PRIVACY POLICY

WEBSITE WWW.MAPEI.IT

pursuant to artt. 13 and 14 of EU Regulation 2016/679 (GDPR)

titolare-trattamento

CONTROLLER

Who decides the purposes and means of the processing?

Mapei S.p.A. is the data controller, which means that it is the subject who determines the purposes and means of the processing of personal data pursuant to art. 4 of the GDPR. Below you can find the contact details of Mapei S.p.A.:

Address: Via Cafiero, 22 20158 - Milan Italy
Telephone and Fax: +39 02 376 731 and +39 02 37 67 32 14
E-mail: privacy@mapei.it

In the present information notice, Mapei S.p.A. is also referred to as the 'Company' or 'Controller'.

*Il trattamento di dati personali è qualsiasi operazione o insieme di operazioni effettuate anche in via automatizzata su dati personali, come ad esempio la raccolta, la conservazione, l'organizzazione, la consultazione, l'utilizzo, la cancellazione dei dati

**I dati personali sono le informazioni riguardanti una persona fisica identificata o identificabile in modo diretto o indiretto. Ad esempio, sono dati personali i nomi, i numeri di identificazione, i dati sulla posizione, gli elementi caratteristici

dati-trattati

PROCESSED DATA

What data do we collect?

In the course of browsing the website www.mapei.it we collect various personal data to fulfill the processing purposes listed in the following paragraph. In particular, we process common data, including:
  • technical navigation data, acquired by the information systems and software procedures relied upon to operate the Site itself, as part of their standard functioning. These personal data, whose transmission is an inherent feature of Internet communication protocols, are not collected in order to be associated with identified data subjects but, by their very nature, they could allow users to be identified through the processing and association with data held by third parties. This category of data includes IP addresses, domain names of the computers used by users connecting to the Site, URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code relating to server response status (successfully performed, error, etc.) and other parameters relating to the user's operating system and IT environment. These data, necessary for the use of web services, are also used to obtain anonymous statistical information on the use of the Site as well as to check its correct functioning and are deleted immediately after processing. The data may also be used to ascertain liability, should criminal offences be committed or attempted against the Site.
  • cookies and similar technologies, for which please refer to the cookie policy.
  • data provided voluntarily by the user, for the creation of a MyMapei profile and for the application for open positions, as well as for contact purposes (please refer respectively to the information notice for registration to the Site, to the information notice for candidates and to the "contact" information notice).
Please note that this Privacy Policy is intended to apply only to the processing of data carried out on the Site and not to processing carried out on different and additional websites, even if accessible by means of links within the Site itself.
*I dati personali possono essere classificati in due insiemi: dati comuni e categorie particolari di dati personali (detti anche "dati sensibili"). Le categorie particolari di dati ricomprendono dati che rivelino l'origine razziale o etnica, le opinioni politiche, le convinzioni religiose o filosofiche, l'appartenenza sindacale, i dati genetici, i dati biometrici intesi a identificare in modo univoco una persona fisica, i dati relativi alla salute, alla vita sessuale o all'orientamento sessuale della persona. I dati comuni sono, per esclusione, tutti gli altri, ad esempio: nome e cognome, dati di contatto, indirizzo postale, coordinate bancarie, etc.

finalita

PURPOSES

For what purpose do we process user data?

The processing of user data is carried out for various purposes
  1. technical administration and management of the operation of the Site;
  2. fulfilment of legal obligations under applicable national and supranational regulations;
  3. ascertainment, exercise or defence of the Controller's rights in court and/or out-of-court procedures.
*I dati personali possono essere raccolti solo per finalità determinate, esplicite e legittime, e successivamente trattati in modo compatibile con tali finalità.

base-giuridica

LEGAL BASIS

What condition makes the processing lawful?

Processing, to be lawful, must be founded on an adequate legal basis:

 

  1. performance of the contract to which the data subject is a party, pursuant to Art. 6, par. 1, lett. b) GDPR (navigation on the Site);
  2. fulfilment of a legal obligation to which the Controller is subject, pursuant to Article 6, par. 1, lett. c) GDPR;
  3. pursuit of the legitimate interest of the Controller or third parties, pursuant to Art. 6, par. 1, lett. f) GDPR.

*Il trattamento può essere effettuato solo in presenza di determinate condizioni, alternative le une con le altre, dette basi giuridiche. Esse sono, nel trattamento dei dati comuni:

  • consenso dell'interessato;
  • esecuzione di un contratto di cui l'interessato è parte o di misure precontrattuali adottate su richiesta dello stesso;
  • adempimento di un obbligo di legge;
  • salvaguardia degli interessi vitali dell'interessato o di altra persona fisica;
  • necessità per l'esecuzione di un compito di interesse pubblico;
  • legittimo interesse del titolare del trattamento.

