Privacy

WEBSITE PRIVACY STATEMENT

This document contains a description of how the website www.eptarefrigeration.com (hereinafter also ‘Site’) is managed, with reference to the processing of the personal data of visitors and users who use it.

Following the consultation of this Site, data relating to identified and identifiable persons can be processed. For the purposes of and for the purposes of Article 103 EC. 13 of EU Regulation 2016/679 (the "GDPR"), Epta SpA, as Data Controller is obliged to provide this Policy - regarding the processing of personal data of natural persons - that they access through this website. The information is provided only for this website and not for other websites that may be consulted by the user via links.

The purpose of this document is to provide information on the modalities, the purposes, the retention times, the place of processing and the rights of the data subjects.

1. Data Controller

The controller of the processing of personal data is EPTA S.p.A., Cod. Fisc. and P. IVA IT 04160730968, with registered office at Via Mecenate, 86 - 20138 Milano, Italy, Tel. +39 02 55403211, e-mail uffamministrativi@pec.eptarefrigeration.com (hereinafter also ‘EPTA’, ‘Company’ or even ‘Holder’).

2. What types of data are processed on the Site, for what purposes and on what legal basis

The following types of personal data are processed on the Site, for the following purposes:

1. 1. Navigation data

To pursue our legitimate interest in ensuring the security of the Site and ascertaining liability in case of hypothetical computer crimes against the Site, check its proper functioning and have statistical information on its use (art. 6, co. In the course of their normal operation, the computer systems and software procedures used to operate this website acquire certain personal data the transmission of which is implicit in the use of Internet communication protocols.

This information is not collected in order to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, enable users to be identified.

This category of data includes the IP addresses or domain names of the computers used by the users who connect to the Site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment.

An indicative list of information that we could collect is as follows:

• Internet Protocol (IP) address;
• browser type and device parameters used to connect to the site;
• name of the internet service provider (ISP);
• date and time of the visit;
• web page from which the visitor came (referral) and from which he left the website;
• the number of clicks, if any.

The collection of such personal data takes place automatically during the navigation of the Site and their delivery is therefore mandatory for all users and visitors of the Site.

1. 2. Data provided voluntarily by the user

1. To perform a contract to which you are party and/or pre-contractual measures taken at your request (Art. 6, c. Infringement of Article 8(1)(b) GDPR):

1. 1. in the emails spontaneously sent to us and in the contact/request forms information on the Site: the optional, explicit and voluntary sending of e-mail to the addresses indicated on the Site or the filling out of the appropriate forms, involves the subsequent acquisition of the sender's address and the personal data necessary to provide the requested service and/or reply to the requests, as well as any other personal data inserted in the message (and in the annexes to it) or in the appropriate forms.

Please do not send us under any circumstances any information that can be included in the special categories of data (i.e. data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data relating to the health or sex life or sexual orientation of the person) as we will be forced to delete them.

1. 2. in the Request Form Newsletter: we will process the personal data you provide us by filling in the appropriate request webform to send you periodically a Newsletter containing the latest news on the EPTA world;

1. 3. in the context of social networks to which you should be registered: in case you should contact us via the EPTA social pages (Facebook, Instagram, Linkedin and Youtube), leaving a message on our profiles or entering your personal data in the contact forms that may be present there, we will only process the personal data you have communicated to you to provide you with technical assistance or information requested. The privacy policies of the respective social networks to which you are registered that govern the processing of your personal data carried out through the relevant social platforms remain applicable.

The provision of personal data referred to in paragraph 2.2(a) is optional but necessary, since in case of non-provision we may not be able to provide you with the requested information.  

The contact data you voluntarily provide will be processed by us exclusively to provide you with what you have requested, unless you have optionally given your consent to their processing also for the marketing purposes referred to in paragraph 2.2(e) below.

2. In order to comply with the legal obligations to which EPTA is subject, provided for by fiscal/accounting/administrative rules, security (Art. 6, co. Infringement of Article 8(1)(f) GDPR).

3. To pursue our legitimate interest in exercising or defending a right in judicial or extrajudicial proceedings (Article 6(1)(c)). We may process your personal data in order to pursue our legitimate interest in exercising or defending a right in a judicial or extrajudicial procedure, even in the case of possible pre-contractual liability.

4. For marketing purposes (Art. 6, co. 1, letter a) of the GDPR): with your optional consent, if provided at the end of each proposed form, we will process your data for marketing purposes (direct sale, sending of advertising materials, carrying out market research and commercial communication) in order to send you - both by e-mail, sms, WhatsApp (automated mode) and by telephone with operator and paper mail (traditional mode) - advertising communications, offers and promotions related to the products and services offered by EPTA. You may in any case freely and free of charge revoke your consent to the processing of your personal data for marketing purposes at any time totally or even partially, for example, in relation to automated methods only, by making a request to EPTA in the manner indicated in section 5 below. In relation to promotional communications sent by e-mail, you may also object to the processing of your personal data for marketing purposes by clicking on the appropriate link in each promotional e-mail.

