INFORMATION PURSUANT TO THE GENERAL REGULATION ON DATA PROTECTION EU Reg. 2016/679

With this information, communicating the commitment of our Company to the protection of the right to privacy of those who choose our company services, the principles and methods of treatment and protection of personal data will be illustrated.
The purpose of the information is to provide maximum transparency regarding the information that the site collects and how it uses it.

1. PRINCIPLES APPLICABLE TO PROCESSING ACTIVITIES

The services provided by SADAM SRL provide for the processing of corporate data and personal data.
Pursuant to Article 13 of the European Regulation, we inform you that personal data are processed in compliance with the principles of:
lawfulness , the processing is based on compliance with the rules; correctness , the treatment respects the mutual needs as well as the rules; purpose limitation , the purposes of the processing are determined, explicit and legitimate; treatments subsequent to the initial ones will not have purposes incompatible with the original ones (except for further treatments for archiving purposes in the public interest or for scientific and historical research purposes or for statistical purposes); data minimization , the data are adequate, relevant and limited to what is necessary to comply with the purposes; accuracy , the data are accurate and, if necessary, updated; all reasonable measures are taken to promptly delete or correct inaccurate data; limitation of conservation , the data are kept in a form that allows your identification and for a period of time not exceeding the achievement of the purpose for which they were acquired; integrity and confidentiality , the acquired data protected by technical-organizational measures aimed at guaranteeing adequate security, including protection, in order to avoid or minimize the risks of unauthorized or illegal processing, loss , accidental destruction or damage; responsibility, the owner’s organization provides for responsibilities identified, assigned and verified over time; re-evaluation of security policies applied to data, systems and information networks, are periodically reviewed and re-evaluated; oblivion , after a suitable period of time, which normally coincides with the end of the processing operations, cancellation may be requested
of data or transformation into anonymous form.

2. HOLDER OF THE TREATMENT

The data controller is SADAM SRL Via S. Ponso, 20 / A 10080 Pertusio (TO) -Tel. +39 0124 617310 – email: info@sadamsrl.com

3. DATA PROTECTION OFFICER DPO / DATA PROTECTION OFFICER DPO

SADAM SRL not falling within the cases provided for by EU Regulation 679 and WP 243 – Guidelines on data protection officers (RPD), did not consider the appointment of the DPO to be applicable.

4. PURPOSE AND LEGAL BASIS OF THE PROCESSING. CATEGORIES OF DATA PROCESSED

Personal data acquired, also through the website www.sadamsrl.com , owned by us, pursuant to EU regulation 2016/679 of the Parliament European Union and of the Council of 27 April 2016, are processed for the following purposes:

  • hot forging steel activities
  • establishment and management of the contractual relationship
  • customer / supplier / staff / user database management
  • management of fiscal and tax data
  • personnel selection

The legal basis justifying the data processing is the employment contract.
For the purposes set out above, SADAM SRL treats the following categories of data:

  • common personal data
  • navigation data on the website
  • our site, www.sadamsrl.com, does not use data for the purpose of sending advertising , but uses third-party services to
    in order to improve the use of the site, third parties that may collect user data and then use them to send personalized advertisements on other sites. For example, the site also uses social plugins to make it easier to share articles on social networks. These plugins are configured so that they send cookies (and therefore possibly collect data) only after the user has clicked.
  • On this site are installed plugins with advanced protection functions for the privacy of Users , which do not send cookies or access cookies on the User’s browser when the page is opened but only after clicking on the plugin.
  • The collection and use of information by such third parties are governed by their respective privacy policies to which please refer.
  • The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified data subjects, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the Site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment. These data are used for the sole purpose of obtaining any anonymous statistical information on the use of the Site to check its correct functioning, to identify anomalies and / or abuses, and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the Site or third parties.
  • Data communicated by the user such as sending the curriculum by email, through forms directly on the website www.sadamsrl.com or through online sponsored advertisements. The optional, explicit and voluntary sending of messages to the Company’s contact addresses, as well as the compilation and forwarding of the forms on the site, entail the acquisition of the sender’s contact data, necessary to respond, as well as all data personal data included in communications.
  • Cookies and other tracking systems: cookies is not used for user profiling, nor are other tracking methods used. Instead, session cookies (non-persistent) are used strictly limited to what is necessary for the safe and efficient navigation of the site. The storage of session cookies in terminals or browsers is under the control of the user, where on the servers, at the end of the HTTP sessions, information relating to cookies remains recorded in the service logs, with retention times not exceeding seven days like other navigation data.

