- Section 1: Place of data processing
- Section 2: Type of details processed
- Section 3: Rights of the data subjects
- Section 4: Purposes of the processing operations
- Section 5: Requirement to supply details
- Section 6: Methods of data processing
- Section 7: Contact details
The IMPact SGR S.p.A. – Società di Gestione del Risparmio company (referred to from now on as “IMPact SGR”) recognises that the protection of physical persons, with reference to the processing of their personal details, is a fundamental right. The personal details of those who interact with the web services of the website https://www:impactsgr.it (referred to from now on as ‘the Site’) will be processed in compliance with the guidelines set out in EU Regulation 2016/679 (‘GDPR’) and Italian Legislative Decree No. 196 of 30 June, 2003, as amended. This document sets out the purposes of the processing operations, and the technical and organisational measures that guarantee the compliance of the processing operations with the provisions of the applicable legislation.
1. PLACE OF DATA PROCESSING
The Site is hosted on machines managed by a company governed by Italian law, located in Italy and therefore subject to the legislation cited in the introduction. IMPact SGR conducts periodic checks and controls and receives accurate reports on the hardware onto which the software of the Site has been installed.
2. TYPE OF DETAILS PROCESSED
Via the Site, IMPact SGR collects and processes the personal details (first name, surname, e-mail address, telephone number) that are directly and voluntarily supplied by you, as the data subject, through the compilation of the contact form available on the Site. No details are subject to disclosure.
2.1 Browsing data
The IT systems and the software procedures deployed to enable the functionality of the Site acquire, during their normal implementation, certain personal details, the transmission of which is implicit in the use of internet communication protocols.
This information is not collected in order to be associated with specific data subjects, but due to its nature it may, through processing operations and associations with other details, make it possible to identify users.
This category of details includes the IP addresses and domain names of the computers used when you connect to the Site, the URLs of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to your operating system and IT environment.
The browsing data are used to guarantee the correct functionality of the Site services, collect anonymous statistical information on the use of the Site and ascertain responsibility in the event of cybercrimes causing damage to the Site; aside from this eventuality, the data on web contacts are stored for a maximum period of seven days. Specific security measures are observed to prevent data loss, illegitimate or unfair use, and unauthorised access.
Cookies are small text files that are downloaded onto your device when you visit a website. Upon each subsequent visit the cookies are re-sent to the source website (first-party cookies) or to another site that recognises them (third-party cookies). Cookies are useful because they enable a website to recognise your device. They have various purposes such as, for example, allowing efficient browsing through the pages, storing bookmarks and, in general, enhancing the browsing experience. They also help to ensure that the advertising content viewed online is more closely targeted towards you and your interests.
Based on their functionality and intended purpose, cookies can be sub-divided into technical cookies and profiling cookies (first- and third-party).
The main categories of cookies are as follows:
1. Technical cookies
Technical cookies are those that do not require your consent. These cookies include those that are called “strictly necessary”, which enable functions without which it would not be possible to use the Site fully. Technical cookies are used by IMPact SGR and they are stored on your computer only for the time that is strictly necessary. These cookies facilitate the shift from http to https when you change pages, so that the security of the data being transmitted is guaranteed at all times. Technical cookies do not require your consent because they are necessary for the delivery of the service you have requested.
Technical cookies used:
Cookie name: Cookie Notice Accepted
Storage time: 1 month
2. Third-party cookies
When browsing the IMPact SGR site, you may also receive on your device cookies from different sites or web servers (so-called “third-party cookies”): this occurs because the Site may contain elements such as, for example, images, maps, sounds, specific links to webpages on other domains that are stored on servers other than those on which the requested page is stored. In other words, these cookies are set directly by the managers of websites or servers other than this Site. The name of these cookies, their intended purpose and their duration are defined by the third party; as such, it is necessary to consult the documentation provided by that party in order to obtain more information on them.
Third-party cookies used:
The cookies installed on your browser can be deleted at any time. Below you will find the links to the cookie-management guides of the main browsers:
You can delete all of the cookies on your computer and set most browsers to prevent cookies being accepted. In this case, however, it may be necessary to set certain preferences manually every time you visit a site, and certain services and functions may not work properly.
3. RIGHTS OF THE DATA SUBJECTS
For the storage time of the personal details of the data subjects as set out in the preceding paragraphs 2.1 and 2.2, you, as the data subject, may exercise your rights to access the data, in order to obtain confirmation of whether or not your personal details are being processed and to be informed as to the content and source of said details. You are also entitled to correct, cancel, limit and oppose the processing operations.
4. PURPOSES OF THE PROCESSING OPERATIONS
Your personal information may be processed in order to fulfil your requests for information and material, and to put you in contact with the company’s departments.
5. REQUIREMENT TO SUPPLY DETAILS
Your personal details will be collected and stored by means of a specific form on this site when it is essential to do so in order to fulfil the purposes set out in this policy. The supplying of your details is necessary when you wish to get in contact with the company, so that it then becomes possible to re-contact you to provide you with any information you have requested.
You will, however, still be able to browse the site without having to register or identify yourself.
6. METHODS OF DATA PROCESSING
Your personal information will be processed using automated and paper-based methods, and strictly to the extent and for the period of time required for the specific purposes for which the information was originally collected.
The IMPact SGR website is protected by security measures that are adequate to guarantee the integrity, confidentiality and availability of your personal information.
Despite our best efforts, we cannot guarantee fully that the measures implemented to ensure the security of the site, the transmission of your details and the information itself are capable of eliminating entirely any potential risk of unauthorised access or loss of data.
7. CONTACT DETAILS
Any request relating to the processing of the personal details referred to in this statement may be submitted to the following email address: firstname.lastname@example.org
Download this document in PDF format