If you do not consent to the processing of your personal data for marketing purposes, the possibility of making a request for information on the Site, registering your Account, placing an Order for the Purchase of our products and services, and using the additional functionalities of the Site will not be affected in any way, nor will you suffer any detrimental consequences. We simply will not be able to broadcast our promotional and commercial offers.

3. Communication to third parties and availability of personal data (Dissemination)

Your data are known to the employees and collaborators, as processors, of the Data Controller and other third parties as data controllers (companies providing assistance/services such as: financial consulting services, communication, data processing, hosting and co-location servers, computer security and other IT services, web analysis). 

The data may also be shared with the other companies of the Epta Group, the list of which is available on the Website at: Epta, contacts and customer service (eptarefrigeration.com) or on request contacting us at compliance@eptarefrigeration.com, with other third parties as well as with police forces or judicial authority where necessary required by legal obligation and/or following a binding judicial or administrative decision, as well as with our legal advisers.

Any transfer of your personal data to countries outside the European Union or the European Economic Area (third countries) will take place with those third countries that are recognized by the European Commission as having an adequate level of protection of personal data or, if not, if a level of protection of personal data is guaranteed contractually by those entities located in the third country that is adequate in relation to that of the European Union (e.g. by signing standard contractual clauses provided by the European Commission) and that the exercise of the rights of the data subjects is always ensured.

Further information can be obtained by writing to compliance@eptarefrigeration.com.

4. Duration of processing and storage of personal data

The Data Controller keeps the personal data as long as they are necessary for the achievement of the purpose for which they were collected, and in particular:

• for the purposes referred to in point 2.1. above, for a maximum period of six months, unless further retention is necessary to establish liability in the event of hypothetical computer crimes against the Site or to comply with requests from the judicial or police authorities;
• for the purposes of points 2.2(a)(i) and (iii) above, for six months from the time when we have supplied you with the services/information requested by you, in order to ensure that your request is complied with and to provide you with any further clarification you may need;
• for the purposes of point 2.2(a)(ii) above, for 3 years after the release of the data, approaching the end of which you will be asked if you still have an interest in receiving the Newsletter, if so by renewing the mentioned retention period. If not, your data will be erased after the expiry of this period;
• for the purposes of points 2.2(b) and 2.2(d) above, for 10 years on account of the preservation obligations imposed by accounting and tax regulations and the limitation period for contractual actions, respectively;
• for the purposes referred to in point 2.2(c), for a maximum of 12 months from the time of their collection;

The storage times of data collected through cookies are available in the Cookie Policy Cookie Policy | Epta (eptarefrigeration.com)

5. Rights of data subjects (Articles 15 to 22 of the Regulation)

Lastly, we inform you that you have the right to exercise at any time, free of charge and without formality, the following rights set out in Articles 15 to 22 of the GDPR: the right to request access to personal data, i.e. the right to obtain confirmation whether or not data concerning you are being processed and, if so, to obtain access to personal data and to obtain copies of them and to the information listed in the provision) (Article 15); the right to rectification, i.e. the right to obtain rectification of inaccurate data concerning you or to supplement incomplete data (Article 16); the deletion - In other words, the right to obtain the erasure of data concerning you, if one of the reasons mentioned by the norm (Art. 17) exists; the limitation to the processing or the right to obtain, in the cases indicated by the norm, the marking of the data retained with the aim of limiting its processing in the future (Art. 18); the notification in case of rectification, erasure or limitation (Art. 19); the portability, or the right, in the cases indicated by art. 20 of the GDPR, to receive in a structured, commonly used and machine-readable format the data concerning you, and to transmit those data to another controller without hindrance (art. 20); right to object, or to oppose at any time, for reasons related to your particular situation, the processing of your personal data carried out on the basis of our legitimate interest (art. 21). In relation to marketing purposes, you have the right to object at any time to the processing of personal data concerning you carried out for such purposes, as well as to revoke at any time your consent previously given, totally or even only partially, for example, in relation to automated methods only. The withdrawal of consent shall not affect the lawfulness of processing based on consent prior to the withdrawal of consent.

Requests to exercise your rights, as indicated above, can be submitted by post to EPTA S.p.A., Via Mecenate, 86 - 20138 Milan, Italy, or by email to compliance@eptarefrigeration.com.

We also remind you that you have the possibility to lodge a complaint with the Data Protection Supervisor (www.garanteprivacy.it).

6. Use of Cookies

For more details on cookies and their treatment with extensive and comprehensive information on them, please refer to our Cookie Policy Cookie Policy | Epta (eptarefrigeration.com)

7. Amendments

This Privacy Policy may be subject to changes or updates in accordance with regulatory and technological developments. In the event of substantial changes to the Privacy Policy, we will send you the new version of the Privacy Policy by e-mail or bring the new Privacy Policy to your attention at the first time you access the Site after the date of the modification of the Privacy Policy, and, where appropriate, collect a new consent.

Last Updated: 28 June 2024