5. METHOD OF TREATMENT

Data processing is carried out on paper and computer media (including management SW), by natural or legal persons designated to manage or support the company’s activities in compliance with logical, physical security and confidentiality. The data in question are processed, as “authorized subjects”, by our collaborators and / or our employees.

6. RECIPIENTS OF THE DATA

With reference to the purposes of the processing for which they are acquired, the data can and must be communicated by express obligation of law, regulation and consequently of contract, to third parties identified as natural or legal persons and public authorities appointed to receive them. By way of example: Revenue Agency, Chancellery of the Bankruptcy Court, Public Prosecutor’s Office, INPS, INAIL, One-Stop-Shop for Social Security, Provincial Labor Office, Credit Institutions, Post Offices, Schools, Universities, Certification Bodies, and other subjects inspections and supervision in respect of which the communication / information of data is mandatory.

7. DATA CONSERVATION PERIOD

The data provided will be kept for the entire duration of the service provided, and for a subsequent period of up to 10 years to fulfill the conservation obligations required by civil, fiscal and tax regulations.

8. TRANSFER OF PERSONAL DATA TO A THIRD COUNTRY OR TO AN INTERNATIONAL ORGANIZATION

Personal data is not transferred to third countries or to international organizations.

9. PROFILING ACTIVITIES

Personal data will be acquired and processed without carrying out analyzes aimed at “profiling” (any form of automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a physical person, in particular to analyze or predict aspects regarding professional performance, economic situation, health, personal preferences, interests, reliability, behavior, location or travel of said physical person).

10. RECOGNIZED RIGHTS AND METHOD OF EXERCISE

Data subjects, in addition to the right to lodge a complaint with a supervisory authority, can exercise the following rights:
Art. 15 Right of access – The interested party has the right to obtain from the data controller confirmation as to whether or not personal data concerning him is being processed and, in this case, to obtain access to personal data and information regarding the processing.
Art. 16 Right of rectification – The interested party has the right to obtain from the data controller the correction of inaccurate personal data concerning him without undue delay. Taking into account the purposes of the processing, the interested party has the right to obtain the integration of incomplete personal data, also by providing an additional declaration.
Art. 17 Right to cancellation (right to be forgotten) – The interested party has the right to obtain from the data controller the cancellation of personal data concerning him without undue delay and the data controller is obliged to cancel without unjustified delay in personal data.
Art. 18 Right to limit the processing – The interested party has the right to obtain from the data controller the limitation of processing when one of the following hypotheses occurs:

  1. the data subject disputes the accuracy of the personal data, for the period necessary for the data controller to verify the accuracy of such personal data;
  2. the processing is unlawful and the interested party opposes the deletion of personal data and requests instead that its use be limited;
  3. although the data controller no longer needs it for processing purposes, personal data are necessary for the data subject to ascertain, exercise or defend a right in court;
  4. the interested party opposed the processing pursuant to article 21, paragraph 1 of the regulation, pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party.

Art. 20 Right to data portability – The interested party has the right to receive in a structured format, commonly used and readable by an automatic device, the personal data concerning him provided to a data controller and has the right to transmit such data to another data controller without hindrance by the data controller to whom he provided them.
In exercising their rights regarding data portability, the interested party has the right to obtain the direct transmission of personal data from one data controller to another, if technically feasible.
Art. 21 Right to object -The interested party has the right to object at any time, for reasons related to your particular situation, to the processing of personal data concerning him including profiling on the basis of these provisions.
Art. 22 Right not to be subjected to automated decision-making, including profiling – The interested party has the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or which affects him significantly in a similar way.

The rights can be exercised by making a request directly to the Data Controller, who can be contacted at the addresses indicated in point 2.
If the interested party finds anomalies or violations regarding the processing of personal data, he has the right to contact the Guarantor for the protection of personal data http://www.garanteprivacy.it or to the European Data Protection Supervisor
using the following link http://www.edps.europa.eu .

11. LEGAL / CONTRACTUAL OBLIGATIONS OR NECESSARY REQUIREMENTS FOR THE CONCLUSION OF A CONTRACT

Failure to provide the requested personal data referred to in point 4 makes it impossible to perform the requested services
contractually to SADAM SRL .