Personal Data Privacy Policy
website (www.qualitytestsrl.com)
Introduction This Privacy Notice regarding the processing of personal data (hereafter the “Notice”) is issued in conformity to article 13 of EU Regulation 679/2016 (General Data Protection Regulation – hereinafter the “GDPR”). This Notice describes in detail how and for what purposes your personal data are processed during the interaction with the website www.qualitytestsrl.com(hereinafter “Website”), along with the use of its functionalities and services.
A) Data Controller
The Data Controller of your personal data is QUALITY TEST S.R.L. (hereafter the “Controller”). If you have any questions or requests, or if you require clarifications regarding this Notice in particular, or the processing of your personal data in general, you may contact the Controller in the following ways:
- by sending an e-mail (entering “Privacy” as subject) to: amministrazione@quaitytestsrl.com
B) Categories of data processed
The Controller processes the following categories of personal data:
- data related to the navigation of the Website and devices you are using (for example: usage periods of a device on web pages or sections of the Website, IP address, browser used, localization data, if consent is acquired, as well as cookies and other such instruments’ information gathered);
- if you ever interact with the Controller, data shared in order to manage your requests;
Personal data referred to in letter a) are automatically collected by the Controller during your navigation on the Website: they are not collected to be associated with identified data subjects, but by their very nature could, through processing and association with data held by third parties, allow users to be identified. These data are in any case used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. Personal data belonging to all other categories are provided directly and voluntarily by you.
C) Consequences of not submitting your personal data
The processing of personal data in category a) of the previous section is necessary for the Controller in order to guarantee the best possible browsing experience, and to provide all the functions and services provided through the Website. However, it is possible to limit the processing of such personal data through the use of some features made available by the Website (with reference, in particular, to the transmission of cookies or similar instruments) or from your device or browser / navigation application. In this case, navigation on the Website may be limited, and some of its functions / services may be inaccessible. The processing of personal data in categories other than a) contained in the previous section, is necessary to fulfil contractual and legal obligations: you have the obligation to provide such personal data to use the services and functions of the Website. In case of failure to provide the above data, it may not be possible to provide the functions and services of the Website.
D) Purpose and basis in law of processing
Your personal data will be processed for the following purposes and on the following law basis.
Purpose | Legal basis | |
1. | Allow the navigation on the Website, also accessing pages and sections along with functionalities and services | Processing is necessary for the performance of a contract (art. 6(i)(b) GDPR). |
2. | Reply to a public authority request | Processing necessary to comply with a legal obligation (art. 6(i)(c) GDPR) |
3. | To allow the Controller to respond to your requests in accordance with relevant legislation and to exercise or defend his rights in or outside courts of law, and in the context of any claims or controversies (whether initiated by you, the Controller, third parties or legal or administrative authorities) | Processing for purposes related to the legitimate interests of the Controller (article 6(i)(f) GDPR) |
4. | Check the correct functioning of the Website in order to implement updates and improvements, and offer a better overall navigation experience | Processing for purposes related to the legitimate interests of the Controller (article 6(i)(f) GDPR) |
5. | Allow the Controller to make contact with the Data Subject following his/her request (through the contact section) | Processing for purposes related to the legitimate interests of the Controller (article 6(i)(f) GDPR) |
E) Categories of recipients to whom processed data are disclosed
To fulfil the purposes stated above, your personal data may also be processed by third parties, i.e. parties other than the Controller. Such parties will process your personal data on behalf of the Controller, acting as properly designated and contracted Processors according to article 28 of the GDPR. In particular, your personal data will be processed by:
- suppliers of products, services or necessary activities in order to correctly execute the Contract (such as ICT suppliers or vendors, software, CRMs vendors, travel agencies, business consultants, etc.);
- public authorities that manage compliance obligations to law.
F) Transfer of your personal data outside the European Economic Area
The Controller has no intention to transfer your personal data outside the European Economic Area, directly or through the Processors engaged by him. In any case, if this should happen, the Controller undertakes to transfer such data in conformity to applicable legislation and, in particular to the safeguards established for the transfer of personal data to countries outside the EU that do not offer an adequate level of protection (e.g. Privacy Shield in the case of the USA).
G) Period for which personal data are stored
Your personal data will be stored for a variable duration, based on the kind and purpose of the processing. The retention periods of personal data are indicated below:
- data relating to your browsing on the Website and / or the devices you use, except in cases where they are used to ascertain responsibility in case of hypothetical crimes against the Website or third parties, will be kept for the time indicated in the section J) relating to the so-called "Cookies";
- data and information relating to the contacts between you and the Controller: will be kept until the evasion and satisfaction of your requests;
If, at the end of this period, your personal data need to be processed for specific purposes (e.g. to safeguard the rights of the Controller in the context of litigation), they shall be stored until those purposes are fulfilled (e.g. until the conclusion of the litigation). At the end of the storage periods defined above, your personal data will be erased or made unintelligible by the Controller, unless you spontaneously ask to remain in contact with the Controller for any reason.
