About this statement

This page describes how this website is managed as regards the processing of personal data of users who visit it.

This is information that is also provided pursuant to and for the purposes of articles 13 and 14 of the Regulation (EU) GDPR 679/2016 of the European Parliament and of the Council of 27 April 2016 relating to the protection of individuals with regard to the processing of personal data, as well as the free circulation of such data (General Data Protection Regulation, hereinafter “GDPR”) to those who interact with SINTECO s.r.l. web services, accessible electronically from the www.itineragroup.it address, corresponding to the home page of the official SINTECO s.r.l. website.

The information is provided only for the indicated site and not for other websites that may be consulted by the user through links.

The information is also inspired by Recommendation no. 2/2001 that the European authorities for the protection of personal data, gathered in the Group established by art. 29 of Directive no. 95/46/EC, adopted on 17 May 2001 to establish minimum requirements for collecting personal data on-line, and, in particular, the manner, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose of the link.

The data “controller”
After browsing this site, data relating to identified or identifiable individuals can be processed (GDPR art. 4).

The data “controller” is SINTECO s.r.l., which is based in Via Verra 201 Trecate 28069 (NO) Italy.

Data processor
The data processor is ANDREA MILANESI (tax code MLNNDR84R05F952K) domiciled for the performance of the assignment at the headquarters in Via Verra 201, Trecate 28069 (NO), Italy.

Data sub-processor
The data sub-processor is SARA BONELLI (tax code BNLSRA84L59D969R) domiciled for the performance of the assignment at the headquarters in Via Verra 201, Trecate 28069 (NO), Italy.

Data processing location
Data processing connected with the web services offered by this site shall take place at the aforementioned registered offices of SINTECO s.r.l. and shall be only be processed by the technical staff assigned for this purpose, or by persons that may be appointed for occasional maintenance services. No data from the web service are communicated or disclosed. Personal data provided by users who request informative material (such as newsletters, etc.) are only used to perform the service or provision requested.

Types of data processed

Browsing data
The IT systems and software procedures used to make this website work may acquire, in the course of their normal operations, certain personal details. The transmission of these details is implicit in the use of internet communication protocols.

This information is not collected with the intent of associating it with identified users, but by its very nature could lead to the identification of users through processing and through association with data held by third parties.

This category of data includes the IP addresses or domain names of the computers used by those who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment.

This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct operations and are deleted immediately after processing. The data could be used to ascertain liability in case of computer crimes against the site: except for this possibility, the data on web contacts are not stored for more than seven days.

Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message.
Specific summary data will be progressively shown or displayed on the website pages dedicated to particular services requested.

Cookies
No personal data concerning its users is collected by the site.

We do not use cookies to transmit information of a personal nature or use so-called persistent cookies or any kind, i.e. systems for tracking users.

The use of so-called session cookies (which are not stored permanently on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the site.

The so-called session cookies used on this site avoid the use of other IT techniques that are potentially detrimental to the confidentiality of users’ browsing and do not allow the acquisition of the users’ personal identification data.

Voluntary submission of data
Apart from what is specified for browsing data, the user is free to provide personal data contained in the request forms to SINTECO s.r.l. or indicated in contacts to request informative material or other communications. Their absence may make it impossible to fulfil the request.

Processing methods
Personal data is processed with automated tools for the time strictly necessary to achieve the purposes for which it was collected.
In order to prevent data loss, illicit, or incorrect use of data and unauthorised access, specific security measures are observed.

Rights of data subjects
The rights of the data subjects are taken as reference, as defined in the GDPR 679. The subjects to whom the personal data refer have the right to know (art.15 GDPR)

  • the purposes of personal data in question;
  • the categories of personal data in question;
  • the recipients or categories of recipients to whom the personal data has been or will be disclosed, in particular recipients in Non-EU countries or international organisations;
  • when possible, the expected retention period of personal data or, if not possible, the criteria used to determine this period:

The subjects to whom the personal data refer have the right (articles 15, 16, 18, 17, 21, 22, 20 GDPR)

  • Right of access
  • Right of rectification
  • Limitation of processing or blocking of data processed in violation of the law
  • Cancellation and obscurity
  • Opposition to their processing for legitimate reasons
  • Prohibition of automated decisions

Requests should be addressed:

  • by e-mail, to privacy@sinteco-srl.it
  • via fax: +39 0321.76.600
  • or by mail to SINTECO s.r.l., Via Verra 201 Trecate 28069 (NO) Italy

Notification of violations to the Data Protection Authority
Pursuant to articles 33 and 34 of the GDPR, whenever a security breach is detected that accidentally or illegally involves the destruction, loss, modification, unauthorised disclosure, access to personal data and such violation presents a high risk for the rights and freedoms of natural persons, the data controller will inform both the protection authority and the data subject (to whom the data relate) without undue delay and, where possible, within 72 hours from the time it became to known.

This page is visible through the link on all site pages, pursuant to article 13 and article 14 of the Regulation (EU) GDPR 679/2016 of the European Parliament and of the Council of 27 April 2016 relating to the protection of natural persons with regard to the processing of personal data, as well
as the free circulation of such data; it constitutes the “Privacy Policy” of this site which will be subject to updates.
Latest update: 10/02/2020.