Privacy

WEB PRIVACY POLICY AND COOKIES

Premise

The following privacy statement is provided pursuant to art. 13 and 14 of EU Regulation 2016/679 and to the Privacy Code - Legislative Decree 196/2003 updated by Legislative Decree 101/2018, regarding the data provided by all those who interact with web services accessible from https://www.greenlake-eng.com, corresponding to the Website of GreenLake Enginering Srl, Via Acquanera 29, Como (CO) – VAT.n 02760900130, in the person of the legal representative pro tempore (hereinafter "Data Controller" or "the Company").

This document is provided only for the site in question and not for other websites that may be accessed by the user via links and is intended for users of this site. In compliance with the obligations imposed on the protection of personal data, this site respects and protects the privacy of visitors and users.

The Data controller is committed to protect the privacy of users. Much of the content of our website can be explored without having to communicate any personal data, but in some cases it is necessary to provide some information to be able to use the services offered (newsletter, area reserved for employees). This privacy statement describes the mechanisms for collecting and processing data in such cases.

Consequently, the Data Controller provides you with the following information.

1 - Data Controller and Data Protection Manager - Company Contacts

For the purposes of this privacy statement and the processing described herein, it is hereby specified that any personal data provided or collected through the operations carried out on this site will be processed by the Data Controller, which refers to GreenLake Enginering Srl, Via Acquanera 29, Como (CO) – VAT.n 02760900130,  tel. +39 031.521.076 - mail: privacy@greenlake-eng.com

2 – Type of Data

a)       Navigation data - processing purposes

The computer systems and software procedures used to operate this website acquire some personal data during their normal operation, whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified concerned parties, but which by its very nature could allow users to be identified through processing and association with data held by third parties. This category of data includes IP addresses or domain names of the computers of users connected to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user's computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical IT crimes to the detriment of the Website: apart from this eventuality, the data on web contacts do not persist for more than seven days.

b)       Data provided voluntarily by the user – processing purposes

The optional, explicit and voluntary sending of e-mails to the addresses indicated on this Website entails the subsequent acquisition of the sender's address, necessary only to respond to requests, along with any other personal data included in the message. More specifically, the personal data shown above will be used by the Data Controller to respond to the contact request and processed for the purposes required by the contact request. Specific summary information will be progressively reported or displayed on the website pages prepared for particular services, should such be implemented in the future. Users are forbidden to send data via email that can be described as sensitive or likely to reveal racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, trade unions, associations or organizations of a religious, philosophical, political or trade union nature, or personal data likely to reveal state of health and sex life. The email address provided at the time of request may be used to send commercial information to the user.

3 – Cookies

a)       What are cookies

Cookies are small strings of text exchanged between a website and the user's browser, each time you access an Internet site. They are used to perform automatic authentication, to keep track of sessions, to store information to improve the navigability of the site or the user's browsing experience. The use of cookies allows us to improve the browsing experience on the website and can carry the settings chosen by the user to your next visit.

b)       There are two types of cookies:
- first-party (or proprietary) cookies: submitted to and readable only by the domain that created them;
- third-party cookies: submitted to and created by domains external to the one we are visiting.

Our Website in no way uses referred to as “profiling”, i.e. cookies designed to create profiles relating to the User, generally used to send advertising messages in line with the preferences expressed by the user in the context of surfing the net.

c)        Technical cookies

Cookies of this type are necessary to ensure the proper functioning of certain areas of the Site. They are not used for other purposes and are normally installed directly by the owner or operator of the website. These cookies can be divided into:

- session cookies, which guarantee the normal navigation and use of the website (for example, enabling authentication to access restricted areas). They are deleted every time the browser is closed.

- persistent cookies that remain stored on the hard disk of the User's device until their expiration or deletion by the user. Users are automatically recognized at each visit by means of persistent cookies. These cookies are necessary to view the site correctly and will therefore always be used and sent, unless the user modifies the settings in his/her browser (thereby disrupting the display of the web pages).

d)       Third-party cookies

Third-party cookies are cookies set by a website other than the one you are currently visiting. This type of cookie falls under the direct and exclusive responsibility of the third party. Therefore, the User is encouraged to consult the information on privacy and the use of third-party cookies directly on the websites of their respective owners.

In particular, the third-party cookies on our website are as follows:

- Google Analytics: These cookies are used to collect and analyze statistical information on accesses / visits to the website. This type of cookie collects anonymous information, which does not allow personal identification of users, on the activity of the latter within of the site, the way in which they arrived at the site and on the pages they visited. The Data controller uses this information made available by Google Analytics for statistical analysis, to improve the Site and simplify its use, as well as to monitor its proper functioning. Further information on privacy and use of information can be found directly on the Google Analytics website by clicking on the following link: https://www.google.com/analytics/terms/us.html

e)       Consent for the use of cookies

The Company as data controller, is not required to request the User's consent for technical cookies, as these are strictly necessary to ensure the functionality of the Site.

For other types of cookies, consent may be expressed by the User, in accordance with current legislation, through specific browser settings and computer software or through devices that are simple and straightforward to use. It is possible to modify the relative preferences or disable cookies from the browser at any time, however this action may prevent the User from using certain parts of the Website.

With regard to third-party cookies, these fall under the direct and exclusive responsibility of the third-party operator. Therefore, the User is encouraged to consult the information on privacy and the use of third-party cookies directly on the websites of the respective operators indicated in this Notice.

f)        How to disable cookies

Most browsers (Internet Explorer, Firefox, etc.) are configured to accept cookies. However, all browsers allow you to control and disable cookies through browser settings. Remember though, that disabling cookies may cause malfunction of the site and / or limit our service offering. For information on how to manage and delete cookies on your tablet and / or mobile phone, please refer to the "Tools / Settings / Preferences" section of the browser used.

