particular, we inform you that your data are:
- processed in a lawful, correct and transparent manner;
- collected for the purposes set out above, explicitly and legitimately, and subsequently processed in a way that is not incompatible with those purposes;
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed ("data minimisation");
- accurate and, if necessary, updated, deleted and/or rectified;
- kept in a form which permits identification for a period of time not exceeding the purposes for which they are processed;
- processed in such a way as to ensure appropriate security of personal data, including protection, by appropriate technical and organisational measures, against unauthorised or unlawful processing and against accidental loss, destruction or damage.

7. Communication of data: For the pursuit of the purposes indicated in point 4, your data may be communicated to companies that carry out the acquisition, registration and processing of data contained in documents, archives or supports for preparing texts; to companies including those for information technology, to enable the management of electronic instruments, for filing procedures, for printing correspondence and for the management of incoming and outgoing mail; to service companies for the management of the company's information system. The full list of the persons in charge is in any case available at the organisation's head office, and to find it, simply contact the above-mentioned Data Controller.

8. Dissemination of data: Personal data are not subject to dissemination.

9. Transfer abroad: Your data may be transferred to non-EU countries only if they are covered by an adequacy decision of the European Commission pursuant to Article 45 of the European Regulation; they may also be transferred outside the national territory by virtue of possible services, Cloud platforms, provided by Providers located outside the European Union.

10. Obligatory/voluntary nature of data provision: Without prejudice to the personal autonomy of the data subject, the provision of personal data, whether common or falling into particular categories, may be:
- compulsory in relation to obligations provided for by laws, regulations and European Union legislation, as well as provisions issued by authorities empowered to do so and by supervisory and control bodies, as well as obligations in tax and accounting matters;
- essential to the conclusion of new relationships or to the management and execution of existing or ongoing contractual relationships.

11. Refusal to provide data: Any refusal on the part of the data subject to provide personal data for the purposes indicated in point 4 of this information notice will result in the impossibility of proceeding with the correct and complete execution of the requests made.

12. Data retention: Personal data relating to you will be kept in a form that permits their identification for a period of time not exceeding the achievement of the purposes for which they are processed, and in any case in compliance with legal obligations regarding data retention periods.

13. Rights of the data subject: You may apply to the Data Controller to assert your rights, as provided for in the Regulation, and in particular you have the right to:
a) to request from the Data Controller access to and rectification or erasure of your personal data or restriction of the processing of personal data concerning you and to object to their processing, in addition to the right to data portability;
b) to lodge a complaint with a supervisory authority;
c) to know the source from which the personal data originate and, if applicable, whether the data come from publicly accessible sources;
d) to obtain from the Data Controller confirmation as to whether or not personal data relating to him are being processed and, if so, to obtain access to the personal data and to the following information;
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if they are recipients in third countries or international organisations;
- where possible, the proposed period of retention of personal data or, if this is not possible, the criteria used to determine that period;
e) to request from the Data Controller the rectification or erasure of personal data concerning him/her or the restriction of the processing of personal data concerning him/her or to object to the processing of personal data concerning him/her;
f) to know, if the data are not collected from the data subject, all available information on their origin, on the existence of an automated decision-making process, including profiling, and, at least in such cases, meaningful information on the logic used, as well as the importance of such processing for the data subject and the envisaged consequences thereof;
g) to obtain from the data controller the rectification of inaccurate personal data concerning him/her without undue delay;
h) to obtain, having regard to the purposes of the processing, the integration of incomplete personal data, also by providing a supplementary declaration;
i) obtain from the data controller the erasure of personal data concerning him/her without undue delay;
j) obtain from the data controller the restriction of processing in the event that the data controller disputes the accuracy of the personal data, or objects to the deletion of the data, or - although the data controller no longer needs the data for processing purposes - the data are necessary for the establishment, exercise or defence of a legal claim, or the data controller has objected to the processing carried out by the data controller in pursuit of its own legitimate interest;
k) to receive, in a structured, commonly used and machine-readable format, the personal data concerning him/her and to transmit such data to another Data Controller without hindrance from the Data Controller to whom he/she has provided them (right to data portability);
l) to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her (when the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller, or when the processing is necessary for the purposes of pursuing a legitimate interest of the Data Controller), including profiling on the basis of such provisions, as well as to object to the processing of data carried out for direct marketing purposes.

14. The above rights may be exercised by making a written request to the Internal Data Controller. E-Mail: privacy@sotras.com