**Quando la normativa fa riferimento all'esecuzione di un contratto o alle misure precontrattuali, il perimetro si intende esteso anche ad attività che apparentemente potrebbero non sembrare tali: ad esempio la registrazione ad un sito, l'invio di una richiesta mediante un form di contatto, l'iscrizione ad un corso formativo.

conservazione

RETENTION

How long do we retain personal data?

We retain user’s data for a period that depends on the specific purpose of the processing:
  1. for as long as you browse;
  2. for as long as required by the applicable legislation;
  3. for the entire duration of judicial or extrajudicial litigation until the time limits for appeals are exhausted.
Once the aforementioned retention periods have expired, the data will be destroyed or rendered anonymous, compatibly with the technical procedures for deletion and backup and with the Controller's accountability requirements.

*Fino all’esaurimento dei termini di esperibilità delle azioni di impugnazione

necessarieta

NECESSITY

Is the provision of personal data necessary?

Browsing data are necessary in order to carry out the IT and telematic protocols underlying the operation of the Site; therefore, failure to provide them would not allow the Site to function. As regards the data required within specific sections of the Site (e.g. registration), please refer to the appropriate information notice.

*Il consenso al trattamento dei dati personali, per essere conforme, deve essere libero, specifico, informato, inequivocabile ed espresso mediante un'azione positiva dell'interessato. L'interessato ha il diritto di revocare il proprio consenso in qualsiasi momento: accedendo all'apposita sezione del profilo MyMapei potrai scegliere di revocare il consenso al marketing oppure selezionare solo le tipologie di contenuti di tuo interesse (tra marketing generico, newsletter e rivista Realtà Mapei e/o Realtà Mapei International).

soggetti-terzi

THIRD PARTIES

To whom could we communicate personal data?

The user's data may be communicated to subjects acting as controllers,such as, by way of example, authorities and supervisory and control bodies, persons, companies, associations or professional firms providing assistance and consulting services, and in general by public and private subjects entitled to request the data. The user’s data may be processed, on behalf of the Controller, by subjects appointed as Processors, who are given appropriate operating instructions, including, by way of example, companies that provide maintenance services for the website and information systems; For a complete list of the responsible persons, please contact privacy@mapei.it.

*Il responsabile del trattamento è il soggetto che tratta dati per conto del titolare. Ad esempio, nel momento in cui Mapei stipula un contratto con un fornitore, se quest'ultimo deve trattare dati personali di titolarità di Mapei per poter eseguire i propri servizi dovrà sottoscrivere anche la nomina a Responsabile del trattamento, impegnandosi a trattare i dati nel rispetto delle istruzioni ricevute

autorizzati

AUTHORISED

Who is authorised to process the data?

Personal data may be processed by the employees of the Company functions deputed to the pursuit of the aforementioned purposes, who have been expressly authorised to process the data and who have received adequate operating instructions pursuant to art. 29 of the GDPR and 2 quaterdecies of Legislative Decree 196/2003, as amended and adapted by Legislative Decree 101/2018.

extra-ue

EXTRA EU

Can data be transferred to non-EU countries?

There will be no transfer of data outside the European Economic Area (EEA).

*Il trasferimento di dati personali verso Paesi non appartenenti allo Spazio Economico Europeo può comportare una riduzione del livello di protezione dei dati, in ragione delle previsioni normative meno vincolanti in vigore in tali Paesi. Per questa ragione, il trasferimento può essere operato solo in presenza di determinate condizioni, delineate dal GDPR

diritti

RIGHTS

What are the data subject's rights?

By contacting the Company by e-mail at privacy@mapei.it users may request access to the data concerning them, their rectification, integration or deletion, the restriction of processing in the cases provided for by Article 18 GDPR as well as opposition to processing in cases of legitimate interest of the data controller. Data subjects also have the right, in the event that the processing is based on consent or contract and is carried out by automated means, to receive the data in a structured, commonly used and machine-readable format, as well as, if technically feasible, to transmit them to another data controller without hindrance. Data subjects have the right to withdraw their consent at any time, as well as to object – for reasons related to their particular situation – to processing carried out in pursuit of the legitimate interests of the data controller. Data subjects may withdraw and manage their consents via the channels indicated, or by contacting the Controller by e-mail at privacy@mapei.it. Such withdrawal shall not affect the lawfulness of the processing based on the consent given before the withdrawal. Finally, data subjects have the right to lodge a complaint with the competent supervisory authority.

*L'Autorità di controllo italiana è il Garante per la Protezione dei Dati Personali. L'interessato può rivolgersi all'Autorità dello Stato Membro in cui risiede, in cui lavora o in cui si è verificata la presunta violazione per proporre il proprio reclamo

Keep in touch

Subscribe to our newsletter to get Mapei news