Raben logo

Privacy Policy

I. GENERAL INFORMATION

The interested parties (pursuant to Article 4, paragraph 1 of the GDPR) are informed of the following general profiles, valid for all areas of processing:

  • all data are processed in compliance with current privacy regulations (EU Reg. 2016/679 and Legislative Decree 196/2003, as amended and supplemented by Legislative Decree 101/2018);
  • all data are processed in a lawful, correct and transparent manner towards the interested party, in compliance with the general principles provided for in Article 5 of the GDPR
  • specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorized access (GDPR, Art.32).

II. DATA CONTROLLER

The Data Controller is the undersigned Company (in the person of the pro-tempore legal representative) who can be contacted for any request regarding privacy or to exercise the rights listed below, at the following addresses:

 

DATA CONTROLLER

Name: Raben Italy S.r.l.

Email: info.rabenitaly@raben-group.com

 

DATA PROTECTION OFFICER

Name: Galli Data Service Srl

Email: dpo@gallidataservice.com

III. RIGHTS OF THE INTERESTED PARTIES

  • Right to request the presence and access to personal data concerning the interested party (Article 15 "Right of access")
  • Right to obtain the rectification / integration of inaccurate or incomplete data (Article 16 "Right of rectification")
  • Right to obtain, if there are justified reasons, the cancellation of data (Article 17 "Right to cancellation")
  • Right to obtain the limitation of processing (Article 18 "Right to limitation")
  • Right to receive the data concerning the interested party in a structured format (Article 20 "Right to portability)
  • Right to oppose the processing and automated decision-making processes, including profiling (Articles 21, 22)
  • Right to revoke a previously given consent;
  • Right to submit, in case of non-response, a complaint to the Data Protection Authority.

IV. DATA PROCESSING CONNECTED TO THE OPERATION OF THIS WEBSITE

4.1 Navigation data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment.

 

Purpose and legal basis of the processing

(GDPR-Art.13, comma 1, lett.c)

These data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could also be used to ascertain responsibility in case of hypothetical computer crimes against the site (legitimate interests of the owner).

Communication scope

(GDPR-Art.13, comma 1, lett.e,f)

The data can be processed exclusively by internal personnel, duly authorized and trained in the processing (GDPR-Art.29) or by any subjects in charge of the maintenance of the web platform (appointed in this case external managers) and will not be disclosed to other subjects, disseminated or transferred to non-EU countries (unless subject to compliance with the requirements set out in Chapter V of the GDPR). Only in the event of an investigation can they be made available to the competent authorities.

Data retention period

(GDPR-Art.13, comma 2, lett.a)

The data is usually kept for short periods of time, with the exception of any extensions connected to investigation activities.

Conferment

(GDPR-Art.13, comma 2, lett.f)

Data is not provided by the interested party but automatically acquired by the site's technological systems.

 

4.2 Cookies

The management of cookies is in accordance with the relevant regulatory requirements:

  • "Cookies and other tracking tools guidelines" dated June 10, 2021 (Published in the Official Gazette No. 163, July 9, 2021);
  • Guidelines 5/2020 on consent under reg.(EU) 2016/679, adopted by the European Data Protection Board
  • Trans-national agreements on extra-EU data flows, concluded under Title V of the GDPR.  

The user can see more information about cookies in the appropriate policy (https://italia.raben-group.com/cookie-policy). Some general information regarding cookies and assimilated technologies is provided below.

What are cookies: Cookies are short fragments of text (letters and / or numbers) that allow the web server to store information on the client (the browser) to be reused during the same visit to the site (session cookies) or later, even at a distance of days (persistent cookies). Cookies are stored, according to user preferences, by the single browser on the specific device used (computer, tablet, smartphone). Similar technologies, such as, for example, web beacons, transparent GIFs and all forms of local storage introduced with HTML5, can be used to collect information on user behavior and on the use of services. Later in this information we will refer to cookies and all similar technologies by simply using the term "cookie".

Possible types of first-party cookies and how to manage preferences

CATEGORY

SCOPE

MANAGEMENT OF PREFERENCES

Technical navigation or session Guarantee the normal navigation and use of the site

Through the main navigation browsers it is possible to:

  • Block the reception of all (or some) types of cookies by default
  • View the analytical list of cookies used
  • Remove all or some of the installed cookies

For information on setting individual browsers see specific paragraph. It should be noted that blocking or deleting cookies could compromise the navigability of the site.

Technical analytical Collect information on the number of visitors and the pages viewed
Functional technical Allow navigation according to a series of selected criteria

Profiling

Create user profiles in order to send advertising messages in line with preferences

The site may contain links to third party sites and third party cookies; for more information, we invite you to view the privacy policies of any linked sites.

