solocla/ppeasy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ppeasy/public/informativappeasy_eng.php

283 lines
24 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Privacy Notice - PPEASY Platform</title>
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta content="Premium Multipurpose Admin & Dashboard Template" name="description" />
<meta content="" name="author" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<!-- App favicon -->
<link rel="shortcut icon" href="../assets/images/favicon.ico">
<!-- App css -->
<link href="assets/css/bootstrap.min.css" rel="stylesheet" type="text/css" />
<link href="assets/css/jquery-ui.min.css" rel="stylesheet">
<link href="assets/css/icons.min.css" rel="stylesheet" type="text/css" />
<link href="assets/css/metisMenu.min.css" rel="stylesheet" type="text/css" />
<link href="assets/css/app.min.css" rel="stylesheet" type="text/css" />
<style type="text/css">
.auth-logo-text {
text-align: left;
}
.auth-logo-text p,
.auth-logo-text ul,
.auth-logo-text li {
text-align: left;
margin-bottom: 10px;
line-height: 1.5;
font-family: Calibri, sans-serif;
font-size: 10pt;
}
.auth-logo-text ul {
padding-left: 20px;
}
.auth-logo-text p[style="font-size: 18px;"] {
margin-bottom: 20px;
}
.auth-logo-text p+p,
.auth-logo-text p+ul,
.auth-logo-text ul+p {
margin-top: 20px;
}
.auth-logo-text a {
color: #00F;
text-decoration: underline;
font-family: Calibri, sans-serif;
font-size: 10pt;
}
.auth-logo-text strong {
font-weight: bold;
}
</style>
</head>
<body class="account-body accountbg">
<!-- Log In page -->
<div class="container">
<div class="row vh-100">
<div class="col-12 align-self-center">
<div>
<div class="card auth-card shadow-lg">
<div class="card-body">
<div class="px-5">
<div>
<a href="https://www.cimac.it/modulo_certificazione/public/login" class="logo logo-admin"><img src="assets/img/cimac-logo.png" height="55" alt="logo" class="auth-logo"></a>
</div>
<div class="text-center auth-logo-text">
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>INFORMATIVA_PPEASY</title>
<meta name="author" content="Paola Crespi" />
<style type="text/css">
* {
margin: 0;
padding: 0;
text-indent: 0;
}
p {
color: black;
font-family: Calibri, sans-serif;
font-style: normal;
font-weight: normal;
text-decoration: none;
font-size: 10pt;
margin: 0pt;
}
.s1 {
color: black;
font-family: Calibri, sans-serif;
font-style: normal;
font-weight: normal;
text-decoration: none;
font-size: 7pt;
}
.s2 {
color: black;
font-family: Calibri, sans-serif;
font-style: normal;
font-weight: normal;
text-decoration: underline;
font-size: 8pt;
}
.s4 {
color: #00F;
font-family: Calibri, sans-serif;
font-style: normal;
font-weight: normal;
text-decoration: none;
font-size: 8pt;
}
.a,
a {
color: black;
font-family: Calibri, sans-serif;
font-style: normal;
font-weight: normal;
text-decoration: none;
font-size: 8pt;
}
.s5 {
color: black;
font-family: Calibri, sans-serif;
font-style: normal;
font-weight: normal;
text-decoration: underline;
font-size: 7pt;
}
.s7 {
color: black;
font-family: Calibri, sans-serif;
font-style: normal;
font-weight: normal;
text-decoration: none;
font-size: 8pt;
}
li {
display: block;
}
#l1 {
padding-left: 0pt;
}
#l1>li>*:first-child:before {
content: "";
color: black;
font-family: Symbol, serif;
font-style: normal;
font-weight: normal;
text-decoration: none;
font-size: 10pt;
}
</style>
</head>
<body>
<br>
<p style="font-size: 18px;"><strong>Subject: Information Notice Regarding the Processing of the Users Personal Data</strong></p>
<p style="padding-top: 3pt;padding-left: 5pt;text-indent: 0pt;text-align: left;">Pursuant to the current legislation on the processing of personal data (EU Regulation 2016/679 as well as the Privacy Code, i.e.: Legislative Decree 196/03 as amended by Legislative Decree 101/2018), we inform you that the data provided concerning the data subject (including in the case of an individual business, small entrepreneur, or professional) or their employees, collaborators, or clients (the “Data”), will be processed in accordance with the provisions of the currently applicable privacy legislation. In any case, the processing of data is carried out in a manner that ensures the security of the data itself and according to the principles of fairness, lawfulness, and confidentiality provided by law (Articles 5, 6, and 32 of EU Regulation 2016/679 hereinafter only GDPR).</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Data Controller and DPO</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">The Data Controller, pursuant to Articles 4 and 24 GDPR, is Anci Servizi s.r.l. a sole shareholder company, with registered office in Milan, Via Alberto Riva Villasanta 3, and operational headquarters, B.U. CIMAC, in Vigevano, Via Aguzzafame n. 60/B. For contacts, simply send an email to: <a href="mailto:info@cimac.it">info@cimac.it</a> or call: 038184722 or 02438291. The Data Controller has appointed its own DPO, Mrs Laura Marretta - Attorney at Law, who can be contacted at the above references or by email at <a href="mailto:privacy@assocalzaturifici.it">privacy@assocalzaturifici.it</a>.