This disclosure relates only to the processing of personal data carried out by browsing the website https://vdagroup.com/.
Who is the Data Controller?
It is VDA GROUP SPA, with registered office in viale Lino Zanussi n. 3, 33170, Pordenone, Fiscal Code: 00976420307, VAT number: 01043840931 in the person of its pro tempore legal representative.
The Data Controller can be contacted at the email address email@example.com or PEC:
What data are processed?
The data provided voluntarily by the user by filling in the online form on the “Contacts” page and on the “Technical Support” page, which may also include data from third parties, are also processed.
For what purposes are personal data processed? On what legal basis?
The data are processed to:
- offer navigation to the user and preserve the security of the site, on the basis of the legitimate interest of the Data Controller and of third parties;
- allow the Data Controller to offer information on its business activity, on the basis of its legitimate interest;
- be able to take charge of the user’s request in the “Contacts” or “Technical Support” forms and respond effectively,on the basis of the execution of the contract or pre-contractual measures;
- fulfill legal obligations, for example in the event of the commission of torts, administrative offences and/or crimes through the site itself;
- guarantee the right of defense in court of the Data Controller and/or third parties, on the basis of their legitimate interest.
Who are the recipients of the data?
The navigation data are processed, as well as by the Data Controller or its internal authorised, by subjects external to the VDA Group, who work on its behalf, for the management and maintenance of the site, hosting service providers, all appointed as Data Processors. Public authorities may also be recipients of the data, on the basis of legal provisions.
Are the data transferred to countries outside the European Union?
Personal data may be disclosed or disseminated outside the European Union to third countries or international organizations that offer an adequate level of protection with regard to the protection of personal data..
In any case, the (Sub)Data Processors in charge of data archiving may reserve the right to use data centres located in countries outside the European Union. In such cases, the (Sub)Data Processor ensures compliance with the GDPR and the current legislation.
How long is the data stored?
For the minimum time necessary to fulfill the purposes we have indicated.
The personal data provided via the “Contacts” form or in the “Technical Support” form and the data relating to navigation are stored no longer than 12 months. Storage may be imposed for longer periods by the judicial authority in the event of torts, administrative offences and/or crimes or for defense purposes. In the latter case they are stored for no more than ten years. Closer to the expiry of this term, the retention needs will be reassessed and, if they have ceased to exist, the data will be deleted.
What are the site user’s rights?
The user has the right to access their data, request its rectification, erasure and restriction of processing. He can ask for data portability. He can object to the processing if the data are processed on the basis of legitimate interest, unless other rights prevail. To exercise these rights, he can contact the Data Controller by post or email at the addresses indicated above. The user, if he deems it necessary, can make a complaint to the supervisory authority in the Member State of his habitual residence or appeal to the judicial authority.