INFORMATION ON THE PROCESSING OF PERSONAL DATA

of users who consult the catalog on the Play Store and Apple Store apps pursuant to Article 13 of GDPR.

This page describes, pursuant to G.D.P.R., the service provided by Vema S.r.l. publication of the catalog of its products – via Tecdoc Catalog – through the apps available on the Play Store and Apple Store.

1. Data Controller.

The Data Controller is Vema S.r.l., with registered office in Varedo (MB), on the Novara street 7/9/11 – P.IVA 09651850969- Email info@vema.it.

2. Types of Data collected – Purpose – Legal basis.

1. SERVICE ACCESS “- Data provided directly by the interested party through the use of the service provided through the apps. The access of the user / interested party to the service provided through the applications results in the processing of personal data by Vema S.r.l. The personal data being processed are information such as: ip address, usage data, diagnostics etc. which can make the user directly identifiable. These data are processed for the following purposes and in compliance with the relative legal bases of the processing, for a retention period not exceeding that necessary for the purposes for which they were collected and processed.

1. Purpose: to respond to requests sent by the interested party. Legal basis: fulfillment of contractual obligations or pre-contractual measures, the processing is for the execution of pre-contractual measures adopted at the request of the interested party.

2.2. Cookie.

Cookies are small text strings that the sites visited by the user send to their terminal (usually the browser), where they are stored before being re-transmitted to the same sites at the next visit by the same user. While browsing a site, the user can also receive cookies on his terminal that are sent from different sites or web servers (so-called “third parties”), on which some elements may reside (such as, for example, images, maps, sounds, specific links to pages of other domains) present on the site that the same is visiting. Cookies, usually present in users’ browsers in very large numbers and sometimes even with characteristics of wide temporal persistence, are used for different purposes: execution of computer authentication, session monitoring, storage of information on specific configurations concerning users who access the server, etc. In this regard, and for the purposes of this provision, two macro-categories are therefore identified: “technical” cookies and “profiling” cookies. For further information, please refer to Cookie Policy.

3. Categories of recipients of personal data.

The following categories of subjects may become aware of your data: Owner and subjects authorized to process, appointed in writing by the undersigned company as partners, accounting and billing staff, commercial employees as well as consultants, as external managers, in limits necessary to carry out their assignment at our organization, subject to a letter of appointment and / or stipulation of a contract that imposes the duty of confidentiality and security, as well as subjects who need to access data for legal advice, with purposes auxiliary to the relationship that exists between the parties, such as the execution of the contracts in place, within the limits strictly necessary to carry out the auxiliary tasks entrusted to them.

For the realization of the service through the app, the Data Controller uses the Tec doc catalog service provided by the Company TecAlliance GmbH, which will be able to know directly the personal data processed by the Data Controller.

4. Methods of treatment.

The data processing takes place through the use of tools and procedures suitable to ensure security and confidentiality and can be carried out both on paper and with the aid of automated computer means, designed to store, manage and transmit the data.

The Data will be processed by the Data Controller, at its operating offices or within the territory of the European Union and the European Economic Area. If for technical, organizational and / or operational reasons it is necessary to make use of subjects (among those indicated in the previous list) located outside the European Union or the European Economic Area, we inform you that the Company will ensure that the processing of data from these subjects takes place in compliance with the applicable legislation. Therefore, the transfers will be made through adequate guarantees, such as adequacy decisions, models of Standard Contractual Clauses approved by the European Commission or other guarantees considered adequate. The interested party may request more information by writing to the following e-mail address: info@vema.it.

5. Communication and dissemination.

The data will not be disclosed to indeterminate subjects by making them available or consulting. The data may be communicated, as far as their respective and specific competence is concerned, to Bodies and in general to any public or private subject with respect to which there is an obligation for us (or faculty recognized by law or secondary or community legislation) or need for communication.

6. Rights of interested parties.

Articles from 15 to 22 of the EU GDPR 2016/679 grant the interested parties specific rights. In particular, the right to obtain confirmation of the existence or not of personal data, access to personal data and the rectification or cancellation of the same or the limitation of the processing concerning him or to oppose their treatment, in addition to the right to data portability, the communication of such data and the purposes on which the processing is based. Furthermore, the interested parties have the right to obtain the withdrawal of consent at any time without prejudice to the lawfulness of the processing based on the consent given before the withdrawal, the transformation into anonymous form or the blocking of data processed in violation of the law, as well as the updating or, if there is an interest in this, the integration of the data. Interested parties have the right to oppose the processing itself for legitimate reasons. Reports for any changes in personal data must be sent promptly to the Data Processor in order to be able to comply with art. 16 of the aforementioned legislation, which requires that the data collected be accurate and, therefore, updated.

Interested parties who believe that the processing of personal data referring to them carried out through this site is in violation of the provisions of the Regulation have the right to lodge a complaint with a supervisory authority (for Italy: Guarantor for the protection of personal data www.garanteprivacy.it), as required by art. 77 of the Regulation itself, or to take the appropriate judicial offices (Article 79 of the Regulation).