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Purpose of the Information Notice</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">The Data Controller, as required by Article 12 GDPR, adopts the following information notice as a measure to provide you with the information referred to in Article 13 GDPR and the communications referred to in Articles 15 to 22 and 34 GDPR relating to the processing of personal data you provide to register on the platform, create your profile, and use the services available on it.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Purposes of Processing and Legal Bases</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">The data you freely provide, concerning both the company and personal details of the User, as well as data relating to your employees, collaborators, or clients, do not fall within the special categories of personal data as listed in Article 9 GDPR and are processed by the Data Controller for the following purposes:</p>
<ul id="l1">
<li>
<p style="padding-left: 41pt;text-indent: -18pt;text-align: left;">Registration on the platform and creation of the User Profile</p>
</li>
<li>
<p style="padding-left: 41pt;text-indent: -18pt;text-align: left;">Registration of your employees and/or collaborators who will then be authorized to use the platform after their specific user profile is created</p>
</li>
<li>
<p style="padding-left: 41pt;text-indent: -18pt;text-align: left;">Communication of data to proceed with the “I have PPE to certify” service</p>
</li>
<li>
<p style="padding-left: 41pt;text-indent: -18pt;text-align: left;">Communication of your clients data to proceed with the “I have PPE to certify for my client” service</p>
</li>
<li>
<p style="padding-left: 41pt;text-indent: -18pt;text-align: left;">Sending technical communications (technical and service communications from the Data Controller or its Data Processors)</p>
</li>
<li>
<p style="padding-left: 41pt;text-indent: -18pt;text-align: left;">Sending you communications relating to Cimac services</p>
</li>
<li>
<p style="padding-left: 41pt;text-indent: -18pt;text-align: left;">Defending/asserting a right.</p>
</li>
</ul>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">Regarding the purposes listed above, the legal bases are: for points 1) to 5), the contract between the parties for the use of the platform and its services; for points 6) and 7), the legitimate interest of the Data Controller (to which you may object at any time by writing to the DPO or following the instructions in the footer of the communications you receive).</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Processing and Data Retention</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">For the purposes outlined above, the processing of data provided to the Data Controller will include what is necessary for the correct provision of services, namely: management, organization, storage and creation of the database, consultation, response, archiving, communication, sending communications, processing, creation of anonymous statistics, use, destruction, and modification of the processed data following a report by the data subject.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">The Data Controller also informs you that if it intends to further process personal data for a purpose other than that for which they were collected, before such further processing, it will provide the data subject with information regarding this different purpose and any other relevant information, collecting, in the specific case, consent to the processing.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">Data will be processed for the time necessary to fulfill the purposes of collection and the legal obligations to which the Data Controller is subject.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Scope of Communication and Dissemination</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">Processing will include the communication of data to members of the Data Controllers organizational structure, or to Authorized persons within the management of the provided service, to Data Processors appointed pursuant to Article 28 GDPR. Specifically, it is noted that the company C.E. Soft s.r.l. (<a href="http://www.cesoft.srl">www.cesoft.srl</a>), our Data Processor, also acts as “Administrator” of the platform system. The collected data will not be subject to dissemination.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Nature of Data Provision</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">The provision of data is optional; however, failure to provide such data may prevent the use of the platform or its services. Therefore, in the case of use of the platform and its services, the processing of personal data provided (also in the name and on behalf and in the interest of your employees and/or consultants, clients) will in any case be considered as authorized pursuant to Article 6, paragraph 1, letter b GDPR.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Transfer of Personal Data</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">Processing will include the use of the data provided within the EU and outside the EU, but only in the case of countries falling within the cases under Articles 45, 46, and 49 GDPR.