The present document displays the rules that M&GF Project adopts for gathering and using data online, in compliance with the privacy law in force (EU Regulation 2016/679), with specific concern with correctness, lawfulness and transparency principles, protecting confidentiality and rights of the interested parties.
This document is provided in accordance with article 13 of the UE Regulation n. 2016/679 (GDPR) to those who interact with M&GF web services, which are accessible online at this site: http://www.mgfproject.com.
M&GF can modify or update this policy any time. We'll inform you of any modification, updating the date of the policy. We invite you to review the policy from time to time.
1. Holder and Responsible for data treatment
Data provided will be treated by M&GF PROJECT Srl, headquartered in Via Magellano, 6 - Concorezzo (MB) 20863, Italy. The holder of the treatment is M&GF PROJECT Srl.
Some definitions and specifications mentioned in the document are described hereafter:
"user": it means the user of the site
3. Typologies of treated data
3.1. Navigation data
3.2. Data provided voluntarily by users
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on the Site or communications sent via the use of the "Contacts" section, involves the subsequent acquisition of the sender address, necessary to respond to requests, and of any other personal data inserted in such communications. These data will be trasmitted to third parties only where necessary to comply with the users requests.
4. Nature of the data and consequences of a refusal to respond
Apart from that specified with reference to the navigation data, which are necessary in order to allow users a correct use of the Site, interested parties are free to provide personal data to request a response from Company. Failure to provide data may make it impossible to fulfill the request.
5. Aim of treatment
Data treatment aims to reach the following goals:
- activities related to the use of services offered for browsing the site;
- activities related to customers relationship management (contacts requests);
- marketing and profiling activities, only and exclusively with specific consent, aimed to market research, economic and statistical analysis, newsletter sending, communications, development and maintenance of trade relations;
- data treatment related to curricula to evaluate job applications.
6. Method of treatment
Data treatment shall consist in: gathering, recording, organization, conservation, consultation, processing, modification, selection, extraction, comparison, use, block, trasmission and cancellation, in accordance with article 4, n.2 (GDPR).
The personal data are processed by manual, computerized and automated systems for the time necessary to achieve the purposes for which they are collected. The holder is equipped with specific security measures to ensure that the treatment is carried out in compliance with the Code, with particular regard to the prevention of the loss of such data, illicit or incorrect use and unauthorized access to the databases.
In particular, all technical and organizational measures that are suitable for data protection will be adopted to meet legal requirements and protect the rights of the interested parties.
7. Legal basis and data conservation times
Legal basis of treatment is the legitimate interest of the holder as well as the consent expression of interested parties through interaction with our site.
If you are already our clients, we shall send you commercial information regarding similar services to those you are already using, except your disagreement.
8. Communication and dissemination of data
The personal information collected on the Site is not subject to disclosure or communication and will not be sold or transferred to third parties. This is without prejudice, in any case, communication or distribution of data required in accordance with the law, police, judicial authorities, intelligence and security agencies or other public entities for purposes of defense or national security or the prevention, detection or repression of crime.
9. Rights of interested parties
In relation to the aformentioned data all rights under articles 15, 16, 17, 18, 20 and 21 of GDPR could be exercised:
A. Right of access to personal data
B. Their adjustment in case of mistake
C. Data cancellation
D. Treatment limiting
E. The right of data portability, which means receiving personal data from automatic device and obtaining the transfer at another holder of treatment without any impediment.
F. Opposition to treatment
To exercise these rights, users can write to the holder of treatment, sending an email to the following address: email@example.com, indicating in the subject "Privacy - exercise of rights".
Under article 77 of the EU Regulation 2016/679, the interested parties have the right to lodge a complaint to the Competition Authority of personal data protection in case of the treatment violates this Regulation.
10. Revocation of consent
The consent given for treatment of personal data could be revoked any time, without compromising the lawfulness of data treatment fullfilled during the period prior to revocation, that is further treatments based on different legal basis with respect to the consent.