Select the browser you are using below for information on how change your cookie settings.

Google Chrome - https://support.google.com/chrome/answer/95647?hl=en&topic=14666&ctx=topic

Mozilla Firefox - https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie

Internet Explorer - http://windows.microsoft.com/it-it/windows-vista/block-or-allow-cookies

Opera - http://www.opera.com/help/tutorials/

Safari - http://www.apple.com/support/

4 - Legal basis

The legal basis of the processing of personal data in question, pursuant to art. 6 co 1 of EU Reg. 679/2016, is identified in the consent voluntarily released by the concerned party for the purposes specified above. Apart from that specified for navigation data, the user is free to provide personal data through the addresses indicated on the website to request information or other communications. Failure to provide such data may make it impossible to fulfil the request. It is hereby acknowledged that the Data Controller will not be able to process the contact request if the concerned party does not consent to the processing of the data entered, at least for the purposes and with the methods and times indicated in this statement.

5 - Method of treatment

The processing of personal data collected through the website is mainly done using electronic or web-based means, exclusively by authorized personnel, with automated tools and for the time strictly necessary to achieve the purposes for which they were collected. The information will be entered into an electronic database until such time that the request is processed by the Data Controller and the conclusion of any related activities. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. We hereby advise that any transmission of data via the Internet cannot achieve absolute security standards. Therefore, it is the User's responsibility to verify the correctness of personal data concerning him or her and where appropriate to correct, update or otherwise modify the data throughout the process. It is also the User’s responsibility to take appropriate security measures in order to avoid the risk of interception, loss, alteration or destruction of e-mail messages. Processing may also be carried out in paper form at the Data Controller’s premises. In both above cases, personal data are entered in the database secured by the Data Controller and handled by the managers and authorized persons. The list of managers and authorized persons is available at the company's registered office.

6 - Place of data processing

The operations connected to the web services of this website take place in the aforesaid location and are only handled by technical staff of the Office in charge of processing, or by persons in charge of occasional maintenance operations. The personal data provided by users who register, in particular name and surname with the region of origin and their emails are automatically added to the mailing list.

7 - Duration of storage

Personal data will be kept for the time strictly necessary to achieve the purposes described in this Privacy Policy (for example, where the user subscribes to a newsletter for the duration of such subscription or authorizes the sending of commercial information for the duration of such authorization). After this period, the user's personal data will be kept only to comply with legal and regulatory obligations (e.g. for 10 years for accounting purposes; for the duration of mandatory conservation obligation, for tax purposes, etc.) or to allow the Company to maintain a proof of their respective rights and obligations.

8 - Communication and dissemination of personal data

Your data, which will be processed for the duration of the contractual relationship and for the fulfillment of legal obligations, may be communicated to business partners, subsidiaries or affiliates to the Data Controller, to authorized persons for its processing and, for the purposes indicated above, to external collaborators, to subjects operating in fields of privacy or IT, to the contractual counterparts and related defence attorneys and, in general, to all those entities to whom communication is necessary for the correct fulfillment of the aforementioned purpose.

9 - Security measures of personal data

This website processes users’ data in a lawful and correct manner, adopting the appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data. Specifically, the company has implemented appropriate measures to protect the user's personal data from accidental loss and from unauthorized access, use, modification and disclosure. A tool is used that guarantees security during the transmission of information via the Internet. Password checks, firewall technology and other procedural security measures are also used in the management of this website. Although the Company has implemented the aforementioned security measures for the website, the user must be aware that 100% security cannot be guaranteed. Therefore, the user provides his or her personal data at his or her own risk and, to the fullest extent permitted by applicable law, the Company will not be in any way responsible for their disclosure due to errors, omissions or unauthorized third-party actions during or after their transmission. The Company recommends that the user (i) periodically update his or her software to protect the transmission of data over networks and (ii) check that his or her web services provider has adopted appropriate means for the security of data transmission over networks (e.g. firewall and anti-spam filters). In the unlikely event that the Company believes that the security of the user’s personal data, in its possession or under its control, has been or may have been compromised, it will inform the user of the incident according to the procedures prescribed by applicable law, using the methods so prescribed (by providing the company with its email address, the user consents to receive such communications in electronic format through this email address).

10 - The rights of concerned parties

At any time and free of charge, the user will be able to access their data, receive their personal electronic data in a structured and commonly used format and transmit them to another data controller (data portability), and to request of the data controller the correction or deletion of the same (request subject to current legal obligations and the conservation of documents imposed on the Company) or the restriction of processing. The corrections, cancellations or restrictions of processing carried out at the request of the concerned party, unless this proves impossible or involves a disproportionate effort, will be communicated by the data controllers to the recipients to whom the personal data have been transmitted. Furthermore , the user may oppose their processing, revoke consent at any time without prejudice to the lawfulness of the processing based on the consent given without the revocation (it is noted that the right of withdrawal of consent clearly cannot concern cases where for example, processing is necessary to fulfill a legal obligation to which the data controller is subject or for the performance of a task carried out in the public interest or in connection with the exercise of official authority vested in the data controller).

If you believe that there is a problem in the way we handle personal data, you have the right to file a complaint with the Guarantor for the protection of personal data, following the procedures and instructions published on the official website of the Authority.

To exercise these rights, the user can send a request by contacting the Company at the following email address privacy@greenlake-eng.com. When contacting the Data Controller, you must ensure that you include your name, email address, postal address and / or telephone number (s) along with a copy of a valid ID document. The Company is required to provide an answer within one month of the request; term extending up to three months in case of particular complexity of the request.