 

Management of preferences through the main navigation browsers The user can decide whether or not to accept cookies using the settings of his browser (we point out that, by default, almost all web browsers are set to automatically accept cookies). The setting can be changed and defined specifically for different websites and web applications. In addition, the best browsers allow you to define different settings for "proprietary" and "third party" cookies. Usually, the configuration of cookies is done from the "Preferences", "Tools" or "Options" menu.

 

Below are the links to the guides for managing the cookies of the main browsers:

 

Further information:

 

4.3 Site-specific functions

Some pages of the site may involve the request for information from the surfer in relation to specific services (eg: request information, user registration, work with us, etc.)

Purpose and legal basis of the processing

(GDPR-Art.13, comma 1, lett.c)

Only the data necessary for the correct provision of the service and necessary to give a correct and exhaustive response to the interested parties will be requested. The processing is subject to the acceptance of specific, free and informed consent (GDPR-Art.6, comma1, lett.a)

Communication scope

(GDPR-Art.13, comma 1, lett.e,f)

Data is processed exclusively by duly authorized and trained personnel (GDPR-Art.29) or by any persons in charge of maintenance of the web platform (appointed in this case external managers). The data will not be disseminated or transferred to non-EU countries (unless subject to compliance with the requirements set out in Chapter V of the GDPR).

Data retention period

(GDPR-Art.13, comma 2, lett.a)

The data is kept for times compatible with the purpose of the collection

Conferment

(GDPR-Art.13, comma 2, lett.f)

The provision of data relating to the mandatory fields is necessary in order to obtain an answer, while the optional fields are aimed at providing the staff with further elements useful to facilitate contact.

 

4.4 Data provided voluntarily by the user

The optional, explicit and voluntary sending of electronic and / or ordinary mail to the addresses indicated on this website entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message. If the sender sends his CV to submit his professional application, he remains solely responsible for the relevance and accuracy of the data sent. It should be noted that any resumes without authorization to process data will be immediately deleted.

 

V. PROCESSING OF DATA RELATED TO RELATIONS WITH CUSTOMERS AND SUPPLIERS

5.1 Subject of the treatment

The company processes personal identification data of customers / suppliers (for example, name, surname, company name, personal / fiscal data, address, telephone, e-mail, bank and payment details) and their operational contacts (name, surname and data contact) acquired and used in the supply of the products / services provided

 

5.2 Purpose and legal basis of the processing

The data is processed for:

  • conclude contractual / professional relationships and provide the related services;
  • fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships, as well as manage the necessary communications connected to them;
  • fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority;
  • exercise a legitimate interest as well as a right of the Data Controller (for example: the right of defense in court, the protection of credit positions; the ordinary internal needs of an operational, managerial and accounting nature).

Failure to provide the aforementioned data will make it impossible to establish a relationship with the Owner. The aforementioned purposes represent, pursuant to Article 6, paragraphs b, c, f, suitable legal bases for the lawfulness of the processing. If it is intended to carry out treatments for different purposes (eg: marketing communications, photo / video content production, etc.), a specific consent will be requested from the interested parties.

 

5.3 Methods of processing and storage time

The processing of personal data is carried out by means of the operations indicated in Art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data are subjected to both paper and electronic processing. The Data Controller will process personal data for the time necessary to fulfill the purposes for which they were collected and related legal obligations (usually coinciding with the relationship with the interested party, without prejudice to the extension in reference to the obligations of conservation of administrative documentation of business correspondence).

 

5.4 Scope of the treatment

The data is processed by internal subjects duly authorized and trained pursuant to Article 29 of the GDPR. It is also possible to request the scope of communication of personal data, obtaining precise information on any external subjects who operate as managers or autonomous data controllers (eg consultants, technicians, banks, transporters, etc.). The data may be communicated to any subsidiary / associated companies for various reasons.

The data isnot subject to dissemination or transfer outside the EU (they may be subject to transfer outside the EU only in compliance with the conditions set out in Chapter V of the GDPR, aimed at ensuring that the level of protection of data subjects is not adversely affected "Art.45 Transfer on the basis of an adequacy decision, Art.46 Transfer subject to adequate safeguards, Art.47 Binding Corporate Rules, Art.49 Specific exemptions"). The data is not subject to automated processes that produce significant consequences for the data subject.

 

VI. POLICY UPDATE

It should be noted that this information may be subject to periodic review, also in relation to the relevant legislation and jurisprudence. In the event of significant changes, appropriate evidence will be given on the home page of the site for a suitable time. However, the interested party is invited to periodically consult this policy.

Last document update: December 2023.