XEFRACERT.COM – INFORMATIVA SULLA PRIVACY
The contents of the website are made available by Xefra s.r.l., so that website visitors can read information about the product range of Xefra s.r.l. and our company. The handling of personal data of the site visitors follows the strict requirements of the GDPR.
We take the protection of your privacy when using our website very seriously as this important to us. In the following we are pleased to inform you about the collection of personal data.
Collection and processing of personal data
In general, you can visit the website of Xefra s.r.l. on an anonymous basis, i.e. without informing us of who you are. When you visit our website, our web servers in Italy save as standard the IP address of your internet service provider via which you access our website, the site from which you access our website and the files you access from us, as well as the date of your visit and general information about your browser. These data are processed to ensure the security of the web server and to adapt the output of the information retrieved to your output medium (e.g. your phone. laptop or other device). These data are only analyzed in anonymized form for statistical purposes.
Personal data is stored and processed only if you provide us with this information, e.g. when completing a contact form or registering for personalized services. On the respective website you will be informed about the intended use and, if necessary, your consent to the storage and processing requested. Disclosure will only take place at Xefra companies and service providers affiliated with us, for example to send you the requested written information. Of course, all service providers are committed to data secrecy and confidentiality. A transfer to other third parties does not take place. Your data is always encrypted before transmission and processing to protect this data against unauthorized access
Name and Contact Data of the Controller
The Controller for the processing of personal data is
via De Marini 1 Genova 16149
Our Data Protection Officer can be reached at:
Data Protection Officer
via De Marini 1 Genova 16149
Users viewing the Site will see minimal amounts of information placed on their devices, whether computers or mobile devices, in small text files called “cookies” that are stored in directories used by the User’s web browser.
By disabling cookies some of our services may not function properly and some pages will not display properly.
There are various types of cookies, some to make the use of the Site more effective, others to enable certain features.
By analyzing them in detail, our cookies allow us to:
- store the preferences you have entered
- avoid re-entering the same information several times during the visit such as username and password
- analyze the use of services and content provided by xefracert.com to optimize the browsing experience and services offered
Types of cookies used by xefracert.com
Below are the various types of cookies used by xefracert.com according to the purposes of use-
This type of cookie is strictly necessary for the correct functioning of some sections of the Site. There are two categories: persistent and session.
persistent cookies: once the browser is closed they are not destroyed but remain until a preset expiry date.
session cookies: they are destroyed every time the browser is closed.
These cookies, always sent from our domain, are necessary to properly display the site and in relation to technical services offered, so they will always be used and sent, unless you change the settings in your browser (thus affecting the display of pages on the site).
Cookies in this category are used to collect information on the use of the site xefracert.com will use this information on an anonymous statistical analysis in order to improve the use of the Site and to make the content more interesting and relevant to the wishes of users. This type of cookie collects data in an anonymous form on the activity of users and how they arrived at the Site. Analytical cookies are sent by the Site itself or by third party domains.
Third party analytics cookies
These cookies are used to collect information on the use of the Site by users in an anonymous form such as: pages visited, time spent, traffic origins, geographical origin, age, gender and interests for marketing campaigns. These cookies are sent from third party domains external to the Site, in our case from Google Analytics.
Cookies to integrate third party software products and features
These types of cookies embed features developed by third parties within the pages of the Site such as icons and preferences expressed in social networks in order to share the content of the site or to use third party software services (such as software to generate maps and other software offering additional services). These cookies are sent by third-party domains and partner sites that offer their functionality between the pages of the Site.
These are cookies that are necessary to create user profiles in order to send advertisements in line with the preferences expressed by the user within the pages of the Site.
We do not use profiling cookies on our Site.
xefracert.com according to current regulations, is not required to ask for consent for technical cookies, as they are necessary to provide the services requested.
For all other types of cookies consent may be expressed by the User in one or more of the following ways:
By means of specific configurations of the browser
used or the relevant computer programs used to navigate the pages that make up the Site.
By changing the settings when using third party services.
Both of these solutions may prevent you from using or viewing parts of the Site.
Third Party Websites and Services
The Site may contain links to other Web sites that have their own privacy policies that may be different from those adopted by xefracert.com and therefore not responsible for these sites.
This page is visible, by means of a link at the bottom of all the pages of the Site pursuant to art. 122 second paragraph of Legislative Decree no.
Requests via Email
a) Description and scope of data processing
You can contact us via the e-mail address provided. In this case, the user’s personal data transmitted by e-mail will be stored.
In this context, the data will not be passed on to third parties. The data is used exclusively for processing the conversation
b) Legal basis for data processing
The legal basis for the processing of data in the case of the user’s consent is Art. 6 para. 1 lit. a GDPR. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f GDPR. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
c) Purpose of data processing
In the event of contact by e-mail, this also constitutes the necessary legitimate interest in the processing of the data.
d) Duration of storage, option for objection and elimination
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. For the personal data sent by e-mail, this is the case when the conversation with the user is finished. The conversation is terminated when the circumstances indicate that the matter in question has been finally clarified.
The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he/she can object to the storage of his/her personal data at any time. In such a case, the conversation cannot be continued.
To respond to your request Xefra s.r.l. will process the following personal data if provided in the contact form: form of address, first name, last name, email, street, zip code, town/city, telephone number and content of your request. We will forward your personal data to recipients where this is necessary to meet your request. The legal basis for processing your personal data depends on your request and may take the form of a contract with you (Art.6 (1) (b) GDPR), your consent (Art. 6 (1) (a) GDPR) or our legitimate interests in providing you with a good service based on a balance of interests (Art. 6 (1) (f) GDPR). We are supported in the operation of our contact form by our IT service providers as order processors. We will process your data – where processing is based on your consent – until your consent is withdrawn or – where processing is based on a balance of interests – until you object to this or your request has been completed. Unless you provide the data required to contact you and to understand and process your request, we will not be able to process your request. All other information is optional. This service is only for persons over the age of 18.
If we process your personal data on the basis of your consent (Art. 6 (1) (a) GDPR), you can withdraw this consent at any time for the future. If we process your personal data on the basis of a balance of interests (Art. 6 (1) (f) GDPR), you can object to this at any time for the future.
In addition we process the referrer information in connection with use of the contact form (Art. 6 (1) (b) GDPR), which is erased after 4 weeks at the latest. It is technically not possible to use the contact form without collecting this information.
Rights of the data subject
If personal data are processed by you, you are data subject within the meaning of the GDPR and you have the following rights vis-à-vis the Controller.
Right to information
You can ask the Controller to confirm whether personal data concerning you is processed by us.
If such processing has taken place, you can request the following information from the Controller:
- the purposes for which the personal data are processed;
- the categories of personal data being processed;
- the recipients or categories of recipients to whom the personal data concerning you have been or still are disclosed;
- the planned duration of the storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;
- the existence of a right to correction or deletion of personal data concerning you, a right to limitation of processing by the Controller or a right to object to such processing;
- the existence of a right of appeal to a supervisory authority;
- any available information on the origin of the data if the personal data are not collected from the data subject;
- the existence of automated decision-making including profiling in accordance with Art. 22 para. 1 and 4 GDPR and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing for the data subject.
You have the right to request information as to whether the personal data concerning you is transmitted to a third country or to an international organisation. In this context, you may request to be informed of the appropriate guarantees pursuant to Art. 46 GDPR in connection with the transmission.
Right to rectification
You have a right to correction and/or completion vis-à-vis the Controller if the personal data processed concerning you are incorrect or incomplete. The Controller shall make the correction without delay.
Right to restriction of processing
You may request that the processing of personal data concerning you be restricted subject to the following conditions:
- if you dispute the accuracy of the personal data concerning you for a period that enables the data controller to verify the accuracy of the personal data;
- the processing is unlawful and you refuse to delete the personal data and instead request that the use of the personal data be restricted;
- the Controller no longer needs the personal data for the purposes of the processing, but you do need them to assert, exercise or defend legal claims, or
- if you have filed an objection to the processing pursuant to Art. 21 para. 1 GDPR and it has not yet been determined whether the legitimate reasons of the Controller outweigh your reasons.
- If the processing of personal data concerning you has been restricted, such data may only be processed – apart from being stored – with your consent or for the purpose of asserting, exercising or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or a Member State.
If the processing restriction has been restricted in accordance with the above conditions, you will be informed by the Controller before the restriction is cancelled.
Right to erasure
Obligation to delete
You may request the Controller to delete the personal data relating to you without delay and the Controller is obliged to delete this data without delay if one of the following reasons applies:
- The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed.
- You revoke your consent, on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, and there is no other legal basis for the processing.
- You file an objection against the processing pursuant to Art. 21 para. 1 GDPR and there are no overriding legitimate reasons for the processing, or you file an objection against the processing pursuant to Art. 21 para. 2 GDPR.
- The personal data concerning you have been processed unlawfully.
- The deletion of personal data relating to you is necessary to fulfil a legal obligation under Union law or the law of the Member States to which the Controller is subject.
- The personal data concerning you have been collected in relation to information society services offered pursuant to Art. 8 para. 1 GDPR.
Information to third parties
If the Controller has made the personal data concerning you public and is obliged to delete it pursuant to Art. 17 para. 1 GDPR, he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data processors who process the personal data that you as the data subject have requested the deletion of all links to this personal data or of copies or replications of this personal data.
The right to erasure does not exist insofar as the processing is necessary:
- to exercise freedom of expression and information;
- for the performance of a legal obligation required for processing under the law of the Union or of the Member States to which the Controller is subject or for the performance of a task in the public interest or in the exercise of official authority conferred on the Controller;
- for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR;
- for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 para. 1 GDPR, insofar as the law referred to under a) is likely to make it impossible or seriously impair the attainment of the objectives of such processing, or
- to assert, exercise or defend legal claims.
Right to information
If you have exercised your right to have the Controller correct, delete or limit the processing, he/she is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this correction or deletion of the data or restriction on processing, unless this proves impossible or involves a disproportionate effort.
You have the right vis-à-vis the Controller to be informed of these recipient
Right to data portability
You have the right to receive the personal data concerning you that you have provided to the Controller in a structured, common and machine-readable format. In addition, you have the right to pass this data on to another Controller without obstruction by the Controller to whom the personal data was provided, if:
- processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR or on a contract pursuant to Art. 6 para. 1 lit. b GDPR, and
- processing is carried out by means of automated methods
In exercising this right, you also have the right to request that the personal data concerning you be transferred directly from one Controller to another Controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.
The right to data transferability shall not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority conferred on the controller.
Right of objection
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you under Article 6(1)(e) or (f) of the GDPR; this also applies to profiling based on these provisions.
The Controller no longer processes the personal data concerning you, unless he can prove compelling reasons worthy of protection for the processing, which outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
If the personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to the processing of the personal data concerning you for the purpose of such advertising; this also applies to profiling, insofar as it is associated with such direct marketing.
If you object to the processing for direct marketing purposes, the personal data concerning you will no longer e processed for these purposes.
You have the option to exercise your right of objection in connection with the use of Information Society services by means of automated procedures using technical specifications, notwithstanding Directive 2002/58/EC.
Right to revoke consent under data protection law
You have the right to revoke your consent under data protection law at any time. The revocation of consent shall not affect the legality of the processing carried out on the basis of the consent until such revocation.
Right of appeal to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in particular in the Member State where you reside, work or at the place of the suspected infringement, if you believe that the processing of personal data concerning you is contrary to the GDPR.
The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Article 78 GDPR.
Scope and amendments to this privacy statement
This privacy statement applies exclusively to the use of our website. It does not apply to the websites of other service providers to which we provide a link. We accept no responsibility or liability for third-party statements and guidelines with no connection to our website.
We reserve the right to amend these data privacy rules from time to time in accordance with future changes relating to the collection and processing of personal data.”
Copyright 2021 Xefra s.r.l.. All rights reserved. The content including pictures and the design of the Xefra s.r.l website are subject to copyright protection and other laws for the protection of intellectual property. No dissemination or alteration of the content of these pages or of the frames or similar measures are permitted. Moreover, these contents may not be copied, disseminated, modified or made available to third parties for commercial purposes.
The information that Xefra s.r.l.. presents to you on this website is compiled and updated periodically. It is impossible to guarantee freedom from all errors. For this reason, Xefra s.r.l.. disclaims and excludes all liability or warranty with regard to the accuracy, completeness and up-to-dateness of the information provided on this website. There is no warranty of merchantability, no warranty of fitness for a particular use, and no other warranty of any kind, express or implied, regarding the information or any aspect of this website.
In no event will Xefra s.r.l.. or other companies mentioned at this site be liable for any damages whatsoever arising out of the use, inability to use, or the results of use of this site, any websites linked to this site, or the content contained at any or all such sites, including but not limited to damages to computer system, data or any personal objects resulting from the downloading of material and/or data from this website or from websites reached by links from this website. Xefra s.r.l.. reserves the right to undertake alterations or additions to the information or data always provided without further notice. Insofar as our Internet pages contain forward-looking statements, these statements are based on opinions and estimations of Xefra s.r.l.. Management and are subject to risks and uncertainties. Xefra s.r.l.. is not obliged to update such forward-looking statements. All liability for such statements is expressly excluded.
Unless otherwise indicated, all trademarks used on Xefra s.r.l.. Internet pages are protected by trademark law. The same applies to company logos and signs.
The intellectual property contained on this website is legally protected through patents, trademarks and copyrights. This website does not grant any license to use the intellectual property owned by companies of the Xefra s.r.l.. Duplication, dissemination, reproduction and further transmission and other use are prohibited without the written consent of Xefra s.r.l..