H) Processing of personal data using automated decision-making systems
Operations involving the processing of your personal data using automated decision-making systems (including profiling as defined in article 22, sections 1 and 4 of the GDPR) are not foreseen.
I) Your rights regarding the processing of your personal data
You have the right to ask the Controller for access to your personal data, as established in article 15 of the GDPR. By exercising the right to access, you also have the right to be informed of:
- the purpose of processing;
- the categories of data processed;
- the recipients or categories of recipient to whom your personal data have been or will be disclosed, especially in the case of recipients in countries outside the EU or belonging to international organisations;
- if possible, the period for which personal data are stored, or if not possible, the criteria used to determine such a period;
- the existence of your right to ask the Controller to rectify or erase your personal data or to restrict or object to the processing thereof;
- your right to lodge a complaint with the supervisory authority;
- the source of your personal data if such data were not collected from you personally;
- the existence of an automated decision-making system, including profiling, as defined in article 22, sections 1 and 4 of the GDPR and, if such a system exists, the logic applied and the significance and consequences processing may have for you.
You also have the following rights:
- the right to obtain from the Controller the rectification of incorrect personal data or the completion of incomplete personal data, as established in article 16 of the GDPR;
- the right to obtain from the Controller the erasure of your personal data, as established in article 17 of the GDPR. The Controller may not guarantee the exercise of this right (or may only satisfy requests in part) if the processing of the personal data to which the request to erase applies is required to fulfil legal obligations or to establish, exercise or defend a right in a court of law;
- the right to obtain from the Controller the restriction of processing, as established in article 18 of the GDPR;
- the right to object to the processing of your personal data, as established in article 21 of the GDPR, unless the Controller, on receiving notice to this effect, can demonstrate the existence of legitimate and valid reasons for processing that prevail over your interests, rights and freedoms, or unless processing is required to establish, exercise of defend a right in a court of law.
You also have the following rights:
- the right to obtain from the Controller the rectification of incorrect personal data or the completion of incomplete personal data, as established in article 16 of the GDPR;
- the right to obtain from the Controller the erasure of your personal data, as established in article 17 of the GDPR. The Controller may not guarantee the exercise of this right (or may only satisfy requests in part) if the processing of the personal data to which the request to erase applies is required to fulfil legal obligations or to establish, exercise or defend a right in a court of law;
- the right to obtain from the Controller the restriction of processing, as established in article 18 of the GDPR;
- the right to object to the processing of your personal data, as established in article 21 of the GDPR, unless the Controller, on receiving notice to this effect, can demonstrate the existence of legitimate and valid reasons for processing that prevail over your interests, rights and freedoms, or unless processing is required to establish, exercise of defend a right in a court of law.
All requests involving the above rights must be sent to the addresses of the Controller given in section A). The Controller shall respond to requests without unjustified delay. If you receive no response, a refusal or a late or unsatisfactory reply to your requests, or if you believe that the Controller is processing your personal data in an unlawful or non-transparent manner, you may also lodge a complaint with the supervisory authority. If you are an Italian citizen, normally reside or work in Italy, or if you believe that a violation by the Controller regarding the processing of your personal data took place in Italy, you may contact the Italian data privacy guarantor – www.garanteprivacy.it – to safeguard your rights. If you are a citizen of another member state of the EU, normally reside or work in another member state of the EU, or if you believe that a violation by the Controller regarding the processing of your personal data took place in another member state of the EU, you should consult the website http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm for further information on the competent supervisory authority.
J) Cookie notice
Cookies are small text files that are transmitted from the Site to the devices of users who visit it, and that are subsequently transmitted back to the Site during subsequent visits; they may have different characteristics and be used for different purposes, both by the Site Owner and by third parties. This site uses cookies, which can be:
- "technical" cookies, which do not require consent from the user, and are therefore automatically installed following access to the Site;
- first-party cookies, necessary to evaluate the behavior of users on the Site and the features made available, in order to improve the browsing experience;
- third-party cookies, for which the user's consent is required, which are installed or activated only as a result of the user's express consent the first time he visits the Website.
The owner has prepared the following table in order to make available to you the complete list of cookies used (first and third party):
Cookie name and subject managing it | Utilization | Conservation time limit |