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Special Categories of Personal Data</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">The Data Controller reminds the data subject that the personal data requested and provided do not fall within the special categories of personal data as listed in Articles 9 and 10 GDPR.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Existence of Automated Decision-Making, Including Profiling</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">The Data Controller does not carry out any data processing based on automated decision-making processes, nor does it carry out profiling.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Processing Methods and Security Measures</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">Processing may take place both on paper and by electronic means by persons specifically Authorized to process, as required by Article 13, paragraph 2, letter f GDPR. The Data Controller confirms that processing does not take place through automated decision-making processes nor is profiling carried out unless you have expressly consented to it.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">The Data Controller observes appropriate security measures as provided for by Article 32 GDPR to prevent data loss, unlawful or incorrect use, and unauthorized access.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Responsibility for Data Provision</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">It is understood that for all data entered into the platform, both for all data provided and for each individual data item, including with regard to correctness, lawfulness, and truthfulness as well as the possibility of use and communication, the legal representative of the company creating the profile is responsible, and must also hold the Data Controller harmless from any and all claims that may arise and from any request for compensation for direct and/or indirect damages.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Data Breach</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">If the Data Controller suffers a breach as defined in Article 34 involving a risk to the rights and freedoms of natural persons (data breach), it will where necessary notify the Supervisory Authority and communicate the incident to all data subjects.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Rights of the Data Subject</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">The Data Controller informs you that you are guaranteed the rights expressed in Article 13, paragraph 2 GDPR, and therefore:</p>
<ul id="l1">
<li>
<p style="padding-left: 41pt;text-indent: -18pt;text-align: left;">right of access to personal data and related information listed under Article 15 EU Regulation;</p>
</li>
<li>
<p style="padding-left: 41pt;text-indent: -18pt;text-align: left;">right of rectification or erasure of the data provided or restriction of processing;</p>
</li>
<li>
<p style="padding-left: 41pt;text-indent: -18pt;text-align: left;">right to object to processing;</p>
</li>
<li>
<p style="padding-left: 41pt;text-indent: -18pt;text-align: left;">right to data portability;</p>
</li>
<li>
<p style="padding-left: 41pt;text-indent: -18pt;text-align: left;">if processing is based on Article 6, paragraph 1, letter a), or Article 9, paragraph 2, letter a), right to revoke consent at any time without affecting the lawfulness of processing based on consent before its withdrawal;</p>
</li>
<li>
<p style="padding-left: 41pt;text-indent: -18pt;text-align: left;">right to submit a complaint with a supervisory authority.</p>
</li>
</ul>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;"><strong>Exercise of Rights</strong></p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">The above rights may be exercised by sending an email to the DPO indicating in the subject: “exercise of rights under GDPR” and including in the body of the email the right you wish to exercise, as well as your name, surname, and the email address to which you wish to receive a response from Anci Servizi s.r.l.</p>
<p style="padding-left: 5pt;text-indent: 0pt;text-align: left;">Once your request has been processed, the Data Controller will send a response within the time limits indicated by Article 12, point 3 GDPR.</p>
</body>
</html>
</div>
<h4 class="mt-0 mb-3 mt-5"></h4>
<br><br><br><br><br><br><br><br><br><br><br><br><br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<!-- End Log In page -->
<!-- jQuery -->
<script src="assets/js/jquery.min.js"></script>
<script src="assets/js/jquery-ui.min.js"></script>
<script src="assets/js/bootstrap.bundle.min.js"></script>
<script src="assets/js/metismenu.min.js"></script>
<script src="assets/js/waves.js"></script>
<script src="assets/js/feather.min.js"></script>
<script src="assets/js/jquery.slimscroll.min.js"></script>
<!-- App js -->
<script src="../assets/js/app.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink